• Microsoft CEO looks to ease data center environmental fears
• A “new approach” will help the company’s facilities address concerns, Nadella says
• Microsoft’s Azure cloud business now covers more than 500 data centers in 80 regions

Microsoft CEO Satya Nadella has looked to reassure those concerned about the effect data centers are having on the environment.

Speaking during his keynote address at Microsoft Build 2026, Nadella outlined how the company is working on “a new approach” to its data centers, with plans to improve cooling systems and reduce water use

• Email systems were never designed for autonomous machine workflows
• Hostinger introduces webhook-first email for real-time automation processing
• AI agents now trigger actions immediately when emails arrive

AI agents can process data and execute actions within milliseconds, yet many automated systems still depend on tools originally built for human users.

That mismatch has become increasingly noticeable as businesses attempt to connect AI-driven workflows with traditional email systems, never designed for machine-to-machine interactions.

Noble Audio is using High End Vienna 2026 to expand its true wireless lineup with the new Osprey, an entry-level earbud aimed at listeners who want the Noble house sound without wandering into $300-plus wallet damage. Priced below $200, the Osprey gives Noble a more accessible option in a category it already knows well, combining everyday wireless convenience with the brand’s focus on balanced tuning, musicality, and a more refined presentation than most budget true wireless earbuds can usually manage.

Construction & Exterior Design

The Osprey follows the design language Noble Audio has used across its true wireless lineup, with a distinctive marbled faceplate that gives the earbuds a more finished look than the usual plastic black-bean approach. It is a small touch, but a useful one in a crowded category where most affordable wireless earbuds look like they were issued by the same factory committee.

Noble also includes a compact aluminum charging case, which should give the Osprey a more durable and premium feel without making it bulky. The goal here is practical: a lower-cost Noble earbud that still looks and feels like it belongs in the family.

The Osprey uses an ergonomic earbud shell designed to sit securely in the ear without feeling bulky. A proper fit should improve passive isolation, which matters more than most people admit with true wireless earbuds.

Noble includes multiple eartip sizes to help users find the best seal for comfort, stability, and consistent sound quality over longer listening sessions.

Drivers

The Osprey uses a hybrid dual driver configuration, pairing a 10mm dynamic driver with a custom balanced armature. In theory, that gives Noble more room to divide the workload: the dynamic driver handles low frequency weight and impact, while the balanced armature supports midrange and treble detail.

That does not automatically guarantee magic. This is still an earbud under $200. But it does give the Osprey a more ambitious driver platform than many entry level true wireless models. The goal is controlled bass, clear mids, and better high frequency separation without pushing the sound into something thin or etched.

High-Resolution Wireless Connectivity

Powered by an Airoha 1571 Bluetooth chipset, the Osprey supports noise cancellation (ANC) and Bluetooth multipoint pairing for seamless device switching. With Bluetooth 5.4 and TrueWireless Mirroring, the Osprey provides a stable, low-latency connection whether you’re streaming high-resolution audio or making calls.

Clear Phone Calling

For calls and virtual meetings, the Osprey employs a dual-microphone array with Qualcomm cVc noise suppression. This technology minimizes background noise while preserving the natural tone and dynamics of your voice, ensuring speech remains clear and intelligible in both professional and everyday environments

The Osprey includes Active Noise Cancellation and a Hearing Through mode, giving listeners some flexibility when moving between commuting, office use, calls, and street noise. Integrated cVc noise reduction is also included to help improve voice pickup during calls, although real world results will still depend on wind, background noise, and microphone placement.

Battery life is rated at up to 7 hours with ANC turned off, or up to 5 hours with ANC enabled. The 500mAh charging case extends total playback time, and Noble claims a 10 minute quick charge can provide roughly 2 hours of listening. 

Battery Life

The Osprey includes a 500mAh wireless charging case, which extends playback beyond the earbuds themselves. Noble rates battery life at up to 7 hours with ANC turned off, or up to 5 hours with ANC enabled. A 10 minute quick charge provides roughly 2 hours of listening.

Those figures are suitable for daily use, especially given the Osprey’s under $200 price point, ANC support, hybrid driver design, and wireless charging case.

Companion App

For ease of use, the Osprey is compatible with the Noble Audio app, which offers EQ and OTA software updates, keeping the Osprey relevant for as long as you use them. 

Comparison

The Bottom Line 

The Noble Osprey gives Noble Audio a more affordable entry point in true wireless without turning it into a stripped down budget model. For $199, the Osprey offers the styling Noble is known for, a hybrid dual driver design, ANC, Hearing Through mode, Bluetooth 5.4, Multipoint connectivity, app support, and a wireless charging case. That combination gives it a stronger identity than many wireless earbuds in this price range, especially for listeners who already like Noble’s tuning approach but do not want to spend FoKus money.

The tradeoffs are clear. The Osprey does not carry the FoKus name, and codec support appears more limited with no aptX formats listed, and no indicated support for Dolby Atmos or Spatial Audio. That matters because the $179 to $249 earbud category is crowded with models from LG, Beats, Sony, Status Audio, and aggressive value brands like SOUNDPEATS, which are pushing features such as LDAC, aptX Lossless, hybrid ANC, and app based EQ at even lower prices.

What makes the Osprey interesting is not that it wins the spec sheet war. It probably does not. The appeal is Noble bringing its design language, hybrid driver experience, and app supported true wireless platform below $200. The question is whether buyers in this range care more about Noble’s sound and styling, or whether they will chase the longer codec list and feature overload offered by lower priced competitors.

Price & Availability

The Noble Audio Osprey will be available for pre-order from nobleaudio.com and selected retailers worldwide starting June 4th, 2026, priced at $199 / £199 / €225. Shipping is expected to begin by the end of June 2026

The Osprey launch will coincide with Noble’s appearance at HIGH END Vienna 2026, where attendees can try it out for themselves.

Related Reading:

While schools have made progress in technology adoption — from artificial intelligence guidelines to vetting education technology — they still struggle with the lack of resources, funding and expertise, according to a new report.

The annual State of EdTech report from the Consortium for School Networking polled roughly 600 chief technology officers for K-12 schools. One of the biggest takeaways, according to CoSN CEO Keith Krueger: AI adoption is higher than ever. According to the report, nearly three-quarters (79%) of school districts have AI guidelines in place, up from 57% in 2025.

“Given how many school districts we have, given how many small and rural ones there are, it’s shocking at how quickly at least the guidance around responsible use of AI is,” Krueger says. “As a foundational step, we’re seeing movement.”

But respondents repeatedly stated they are running into roadblocks of insufficient staffing and funding.

“There’s never going to be enough training, and we have to make sure the training is quality and meeting administrators with what they want and need,” Krueger says, adding it’s not just about training on a specific tool, but “helping them think in new ways how to use the tools.”

Most of the districts polled are in favor of AI guidelines, either set by the districts themselves or state education agencies, but do not want state or federal mandates. Typically, mandates are formed, then approved, by a board — something that is time-consuming and does not lend itself well in the fast-moving world of AI.

“This week, this month, this year is changing rapidly,” Krueger says. “It doesn’t mean we change fundamental beliefs of what’s cheating (with AI), for example, but things are moving rapidly. You don’t want to have too many solidly, board-approved things which can get locked in when you need to evolve.”

The most common AI initiative among districts is training staff on the use of instruction-focused generative AI tools, with 7 out of 10 respondents saying they do so. Productivity-focused measures focused on instructional staff and teachers followed, with 54% and 53%, respectively, deploying those initiatives. One of the largest jumps was the amount of districts having initiatives focused on AI’s operational purposes, from 37% in 2025, to 64% in 2026.

Less than half (41%) of initiatives focus on using AI for teaching and learning.

“I would say the low hanging fruit is on the operational and teacher productivity side,” Krueger says. “We should continue to explore and think through the great uses that are in the classroom. But, overnight we shouldn’t just wildly go trying to do those things when it’s going to take time to figure out the instructional piece.”

Cybersecurity

The largest concern about AI use: cybersecurity attacks. According to the report, nearly all respondents (98%) are concerned that AI can bring in new forms of cyber attacks, with just 2% stating they are “not at all concerned.” That same percentage also has concerns on student data and AI’s effect on its privacy.

While the concern over cybersecurity is strong, two-thirds of respondents state they have insufficient staffing and budget to address those challenges.

Cybersecurity concerns continue to cause schools woe, most recently with the Instructure attack in May that caused several schools to pay a ransom and shut down one of the world’s largest digital education platforms.

“The high visibility breaches and attacks that we’ve seen underscore the real cost to our school system by not investing in better cybersecurity,” Krueger says.

After 17 years of utilizing the State of EdTech report, Krueger says he believes a tipping point may have finally been reached on addressing cyber concerns.

“Certainly those in charge of technology have been yelling loudly that cybersecurity is a problem,” he says, adding the issue has become more well-known among superintendents and school board members. “I think they will start to say, ‘We can’t just have these broadband networks and not have them safe and secure.’ But it’s a huge challenge, given the lack of human capacity in schools for cybersecurity.”

EdTech

Another major finding from the report is an issue that has been bubbling beneath the surface in both tech evangelist and oppositional circles: vetting educational technology.

Edtech vetting has been under consideration amid the screen-time backlash in classrooms, with some states pushing for better review of the vetting process. Oftentimes, schools rely on the vendors’ own data and are unequipped to review the software themselves to ensure children’s safety.

“There is nobody right now that is confirming these products are safe, effective and legal,” Kim Whitman, co-lead for Smartphone Free Childhood US, said in a previous interview with EdSurge. “It should not fall on the district’s IT director; it would be impossible for them to do it. And the companies should not be tasked with doing it — that would be like nicotine companies vetting their own cigarettes.”

According to the report, most schools now have a process for vetting free edtech tools before they’re used in schools, either through IT or a list of approved vendors.

But that process still has some gaps: only 29 percent require information about if the product is inclusive and accessible for all learners. That is particularly worrisome for accessibility advocates who already fear they are being left out of the conversation.

“Parents with children who have a disability must have a seat at the table,” Sambhavi Chandrashekar, global accessibility lead for D2L, an online learning platform, said in a previous EdSurge interview. “Blanket rules that are blind to fundamental human differences will do more disservice than good to students at the margins.”

And while more than half (55%) of the edtech processes require vendors to provide information about safety, that leaves roughly 45% not addressing safety concerns.

“It’s a huge warning sign; there’s a whole lot of progress and work that has to happen in this area,” Krueger says.

He suggested reviewing the five quality indicators for edtech and AI products, with districts benchmarking their current status and set it as a priority to push forward.

“One of the biggest powers we have is procurement, so getting serious about how we buy them, and when,” Krueger says. “Whether or not we move forward will depend on if we set it as a priority and get serious about the awareness, the training and the policies.”

Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators.

The attacks were detected by WordPress security firm Defiant, whose Wordfence firewall blocked over 222 attempts against its customers in the past 24 hours.

The full name of the plugin is Kirki – Freeform Page Builder, Website Builder & Customizer. It is a freeform visual builder and advanced theme customizer active on more than 500,000 websites.

Wordfence reports that the issue was introduced in a recent major release, version 6.0.0, and impacts plugin versions up to 6.0.6, which are used by nearly 40% of the plugin’s userbase, according to download statistics from WordPress.org.

CVE-2026-8206 is caused by the exposure of a custom REST API endpoint for password resets through the ‘handle_forgot_password()’ function.

The flaw stems from the plugin accepting an arbitrary email address during password reset requests.

When a username is provided, the plugin generates a valid password reset link for the associated account, but sends it to the attacker-supplied email address rather than the account owner’s registered email address.

This behavior makes it trivial for unauthenticated attackers to generate password reset links for any user registered on the site to email addresses under their control, easily hijacking them.

Once an attacker gains admin-level access, they could install malicious plugins, modify website content, deploy web shells or persistent backdoors, and access private databases.

The flaw was discovered by security researcher CHOIGYENGMIN, who reported it to Wordfence on May 4, 2026. The company notified the vendor on May 16 and released a fix with version 6.0.7 on May 18, 2026.

Given the active exploitation status of CVE-2026-8206 and the very low requirements for launching attacks, it is critical that website owners/administrators upgrade to version 6.0.7 or disable the plugin.

Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.

This guide covers the 6 surfaces you actually need to validate.

Download Now

You can pre-order the Faden siblings’ next adventure now.

Qualcomm and Microsoft believe cloud-based AI wearables are the future, rather than entirely optional and secure on-device features like Apple Intelligence.

Big tech has all but embraced the proliferation of AI. Microsoft and Qualcomm are the latest to suggest the future of hardware and software development lies in AI-first devices.

On June 2, Microsoft CEO Satya Nadella and Qualcomm CEO Cristiano Amon discussed a new wearable device dubbed Project Solara, a joint venture of the two companies.

“We’re moving from building operating systems, devices for apps, to agents,” said Nadella.

Qualcomm’s CEO describes Project Solara as “a much more personalized and bespoke experience than an app in itself,” and as a product “that’s changing the nature of devices.”

In essence, the two companies are working on a device that does tasks for you through AI agents, rather than a product with an established operating system and apps that let you do things on your own. Additionally, the “whole silicon is designed for you to have a cloud-native experience,” according to Amon.

Design-wise, Project Solara resembles a smartphone attached to a lanyard. Commenting on the product’s design, Amon said that we’ve started to see “incredible new form factors” like Project Solara.

Realistically, though, it’s not a far cry from the ill-fated Rabbit R1 or the Humane AI Pin.

Inside, Microsoft and Qualcomm’s new device will house a power-efficient CPU, along with a variety of sensors to help it understand the world around its wearer. In that respect, the device sounds like most AI wearables on the market, though less convenient than something like Google’s smart glasses.

Microsoft’s AI approach vs. Apple’s ideas

Project Solara stands at odds with Apple’s privacy-first AI philosophy, where on-device models are prioritized over cloud-based processing. The product has an inherent security risk, relative to an iPhone, as information is constantly shared over the internet.

Qualcomm CEO Cristiano Amon spoke about “incredible new form factors,” but the device looks like a smartphone on a lanyard. Image Credit: Qualcomm.

However, there is a small commonality between the AI ideas of Microsoft and Apple. Project Solara will feature an open ecosystem where wearers can choose the AI agents they want to use.

Apple, meanwhile, is said to be working on improved third-party AI support for iOS 27, though its own on-device AI will continue to be the backbone of Apple Intelligence.

In essence, Microsoft will prioritize convenience over privacy, security, and long-term usability. Both Apple and Microsoft will give users freedom of choice when it comes to AI models, though.

When viewed through the context of failures like the Humane AI Pin and Rabbit R1, though, Apple’s idea of offering AI with existing products makes more sense. Google Gemini is similarly available across Android devices, as Apple Intelligence is on iOS.

More importantly, Apple Intelligence is an entirely optional set of features, an auxiliary set of tools. AI is not the cornerstone of the iPhone, and Apple understands that users want the freedom to do things without LLMs. Microsoft’s AI approach is arguably the exact opposite.

However, rumors of an Apple-branded AI pin continue to circulate, and OpenAI is working on an AI-themed device with former Apple designer Jony Ive. Even with the nonexistent success of AI companion devices, tech companies seem to believe there’s still hope for this sort of platform.

Whether any AI-themed device, be it from Apple or Microsoft, will achieve mainstream success remains to be seen.

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions.

Tool and payload development was assisted by Cursor and Claude Opus agents in various stages, including initial coding, analysis, and revisioning. Additionally, some agents were tasked with checking security research posts for various bypass techniques.

Some of the malware created this way was tested in virtual environments against EDR tools from Sophos, CrowdStrike, and Microsoft.

Despite the malware research and development orchestrated using AI technology, the researchers note that the workflow is entirely human-driven.

Rapid EDR-bypass development

Researchers at cybersecurity company Sophos detected activity from the toolkit on a system at a customer environment that triggered alerts for payloads stored in C:\Users\User\Documents\test.

The malicious files suggested they were part of an attack framework that focused on evading detection:

• Cobalt Strike profiles designed to make beacon traffic resemble legitimate web requests
• A Telegram bot API–based external command and control (C2) mechanism that routed communication through Telegram’s infrastructure rather than using direct connections
• Python-based malware development scripts for injecting shellcode into legitimate Windows executables while preserving original functionality
• A Cloudflare Worker acting as a front-end redirector to obscure the actual backend C2 server

The researchers say that while the tool may appear as a “red team” post-exploitation framework, it is used in cybercriminal activity related to ransomware.

“Our initial assessment included the possibility that a legitimate Red Team was engaged, but our investigation revealed further artifacts that indicated malicious and criminal activity,” Sophos told BleepingComputer.

The discovery in Cobalt Strike operator logs of entries pointing to a ransom note and details on multiple organizations listed on a ransomware data leak site clarified that the framework was used for cybercrime operations.

Agentic malware development

In a report published today, Sophos says that multiple Python scripts on the compromised host were written in Russian and generated with the help of AI tools.

During the investigation, the researchers found a Git repository with components related to “an automated Active Directory (AD) discovery panel and a lab that uses an iterative approach to developing and testing malware against the Sophos, CrowdStrike, and Windows Defender endpoint detection and response (EDR) agents.”

They say that AD discovery is driven by collecting observations from completed tasks and selecting the next action from predefined choices. The next step is delegated to remote agents, with results being reassessed.

The framework has multiple AI agents, each with a distinct role and function. For instance, a Claude Opus 4.5 agent acts as the coordinator of the R&D process, while others handle testing, OPSEC hardening, documentation, proxy stress testing, VM deployment, and other related tasks.

For the development stage, some agents documented bypass techniques in research from Kaspersky, Palo Alto Networks, Bishop Fox, and SpecterOps, as well as details published in social media posts.

The agents extracted the techniques, mapped them to the MITRE ATT&CK knowledge base of adversary behaviors, identified what was needed for reproduction, prepared a test lab, executed the technique, and reported the outcome.

The main component in the malicious framework is a Python tool that generates payloads, mostly in Rust and Go, based on an evasion technique. Close to 80 modules were generated and tested against more than 70 techniques.

While the agents initially suggested a high failure rate, the modules appeared to bypass almost all EDR solutions after several iterations. However, Sophos noticed discrepancies between the test output and the framework’s internal reporting in some instances, although the reasons are unclear.

Sophos found no evidence that AI was embedded in deployed malware or operating independently in victim environments. Instead, the technology was used to accelerate the iterative process of developing, testing, and refining payloads against security products.

AI tools are shortening the period between the publication of offensive security research and its practical implementation by threat actors.

Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.

This guide covers the 6 surfaces you actually need to validate.

Download Now