Microsoft released an emergency patch for its ASP.NET Core to fix a high-severity vulnerability that allows unauthenticated attackers to gain SYSTEM privileges on devices that use the Web development framework to run Linux or macOS apps.

The software maker said Tuesday evening that the vulnerability, tracked as CVE-2026-40372, affects versions 10.0.0 through 10.0.6 of the Microsoft.AspNetCore.DataProtection NuGet, a package that’s part of the framework. The critical flaw stems from a faulty verification of cryptographic signatures. It can be exploited to allow unauthenticated attackers to forge authentication payloads during the HMAC validation process, which is used to verify the integrity and authenticity of data exchanged between a client and a server.

Beware: Forged credentials survive patching

During the time users ran a vulnerable version of the package, they were left open to an attack that would allow unauthenticated people to gain sensitive SYSTEM privileges that would allow full compromise of the underlying machine. Even after the vulnerability is patched, devices may still be compromised if authentication credentials created by a threat actor aren’t purged.

“If an attacker used forged payloads to authenticate as a privileged user during the vulnerable window, they may have induced the application to issue legitimately-signed tokens (session refresh, API key, password reset link, etc.) to themselves,” Microsoft said. “Those tokens remain valid after upgrading to 10.0.7 unless the DataProtection key ring is rotated.”

Microsoft describes ASP.NET Core as a “high-performance” web development framework for writing .Net apps that run on Windows, macOS, Linux, and Docker. The open-source package is “designed to allow runtime components, APIs, compilers, and languages [to] evolve quickly, while still providing a stable and supported platform to keep apps running.”

Sleeping through a phone call is annoying. Sleeping through a fire alarm is a whole different level of bad. So this new smart pillow idea feels a lot more useful than gimmicky. Researchers at Nottingham Trent University have developed a smart pillow sleeve designed to help deaf users wake up to important nighttime alerts.

Unlike a typical smart pillow, the team developed a smart sleeve that is designed to fit over a standard pillow. It slips inside a normal pillowcase, and vibrates when connected alarms or calls come through.

What problem does it solve?

The project came out of feedback from members of the Deaf community, who told the researchers that existing under-pillow alert devices are often too bulky and uncomfortable to sleep on. In response, the team built a much thinner electronic textile sleeve with four tiny haptic actuators embedded into a yarn-like structure.

Each actuator measures just 3.4mm by 12.7mm, and the electronics are small enough that users are not supposed to feel them while seeping. So the safety product is both handy and comfortable to use.

How it can even save lives

The sleeve connects to a smartphone through a microcontroller, and that setup can then link wirelessly to household alarms. When something goes off, the pillow vibrates intensely enough to wake the user, with distinct patterns used to signal different kinds of alerts. This means a user with a hearing impairment can be alerted of a fire alarm, a burglar alarm, or even an incoming phone call.

This extra layer basically makes the feature thoughtful. The goal here is to wake up someone and also give them enough information to know why they are being woken up in the first place.

The researchers say the yarn used in the sleeve has already passed durability testing, including multiple washing cycles, which suggests they are treating this as a real product concept rather than a lab-only demo. The work was presented at the ACM CHI conference in Barcelona, and the team is now looking for an industrial partner to help bring it to market. Tech Xplore also quotes supervisor Theo Hughes-Riley calling it a significant step toward more inclusive emergency alert systems for deaf and deaf-blind individuals.

Apple has owned the compact premium tablet segment for years, but there’s a new contender in the market that runs on Android and takes on the iPad mini for everything it stands for. 

Unveiled alongside the Find X9 Ultra, the Oppo Pad Mini comes with an 8.8-inch 2.5K OLED panel (2520 x 1680 pixels) in a 3:2 aspect ratio. This is the same, near-square aspect ratio that makes the iPad mini ideal for reading, note-taking, consuming content, and other productive workflows.  

What makes the Oppo Pad Mini worth comparing to the iPad mini?

The tablet’s bezels are remarkably thin at 2.99 mm, and the screen can achieve up to 1,600 nits of peak brightness with a variable refresh rate between 60 and 144 Hz. There’s an optional matte version of the tablet that mimics a paper-like surface, something that the iPad mini doesn’t offer.

Where Apple puts an A17 Pro inside its mini, the Oppo Pad Mini comes with a Snapdragon 8 Gen 5 (3nm) chipset paired with up to 12GB of LPDDR5X RAM and 512GB of UFS 4.1 storage, which, in my opinion, is a capable combination. 

For those wondering, the Snapdragon chip provides better multi-core performance, but its single-core performance matches that of the A17 Pro. In addition, the type of memory and storage should make the Oppo tablet feel more responsive and snappy. 

How does it hold up in terms of portability and battery?

At just 5.39mm thick and weighing 279 grams, the Oppo Pad Mini is designed for portability, to the extent that it can fit in relatively larger pockets and small bags. The iPad mini, by comparison, weighs 293 grams and measures 6.3mm. 

The 8,000 mAh battery supports 67W wired charging (full charge in around an hour), something that the iPad mini lacks. Pricing starts at CNY 3,199, which is around $470 for the baseline variant with 8GB of RAM and 256GB of storage, rising to around $590 for the variant with 12GB of RAM and 512GB of storage. 

While the sales for the iPad mini alternative commence on April 24, 2026, it won’t be available in the United States, at least for now. To me, Oppo’s entry into the premium small-screen tablet segment signals that Android OEMs are taking the category seriously. 

For now, the Oppo Pad Mini isn’t a direct competitor to the iPad mini, primarily because it isn’t available in the United States. However, if and when the product arrives in the region, it could easily take up a good chunk of iPad mini’s sales, providing Android users with a top-notch experience in a smaller form factor without paying a hefty price.

Pointing squarely at AMD’s Ryzen range, Intel’s next-generation desktop CPU lineup has leaked, with the Nova Lake-S architecture set to arrive with up to 288MB of L3 cache across a range expected to carry the Core Ultra 400 branding.

That cache figure dwarfs the 36MB found in Intel’s current flagship Core Ultra 9 285K, and comfortably exceeds the 96MB and 192MB L3 totals found in AMD’s Ryzen 7 9850X3D and Ryzen 9 9950X3D, respectively.

The leak originates from X user Jaykihn, an established source of CPU specification information, who confirmed that the flagship Nova Lake-S chip will carry 16 P-Cores, 32 E-Cores, and four LPE-Cores alongside the 288MB L3 cache figure, with LPE-Cores representing a new low-power efficiency core tier introduced specifically with this architecture.

Summary: Mozilla released Firefox 150 with fixes for 271 security vulnerabilities identified by Anthropic’s Claude Mythos Preview, an unreleased frontier AI model distributed under the restricted Project Glasswing programme. The collaboration began with Claude Opus 4.6 finding 22 bugs in Firefox 148 earlier this year; Mythos produced more than twelve times as many. Firefox CTO Bobby Holley said the defects are “finite” and that defenders can “finally find them all,” while the UK AI Security Institute confirmed Mythos can also execute autonomous multi-stage network attacks, making the dual-use tension the central policy question.

Mozilla released Firefox 150 on Monday with fixes for 271 security vulnerabilities identified by Anthropic’s Claude Mythos Preview, an unreleased frontier AI model restricted to a handful of organisations under Project Glasswing. The number is striking not because the bugs were exotic but because they were not. “We haven’t seen any bugs that couldn’t have been found by an elite human researcher,” Mozilla said in a blog post titled “The zero-days are numbered.” The point is that no human team could have found 271 of them this fast.

The collaboration between Mozilla and Anthropic began earlier this year with a more modest effort. Starting in February, Firefox’s security team used Claude Opus 4.6 to scan nearly 6,000 C++ files across the browser’s codebase. That pass produced 112 unique reports, of which 22 were confirmed as security-sensitive bugs and shipped as fixes in Firefox 148. Fourteen were classified as high severity, representing almost a fifth of all high-severity Firefox vulnerabilities remediated in 2025. The Mythos evaluation, which followed as part of the continued partnership, produced more than twelve times as many confirmed vulnerabilities. Bobby Holley, Firefox’s chief technology officer, described the experience as giving the team “vertigo.”

What Mythos is, and who gets to use it

Claude Mythos Preview is the model at the centre of Anthropic’s restricted Mythos model programme, Project Glasswing, announced on 7 April. It is a general-purpose frontier model, not a security-specific tool, but its coding capabilities have crossed a threshold that Anthropic considers significant enough to warrant controlled distribution. The UK’s AI Security Institute evaluated the model and found it capable of executing multi-stage network attacks autonomously, completing a 32-step corporate network attack simulation called “The Last Ones” in three out of ten attempts. It can chain multiple small vulnerabilities into a single devastating attack, reconstruct source code from deployed software to find exploitable weaknesses, and build custom tools for lateral movement and data extraction once inside a network.

Access is restricted to 12 named launch partners, including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks, with roughly 40 additional organisations granted access for defensive security work. Anthropic committed up to $100 million in usage credits and $4 million in direct donations to open-source security organisations, including $2.5 million to Alpha-Omega and OpenSSF through the Linux Foundation and $1.5 million to the Apache Software Foundation. The model is available to Glasswing participants at $25 per million input tokens and $125 per million output tokens through the Claude API, Amazon Bedrock, Google Cloud’s Vertex AI, and Microsoft Foundry.

The restricted rollout has already been tested. On the same day Anthropic announced Glasswing, a group of unauthorised users gained access to Mythos Preview by guessing the model’s URL through a third-party vendor environment, an incident Anthropic said it is investigating.

The defender’s argument

Holley framed the 271 vulnerabilities not as an indictment of Firefox’s code quality but as evidence that the security landscape is shifting in favour of defenders for the first time. “A gap between machine-discoverable and human-discoverable bugs favors the attacker, who can concentrate many months of costly human effort to find a single bug,” he wrote. “Closing this gap erodes the attacker’s long-term advantage by making all discoveries cheap.”

The logic is straightforward. A zero-day vulnerability is valuable to an attacker precisely because it is unknown. If a defender can find and patch the same bug before an attacker discovers it, the bug has no offensive value. The cost asymmetry has historically favoured attackers: a browser like Firefox has millions of lines of code, and a single undiscovered flaw in any of them is enough for exploitation. An elite human security researcher might spend weeks or months finding one such flaw. A model like Mythos can scan the entire codebase in a fraction of that time. Mozilla’s thesis is that this changes the economics permanently. “Software like Firefox is designed in a modular way for humans to be able to reason about its correctness,” the blog post stated. “It is complex, but not arbitrarily complex. The defects are finite, and we are entering a world where we can finally find them all.”

The claim is bold and deliberately so. Mozilla is arguing that the age of zero-day vulnerabilities in well-structured software has an expiration date, not because attackers will stop looking, but because defenders will get there first.

The numbers in context

The 271 figure requires some unpacking. Mozilla’s official security advisory for Firefox 150, MFSA 2026-30, lists 41 CVE entries, three of which are standard memory-safety roll-ups that aggregate multiple individual bugs under a single identifier. The 271 number represents the total count of discrete code defects identified by Mythos during its evaluation, many of which were grouped into those CVE bundles. The distinction matters because the headline number and the formal advisory number measure different things: one measures what the AI found, the other measures how much AI-generated code actually ships through the industry’s standard vulnerability disclosure process.

The most dangerous flaws include use-after-free vulnerabilities in the DOM and WebRTC components, the kinds of memory safety bugs that have been the bread and butter of browser exploitation for two decades. These are not novel attack surfaces. They are the same categories of bugs that Google’s Project Zero has been finding across browsers since 2014. Google’s own AI vulnerability research programme, Big Sleep, a collaboration between Project Zero and DeepMind, found a zero-day in SQLite in October 2024 and has since expanded to discover multiple flaws in widely used software. The difference with Mozilla’s effort is scale: 271 bugs in a single evaluation pass, patched before release, across a codebase that has accumulated technical debt over more than two decades.

The dual-use problem

The UK AI Security Institute’s evaluation of Mythos Preview confirmed what the Mozilla results imply from the other direction: the same capabilities that make the model effective at finding vulnerabilities make it effective at exploiting them. The model became the first AI to complete “The Last Ones,” a benchmark designed to simulate a full corporate network compromise. It succeeded in three out of ten attempts, averaging 22 of 32 steps across all runs. Independent testing confirmed that Mythos cannot reliably execute autonomous attacks against organisations with well-hardened defences, but the trajectory is clear. Each generation of frontier model has performed better on offensive security benchmarks than the last.

This is the tension that Project Glasswing is designed to manage. By restricting Mythos to vetted organisations with defensive mandates, Anthropic is attempting to give defenders a structural head start, a window in which the good actors can scan and patch before the capabilities proliferate. The strategy depends on the restriction holding. The vendor breach on launch day suggests that containment is harder than access control. Anthropic has also identified thousands of zero-day vulnerabilities across every major operating system and every major web browser using Mythos, findings it is disclosing to the affected vendors through Glasswing.

Anthropic’s expanding enterprise footprint, from legal contract review in Microsoft Word to cybersecurity through Glasswing, reflects a company that is monetising Claude across every professional vertical where accuracy matters. The Mozilla partnership is the most dramatic demonstration yet, not because the model did something no human could do, but because it did what only a handful of humans can do, and did it 271 times in a single pass.

Holley’s conclusion captures both the promise and the vertigo: “Our work isn’t finished, but we’ve turned the corner and can glimpse a future much better than just keeping up. Defenders finally have a chance to win, decisively.” Whether that future arrives depends on whether the models that find the bugs remain in the hands of the people who fix them, or whether the capabilities leak faster than the patches ship. For now, Firefox 150 has 271 fewer ways to be broken. That is not a small thing. The question is how long that advantage lasts when the tool that found them is commanding extraordinary valuations precisely because of what it can do.

from the vibe-code-your-social-experience dept

Disclaimer: This post talks about Bluesky and an offering from Bluesky and I am on the Bluesky board. Take everything I say with whatever size grains of salt you feel is appropriate.

I’ve written a few times now about how I think that AI tools, used carefully and thoughtfully, represent our best chance at taking back control over the open web. I know this is not a popular opinion with many Techdirt readers, but I’m hoping some of you will read through this to try to understand and engage with the points I’m making here. I truly do believe that if used well and appropriately, these tools can serve to put power back into the hands of users, rather than giant centralized companies who are more interested in exploiting your attention.

Over the last few weeks I’ve been playing around with an AI-powered tool that Bluesky has released (much to the chagrin of many users) to a relatively small group of early beta testers. I think the negative reaction to the product announcement is understandable, given the general distrust of all AI tools, but it’s really worth examining what this tool is and what it can enable, including really empowering people to take back control over their own social experience. It literally gives you a path to routing around Bluesky’s own design features if you don’t like them.

Yes, a lot of AI is overhyped garbage being shoved at people who don’t want it — but that doesn’t mean the underlying tools can’t be useful when applied carefully by those who choose to use the tools appropriately.

It means not outsourcing your brain to the tool, but rather using it the way any skilled person automates some aspect of work that they do. I’ve sanded and restained the floors of my house, and while I could have done the whole thing by hand with a stack of sandpaper, it was helpful to rent a floor sander from a local hardware store, learn how to use it properly, and then use it so that I could finish the job in a day rather than weeks. I view AI tools the same way. If you learn how to use them properly, as an assistive tool rather than a replacement for your brain, they can help you accomplish useful things.

Let me give an example: a couple of weeks ago, law professor Blake Reid wrote a short thread on Bluesky about how he needed to take a break from social media, because he worried that it was eating up too much of his time and he was better off just stopping cold turkey, to avoid getting sucked into unproductive discussions that push him to (as he put it) “get over my skis” in engaging in conversations where he’s tempted to weigh in despite not having much expertise (a common thing on social media). It’s a worthwhile thread.

But in that thread he mentioned that he was hopeful that maybe some day technology itself could help him use social media in a healthier way, to dial back how much time he spent on it, and get him focused on the more productive and useful discussions (which he admits also happen regularly on Bluesky).

What was amusing to me was that the only reason I saw that post by Reid was because I’ve been beta testing a new tool that… kinda does that. When he wrote that thread, I was actually on vacation, hiking in the National Parks in Utah, and mostly offline. But in the evenings, I would check in, and rather than sorting through everything I missed on social media that day, I had a tool just show me things that I would find useful that I might have missed.

But using an AI tool, I had built an entirely personalized news aggregator, which had access to my Bluesky account, Techdirt’s RSS feed, and the knowledge that I had been out all day and wanted not just a summary of what news might be interesting to me as the editor of Techdirt, but also what people on Bluesky were saying about it. Here’s a screenshot of what my first attempt at this looks like:

The tool that let me do this is an advanced version of Attie, which I also recognize is extremely controversial among users on Bluesky, many of whom vocally have expressed their hatred of the very idea of it when it was announced last month. But, my main interest is in figuring out to empower users who want to take control over their own social experience, and this seems like a clear example of that. I’ll note that this version of Attie has not yet rolled out to most of the beta testers (I believe some have access to it — but this is one small benefit of being on the board).

Honestly, I think the way Bluesky announced Attie may have done it an injustice, positioning it as a kind of AI-powered feed generator. There are multiple other feed generator tools for Bluesky out there, many of which are really fantastic. For a while now I’ve used both Graze.social and Surf.social to make AI-powered feeds (which never seemed to generate much controversy).

But generating feeds alone isn’t all that interesting. With the more advanced version of Attie, I can take much more control over my entire social experience. The fact that with a single prompt I could build that personalized aggregator (based not just on my own feed, but Techdirt’s RSS) is something more powerful, including the fact that the tool knows to summarize a whole days’ worth of posts, because I’m trying to see in a glance if there’s anything relevant for Techdirt and I’d been offline the entire day.

Rather than just letting a single company (in this case Bluesky) define my entire experience for me, I can vibe-code my social experience. I can tell it not just the types of content I want to see, but how I want to see it. And for what reason. And how much (or how little) content to show me. And with what context around it. It’s all based on what I expressly want. Not what any company thinks I want.

And I keep experimenting with other versions of this as well. In one test, I had it also try to summarize stories and tell me why it thought I’d find them useful for Techdirt:

In this case it not only found a story that is interesting to me, but it suggested multiple sources for me to read about it, even noting (for example) that Professor Eric Goldman’s blog post is “the definitive blog post” for my coverage (it’s not wrong).

I go back to the piece I wrote a little while back about the kind of learned helplessness of social media users. We’ve had two decades of billionaires deciding exactly how they wanted to intermediate your social experience. How your feed looks. What kind of algorithm you’ll see. What sorts of content will be put in your feed. They got to focus on engagement maxxing. You just had to deal with it.

In such a world, the only thing users felt they could do in response was to yell. They could yell at the CEOs of these platforms. Or at the government, telling them to yell at the CEOs of these platforms.

But with an AI tool that explores an open social ecosystem, you don’t need to yell at a CEO or a regulator. You can just tell the tool what you want, what you don’t want, how you want (or don’t want) to see it, and what context would be useful. It puts you in control.

And yes, sometimes it makes mistakes. It can recommend a story I’m not interested in. But, then I can just tell it that such and such story isn’t useful and why… and it will update the system for me.

Once again, I understand that some people hate any and all uses of AI. And I’m not suggesting you have to run out and use the tools yourself. You do you. But showing concrete use cases where these tools actually deliver more user agency — more control over your online environment, rather than deferring to the whims of any particular company — matters.

The larger point here isn’t really about Attie specifically (indeed, anyone could build their own version of this thanks to open protocols). It’s that for two decades, users have been trained to believe their only options are to accept whatever a platform gives them, or yell loudly enough that someone powerful might change it. That’s the learned helplessness I wrote about earlier, and it’s corrosive.

Tools like this — built on open protocols, not locked inside a corporate walled garden — represent a different path. One where you don’t petition a billionaire for a better feed algorithm. You don’t petition the government to try to put time limits on social media. You just build the experience you want. You tell it to make you a better interface that matches what you want. You tell it you don’t want to spend that much time. That’s what “protocols, not platforms” actually looks like in practice, helped along by agentic tools, and it’s why I think this matters well beyond whether any particular AI tool is good or not.

Filed Under: ai, attie, custmization, decentralization, vibe coding

Companies: bluesky