With evidence that the tools had overlapping infrastructure, company attorneys invoked RICO statutes that target organized crime; the legal action was then able to treat both tools as part of a single conspiracy. As a result, Microsoft said, it disrupted more than 200 command-and-control servers and severed criminal control of more than 18,000 infected computers. Europol, which helped coordinate the law-enforcement part of the operation, said it recovered as many as 27 million stolen login credentials and uncovered $47 million worth of “crypto assets of criminal origin.”

“During this action, 326 servers and 142 domains were actioned by law enforcement and the private sector partners, severely crippling the malware’s distribution network,” Europol said. “By taking down these tools simultaneously, the collaboration between law enforcement and private parties has increased friction for cybercriminals, making it harder for attacks to succeed, spread, or recover.”

Other companies assisting in “Operation Endgame” include ESET, Proofpoint and IBM X-Force, Bitsight, and Mitsui Bussan Secure Directions.

Europol said that another tool disrupted in Operation Endgame is SocGholish, a malware loader linked to the Russian cybercrime group Evil Corp. that spreads through compromised websites. Visitors to these sites are tricked into installing trojanized apps posing as browser extensions or other legitimate software. Europol said it has responded by cleaning infected WordPress sites and urging administrators of the sites to change credentials and tighten security. It has also worked to notify parties whose data and credentials were exposed through SocGholish activities. Countries involved in the enforcement action include Canada, Denmark, Germany, the Netherlands, the UK, and the US.

For decades, IT services firms made billions of dollars by allowing companies to outsource tech tasks like customizing, integrating, and maintaining enterprise software. Vishal Sikka, former CEO of Infosys, one of the largest such firms in India, is now betting that AI can do much of that work instead.

His new startup, Hang Ten Systems, has raised a $32 million seed round led by Mayfield, it said Wednesday, with a strategic investment from Aramco Ventures and participation from angel investors. The startup, whose board includes Yahoo co-founder Jerry Yang, said it helps enterprises continuously build, modify, and operate software using AI-driven development and automation.

Hang Ten enters a market where IT services firms, including Infosys, are racing to adapt to AI through partnerships with companies like Anthropic and OpenAI.

The startup’s launch comes amid a growing debate over whether AI will expand the industry’s addressable market or fundamentally alter how enterprise software is built, maintained, and delivered.

Clearly, some enterprises are eager to try the AI-services idea, especially from someone as experienced as Sikka, who spent 12 years building enterprise software at SAP, and later as a board member for Oracle. Mayfield Managing Partner Navin Chaddha told TechCrunch that the company “just got started a month back” and already has customers.

The startup said it is working with customers including Siemens Gamesa Renewable Energy and Fresenius on AI-native project delivery. In a separate blog post announcing the venture, Sikka, 59, said Hang Ten was already helping large enterprises “hang ten on the biggest wave of our lifetimes.”

Headquartered in the Bay Area, Hang Ten told TechCrunch that it is hiring across delivery, engineering, sales, and leadership and plans to expand across multiple locations globally to meet enterprise demand.

The early crew at the startup includes executives who have worked with Sikka for years across SAP, Infosys and his previous enterprise AI startup, VianAI, according to their LinkedIn profiles. Among them are co-founders Navin Budhiraja, the startup’s CTO, Sanjay Rajagopalan, its chief design officer, and Tao Liu, its senior vice president of forward deployed engineering.

After stepping down as Infosys’ chief executive in 2017, Sikka founded VianAI, which emerged from stealth in 2019 with $50 million in seed funding and later raised $140 million in a 2021 round led by SoftBank Vision Fund 2.

Chaddha told TechCrunch Hang Ten is distinct from VianAI, describing Sikka’s earlier venture as focused on a different market. VianAI focused on enterprise AI applications and analytics tools designed to help businesses use artificial intelligence in decision-making. Hang Ten, by contrast, describes itself as an enterprise AI services company built around agentic code generation, reusable AI skills, and domain expertise.

Mayfield backed Hang Ten because of Sikka’s career experience, as well as its belief that the startup’s AI-native model can scale differently from traditional services firms.

“Traditional services scale linearly with headcount,” Mayfield said. “Hang Ten is built so its leverage grows with every project.”

Hang Ten emerges as investors debate how AI will affect the economics of the IT services industry. Analysts at Jefferies argued earlier this year that IT services may be among the first sectors to face meaningful AI disruption. Infosys chairman Nandan Nilekani, however, this week said AI could expand the industry’s addressable market.

Infosys itself has sought to position AI as an opportunity rather than a threat, telling investors this month that “AI-first services” could represent a $300 billion-$400 billion market by 2030. The debate comes as investors reassess the outlook for traditional IT services firms, with Infosys shares down over 35% this year.

There is a phenomenon where as you get older, your sense of scale becomes somewhat fixed in the earlier era that shaped you– things like expecting the Dollar Store to carry items for 1$, or to get a burger and fries for less than twenty bucks– or, in this case, thinking of supercomputers as being petaflop-scale machines. That’s not wrong, per se– most of the world’s fastest machines benchmarks are best measured in petaflops– but when you’re clocking at 2198 of the things, it becomes easier just to say that the LineShine computer can do 2.188 exaflops. At double precision. With CPUs only. Yes, we are impressed.

Even more impressive is that this machine just debuted in China, which means it was built without the benefit of the latest-and-greatest Western chips, thanks to US sanctions. It’s using a made-in-China LX2 CPU with 304 ARMv9 cores onboard. Well, it’s actually using around 46 thousand of them, but who’s counting?

Each CPU actually consists of two separate compute dies and onboard high bandwith memory (HBM) and DRAM– 4GB of HBM and 32GB of DDR5. The 152 ARMv9 CPU cores on each chip are all built with Scalable Vector Extensions (SVE) and Scalable Matrix Extensions (SME), so despite the lack of GPUs LineShine will have no problem doing the sorts of vector processing that is traditional for high-performance computing, given the 13.79 million cores.

On the other hand, the lack of GPUs shows when you change benchmarks– LineShine is number one in the rankings for High Performance Linpack (HPL), but getting outside the 64-bit box, the supercomputer only hits number four on the HPL-MxP mixed-precision benchmark, behind machines that pair their CPUs with accelerators like GPUs or NPUs. That may mollify the American ego, as while their El Capitain was bumped to second place on the HPL list, they can still claim the pole position on HPL-MxP. Which computer is actually more capable depends entirely on what you want to do with it, and neither Lawrence Livermore National Laboratory nor China’s National Supercomputing Centre in Shenzhen advertise their compute queues, though this paper suggests at least one job will be crunching earth observation data.

The definition of a supercomputer has shifted over time, and it’s only a matter of time before LineShine and El Capitain end up on the auction block, like other supercomputers before them. We might question it when it comes to desktops, but for institutional HPC, no amount of computing ever seems to be enough.

Two educators are reckoning with who is really in charge: technology or the teacher. First, a teacher notices her students are quietly forming their professional knowledge on TikTok and decides to lean in rather than fight it. Then a high school engineering teacher builds an AI grading tool so efficient that it sent feedback to students without him ever reading it, and confronts what that actually means for his role in the classroom. Together, they raise urgent questions about judgment, accountability, and what teaching is really for.

What You’ll Learn:

• Pre-service teachers are forming their professional knowledge partly through TikTok and social media reels, including content from former teachers who left the profession, raising questions about how teacher prep programs should respond.

• Evi Wusk argues that the information gleaned from social media is already shaping how future teachers think, so the more productive move is to help them engage with it critically rather than dismiss or ignore it.

• Steven Swanson built a fully automated AI grading tool that sent feedback directly to students without his review, and after a student thanked him for words he never wrote, he rebuilt the tool to put himself back in the loop.

• Swanson describes specific assignment types where AI grading adds value versus where it falls short, including the risk of missing opportunities to learn who students actually are as people.

Listen to the episode:

This Week with EdSurge is produced by the EdSurge newsroom. Subscribe to the EdSurge newsletter for the latest in education news delivered straight to your inbox.

Google is rolling out new privacy controls for Search services and Google Play, giving you more control over saved history and personalized recommendations.

In an email titled “New privacy settings for Search services,” sent to users and seen by Bleeping Computer, Google said it is “updating our settings to give you even more control over saved history and personalized recommendations across Google Search services and Google Play.”

Google noted that Search services include “Search, Maps, Shopping, Hotels, Flights, Translate, and News,” and users will see the change in their Google Account in the next few days.

The company said it will offer separate settings for saved history and personalized recommendations. However, if you have turned on the “Web & App Activity” feature, Google’s new media-saving option for Search services will also be turned on after the transition.

Until now, Google has allowed you to manage history and personalization for Google services through Web & App Activity.

For example, the Web & App Activity page allowed you to keep track of your web visits and the apps you use on your phone.

Google is now separating some of that into new controls called Search Services History and Personalized Recommendations.

“Previously, saving history and personalization were managed by Web & App Activity,” Google said in the email. “Going forward, you can better tailor your Search services experience using your new Search Services History and Personalized Recommendations settings.”

“These settings let you revisit your past searches and decide if you want your experience to be personalized,” Google added.

Going forward, Search Services History will control whether Google saves your activity from Search services to your Google Account. This can include your searches, Maps activity, Shopping searches, Flights and Hotels activity, Translate usage, News activity, and more.

Google says this will make it easier for you to revisit previous searches and continue using newer interactive Search experiences.

“As people increasingly search in new ways, like searching a photo with Lens, Search Services History now includes media from your interactions, which you can stop saving at any time,” Google noted in the email.

Google says saved media can include images, files, audio, and video from your interactions

While Google’s announcement gives you more direct controls, there is an important detail worth checking.

In the email, Google says saved media can include images, files, audio, and video from your interactions with Search services.

“Saved media includes your images, files, audio and video from your interactions with Search services to help improve your experience,” Google said.

This can include visual searches with Google Lens or audio from voice-based interactions. According to Google, this helps support interactive product experiences.

“For example, this lets you revisit your past visual searches with Lens or continue a Search Live conversation about a song you heard,” Google noted in the email. “To support these types of interactive product experiences, Google will now save your media to your Search Services History, applying robust privacy and security protections.”

However, saved media, like Search Services History, can be used to develop and improve Google services and technologies, including AI models and safety systems.

“Like your Search Services History, your saved media is also used to develop and improve Google services and technologies, including AI models and safety measures,” Google said.

Google says it applies privacy and security protections, and the company says you can turn off the Save Media subsetting at any time. You can also delete individual pieces of media from your history.

If Web & App Activity is currently turned on for your account, Google says Search Services History will be turned on after the transition, and the Save Media subsetting will also be turned on.

Google also confirmed that you can turn off the media-saving option later and “delete individual pieces of media from your history.”

Personalization is also becoming a separate control

Google is also introducing a separate Personalized Recommendations setting for Search services.

This will allow you to control whether Google personalizes your Search services experience.

In other words, Search Services History controls whether the activity is saved, while Personalized Recommendations controls whether Google uses that saved data to tailor what you see.

That separation is helpful because some people may want their history saved for convenience, but may not want Google to personalize recommendations based on it.

After the transition, Web & App Activity will be separate from Search services’ history and personalization settings. Google says changes to one setting will not affect the others.

Google Play is also getting separate Play History and Personalization in Play settings

In the same email, Google says these settings will appear even if you have never used Google Play. Like the Search settings, they can be turned on or off at any time.

“For Google Play, you’ll have new Play History and Personalization in Play settings, even if you’ve never used this service,” Google said.

Google says the new Search services and Google Play settings will reflect your most recent choices for Web & App Activity and Search Personalization settings.

“Your prior choice from Web & App Activity for how long your history is saved will also apply to Search Services History and Play History,” Google said.

So if you previously told Google to delete activity after a certain period, that choice should carry over to the new settings. You can still change the auto-delete period, manually review your history, or delete activity at any time.

This change is not necessarily bad. In fact, separating Search history, Search personalization, Google Play history, and Google Play personalization gives you more direct control than one broad Web & App Activity switch.

However, you should still check the settings once they appear in your Google Account, especially if Web & App Activity is currently turned on.

Google says users will see the change in their Google Account over the next few days.

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Meta’s controversial surveillance tool, which tracked staff’s keystrokes, mouse clicks and content to train the company’s AI models, didn’t quite work out as planned. The Model Capability Initiative, which was implemented in April and strongly opposed by staff, has been paused following an incident in which employee data became accessible to the entire company.

Over the last several weeks, more than 1,600 Meta employees, including software engineers, research scientists and designers, signed a petition calling on the company to stop collecting and repurposing employee computer data. 

“We collectively believe that empowering individuals and communities through building responsible AI includes respecting their boundaries and privacy,” the petition states. “Any approach to AI that relies on intrusive, coercive, non-consensual data collection contradicts that principle.” 

Business Insider reported that the software tracked apps and programs such as Gmail, GChat and Metamate, an employee AI assistant, as part of its data collection. The data-tracking software also captured screenshots. It’s unclear if it will be reinstated. 

Citing an internal security notice and information from three Meta employees, Wired reported that private conversations, prompts, transcriptions, and performance reviews were exposed to “anyone inside the company.” 

In a statement obtained by Wired, a Meta spokesperson said the company was investigating the incident and would stop data tracking indefinitely. 

“We have carefully designed this program with privacy safeguards, and while we have no indication at this time that any data was improperly accessed by Meta employees, we’re pausing it while we investigate,” the spokesperson said.

A representative for Meta did not respond to CNET’s request for comment. 

Employers ramp up AI use 

Meta, which is spending at least $135 billion on AI infrastructure this year, is among several major tech companies ramping up AI investment, including Amazon ($200 billion), Microsoft ($190 billion), and Alphabet ($185 billion).

Meta AI, the company’s main chatbot, is integrated into its main social media platforms such as WhatsApp, Instagram and Facebook.

According to leaked audio from an in-house company meeting on April 30, Meta CEO Mark Zuckerberg said it made sense to use his own employees to train the AI.

“The AI models learn from watching really smart people do things… The average intelligence of the people who are at this company is significantly higher than the average set of people that you can get to do tasks,” Zuckerberg said.

Rory Mir, director of open access and tech community engagement at the digital rights group Electronic Frontier Foundation, said Meta employees were right to oppose an invasive practice that raises privacy, consent, and trust concerns.

“Seeking new data for AI training is no excuse,” Mir told CNET. “Such disproportionate monitoring of workers is an abuse of power and highlights the necessity of legislation to protect worker privacy by requiring consent and due process.”

Companies are monitoring how much their employees use company AI tools in their daily work. CNBC reported in May that “almost every Fortune 500 is tracking overall AI usage” to determine whether workers are using it effectively and maximizing its potential.

It’s official: the 2026 TV Shootout is happening next month and it will include six of the top performing TVs of 2026. As usual, the Shootout event will be hosted by the good folks at Value Electronics at their headquarters on 35 Popham Road in Scarsdale, NY, starting at 9:30 AM and running as long as it takes until a new KING OF TV is crowned.

With Panasonic effectively dropping back out of the high end TV market in the United States, just three manufacturers will be represented this year: LG, Samsung and Sony. Each manufacturer will have one OLED TV and one RGB-lit LCD TV, for a total of six models.

Competitors in the OLED TV Shootout (65-inch):

• Sony BRAVIA 8, Mark II QD-OLED TV (K65XR80M2) – $3,299 (MSRP)
• Samsung S95H QD-OLED TV (QN65S95H) – $3,399 (MSRP)
• LG G6 Quad Stack W-OLED TV (OLED65G6WUA) – $3,399 (MSRP)

Competitors in the RGB-Backlit LCD TV Shootout (75-inch)

• Sony BRAVIA 9 II True RGB LCD TV (K75XR90M2) – $4,599 (MSRP)
• LG RGB95B Micro RGB Evo LCD TV (75MRGB95BUA) – $4,999 (MSRP
• Samsung R95H Micro RGB LCD TV (MRN75R95H) – $4,499 (MSRP)

As in previous competitions, all TVs will be evaluated by professional judges from within the A/V community, including tech journalists (including yours truly), trained calibrators and creative video content professionals. The evaluation will feature video clips and stills chosen to highlight specific areas of video performance including contrast, brightness, color volume, color accuracy, motion reproduction, HDR tone mapping and image uniformity. After the tests, the judges’ scorecards will be tabulated an a new “King of TV” crowned for 2026.

Consumers can use the results of the TV Shootout to select the best TV for their own liking and specific use-case. Performance in both bright and light-controlled rooms will be considered.

Event creator, Robert Zohn, says: “The arrival of Micro RGB TVs marks one of the most intriguing developments in display technology in recent years. We are eager to see how the 2026 TV lineup performs in our side-by-side comparison with all the excellent contenders this year. This is a must-see event for all who are interested in the best video displays.”

As in previous years, it “takes a village” to put the event together. It also takes a fair amount of gear. AVPro Global is supplying the latest state-of-the-art switching, distribution, and test equipment for the event. Magnetar’s UDP-900MKII flagship 4K universal disc player and Kaleidescape’s Strato K 8K-capable Media Player will be the reference sources for content. The Strato K is the company’s first player to support 4:4:4 color encoding and video bandwidth that exceeds that of UHD Blu-ray Disc.

As in previous year’s Sony Professional’s BVM-HX3110 mastering monitors will be used as the reference, against which all displays will be compared.

Portions of the event will be webcast live to reach the largest audience of A/V enthusiasts and media. After the TV Shootout is completed several of the top YouTube TV specialty channels (including our friends Stop the FOMO and Brian’s Tech Therapy) will have edited content of the TV Shootout for everyone worldwide to see the key components of the event.

The Bottom Line

While previous TV Shootouts have not been without controversy, as some TVs have not always performed as well as expected, the TV Shootout remains one of the premier TV comparison events as it pits the top performing TVs against each other and hits them with a wide range of content to reveal each of their strengths and weaknesses. The event’s results will help inform TV buyers’ choices through the remainder of the 2026 and beyond.

Related Reading:

TV Shootout 2025 Results Revealed: Meet the King of TV for 2025

TV Shootout 2025 Results Discussed with Special Guest, B The Installer (YouTube)

Darkness swallows the apartment building as the Category 5 hurricane slams the coast in Netflix’s Unhinged. The electricity goes out, the stairwell locks, and Ava soon realizes she’s sharing the space with something far more dangerous than wind and rain. Her only way to contact anyone who can help her is through the device that most people carry with them wherever they go.

A quick scan of the QR code on the TV screen connects your phone directly to the game. From that point on, your phone no longer behaves like a normal phone, but rather changes into Ava’s lifeline while navigating the game simultaneously. Just move the phone around in the air, and Ava’s in-game hands will lock on with precision. It’s just as simple to sweep the virtual flashlight beam across a dark room or whatever just tilting the phone in your palm. You can even reach into a drawer or pick up something that has fallen over by making the same gesture you would in real life. The way the game tracks even the simplest motions just makes them part of the survival attempt.

Google Pixel 10a – 30+ Hours Battery, Camera Coach, Gemini – Obsidian 128GB

• Google Pixel 10a is a durable, everyday phone with more[1]; snap brilliant photography on a simple, powerful camera, get 30+ hours out of a full…
• Unlocked Android phone gives you the flexibility to change carriers and choose your own data plan; it works with Google Fi, Verizon, T-Mobile, AT&T…
• Pixel 10a is sleek and durable, with a super smooth finish, scratch-resistant Corning Gorilla Glass 7i display, and IP68 water and dust protection[4]

Ava’s story centered around one particularly traumatic night spent locked inside a building. As the game’s principal character, Zoë Kravitz’s voice conveys Ava’s fragility and determination as she navigates storm devastation and an unknown menace. Sadie Sink plays Claire, a friend who can see into Ava’s apartment from her own window and offers advice via phone calls and messages. Troy Baker plays Ben, the building superintendent, who adds to the danger by being present but is unclear about his motivations.

The game was developed by Night School Studio, the same team that created the Oxenfree series. They specialize in tight, character-based horror that moves at a speed that seems like an intense discussion or a story that is so captivating that you can’t help but want to keep listening. They took that approach with Unhinged, which keeps the overall experience limited while still allowing for exploration of new paths on subsequent visits.

Two game modes are available to control the tension in the game. Story Mode allows you to relax without any strain. There is no timer, and Ava cannot die because the performances, ambiance, and twists make what is effectively a blackout feel much more intense. Standard Mode raises the stakes, with a diminishing timer bar in critical moments. You must find and interact with the correct object before time runs out, or the scenario will reset to where you last left off. Both modes are approximately thirty to forty minutes long, similar to a single episode of a television show.

Netflix created Unhinged for those who already have the app installed on their phones and televisions. There is no need for any additional hardware, such as a controller, or a lengthy setup process to get started. The design introduces this sort of horror to those who enjoy the genre on television but rarely devote the time to play a regular game. It also provides a quick fix for genre aficionados who want to squeeze in a short, intensive session between other commitments – all without breaking a sweat. The game will become available to all Netflix subscribers on June 30.
[Source]

Security

CVE-2026-20230 under exploitation, while an earlier SD-WAN 0-day looks even worse than we thought

It’s looking like another tough week (month? year?) for Switchzilla amid reports of new serious vulnerabilities under attack.

First up is a server-side request forgery bug in its Unified Communications Manager tracked as CVE-2026-20230.

Cisco disclosed and patched this flaw in early June. The comms control platform doesn’t properly validate some HTTP requests, and an attacker could exploit this bug to gain root privileges on a compromised device.

At the time, Cisco said that a proof-of-concept exploit was available – and now it seems unknown miscreants are putting that exploit code to use, with threat intel company Defused warning that it observed miscreants exploiting CVE-2026-20230 over the weekend.

“The observed chain abuses the WebDialer SSRF to deploy a rogue Apache Axis service, uses that service to write a first-stage JSP file-writer, then drops a second-stage command-execution shell under /platform-services/axis2-web/,” the firm noted on LinkedIn.

Cisco Catalyst SD-WAN zero day

Then, a Mandiant advisory on Wednesday warned that a Cisco SD-WAN zero-day tracked as CVE-2026-20245 was exploited much earlier than initially disclosed, including at a communications service provider where the attacker elevated a compromised admin account to full root-level access.

While the Google-owned threat hunting biz said it can’t assess the full scope of the intruders’ post-compromise activity, this SD-WAN device compromise could have been dire, potentially giving the attacker total visibility across an entire corporation’s internet traffic. This is what makes SD-WAN zero-days such a hot target for government-sponsored spies looking to set up shop for long-term snooping activities. 

It also explains the rash of attackers battering Cisco SD-WAN devices since the start of the year.

Cisco had issued an advisory for CVE-2026-20245 in early June, admitting that attackers had a head start on abusing this security hole. “In June 2026, the Cisco PSIRT became aware of exploitation of this vulnerability,” the vendor said at the time. 

In a Wednesday report, however, Google’s Mandiant incident response and consulting biz reported that exploitation of this bug – Cisco’s sixth SD-WAN vulnerability listed as under attack since the start of the year, and the second zero-day in two months – began much earlier.

“In early 2026, Mandiant identified a threat actor targeting SD-WAN infrastructure at a service provider,” Mandiant threat hunters Chester Sng, Pete Boonyakarn, and Logeswaran Nadarajan wrote. “After gaining initial access, the threat actor exploited a zero-day vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN to escalate privileges from a compromised administrative account to root-level access.”

The attacker gained initial access via an unauthorized peering connection, abusing the SD-WAN fabric to authenticate between network components and facilitate Secure Shell (SSH) access. In this case, they authenticated to the SD-WAN manager device via SSH using the vmanage-admin account on the same victim devices.

Then, they changed the default password on the admin account,  authenticated directly to the SD-WAN Manager web application interface using the admin account, and exfiltrated SD-WAN fabric configurations.

Likely in an effort to cover their tracks and not get caught, the attacker changed the password of the admin account back to its original one before terminating their active session. 

Neither the vmanage-admin nor the admin accounts on Cisco Catalyst SD-WAN controllers possess root shell access, however. To gain root access, the attacker exploited CVE-2026-20245, which allows an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the vulnerable system.

The attacker uploaded a file named evil_tenant.csv that contained the exploit payload. Upon execution, the digital intruder created a user account named troot with full root privileges. Mandiant says it later observed the miscreant accessing this new troot account from the admin account using the substitute user command.

The Register reached out to Cisco about the reported exploitation of CVE-2026-20230, and Mandiant’s investigation into CVE-2026-20245. The company pointed us to its June advisory on the latter matter, and is working on response to our first question. ®