Connect with us
DAPA Banner
DAPA Coin
DAPA
COIN PAYMENT ASSET
PRIVACY · BLOCKDAG · HOMOMORPHIC ENCRYPTION · RUST
ElGamal Encrypted MINE DAPA
🚫 GENESIS SOLD OUT
DAPAPAY COMING

Tech

Scattered Spider members behind TfL hack get five years in prison

Published

on

Justice UK

Two leading members of the Scattered Spider cybercrime collective were sentenced to five years and six months in prison each for hacking Transport for London (TfL) in 2024.

TfL disclosed that its network was breached in August 2024, with the attack disrupting internal systems and online services, including TfL’s Dial-a-Ride service, concessionary travel cards, digital payments, and contactless ticketing rollout, as well as the public transportation agency’s ability to process refunds.

Additionally, 148 systems became inoperable across TfL’s network, and all 27,000 TfL employees had to reset their passwords in person after the breach.

image

While TfL reported £29 million in losses and recovery costs after the attack, officials estimated that the UK economy could have lost up to £56 billion had the threat actors succeeded in shutting down the transport network.

TfL revealed on September 12, 2024, that the attackers had also stolen customer data (including names, addresses, and contact details). Four days later, on September 16, officers from the City of London Police and the UK National Crime Agency (NCA) arrested 20-year-old Thalha Jubair and 18-year-old Owen Flowers at their homes.

Advertisement

Investigators said that Flowers was also in the process of hacking U.S. healthcare companies Sutter Health and SSM Health Care Corporation, and that, at the time of his arrest, devices seized from him included evidence of the TfL intrusion.

Both pleaded guilty last month under the Computer Misuse Act and were sentenced today to five years and six months in prison each.

Owen Flowers and Thalha Jubair
Owen Flowers and Thalha Jubair (NCA)

NCA Deputy Director Paul Foster described Scattered Spider as “the most significant cybercrime threat to the UK in recent years,” and he credited TfL’s early cooperation with law enforcement for enabling the convictions.

“These convictions would likely not have been possible had Transport for London not engaged with law enforcement early, so I would urge any other organisation to please do the same in such circumstances,” Foster said. “We will continue working with partners in the UK and overseas to identify offenders and bring them to justice.”

The U.S. Department of Justice also charged Jubair in September 2025 with conspiracy to commit computer fraud, money laundering, and wire fraud in connection with at least 120 network breaches between May 2022 and September 2025.

Advertisement

According to court documents, these attacks affected dozens of U.S. organizations, including critical infrastructure entities and U.S. courts, with Jubair and his accomplices extorting over $115 million from victims worldwide between August 2024 and July 2025.

In July 2025, the NCA arrested four other suspected Scattered Spider members believed to be linked to a wave of cyberattacks against major UK retailers, including Harrods, Marks & Spencer, and Co-op.


article image

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Source link

Advertisement
Continue Reading
Click to comment

You must be logged in to post a comment Login

Leave a Reply

Tech

NASA’s Artemis III will need three rockets to do the job Apollo did with one

Published

on

SCIENCE

Blue Origin and SpaceX get their turn to prove they can dock, loiter, and not blow up the launch pad

NASA has given an update on the Artemis III mission and, while sticking with an optimistic 2028 landing target for Artemis IV, offered a glimpse into just how much development work remains to be done at Blue Origin and SpaceX. 

Artemis III has been compared to Apollo 9, which tested the Apollo Lunar Module in Earth orbit, yet neither SpaceX nor Blue Origin is flying anything as close to the lunar landers. 

Advertisement

Blue Origin’s test lander will be based on the company’s current Mark 2 crew lander architecture, incorporating the major avionics, flight software, life support, and crew cabin. Orion, launched atop NASA’s SLS, will dock to the side of the Blue Origin spacecraft for crew transfer; two crew members in orange Orion survival suits can baord the test lander, with Orion’s software controlling the stack.

An instrumented lunar surface spacesuit mass simulator, similar to the “Moonikin” manikin that flew aboard Orion for Artemis I, will also ride along on the Blue Origin lander.

SpaceX’s test is considerably simpler – just a docking system mounted on the nose of a Starship. That requires Starship testing to have reached the orbital stage first, which is why NASA will be closely watching the upcoming Flight Test 13. Starship V3 is still flying suborbital until SpaceX proves it can reliably relight an engine for controlled re-entry.

Under the current plan, Blue Origin launches its lander into orbit first, where it can loiter for up to 30 days. Once it’s checked out, a crew launches aboard Orion to rendezvous and dock with it. After that’s complete, SpaceX launches its Starship test article to rendezvous and dock Orion in turn, though the crew won’t board Starship, just verify communications and interoperability. SpaceX’s vehicle will control that docked stack.

Advertisement

Notably, SpaceX’s docking capability was qualified in 2023, while Blue Origin only tested its pressurized docking system earlier this year.

Jeremy Parsons, Artemis program manager, stated, “Artemis III will be a highly choreographed dance with a demanding launch sequence across multiple launch pads and equally demanding mission operations for our ground and flight crews, making it one of the most complex and ambitious missions NASA has ever undertaken.”

He is not exaggerating. Apollo 9 needed a single Saturn V launch; Artemis III needs three – an SLS, whatever Blue Origin ultimately uses to launch its lander (the company is still rebuilding its launch pad after May’s explosion), and a Starship. The SLS has flown twice, including one lunar flyby. Starship has yet to reach orbit despite Elon Musk once claiming that uncrewed versions would be landing on Mars around now.

It’ll be an impressive feat if NASA can pull it off, even if SpaceX’s piece of the puzzle looks a lot simpler than Blue Origin’s. ®

Advertisement

Source link

Continue Reading

Tech

Vint Cerf wants to give AI agents an identity

Published

on

Soon the internet will be full of AI agents acting on our behalf. Right now, there is no reliable way to tell who stands behind any of them. Vint Cerf, one of the people who built the internet, wants to fix that.

Cerf co-designed TCP/IP, the protocol that lets the internet’s independent systems talk to each other. He left Google last week after 20 years. Now he is joining the advisory council of Innovation Labs, a group building an open identity layer for AI agents, the company announced.

The missing layer

The problem is simple to state. Most AI agents today live inside one company’s systems. But firms want them roaming the open web, dealing directly with other agents. There is no shared way to prove who owns an agent, or who answers for what it does.

Innovation Labs is a division of Identity Digital, a firm that runs domain-name registries. Its idea, called DNSid, would give each agent a lasting identity tied to an existing domain name, backed by cryptographic proof. It has already submitted the design to the internet’s main standards body.

Advertisement

Why Cerf signed up

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!

Cerf frames it as the internet’s next big architectural problem. The trigger, he told TechCrunch, is “the question of what authorities they have, where they have derived those authorities, who is accountable.”

He expects it to be messy. “It’s going to be a fascinating, and at the same time maybe even exasperating, period,” he said. Rival standards are already appearing. Cerf thinks none will win on politics, only on what works, as happened with TCP/IP.

Advertisement

Keeping it open

The pitch is that no single tech giant should own the standard. Innovation Labs says it will not hold the registration data itself. “There’s a lot of organ rejection to a hyperscaler releasing a standard and having that proprietary data,” interim boss Allie Kline told TechCrunch. The group says it is already trialling the system with several unnamed cloud giants.

An agent-shaped internet

The stakes are rising because agents are spreading fast, from Amazon’s revamped Alexa to enterprise tools, and they are already causing trouble. Researchers have tricked them into leaking private code and even running a full ransomware attack. Regulators are scrambling too, from China’s new agent rules to Delaware’s plan to give agents a legal identity.

Cerf is not sure the agent-run internet is inevitable. But he thinks people will try to build it anyway. “We are fundamentally lazy creatures,” he said. If an agent can do a job for us, we will let it.

Advertisement

Source link

Continue Reading

Tech

Why College Degrees Matter in the Age of AI

Published

on

For the past few years, our nation has been flooded with headlines declaring the demise of the college degree. This trend was exacerbated by COVID-19, which accelerated a decline in college interest.

I understand, really, I do. Tuition costs are rising. Student debt is real.

Rita Finkel is co-president of the Armory Foundation and Director of The Armory College Prep program.

Rita Finkel is co-president of the Armory Foundation and Director of The Armory College Prep program.

Artificial intelligence (AI) is also reshaping white-collar work by automating routine cognitive tasks, changing hiring patterns and increasing the use of AI tools in professional occupations. A 2025 Gallup survey found that AI use at work among U.S. employees nearly doubled from 21% in 2023 to 40% in 2025.

This is drawing many to a simple conclusion: a four-year college degree is no longer worth the time or money.

Advertisement

But the data, and the broader reality of how careers and life actually unfold, tell a different story.

Yes, the labor market for recent graduates has become more competitive. Yet college graduates still consistently outperform non-graduates in employment, earnings and long-term career resilience, according to new national data from the College Board Education Pays 2026 report.

But more importantly, a degree from a competitive college with a high graduation rate cultivates the ultimate asset in a rapidly changing economy: the ability to think critically. This includes being able to understand AI, as those who do will be better positioned to shape how it’s used ethically and responsibly.

That matters now more than ever.

Advertisement

Recent analysis from the Federal Reserve and labor economists shows that while the wage gap between graduates and non-graduates has narrowed, college graduates still maintain lower unemployment rates overall and stronger long-term job stability. A 2025 analysis from the St. Louis Fed found that from 2000 to 2025, workers with only a high school diploma consistently faced unemployment rates at least 2.3 percentage points higher than workers with bachelor’s degrees.

Even amid a softer hiring market, the advantage remains clear. Data cited by Goldman Sachs and other labor researchers showed unemployment for young non-college workers hovering around 7% in 2025, compared with roughly 4.6% for recent college graduates.

That is not a meaningless difference. In a large economy, a few percentage points represent millions of jobs.

Critics often focus narrowly on whether college guarantees a job immediately after graduation. That framing misrepresents the real purpose of higher education. College is not merely vocational training. It is preparation for a lifetime of economic and intellectual change.

Advertisement

The modern workforce is evolving too quickly for any technical skill to remain permanent. Entire industries now transform within a decade. Many students entering college today will eventually work in jobs that do not yet exist. In this environment, being able to think critically becomes the ultimate career skill.

A strong college education teaches students how to analyze information, communicate clearly, solve unfamiliar problems, conduct research, collaborate with different kinds of people, and learn independently. Those capacities transfer across different industries and technologies.

Ironically, the rise of AI may make these human skills even more important. Employers increasingly value workers who can think critically, interpret nuance and make judgments machines cannot easily replicate, according to Western Governors University, which surveyed more than 3,000 employers. Technical skills may evolve every few years; the ability to learn and think critically endures. According to McKinsey, “Human skills will matter more in the age of AI.”

The ability to think and process information is also why college graduates tend to weather recessions better over the course of their careers. Historically, workers with higher educational attainment have experienced lower unemployment during recessions and often recover faster in labor market recoveries, though this advantage varies by industry, age, and economic cycle. In 2024, unemployment for bachelor’s degree holders was 2.5%, compared with 4.3% for high school graduates and 6.1% for people without a diploma, according to the U.S. Bureau of Labor Statistics.

Advertisement

Of course, higher education must confront legitimate concerns about affordability and workforce alignment. There’s nothing wrong with questioning college directly after high school if a student is interested in pursuing a low-demand degree with high debt or if the student has yet to define a clear career goal.

But seeing college as only a trade school, in my opinion, is the wrong way to look at it. There are tremendous educations available where financial aid is available to help those who need it to meet the demands of higher education costs. There are wonderful State Schools and City Schools that are great choices for students.

This is an endorsement of a 4-year college degree, at a competitive school, to learn how to think critically, for a lifelong ability to learn new things. One thing we do know about the future is that we will need a population that has the ability to synthesize information quickly and accurately.

The real question is not whether college guarantees success. Nothing does.

Advertisement

The question is whether developing analytical ability, communication skills, flexibility, and intellectual independence still matters in an uncertain economy.

I am here to say they do. Perhaps more than ever.

The future will belong not simply to people who know things, but to people who can keep learning new things. College, at its best, remains one of the strongest environments for building that habit.

A college degree and a stable career can benefit generations. Earning a college degree is linked to longer, healthier lives, higher incomes, greater civic participation and better career alignment. While economic benefits are substantial, the lifestyle advantages extend to health, social engagement and personal fulfillment.

Advertisement

And that is why it is still worth it.

Rita Finkel is co-president of the Armory Foundation and Director of The Armory College Prep program.

Source link

Advertisement
Continue Reading

Tech

Zoom patches critical security flaw which could have let hackers hijack accounts

Published

on


  • Zoom patches critical improper input validation flaw in multiple Windows clients and SDKs that allowed remote account takeover
  • Additional high‑severity bugs fixed include CVE‑2026‑53410 (TOCTOU race condition), CVE‑2026‑53409 (privilege management flaw), and CVE‑2026‑53411 (input validation issue)
  • All vulnerabilities were found internally, with no evidence of exploitation; users are urged to update Zoom Workplace and related products to the latest versions

Zoom has patched a critical-level vulnerability in multiple products that allowed threat actors to take over people’s accounts remotely.

In a security advisory, Zoom said it fixed an Improper Input Validation bug plaguing Zoom Desktop Client for Windows (before version 7.0.0), Zoom VDI Client for Windows (before versions 7.0.10, 6.6.15, and 6.5.18), and Zoom Meeting SDK for Windows (before version 7.0.0). It did not go into more details on how the flaw works.

Source link

Advertisement
Continue Reading

Tech

Woman discovers a hidden AI camera in her rental car recording her and warning about unsafe driving

Published

on

Through the looking glass: Modern car technologies such as license plate readers and self-driving telemetry systems have been raising privacy concerns for some time now. However, a San Diego company’s fleet observation devices might bring car surveillance to a new, uncomfortable level, especially when encountered by unsuspecting renters.

A woman recently took to social media after discovering that her Audi rental car’s dashboard contained a camera recording her every move. It also gave verbal reminders to wear a seat belt and avoid unsafe driving behavior.

The end of the video reveals that the camera was built by Lytx, which supplies its surveillance system to rental fleets. The company’s YouTube videos advertise the cameras as a safeguard that effectively minimizes distracted driving and other risky behavior.

According to Lytx’s website, the cameras record events both in front of and behind the wheel using an AI-powered system that learns to detect when drivers use phones, smoke, eat, drink, follow other vehicles too closely, or ride without seat belts. They can record up to 400 hours of live video feeds and deliver verbal warnings to discourage unsafe driving. Fleet operators can set the cameras to record continuously or only in response to certain triggers.

Advertisement

However, the woman who posted the warning about the camera, calling it “the eye of Sauron,” was unaware that the rental car featured one before stepping into it. Lytx’s website shows its cameras almost exclusively in cargo trucks, and Audi is not listed among the company’s partners. The dealer that lent out the Audi might have installed the camera without the car manufacturer’s involvement.

While Lytx’s cameras appear to be legal in most US states and drivers are assumed to have consented by driving equipped vehicles, their legal standing regarding privacy remains unclear. Most people probably have a reasonable expectation of privacy while driving, even in a rental car.

Furthermore, the woman in the video noted that she is a medical professional who conducts private conversations with patients while driving. Recording those conversations might constitute a HIPAA violation.

Advertisement

Prior incidents of cars observing their drivers have mostly involved electric vehicles and self-driving cars such as Teslas and Waymos. In 2023, Tesla employees were found to be sharing deeply private and intimate videos captured on owners’ vehicles, some of them taken inside garages. More recently, a Waymo car stopped and contacted the police when its occupants fired toy guns from the vehicle. Systems such as Lytx’s raise the possibility that similar surveillance measures might be installed in almost any vehicle.

Source link

Advertisement
Continue Reading

Tech

XPeng’s New ‘Budget’ EV Looks Like the Ferrari Luce

Published

on

As you walk into XPeng’s Munich showcase event, you’re greeted by, I kid you not, a giant wooden Trojan horse. Not exactly a subtle message from a Chinese brand announcing its first-ever global release of an electric vehicle, right in the backyard of the German auto industry.

It’s hard to believe that XPeng was founded just shy of 12 years ago. Yet by 2020 it was already shipping EVs to Norway, marking the start of the Chinese company’s European journey. Today, alongside cars, it has robots and flying cars in its commercial product portfolio.

Look at the top 10 EV manufacturers in China by volume, and you won’t find XPeng, but it’s growing and has forged a bigger reputation outside of its home country. Now it wants to go global with its latest model, the L03, the brand’s first new car that will launch in 60 countries across Europe, Latin America, the Middle East, and the Asia-Pacific.

The L03 is a big play for XPeng because this is its “budget” model, starting at €35,600 (about $40,000), priced to sit below its G6 Tesla Model Y competitor, and to sell in volume.

Advertisement
Image may contain Ball Sport Tennis Tennis Ball Car Transportation Vehicle Machine Wheel Bicycle Tire and Chair

The base-level XPeng L03 in Munich, complete with Trojan horse in the background.

Jeremy White

Yes, the L03 is the company’s mass-market play. Despite the keen pricing, XPeng has sought to make the specs attractive: a claimed WLTP 320-mile range; fast charging from 10 to 80 percent in 20 minutes; panoramic glass roof; heated and cooled massage seats; 256-color ambient lighting; brushed metal speaker covers; an impressive 0.228 drag coefficient to squeeze out more range; smart parking; a 15.6-inch 2.5K central screen; 27-inch HUD; AI-powered voice control; and even Google Maps built in.

All this and more come as standard, whether you go for the vanilla model, the Long Range, AWD, or Ultra. The phrase XPeng keeps using for this embarrassment of riches is “beyond class.” It wants the L03 to go toe-to-toe with EVs in the segment above it—cars like the Volkswagen ID.4.

Performance? Well, the five-seat, 4,650-mm L03 can hit 0 to 60 mph in just 4.5 seconds on the top models, but this drops to 7.5 seconds on the Standard Range base version.

Advertisement
XPengs New ‘Budget EV Looks Like the Ferrari Luce

Photograph: Courtesy of XPeng

Source link

Continue Reading

Tech

Why Does Wireless Android Auto Use Both Bluetooth And Wi-Fi?

Published

on

The two technologies work in tandem.

You get in the car, turn it on, and your phone just connects to your entertainment system. Wireless Android Auto launches automatically on the dashboard and you’re good to go. No cable. No fumbling to plug anything in. You don’t even have to dig out your phone from your bag or pockets. But here’s something most drivers don’t realize: the “wireless” experience of Android Auto actually requires running two separate connections at the same time: Bluetooth and Wi-Fi.

Why both? That’s a good question and the short answer is that neither technology can do the job alone.

Advertisement

Can you run Android Auto without Bluetooth?

Bluetooth handles two specific jobs when it comes to wireless Android Auto: the initial handshake between phone and car and hands-free calling. The handshake is what kicks off the whole process. Bluetooth, as a technology, is energy-efficient and low-power, so your phone can scan for your car’s system in the background, pair the two, and exchange the credentials needed to launch a Wi-Fi connection. The only thing you have to do is to turn on your car.

Handling hands-free calls is Bluetooth’s second job in your car. Android Auto routes audio through your car’s speakers using the Hands-Free Protocol. If you disable Bluetooth during your drive for any reason, it simply kills the connection. For these two reasons, you can’t run wireless Android Auto without Bluetooth.

As mentioned, Bluetooth also launches a Wi-Fi connection. So, why does Android Auto turn on Wi-Fi? Because Bluetooth tops out at around 2-3 Mbps of data throughput. That’s enough for audio alone, but definitely not enough to stream a high-resolution map interface, audio and touch inputs.

Advertisement

Why does wireless Android Auto need Wi-Fi?

Once the Bluetooth handshake is complete and your device is paired to your car, your phone connects to a local, peer-to-peer 5GHz Wi-Fi Direct network. This is where the magic happens. Wi-Fi Direct provides the bandwidth needed to handle everything else from the user interface to high-quality audio from your streaming services, and the sensor data (GPS details, odometer, touch inputs on the screen, voice commands, ambient light, etc).

Google’s Android Auto developer documentation clearly states that the 5Ghz Wi-Fi requirement is strict because standard Bluetooth lacks the bandwidth for continuous video projection. That’s also why older phone models without 5GHz Wi-Fi support simply can’t run wireless Android Auto.

Advertisement

What happens if your car doesn’t have wireless Android Auto?

Many vehicles (mine included) only support wired Android Auto. Thankfully, there are plenty of dongles available to purchase, such as the Carlinkit, AAWireless, and the Motorola MA1. These bridge the gap by using the same Bluetooth and Wi-Fi logic, just with an extra layer.

You plug this tiny dongle into your car’s USB port and it mimics a wired smartphone. The dongle then pairs with your phone over Bluetooth, establishing a data connection. Your phone then drops the Bluetooth data link and connects to the dongle over 5GHz Wi-Fi Direct before translating that Wi-Fi stream into the USB signal. As far as your car knows, you’re working with a standard wired connection. It’s an easy fix that won’t cost you a fortune.

Advertisement

What are the disadvantages of wireless Android Auto?

Using wireless Android Auto is certainly convenient, but there are some downsides. First of all, both Bluetooth and Wi-Fi must stay on as turning off either of them breaks the connection. Maintaining an active 5GHz Wi-Fi connection on top of GPS and Bluetooth can definitely drain your device’s battery. On top of that, if you’re using a dongle, it can add a connection delay. You’ll also need to have a phone with 5G capabilities that is running Android 11 or newer.

Ultimately, wireless Android Auto works so smoothly because Bluetooth and Wi-Fi each handle the part of the job they’re best suited for. When you know what happens behind the scenes, it may sound complicated, but the result is worth it.

Advertisement

Source link

Continue Reading

Tech

Windows 0-day drops the same day Microsoft releases record number of patches

Published

on

“If I can set up the system so that it runs my code when the admin user logs in,” the attacker has de facto administrator privileges, Will Dormann, a senior principal vulnerability analyst at Tharros Labs, said in an interview. “I don’t need to be an admin myself.”

In a post, he said that “the ability of a non-admin user to be able to modify the classes registry hive of an admin user is a pretty powerful primitive. Clever attackers or people who want to accomplish something will easily be able to figure out how to do things that are more interesting and/or don’t even require user interaction.”

Dormann said that the exploit could possibly be chained to a separate one that gives direct access to an administrative account.

As explained in a post by a different analyst: “When a new user is logging on, Windows needs to load the user’s class hive. Since the user isn’t logged on before logging on (tautology, I know), it can’t be loaded in the context of the user. So it is loaded in the context of NT AUTHORITY\SYSTEM. LegacyHive abuses this.”

Advertisement

In an emailed statement, Microsoft said it’s aware of the vulnerability report and is investigating. The company also noted its preference that vulnerability reporters follow a coordinated disclosure policy.

For now, Windows users who want to protect their systems against HiveLegacy can run a detection script published by independent researcher Kevin Beaumont. Other defenses are to restrict local non-user account creation, monitor ProfSvc for unexpected hive loads, and track NTUSER.DAT/UsrClass.dat activity.

Source link

Advertisement
Continue Reading

Tech

Microsoft Patches a Record 570 Security Flaws

Published

on

An anonymous reader quotes a report from Krebs on Security: Microsoft today released software updates to plug at least 570 security holes in its Windows operating systems and other software, almost triple the number of vulnerabilities the software giant fixed in its record-smashing Patch Tuesday release last month. Microsoft attributed the burgeoning patch counts to vulnerability discoveries aided by artificial intelligence. Nearly 60 of the bugs quashed in July’s Patch Tuesday earned a “critical” severity rating, meaning miscreants or malware could use them to seize remote control over a Windows device with little or no help from the user. Microsoft also addressed three zero-day flaws, including two that are already being exploited in the wild.

Two of the zero-day weaknesses allow an attacker to elevate their user rights on a Windows system, as do approximately 250 other elevation of privilege flaws fixed this month; they include CVE-2026-56155 – an Active Directory Federation Services bug — and CVE-2026-56164, a Microsoft Sharepoint vulnerability. CVE-2026-50661 is a security feature bypass in Windows BitLocker that could allow attackers to gain access to encrypted data if they have physical access to the device. Microsoft said this bug has been detailed publicly, but that it is not aware of any active exploitation.

In a blog post on July 9, Microsoft Executive Vice President Pavan Davuluri wrote that Windows users will notice “a higher volume of security updates included in each security release” as a result of AI aiding in the discovery of vulnerabilities. “The pace of vulnerability discovery is changing with advances in AI making it possible to find more issues, faster, across more code, with new mechanisms that can accelerate both discovery and analysis,” Davuluri wrote.

Source link

Advertisement
Continue Reading

Tech

Windows 11 24H2 Home and Pro reach end of support in 90 days

Published

on

Windows 11

Microsoft announced on Wednesday that systems running Windows 10 Enterprise LTSB 2016 and Home and Pro editions of Windows 11 24H2 will stop receiving updates in three months.

However, as the company explains on its support website, Enterprise and Education editions will remain under mainstream support until October 12, 2027.

“On October 13, 2026, Windows 11, version 24H2 Home and Pro editions, and Windows 10 Enterprise LTSB 2016 will reach end of updates,” Microsoft warned yesterday in a message center update.

image

“After this date, devices running these editions will no longer receive monthly security and non-security preview updates containing protections from the latest security threats.”

Customers are advised to upgrade to Windows 11 25H2 (also known as the Windows 11 2025 Update), which became generally available in September 2024 as a minor update installed on version 24H2 through an enablement package.

Advertisement

Devices running Windows 11 24H2 Home and Pro that aren’t managed by IT departments will receive the Windows 11 25H2 update automatically, but they’ll still be able to postpone the update or choose when to restart.

“If you have an eligible Windows 10 or Windows 11 device, you can check whether the update is available by selecting Settings > Windows Update and selecting Check for updates. If your device is ready for the update, you’ll see the option to Download and install Windows 11, version 25H2,” Microsoft added.

You can find more details about Windows servicing dates on the Windows Lifecycle FAQ page or using the Lifecycle Policy search tool. Microsoft also provides a list of products that it will retire or reach the end of support in 2025.

Microsoft also stopped rolling out security updates to devices running Home and Pro editions of Windows 11 23H2 in November.

Advertisement

More recently, in June, it quietly extended the free Windows 10 Extended Security Updates (ESU) program for consumers by an additional year. Following this extension, Microsoft is now allowing enrolled devices to continue receiving security updates until October 12, 2027.


article image

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Source link

Advertisement
Continue Reading

Trending

Copyright © 2025