Claude Guillemot, one of five brothers who co-founded Ubisoft in 1986, has died in a plane crash near the coastal town of La Baule in western France. He was 69. Guillemot and a flight instructor from Rennes were both killed when their twin-engine Cessna 421 crashed in a field near La Baule aerodrome on the afternoon of 19 June.

French authorities confirmed that the aircraft was on fire when emergency crews reached the scene. Guillemot, a member of a local flying club, had departed Rennes and was travelling to an aviation gathering that was expected to draw more than 100 aircraft to the area. The cause of the crash has not been determined, and an investigation is underway.

Ubisoft confirmed the death in a statement, saying the company was “deeply saddened to learn of the death of Claude Guillemot.” The five Guillemot brothers, Claude, Yves, Michel, Christian, and Gérard, founded Ubisoft on 28 March 1986 in the Brittany village of Carentoir. What began as a software distribution business grew into one of the largest video game publishers in the world, behind franchises including Assassin’s Creed, Far Cry, Just Dance, and the Tom Clancy series.

Claude served as Executive Vice President in charge of operations at Ubisoft and sat on the company’s board of directors. His brother Yves remains chairman and chief executive of Ubisoft, which employs roughly 19,000 people across more than 40 studios worldwide.

Outside Ubisoft, Claude was chairman and CEO of Guillemot Corporation, the family’s publicly traded holding company that owns Thrustmaster, a major manufacturer of gaming peripherals including racing wheels, flight sticks, and controllers, and Hercules, which makes audio and DJ equipment. Guillemot Corp reported revenue of €197.7 million in its most recent fiscal year.

The Guillemot family’s grip on Ubisoft has been a recurring topic in the gaming industry. Despite holding roughly 11% of outstanding shares, the family maintains control through France’s Florange Act, which grants double voting rights to long-term shareholders. In 2022, Tencent, the Chinese conglomerate that has aggressively expanded its gaming portfolio, invested approximately €300 million in Guillemot Brothers Limited, the family’s private holding company, acquiring a 49.9% economic stake while receiving only 5% of voting rights.

That deal was widely interpreted as a defensive move, allowing the Guillemots to maintain control of Ubisoft while keeping Tencent’s influence capped. Tencent also holds a direct stake of approximately 9.46% in Ubisoft and invested €1.16 billion in Vantage Studios, a new Ubisoft subsidiary created in 2025 to manage the company’s biggest franchises. The question of whether Tencent and the Guillemot family would eventually pursue a full buyout has lingered for years, with no deal materialising as of June 2026.

Ubisoft has faced significant headwinds in recent years, including studio closures, layoffs affecting hundreds of employees, and a corporate restructuring that split the company into five creative divisions. The successful launch of Assassin’s Creed, a franchise that has expanded beyond games into film and television, helped stabilise the company after a difficult 2024, with Assassin’s Creed Shadows surpassing five million players within four months of its March 2025 release.

Claude Guillemot’s death comes at a particularly complex moment for the family business he helped build. Ubisoft is navigating activist investor pressure, an ongoing strategic partnership with Tencent, and a broader gaming industry contraction that has seen tens of thousands of jobs eliminated across the sector since 2023.

He is survived by his brothers and his family. French media reported that tributes from the gaming industry and the Brittany business community began arriving within hours of the announcement.

Asked about the privacy implications of chatbots like ChatGPT and Claude, Signal President Meredith Whittaker answered, “These are not your friends. These are not conscious beings. These are not sentient interlocutors.”

Whittaker made those comments in a broader interview with Bloomberg about policy, privacy, and Signal. She acknowledged that she uses AI tools “to format a document here and there,” but insisted, “I don’t ask them questions. I’m very serious about my thinking and writing, and I don’t want the process of working through an idea […] to be foreclosed or eclipsed by the response of a system that’s averaging what’s already out there.”

As for Microsoft AI CEO Mustafa Suleyman’s prediction that users could let Microsoft Copilot handle all their Christmas shopping this year, Whittaker argued this scenario — where Copilot is eavesdropping on the family group chat to determine who wants want — means giving it “access to my credit card, my browser, my Signal, the ability to message my siblings on my behalf, my home address [and] my calendar.”

“What you’ve just described is a system with very pervasive access across multiple applications and services,” Whittaker said. “In the context of Signal, it would constitute a kind of a backdoor.”

Movie studios keep hunting for ways to make a trip to the theater feel essential again. Sony Pictures landed on one clear path with its next Spider-Man film. The studio worked directly with CJ 4DPLEX to present Spider-Man: Brand New Day in SCREENX, a format built to spread the action beyond the front screen and across the side walls of specially equipped auditoriums.

Audiences who choose this version enter rooms where specific scenes continue to play out on the walls next to them. The primary story remains front and center on the enormous screen in front, but there are supplementary shots playing out to the left and right. The combination of the two produces a very broad, all-encompassing perspective that immerses you in the action rather than making you a distant spectator.

Sale

Anker Nebula P1i Portable Projector with WiFi and Bluetooth by soundcore, Flippable Design,1080P FHD, 4K…

• Flippable Audio Magic: Rotate the 20W (2 x 10W) Dolby Audio speakers 90° side to side or 200° up and down for sound that follows your vibe, perfect…
• True Brightness, Real Clarity: Enjoy lifelike details with TÜV‑certified 380 ANSI lumens and 1080p Full HD resolution that make every movie night…
• Designed for Consistent Viewing: All‑glass lenses and fully sealed optical engine resist dust and wear, keeping every frame crisp and clear even…

SCREENX is powered by a multi-projection system, with one projector handling the main screen and additional ones dealing with the side walls. The photos are all aligned using smart techniques like as warping correction and edge blending, resulting in a seamless image despite the fact that the walls are at an angle to the main surface. There are no special glasses required, which is a plus. The extra content is kept under control since it only appears at specified points in the film, rather than running throughout.

SCREENX has been widely used by filmmakers since it first appeared in films rather than only advertisements a few years ago. The amount of extra content on the side walls has been progressively expanding. Some films may only open the walls for a few twenty or thirty minute portions, but newer films can keep them open for an hour or more. Extra material is typically created from existing film or digital elements added later in the editing process.

However, Spider-Man: Brand New Day takes a different approach to the situation. CJ 4DPLEX despatched a crew to the set while the main crew was filming. That team took specialized photographs for the side walls, and this is the first time the format has had unique on-set photography generated particularly for it from the start of a major studio film until its release. Director Destin Daniel Cretton puts it simply: CJ 4DPLEX and their team came in to shoot content for the SCREENX auditoriums.

Jun Bang, the CEO of CJ 4DPLEX, described it as an advancement of the overall SCREENX concept. They collaborated closely with Sony Pictures and Cretton, utilizing their proprietary tools to greatly expand the visual possibilities. The goal was to ensure that they preserved the director’s vision while also immersing the audience in the story, action, and Spider-Man world.

It should come as no surprise that Taylor Swift, Bad Bunny, Ariana Grande, and Kendrick Lamar are among the top 20 most streamed artists of all time on Apple Music. Check out the full list.

Apple Music launched on June 30, 2015, and it celebrated 10 years of streaming with a top 500 songs list. A year on, the streamer has shared a new metric.

The new chart is the top 20 artists of all time on Apple Music, shared by Chart Data on social media. It’s an official endorsement, as Apple Music’s account reposted it and replied with a heart and trophy emoji.

It isn’t clear what prompted the post, but we are in proximity to Apple Music’s birthday, so it may simply be that. If you don’t live under the proverbial rock, none of these artists should come at any surprise.

1. Drake
2. Taylor Swift
3. Future
4. Youngboy Never Broke Again
5. Bad Bunny
6. Lil Baby
7. The Weeknd
8. Morgan Wallen
9. Kanye West
10. Post Malone
11. Travis Scott
12. Ariana Grande
13. Chris Brown
14. Kendrick Lamar
15. Lil Durk
16. Gunna
17. Rod Wave
18. Ed Sheeran
19. Justin Bieber
20. Eminem

Apple isn’t promoting the list on Apple Music, at least not yet anyway. If you’re interested in the top 500 song playlist, it’s still available.

Out of the twenty artists present, I have six in my library. Unsurprisingly, the vast majority of music represented here is in the rap or pop genres.

If you’d like to see something a little more personalized, there’s your Apple Music Replay. Unlike Spotify Wrapped, it is updated monthly, so your 2026 Replay is already available.

The Sonos Era 100 SL is a wireless speaker that features nearly all the strengths of 2023’s original Sonos Era 100, but at a cheaper price. While it isn’t a surprise that there have been some trade-offs to get that cost down, I doubt they’ll be a dealbreaker for most people.

Sonically speaking, there aren’t many sacrifices at all. In the mid-range, the Era 100 SL is capable of impressive detail. When I played I Want You by Moloko, I was impressed by how well its funky guitar noises, strings and acidy synth line cut through the mix, without interfering with the wonderfully polished vocals.

ecoustics is a hi-fi and music magazine offering product reviews, podcasts, news and advice for aspiring audiophiles, home theater enthusiasts and headphone hipsters. Read more →

Copyright © 1999-2026 ecoustics | Disclaimer: We may earn a commission when you buy through links on our site.

Launcher V2 will go through a private beta before a public release.

Two AI tools broke in the same way in the same two weeks, and four research teams proved it. The pattern underneath every disclosure is one sentence: enterprise AI accepts external input with no trust boundary.

On June 15, Varonis disclosed SearchLeak (CVE-2026-42824), a proof-of-concept exfiltration chain in Microsoft 365 Copilot Enterprise Search. A victim clicks a crafted microsoft.com URL, Copilot searches their mailbox, and the data leaves through a Bing SSRF. No plugins, no second click, no visible indicator. Four days earlier, Obsidian Security published a three-CVE chain against LiteLLM that carried a default low-privilege user all the way to admin and remote code execution. Two tools. Two teams. One broken boundary.

The five-check audit at the end of this article maps each gap to a CVE or a market signal from June, a command you can run before lunch, and a sentence a CISO can read to the board.

Copilot turned a trusted URL into an exfiltration engine

SearchLeak chained three weaknesses into a silent data-theft chain. The URL q parameter fed attacker instructions straight to Copilot’s LLM. A rendering race condition fired an image tag before the output sanitizer ran. Bing’s image-search endpoint, allowlisted in the Content Security Policy, routed the stolen data out. Microsoft rated the flaw critical and patched it on the back end, according to Varonis. NVD has not yet scored it; a third-party tracker lists it at 6.5 medium. The severity is contested, but the mechanism is not.

The escalation is the real story. This is the third Varonis Copilot exfiltration chain in twelve months, after Reprompt in January and EchoLeak in 2025. Reprompt hit Copilot Personal. SearchLeak hit Enterprise Search. Enterprise inherits the user’s full organizational permissions, so the blast radius is everything that a user can reach.

LiteLLM handed a default account to every provider key

The LiteLLM gateway holds the keys for OpenAI, Anthropic, Azure, and Bedrock behind a single proxy. The Obsidian chain runs in three moves. CVE-2026-47101, an authorization bypass, lets a non-admin mint a wildcard API key. CVE-2026-47102 promotes that caller to proxy admin through an unguarded /user/update endpoint. CVE-2026-40217 escapes the code sandbox through exec() with full builtins. Obsidian then demonstrated a reverse shell by injecting a forged tool-call response through LiteLLM’s callback mechanism. Obsidian assessed the combined chain at CVSS 9.9. The developer typed one word. The attacker popped a shell.

A separate LiteLLM flaw made the urgency immediate. CVE-2026-42271, a command-injection bug in the MCP test endpoints, landed on the CISA KEV list on June 8 with a June 22 remediation deadline. That KEV entry is not the Obsidian chain. The two are distinct disclosures four days apart, fixed in different releases, pointed at the same gateway. LiteLLM carries more than 40,000 GitHub stars and sits in thousands of enterprise deployments. This is not the first scare, either. A supply-chain compromise backdoored LiteLLM versions 1.82.7 and 1.82.8 on PyPI in March. A compromised gateway exposes every provider credential the organization holds.

Langflow and Mini Shai-Hulud proved the pattern scales

The same boundary broke in two more tools in the same fortnight. Langflow CVE-2026-5027 became the third Langflow remote-code-execution flaw to hit active exploitation this year. A path traversal in file upload lets an attacker write files anywhere on disk, and because Langflow ships with auto-login enabled by default, a single unauthenticated request reaches RCE. VulnCheck confirmed exploitation on June 9. Censys counted roughly 7,000 exposed instances, the heaviest concentration in North America, with MuddyWater attribution.

The Mini Shai-Hulud campaign hit a different pressure point. After the worm’s source code went public on May 12, copycat variants compromised 32 Red Hat Cloud Services npm packages on June 1, packages pulled 80,000 times a week. The worm harvests more than 20 credential types and self-propagates under the compromised maintainer’s identity.

Four teams, four tools, one operating failure. The bug classes differ. SearchLeak is a prompt injection. LiteLLM is privilege escalation. Langflow is path traversal. Mini Shai-Hulud is supply-chain poisoning. The boundary that broke is the same in all four.

The market already repriced the risk

CrowdStrike’s Q1 FY27 earnings call put a number on the gap. AIDR, the company’s AI detection and response line, grew ending ARR more than 250% sequentially, with a Q2 pipeline above $50 million (SEC-filed 8-K). Total company ARR reached $5.51 billion, and CrowdStrike’s fleet telemetry shows more than 1,800 agentic applications running across enterprise endpoints.

On June 17, the company extended AIDR to AWS, adding real-time evaluation of agent, LLM, and MCP communications across Amazon Bedrock, Kiro, and Strands Agents, building on its work with Anthropic’s Project Glasswing. Daniel Bernard, CrowdStrike’s chief business officer, said the AI attack surface now spans development, runtime, identities, and cloud infrastructure, and that teams treating those as separate domains leave the gaps between them open.

Practitioners name the same gap in plainer terms

David Levin, CISO at American Express Global Business Travel, told VentureBeat the pattern does not surprise him. “We kind of have this shadow AI, which is just the new version of shadow IT,” Levin said.

Both Langflow and LiteLLM fit the description. Teams stood them up for convenience, gave them credentials, and never brought them under governance. Levin puts the fix before deployment. “We didn’t go into this with just saying we’re going to go do this without the right fundamentals,” he said. “We leverage NIST controls. NIST has released their CSF along with their AI framework. OWASP released their top 10. You need the right fundamentals before you deploy.”

Merritt Baer, CSO at Enkrypt AI and former AWS Deputy CISO, named the structural version of the failure in a separate VentureBeat interview. “Enterprises believe they’ve ‘approved’ AI vendors, but what they’ve actually approved is an interface, not the underlying system,” Baer said. “The real dependencies are one or two layers deeper, and those are the ones that fail under stress.” She has tied that directly to how systems fall. “Raw zero-days aren’t how most systems get compromised. Composability is,” Baer told VentureBeat. “It’s the glue between the model and your data where the risk lives. If you give an agent bash and a root token, you’ve already done most of the attacker’s work for them.” That is what rows 2 and 4 of the audit test: the gateway that holds every key, and the agent identity no one governs.

Levin had a sharper frame for the boardroom. “You need to talk more in terms of risk versus compliance to your boards and your executives,” he said. “It’s not about the size of the engineering team anymore. It’s the size of your imagination. It’s all written in plain English. It’s not hard for anyone.” Neither SearchLeak nor LiteLLM needed custom malware or a zero-day to work.

Adam Meyers, CrowdStrike’s SVP of Intelligence, put the operational squeeze in numbers in an exclusive VentureBeat interview. “The problem is not zero-day. The problem is patching. If you 10x that problem, they’re gonna be completely underwater,” Meyers said. He pointed to identity as the second front. “Some of these AI have their own identities, or people give their identity to the AI to take action on their behalf, and that makes it a very complex problem.”

The five-check trust-boundary audit

Each row maps a gap to its proof point, a verification command for Monday morning, the fix, and the sentence to read to the board.

The fix is plumbing, not policy

The June 2 executive order creates an AI Cybersecurity Clearinghouse with a July 2 deadline. The five gaps above are not frontier-model problems. They are plumbing problems in the gateways, orchestration platforms, identity layers, and runtime environments where AI meets the enterprise.

The audit is five rows. Every row maps to a June disclosure or market signal, a command a team can run before lunch, and a sentence a CISO can read to the board. The question is not whether your vendor will patch. It’s whether you find the gap first — or whether an attacker finds it the way they found Copilot and LiteLLM.

DEvops

Cost premium of using AWS indirectly via Vercel is mitigated by more efficient use of compute resources, CTO claims

Vercel introduced an open source agent framework called eve at its Ship event in London this week, along with other new features including Passport, an attempt to put employee apps created with AI under enterprise control.

Agents are dominating the AI conversation currently, and in particular custom agents. Agent frameworks that simplify coding already exist, though eve has a few notable characteristics.

The coding languages are TypeScript and Markdown, and an agent is a directory with files that define the instructions and skills, the model provider, the tools, the authentication, the channels, and the schedule. Agents are sandboxed on isolated VMs by default. The framework also includes a simple testing tool that exercises the agent and evaluates the result. Code is on GitHub under the Apache 2.0 license.

There are plenty of existing agent frameworks, but Vercel CTO Malte Ubl told us that with eve, simplicity is a feature, with users able to take a “fill in the blanks” approach.

“The life cycle of the agent is completely orchestrated by the framework, and as a developer or builder you have to put things in the right places, but then everything magically works,” Ubl said.

“It’s a system where you don’t have to understand every little bit about what sandboxes are and how to compact context windows… All these things are quite complex; you don’t have to understand any of it.”

Agents built with eve deploy to Vercel by default, using the same command that works for web applications: vercel deploy. That said, the company says it is not tied to its platform.

“We are 100 percent committed to making it work everywhere,” Ubl told us, though an early user has already raised an issue about it requiring a Vercel login even when set to use a different model provider; it is early days and this may be a bug. Providers for LLMs and sandboxes are configurable. An eve project also runs locally with: npx eve dev.

What LLM does eve use? “You can connect any model that AI SDK connects to, which is all the models,” Ubl said, where the AI SDK is a Vercel SDK. There is also an option to use Vercel’s AI Gateway, which has a single endpoint for multiple model providers and can improve reliability by switching to another model if one fails.

The company also previewed Enterprise Apps and Agents, which have four components. Vercel Connect replaces static secret credentials with short-lived tokens accessed by OAuth or an API. Vercel Passport uses OpenID Connect to put all the applications and AI agents in a team behind an identity provider such as Okta or Microsoft Entra. Enterprise Managed Users uses directory sync to enable Vercel in a team to be managed by the organization’s identity system. Finally, Bring Your Own Cloud (BYOC) lets organizations use Vercel’s platform running on AWS infrastructure provisioned by the customer.

According to Vercel, Passport was a highly requested feature because of the number of employees who create applications hosted by Vercel but outside the control of the organization. A typical scenario is that an employee builds an application with AI assistance, and the AI agent defaults to using the Next.js React-based framework and Vercel hosting. It is a variety of shadow IT – or shadow AI – where staff create vibe-coded applications using company data but outside the organization’s IT policy or control.

Vercel itself is an AWS customer so its platform should work well using BYOC, but there are some trade-offs, Ubl said. One is that “we don’t allow your compute to assume AWS roles… If you are really deep in the AWS IM [Identity Management] security system, then Vercel doesn’t give this to you,” he told us, “but we do always issue an OIDC token for every invocation of the compute, so you can use that to configure your AWS policies.” Second, with BYOC, “we become a management vendor,” Ubl said, which means giving Vercel access to that part of the customer’s AWS infrastructure.

All Vercel deployments are immutable, which means “every time you push to Git you get a new infrastructure from scratch,” Ubl told us. He considers this ideal for AI agents. Other aspects of the platform have also been optimized for agents. “We try to be close to what the agents do,” he said.

A common critique of Vercel is that since it runs on AWS, using Vercel means paying a premium for hosting that would be cheaper when purchased directly. According to Ubl, that premium is mitigated by Vercel’s efficient use of those resources, “especially at low scale, and especially compared to Lambda,” the AWS serverless platform. Vercel said last year that it cut its Lambda costs by up to 95 percent by reusing idle instances.

Ubl claimed AWS customers need “more than 35 percent utilization to match Vercel’s price.”

Another Vercel competitor is Cloudflare, which, unlike Vercel, hosts on its own datacenters and has an efficient serverless platform using Workers, based on V8 isolates, a feature of the V8 JavaScript engine used by Google Chrome and the open source Chromium project.

Ubl said that whereas Cloudflare Workers are unique to Cloudflare, Vercel “is a more normal platform, we don’t run some bespoke runtime that we create ourselves, we just run Node.js or Python or PHP and it runs on a VM (virtual machine)… We offer standard PostgreSQL, VPC peering, AWS, S3 and not bespoke.”

This is a bit of a war of words. Cloudflare engineering director Steve Faulkner in February described the Next.js tooling, sponsored by Vercel, as “entirely bespoke.” Since then the situation has improved, with an Adapter API that is stable in Next.js 16.2, meaning other providers no longer need to reverse-engineer the build output, but adapters for AWS and Cloudflare are still under development, with completion expected by the end of 2026. ®