No no no, we are not sad. *slumps in the corner crying*

Microsoft is officially shutting down Collections, one of the more unique productivity features inside the Edge browser, and many users believe the move reflects the company’s growing obsession with AI-first experiences.

According to Microsoft’s support documentation, Collections in Edge is being discontinued beginning June 2026. The feature allowed users to save groups of webpages, images, notes, shopping links, and research material into organized visual boards directly inside the browser. For students, researchers, online shoppers, and multitaskers, Collections became one of Edge’s most practical hidden tools – and one of the few browser features that genuinely stood apart from Chrome and Safari.

Collections first launched as a productivity-focused tool that blended bookmarking, note-taking, and visual organization into a single interface. Unlike traditional bookmarks, users could drag webpages, screenshots, text snippets, and images into categorized boards that synced across devices. It became especially popular for planning trips, organizing research projects, comparing products, and saving inspiration from across the web.

Now, Microsoft appears ready to move on.

Edge is increasingly becoming an AI-first browser

The removal of Collections arrives as Microsoft aggressively transforms Edge into a platform centered around Copilot and generative AI features. Over the past two years, the company has integrated AI-powered assistants into nearly every part of Edge, from sidebar chat tools and webpage summarization to writing assistance and contextual search.

Critics argue that Collections represented a genuinely useful feature focused on human productivity rather than AI automation. Unlike some newer AI additions that users may ignore entirely, Collections solved a simple but common problem: organizing information gathered across the web without relying on third-party apps like Notion, Pinterest, or Pocket.

We at Digital Trends previously described the feature as one of the browser’s best hidden tools, particularly because it offered a more visual and intuitive alternative to cluttered bookmark folders. Users could quickly collect shopping comparisons, project research, recipes, or reading material into organized workspaces without leaving the browser.

Microsoft has not directly stated that AI features are replacing Collections, but the timing has fueled criticism that practical browser tools are increasingly being sacrificed to make room for AI-centric experiences and interface redesigns.

The broader concern extends beyond Edge itself. Across the tech industry, companies are rapidly reshaping products around generative AI, sometimes at the expense of smaller features users genuinely rely on every day.

Edge users may lose one of the browser’s most practical tools

For longtime Edge users, the shutdown represents the loss of one of the browser’s clearest identity features. While Chrome dominates browser market share, Edge often differentiates itself through smaller quality-of-life tools like vertical tabs, sleeping tabs, and Collections.

The removal could particularly frustrate users who built workflows around the feature for productivity, shopping research, or creative organization. Microsoft has not yet introduced a direct replacement that replicates the same visual organizational experience.

At the same time, the decision signals how seriously Microsoft is prioritizing AI integration across Windows and Edge. The company increasingly sees Copilot as the centerpiece of its software ecosystem, and browser development now appears heavily focused on AI-assisted experiences rather than traditional productivity utilities.

For some users, that future may sound exciting. For others, it may feel like another example of useful software features quietly disappearing in favor of AI tools they never asked for.

A security startup’s autonomous AI agent found 21 previously unknown vulnerabilities in FFmpeg, the open-source media library embedded in almost everything that touches video. The startup, depthfirst, says the run cost roughly $1,000 in compute. Some of the bugs had been hiding in the codebase for more than 20 years.

Days later, Google shipped Chrome 149 with patches for 429 security bugs, the most ever in a single browser release. Over 100 are critical or high severity. The two events arrived independently, but they point in the same direction: AI is finding vulnerabilities faster than humans can fix them.

Depthfirst’s agent scanned FFmpeg’s roughly 1.5 million lines of C and produced a reproducible proof-of-concept for each of the 21 zero-days. Most are heap or stack overflows in parsers and demuxers, spanning components from the TS demuxer to the VP9 decoder. One stack overflow in the service-description-table code dates to 2003.

Nine already carry CVE identifiers (CVE-2026-39210 through CVE-2026-39218). The rest have been fixed upstream but not yet numbered. Depthfirst has published proof-of-concept code.

FFmpeg is not new to AI-driven bug hunting. Google’s Big Sleep agent reported a run of FFmpeg bugs last year. Anthropic’s Mythos model pulled a 16-year-old H.264 flaw and others out of FFmpeg for about $10,000. Depthfirst claims to have done comparable work at a tenth of the cost.

Chrome 149’s record haul is a different story. Google has not attributed the 429 vulnerabilities to AI. But the company overhauled its bug bounty programme in April after a flood of AI-generated submissions, now asking researchers for concise reproducers instead of the long writeups AI tends to produce.

The worst bug, CVE-2026-10881, scores 9.6 on the CVSS scale. It is an out-of-bounds read and write in the ANGLE graphics engine that lets a crafted page escape Chrome’s sandbox and run code on the host. Google paid $97,000 for the report. Of the 22 critical bugs, 19 were found internally.

The pattern keeps repeating. An autonomous tool recently found an authenticated remote code execution flaw in Redis that had gone unnoticed for over two years. A February study showed an AI agent could reproduce working exploits for more than half of 100 real Linux kernel bugs, beating traditional fuzzing.

The hard problem is shifting. Finding these bugs has become cheap. Triaging the reports, shipping the fixes, and getting them installed has not. Much of that work still falls on volunteers and a thin layer of human triagers now expected to keep pace with machines. Mozilla patched 271 Firefox vulnerabilities found by Mythos in a single pass. The question is no longer whether AI can find the bugs. It is whether anyone can fix them fast enough.

Majority Audio is trying to make modern streaming audio more accessible with its new Link Series, which was previewed at High End in Vienna.

This is a range of compact devices that bring services like Spotify Connect and AirPlay 2 to older hi-fi setups. Pricing starts from just £59.

At the entry point is the Link Mini, a small streamer designed to plug into existing speakers, radios, or hi-fi systems., instantly adding wireless streaming.

The Link Mini supports AirPlay 2, Spotify Connect and TIDAL Connect, along with Wi-Fi 6, Bluetooth LE and Auracast compatibility. Additionally, it comes with both analogue and optical outputs, making it is a straightforward upgrade for legacy hi-fi kit.

Advertisement

The step up from the Mini is the Link View, which has a more visual approach. It introduces a 2.1-inch circular touchscreen paired with a rotary control dial, allowing users to browse playback, view album artwork and switch sources directly on the device.

Advertisement

Above the Link View is the Link Pro, which pushes further into all-in-one territory. Alongside streaming support, it adds DAB/DAB+ radio, internet radio and HDMI ARC. This gives it more flexibility for both music and TV audio setups. A larger 4-inch colour display helps manage playback and navigation. So, it makes the device feel closer to a compact hub than a basic streamer.

At the top of the range is the Link Pro Amp, a £299.95 streaming amplifier designed to drive passive speakers directly. It delivers up to 300W of output via a Texas Instruments Class-D amplifier, combining streaming, amplification and radio features in a single unit.

In addition, connectivity is extensive. It includes HDMI ARC, optical input, USB playback, Ethernet, analogue input and a dedicated subwoofer output.

Advertisement

Overall, the Link Series feels aimed at users who want to modernise their audio setup without moving into high-end pricing. Instead of pushing a full system replacement, Majority is focusing on incremental upgrades to existing kit

Advertisement

The self-replicating Miasma worm has reached Microsoft‘s own GitHub repositories. GitHub disabled 73 repositories across four Microsoft organisations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, after the worm planted malicious code that harvests developer credentials. It is the most significant escalation yet in an ongoing supply chain attack campaign that has been spreading across the open-source ecosystem for weeks.

The attack exploited previously compromised credentials. Last month, the threat group TeamPCP infected the “durabletask” PyPI package hosted in Microsoft’s Azure organisation to deliver an information stealer. Security researcher Paul McCarty pointed out that the same repository is at the centre of this month’s takedown.

“When the repo at the root of last month’s compromise is the hub of this month’s takedown, that is not a coincidence, that is the same wound reopening,” McCarty said. “Whoever held those credentials in May plausibly never fully lost them.”

What makes this campaign particularly dangerous is how the payload detonates. The attacker planted a 4.3 MB payload runner wired to execute automatically through five developer tools: Claude Code, Gemini CLI, Cursor, VS Code, and the npm test script. A developer only needs to clone an affected repo and open it in an AI coding agent for the malware to run.

Once triggered, the Bun-based worm harvests credentials for AWS, Azure, GCP, Kubernetes, npm, and GitHub. It then uses those stolen tokens to commit itself into any repository the victim can write to, spreading autonomously across the ecosystem.

Among the disabled repositories are critical Azure infrastructure projects: azure-search-openai-demo, durabletask and its .NET, Go, JS, and MSSQL implementations, functions-container-action, llm-fine-tuning, and windows-driver-docs. OpenSourceMalware reported that GitHub contained the attack within 105 seconds, but the scope of affected downstream users remains unclear.

Miasma is a variant of the Mini Shai-Hulud worm that TeamPCP publicly released in mid-May 2026. The original Shai-Hulud appeared in September 2025 as the first self-replicating malware observed in the npm ecosystem. It has since mutated across npm and PyPI, previously compromising 32 Red Hat packages and hitting TanStack, Mistral AI, and UiPath packages.

The worm has also begun skipping the npm registry entirely. SafeDep found it pushing malicious code directly to source repositories, including “icflorescu/mantine-datatable” and four related projects. As of writing, more than 80 public repositories on GitHub carry the Miasma campaign’s naming pattern.

The fundamental problem is not a vulnerability in npm or GitHub. “It exploits the trust model those platforms are built on,” security firm FalconFeeds.io said in its analysis. “The assumption that if a package is signed with a valid key and published by an authenticated maintainer, it is safe.” The worm compromises the key and the maintainer, then acts exactly like a legitimate publisher. From the registry’s perspective, every malicious publish event looks like a routine update.

The targeting of AI coding agents is a notable evolution. Developers increasingly rely on tools like Claude Code and Cursor to work with unfamiliar repositories. A worm that activates when an AI agent opens a project exploits a new behaviour pattern that did not exist a year ago. It is supply chain malware designed for the age of AI-assisted development.

AI and ML

Most orgs remain trapped between flashy demos and real-world deployment, despite 75% saying adoption is racing ahead

Three-quarters of enterprise leaders say they’re adopting agentic AI, but only a small minority have managed to move beyond pilots and into meaningful production deployments, according to Forrester. 

That won’t stop vendors from slapping “agentic” onto every product brochure they can find, but the analyst’s assessment is that most organizations remain stuck somewhere between experimentation and actual business value.

Agentic AI has reached an important milestone in 2026, says Forrester: “long-horizon agents are no longer off on the horizon.” 

In plain English, the bots are no longer clocking on for a five-minute task and calling it a day. Vendors have demonstrated agents capable of operating for days, weeks, or even months, with examples ranging from software development to research workflows.

The trouble starts when those demos collide with the realities of enterprise.

Forrester says companies are expanding their agentic ambitions while largely failing to scale them. Governance remains immature, platform strategies remain fuzzy, and many organizations are struggling to demonstrate a return on investment substantial enough to justify broader deployment.

Forrester’s argument is that companies aren’t struggling because they have too many AI agents, but rather they’re struggling because managing them gets messy fast. What works as a handful of experimental projects can become much harder to control once agents start operating across multiple systems and teams.

Many organizations are building agents in isolation, the report says, without a clear way to track them, manage them, or coordinate how they work together. That may be fine for a pilot, but it becomes more of a problem when dozens of agents are making decisions, calling tools, and passing information around an enterprise environment. 

The report warns that, as projects grow, companies often end up with overlapping systems, duplicated work, and agents behaving in ways that become increasingly difficult to predict.

Forrester is equally skeptical that governance policies alone will solve the problem. The firm notes that more than half of enterprises still experience what it calls “agentic sprawl” despite adopting governance frameworks and formal policies.

Its conclusion is that writing rules down is one thing; enforcing them is another. Companies are increasingly finding that autonomous systems need automated guardrails that can track what agents are doing and restrict what they’re allowed to do in real time.

For now, the industry’s biggest challenge may not be building AI agents. It’s finding useful work for them that survives contact with the enterprise. Or, as Forrester puts it:

“Until companies tie agent autonomy to measurable changes in how work gets done, agentic AI will remain stuck in proof-of-concept purgatory.” ®

Hackers are actively exploiting a critical vulnerability (CVE-2026-3300) in the Everest Forms Pro plugin, which lets them take complete control of a WordPress website.

The security issue affects versions 1.9.12 and earlier of the plugin and can be leveraged without authentication to execute arbitrary code on the server.

Everest Forms Pro is a commercial add-on for the WordPress form builder plugin Everest Forms. It is used to create contact, registration, payment, and other custom application forms.

The CVE-2026-3300 vulnerability is in the plugin’s Complex Calculation feature, which accepts values submitted through form fields and inserts them into a PHP code string. Then, it executes the resulting code using PHP’s ‘eval ()’ function.

Although user input is passed through a ‘sanitize_text_field()’ function, which does not escape single quotes (‘) or other characters that influence PHP syntax.

As a result, an attacker can close the intended string, inject arbitrary PHP code, and comment out the remaining generated code to achieve code execution on the server.

Telemetry data from Wordfence firewall and malware scanner for WordPress shows that the vulnerability is being exploited in the wild to create rogue administrator accounts.

“The attacker submits a value for a text field that begins with a single quote to close the wrapping string literal, followed by a PHP statement that calls wp_insert_user() to create a new administrator account with the username ‘diksimarina’,” explains a report from Wordfence.

“The trailing // comment marker ensures the rest of the generated PHP code, including the closing quote, is treated as a comment and does not cause a syntax error.”

“When the form is processed, and the calculation is evaluated, the injected PHP code is executed, and the malicious administrator account is created.”

Administrator-level access gives attackers full power to perform high-risk actions on the breached website, including modifying content, installing plugins and themes, planting backdoors and webshells, and accessing private databases.

Researcher h0xilo submitted the CVE-2026-3300 vulnerability through Wordfence in February, and on March 18, the Everest Forms developer released a patch that addresses the issue.

According to Wordfence data, active exploitation started on April 13, with the firewall blocking over 29,300 attempts.

Wordfence says exploitation attempts originate primarily from two IP addresses, 202.56.2[.]126 and 209.146.60.26, and recommends defenders block them.

However, Wordfence’s report provides several offending IP addresses as indicators of compromise (IOCs).

Website administrators are also recommended to review log files and administrator accounts for any suspicious activity, especially containing the string “diksimarina.”

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper