Apple’s Home Hub could arrive in late 2026, smart glasses in late 2027, and a tabletop robotic arm sometime in 2028. These were all expected sooner, but Apple’s delayed AI upgrades created roadblocks.

In the Apple leaks world, unannounced products that get release windows pushed internally still get labeled as “delayed.” Apple engineers clearly had a release date in mind, and even had a target set, but other product divisions can get in the way.

According to the latest “Power On” newsletter from Bloomberg, three unannounced products waiting on AI upgrades equate to “so many Apple product delays.” These unreleased, unannounced products include the rumored Home Hub, smart glasses, and a robotic arm upgrade to the Home Hub.

Had Apple Intelligence performed as expected and rolled out completely through 2025, the report suggests that the Home Hub would have arrived sooner, the glasses would have been released in early 2027, and the robotic arm could have arrived in 2026 or 2027.

This lines up with previous reporting, however, it is amusing how it is being pitched in this newsletter. Since the robotic arm is technically an accessory or second iteration of the Home Hub, we’re only talking about two product lines affected by AI delays.

The line between being wrong and delay

Just to break down this bit of data further, the rumored Meta Ray-Ban glasses being “delayed” from early 2027 to late 2027 may not even be a delay. Leaker Ming-Chi Kuo was first to say that late 2027 was the goal, and it wasn’t until more recently that Gurman switched to that timeline.

Apple Glasses are coming, just later than what was previously reported

As I’ve reported previously, whatever source Gurman has for the Vision Products Group seems to be a rather poor one. He has consistently missed on nearly every product scheduling leak about Apple Vision Pro and other details relating to the team.

So, this second of two “delays” is actually a course correction. That means the “so many Apple product delays” is actually just one delay — the Apple Home Hub tablet.

That product has reportedly been ready to go for some time, but it makes sense that Apple wants its AI to be better before launch. It can’t afford to have another product built around Siri to be perceived as bad simply because Siri is bad.

There is no mention of Apple’s work on an AI pendant here, which theoretically is also waiting on Apple’s better AI tools to progress. However, it may be too early in development for even Gurman to claim it was delayed.

Apple’s busiest release cycle yet

Apple is clearly building up to enter the smart home market in force with its own product lines. They’ll include the Home Hub tablet, security camera, and doorbell.

That launch could occur at any time, really.

iPhone Fold could arrive as Apple’s most expensive handset yet even as the world struggles with pricing and supplies

The more interesting story is the one that wasn’t printed here because it can’t be used to suggest some kind of Apple failure. The market for memory and computer parts has become overrun with AI company demand, which means we may not see the remainder of M5 upgrades this summer.

While WWDC is a software-focused event, the company hasn’t shied away from revealing product upgrades and even chipsets at the event. However, the supply chain is so depleted that even Apple has to take a back seat.

Each year we get new advanced pieces of Apple Silicon like the M5 family, five new iPhone models, multiple Mac laptops and desktops, AirPods, Apple Watch, iPads, and sometimes even Apple TV and HomePods. Then there’s the routine upgrades to every operating system Apple develops each year.

Oh, and I guess iPhone Fold might actually be announced in September after a full revitalization of the company’s AI efforts.

We should all be critical of Apple when necessary. But taking a reader question like “Why are there so many Apple product delays lately?” and producing one actual delay in the response is a bit much.

Apple Intelligence was unfortunately delayed in its fullest realized form in early 2025. That created a ripple effect across other potential releases and product strategies.

But this idea that keeps getting pushed of an Apple in conflict, struggling to get products out of the door, directly contradicts the results we can see with our eyes. In a world where consumers have been beaten down with AI at every turn, Apple is thriving with almost zero presence in the space.

Let’s see what they’ve cooked up for WWDC and how that might shift Apple’s position, for better or for worse.

Public sector

Years into a major IT overhaul, MPs say the department still lacks reliable view of what is happening across the asylum system

The UK’s long-running asylum IT overhaul may finally have put the 25-year-old Case Information Database (CID) out to pasture, but Parliament says that officials are still relying on spreadsheets and disconnected systems to keep track of asylum cases. 

A new report from the Public Accounts Committee (PAC) found asylum data remains scattered across multiple systems, making it difficult for officials to track cases, spot emerging backlogs, or understand where pressure is building across the wider system.

As of December last year, the Home Office was still heavily dependent on CID, a decommissioned platform dating back to the turn of the century, while attempting to move asylum operations onto Atlas. The PAC’s findings suggest the migration has not solved a more familiar government IT problem: getting different systems to share information.

The committee said that there is still “no single, reliable view of cases across the asylum system.” While the Home Office told MPs it has now fully moved to Atlas for asylum case management, officials noted that the transition has been complex, involving legacy data migration, functional improvements, and staff training.

MPs also heard that some Home Office staff continue to maintain their own spreadsheets alongside official systems. The committee warned this can leave multiple versions of the same information in circulation and contribute to ongoing data quality problems.

One of the bigger gaps sits between the Home Office and HM Courts & Tribunals Service. The two are working to link their case management systems, but MPs said current data-sharing arrangements still make it impossible to follow an individual case through the entire asylum process.

The report also echoes earlier National Audit Office findings that a reliable single record for each asylum seeker is still unavailable. Information on issues such as repeat appeals and absconders remains incomplete, inconsistent, or unavailable, while MPs said officials struggled to provide some key figures with confidence.

The committee concluded that departments still lack the integrated data needed to understand how people move through the asylum system or whether attempts to fix one bottleneck are simply creating another elsewhere.

What’s more, without reliable data, MPs said that they cannot properly assess whether the asylum system is improving or whether taxpayers are getting value for money.

“Departments still lack integrated, system-wide data and agreed performance measures needed to manage the asylum system effectively,” the PAC report states. “Until these gaps are addressed, senior leaders cannot fully understand where pressures are building or assess whether interventions are working as intended, and Parliament cannot obtain robust assurance on progress or value for money.”

The old database may be on the way out, but MPs are not convinced the underlying data problems went with it. ®

offbeat

If you thought driverless cars were bad, imagine a 200,000 ton container ship

Britain’s Maritime and Coastguard Agency (MCA) says it helped to develop a code of safety for future remotely operated and autonomous cargo ships.

The executive body, responsible for maritime law and safety policy, represented the UK’s interests in working groups during development of the first non-mandatory International Code of Safety for Maritime Autonomous Surface Ships (MASS Code).

This code, set to be published by the International Maritime Organization (IMO) on July 1, is the first stab at a global regulatory framework covering uncrewed cargo ships.

It will be followed by a mandatory MASS Code based on reviews of this set of regulations, slated for adoption in 2030, for entry into force on January 1, 2032.

Autonomous vessels are already being tested out. In Norway, for example, a ship called the Yara Birkeland is used to carry chemicals and fertiliser from an industrial plant where they are produced to the deep-sea container harbor at Brevik, from where they are shipped to customers around the world.

Yara Birkeland is the world’s first fully autonomous and electric zero-emission container ship, but is relatively small at about 80 meters (260 ft) long and a weight of 3,200 tonnes.

A scoping exercise by the IMO to help inform the regulations identified four degrees of autonomy – inspired by those applicable to self-driving cars.

Degree one has seafarers on board to operate and control shipboard systems and functions, although some operations may be automated. Degree two is a remotely controlled ship with crew aboard, able to take control if necessary. Degree three covers a remotely controlled ship without any crew, and Degree four is a fully autonomous ship.

The IMO said it identified a number of high-priority issues, cutting across several instruments, that must be addressed at a policy level in future. These involve the development of MASS terminology and definitions, particularly in clarification of who is responsible for the ship in Degrees Three and Four.

Others include actions normally be carried out by the crew, including firefighting, cargo stowage and securing, maintenance, watchkeeping and implications for search and rescue. The latter is a legally binding duty that applies to all vessels, without exception.

“The maritime industry is inherently global, so progress towards a harmonised regulatory framework is vital to support consistency, fairness and – most importantly – safe operations internationally,” said MCA assistant director for Future Technical Standards Leanne Page.

“We’re very proud to have played a leading role in reaching this major milestone.”

The next step is building a framework for an experience-building phase, the MCA says, to inform development of the mandatory MASS Code.   

Both the MCA and the UK’s Department for Transport will continue industry consultations to provide further information and guidance on this new non-mandatory MASS Code. ®

You may have heard that wired headphones are back in fashion (though in truth, they never went away), but plugging an in-earphone along is not going to deliver the best sound.

iFi Audio has a fix for that.

They’ve launched Go Link 2 Max at High-End Vienna, a USB-C dongle that can transform “your phone, laptop, or PC into a powerful high-resolution audio source”.

China wants its electric vehicles to go on a diet. The average passenger car in the country weighed 1,704 kg in 2024, roughly a third more than in 2012, state broadcaster CCTV reported on Sunday. Many popular SUVs and MPVs now approach or exceed 2 metres in width, squeezing into parking spaces designed a decade ago for smaller cars.

One vehicle measured by CCTV was nearly 2.3 metres wide. The current standard parking space is 2.4 metres. That leaves 10 cm of clearance, barely enough to open a door.

The weight problem starts with batteries. Some manufacturers market vehicles with ranges up to 1,000 km on a single charge, which can require battery packs weighing as much as 800 kg, according to experts cited in the report. Heavy batteries are not unique to China, but the scale of the problem is, given that the country produces more EVs than any other nation.

Feature bloat is also a factor. China’s crowded EV market has pushed manufacturers to differentiate by turning cars into mobile living spaces. Some models let users work, watch videos, drink coffee, and rest inside. A few even come with in-car toilets, CCTV reported. Each feature adds weight.

Beijing has already responded. On 1 January 2026, China became the first country in the world to enforce a mandatory energy consumption standard for electric vehicles. The rule caps two-tonne EVs at 15.1 kWh per 100 km under the Chinese CLTC cycle, tightening limits by approximately 11% compared with previous recommendations. New EV models that fail the standard cannot be produced, sold, or registered.

The regulation pushes manufacturers toward efficiency rather than simply adding bigger batteries. Better aerodynamics, lighter materials, and drivetrain optimisation become more important than raw range figures. With battery capacity unchanged, compliance is expected to increase an average EV’s range by about 7%.

The timing matters. China produced 16 million electric cars in 2025, according to the IEA, and exports are surging into new markets. Lighter, more efficient vehicles would not only ease domestic infrastructure pressure but also help Chinese automakers meet emissions and efficiency standards in export markets like the US and Europe, where regulations are tightening in parallel.

As Apple’s Worldwide Developers Conference, WWDC 2026, approaches, the excitement is building around what Apple has in store for us this year. From Siri’s overhaul to new Apple Intelligence updates, there’s a lot to look forward to.

The annual Worldwide Developers Conference kicks off Monday at 10 a.m. PT/1 p.m. ET. For those eager to tune in, the event will be streamed live via the Apple Developer app, Apple’s website, and the Apple Developer YouTube channel.

Siri’s big AI makeover 

The most anticipated announcement is a major AI upgrade to Siri, transforming it into a more conversational assistant capable of understanding context, handling multi-step tasks, and interacting more naturally across apps and services. The revamped Siri will leverage Google’s Gemini technology to enhance its capabilities.

Additionally, recent leaks from Bloomberg have unveiled a standalone Siri app that aims to compete with advanced AI chatbots like ChatGPT, Claude, and Gemini. Apple may also introduce a feature reminiscent of messaging apps, enabling users to set timers for automatically deleting conversations after 30 days, a year, or keeping them indefinitely.

AI agent app store

According to The Information, Apple plans to introduce an AI agent integration with the app store. While details are scarce, agents allow users to delegate tasks such as booking reservations, managing everyday tasks, editing documents, or controlling smart home devices.

Camera and Photos apps

A new “Visual Intelligence” section is anticipated to be introduced within the Camera app, taking the place of the previous Visual Intelligence feature found in the Camera Control button. This upgrade will introduce a dedicated Siri mode that exists next to options like Photo, Video, Portrait, and Panorama. The Visual Intelligence feature leverages Google Image Search to accurately identify objects captured by the user.

In addition, the Photos app is set to receive exciting enhancements powered by Apple Intelligence. These may include intelligent scene recommendations for optimizing photos, automatic object removal for cleaner images, and an innovative AI photo editing feature that allows users to request edits simply by using natural language, new productivity functionalities in visionOS.

Image Playground updates

Apple is set to upgrade the Image Playground app, introducing higher-quality image generation, more artistic styles, better character consistency, and richer editing controls. The interface for creating new images will be simplified, offering fewer controls and a “describe a change” option for editing.

Additionally, we might see a suggested Genmoji feature that proposes custom emojis based on users’ media and text interactions. Users may also be able to generate AI wallpapers that reflect various themes and moods.

Apple Wallet

Notable updates are rumored to be coming to the Wallet app, particularly a new bill-splitting feature that will simplify sharing expenses among friends or family. Users will be able to photograph a receipt and generate payment requests to different parties effortlessly.

Alongside this, the Wallet app will also include a “Create a Pass” option that enables users to generate digital passes from physical items such as movie tickets, concert passes, or gym membership cards.

MacOS, iPadOS, visionOS, watchOS, and tvOS updates

Apple is expected to enhance its AI-powered Siri experience across its devices, as well as likely incorporate more AI features and stability updates.

If anything, 2026 has made clear that cybersecurity is no longer a background concern — it’s front and center, woven into almost every major story of the year. Yes, wars are still raging, the climate keeps worsening, and we’re seemingly one dodgy sneeze away from the next global pandemic.

But running beneath all of it is a digital current that touches everything: wars being fought on digital fronts as well as physical ones, governments weaponizing citizens’ own data against them, botnets quietly undermining democratic institutions, nation-state hackers targeting civilian infrastructure from power grids to water systems, and ransomware gangs holding companies and institutions hostage for massive payouts. The attacks are getting bolder, more destructive, and harder to contain.

As we’re halfway through this already horrendous year of digital attacks and hybrid warfare, we look at some of the worst hacks and breaches so far, and how they might affect us going forward.

Questions remain over DOGE’s massive swipe of Social Security data

A year on, after operatives with the Elon Musk-led band of government destroyers known as the Department of Government Efficiency (or DOGE) swept through and dismantled federal agencies from the inside out, we’re still learning about the data lapses that happened under their watch.

After DOGE entered the Social Security Administration, it remains unclear as to what happened with some of the nation’s most sensitive data, as lawsuits battle on in federal court. The most alarming whistleblower’s claim is that DOGE uploaded a live copy of the Social Security database to an unsecured third-party server, leading to a scramble to understand what was stored in it. This database allegedly contained the Social Security numbers and associated personal information of most living Americans.

In court filings, the Social Security Administration doesn’t know for sure what was on the server, but said that the DOGE signed an agreement with an outside political advocacy group under the guise of finding evidence of voter fraud, something that President Trump continues to claim without any evidence. The fears are that the database could be misused to target Americans for spurious reasons. 

Two of the top House Democrats investigating some of DOGE’s activities at the Social Security Administration said that the exposure of the government’s Social Security database “could very well be the largest data breach in our nation’s history.”

Hackers are increasingly targeting water systems and energy grids

A rash of cyberattacks across Europe targeting civilian energy and water supplies, like power plants and water dams, has set a troubling trend of late. Several hacks attributed to (or at least in part blamed on) Russia have risked real-world harm to communities and populations. 

Poland’s energy grid was targeted with computer-destroying malware at the tail end of last year, as well as a Swedish thermal plant and a Norwegian dam that spilled swimming pools’ worth of water. Hackers targeted Poland again earlier this year, this time its water treatment plants, showing that Russia’s hybrid war antagonism continues to extend beyond the digital realm.

Now, thanks to the recent war between the U.S. and Israel against Iran, there are warnings that Iranian hackers are targeting critical infrastructure in the United States. This includes privately owned water utilities, which remain a soft target for hackers, often lacking basic cybersecurity protections.

Iranian government hackers struck Stryker with a destructive device hack

Speaking of Iran, a cyberattack on a U.S. medical tech company, Stryker, in March saw Iranian hackers break in and remotely wipe tens of thousands of employee devices in one fell swoop, causing widespread disruption to the company’s operations for several days. 

The breach was a marked shift in Iranian hacking tactics at a time of ongoing war in the Middle East, with Iran moving from its typical focus of espionage and hack-and-leak operations in aid of the country’s political gains, toward actively causing destructive hacks in apparent retaliation for the war. The U.S. government attributed the hacking group behind the breach to an arm of Iranian intelligence. The breach ended up having a material impact on Stryker’s first-quarter earnings after regaining control of its systems.

Instructure among ShinyHunters’ disruptive hacking campaigns

The ShinyHunters continued their hacking campaigns, targeting dozens of companies with simple but highly effective voice phishing techniques. The English-speaking hackers are adept at tricking companies into turning over access to their internal systems by pretending to be IT support, or conversely, an employee who forgot their password.

Few know better than the toll a hack from the ShinyHunters can have than education tech giant Instructure. The hackers breached the company’s flagship learning management system Canvas to steal private data and personal information belonging to over 30 million students and staff. When the company didn’t pay the hackers’ ransom, the hackers broke in — again — and defaced the school’s login screens for Canvas, used by students to access their exam and coursework material. This second hack happened during school finals, disrupting exams for students across the United States. Instructure eventually paid the ransom, despite efforts by the FBI to dissuade the company from paying.

Instructure wasn’t the only company targeted by the ShinyHunters hackers by far. The gang has been behind some of the largest breaches by the number of records stolen, including some 40 million records from internet provider Charter and at least 6 million customer records from cruiseliner Carnival, among other victims in higher education, finance, and government.

The supply chain is under attack, targeting open source projects and big tech companies

A series of ongoing, concurrent, and occasionally overlapping attacks on open source developers have resulted in massive hacks targeting big tech companies and their customers. 

Some of the biggest names in security, including Aqua Security’s Trivy tool, Bitwarden, and Checkmarx, alongside other major open source projects, were compromised this year, allowing the hackers to steal passwords, credentials, and other sensitive tokens from the computers of anyone who installed a backdoored copy of the software, or their pre-installed software auto-updated to download the malware. 

These attacks used the stolen credentials to spread further, and opened the door to downstream compromises of big companies that rely on the targeted software, including AI giant OpenAI and web hosting company Vercel. With a new hack almost every week, the open source world remains a vulnerable target in the broader tech ecosystem. 

FBI’s surveillance system was breached, sparking a “major cyber incident“

The U.S. Federal Bureau of Investigation was forced to declare a “major cyber incident” in April, prompting a legally required disclosure with Congress, after identifying that one of its surveillance systems was compromised. According to reports, the breach potentially exposed phone numbers of targets under surveillance by federal agents. 

Chinese spies were accused of the breach of the unclassified network, which held sensitive information about the surveillance targets of wiretaps and other communication intercepts, such as pen register returns. By notifying lawmakers, the breach is likely to have met a bar of causing “demonstrable harm” to U.S. national security.

Hasbro’s hack has led to weeks of downtime

Toymaker giant Hasbro is the latest example of what happens when a large corporation is hit by a security incident and isn’t prepared for it. Weeks after discovering hackers in its systems in late March, the 103-year-old company remained largely offline, its website unavailable, and unable to serve its customers.

The company, which owns big name brands such as Transformers, Peppa Pig, and Dungeons & Dragons, has said little about the incident itself, what data was taken (if any), and whether it paid the hackers. But the disruption alone is likely to affect the company’s financials, which it was forced to delay, as the company scrambled to handle the incident. 

Hasbro said as of mid-May that the hackers are no longer in its systems and that its recovery was underway. But the financial costs of the breach and the knock-on effect to its business are likely to be realized in the coming months, and are expected to be substantial.

Millions of passports and driver licenses have been exposed galore

Over the past few months alone, there has been an uptick in major data exposures involving people’s sensitive government-issued identity documents, including passport and driver license scans left exposed to the web. From a hotel check-in system and a money transfer app to a prison payphone provider and a U.K. visa service, these services exposed over two million people’s personal documents that can be easily misused. Many were caused by simple security lapses that were easily avoidable with basic cybersecurity practices.

These massive data spills come at a time when closed-community apps and websites are increasingly leaning on “know your customer” checks to force users to verify their identity before being allowed in, and governments are pushing age-verification laws demanding similar identity checks from adults to access a vast swath of the internet. 

The logic goes that the greater the spills, the less effective these identity checking systems are, as they can be easily misused with a stolen or leaked passport or driver license. The further rollout of these ID-collecting systems will inevitably lead to more data breaches and security lapses.

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with various CPU architectures.

The researchers found samples for ARM, MIPS, PowerPC, SuperH, x86, x86_64, and other architectures, featuring exploits for DVRs, routers, video management platforms, and Android-based devices.

The botnet was seen targeting a Japanese technology company, but researchers discovered that the source IP address was for a device located in Germany.

Fortinet researchers discovered C0XMO and highlighted its modular design, which allows operators to update its exploitation techniques, add/remove targeted architectures, and expand its lateral movement capabilities independently of the main payload.

Fundamentally, C0XMO remains a malware for launching distributed denial-of-service (DDoS) attacks and supports 19 methods, including UDP/TCP/SYN/ICMP floods, “ping of death,” NTP/Memcached amplification, Discord voice UDP floods, and Valve-specific floods.

According to the researchers, the C0XMO botnet malware is delivered by exploiting CVE-2021-27137, a buffer overflow vulnerability caused by insufficient user input. It can be leveraged without authentication and leads to executing arbitrary code.

Gafgyt scanner

For wider distribution, C0XMO downloads a Python script that installs additional packages such as ‘requests,’ ‘paramiko,’ and ‘beautifulsoup4,’ which are required for network scanning and communication, and for running activities over SSH and telnet protocols.

The scanner then uses worker threads to randomly scan internet-facing systems on common ports like 22 (SSH), 23 (Telnet), 80/443 (HTTP/HTTPS), 7547, 8080, 8443, 8888, and others.

After finding a target, the malware attempts to brute-force weak Telnet and SSH credentials, detects the CPU architecture, and deploys a compatible C0XMO binary.

The script contains almost two dozen functions for various tasks for scanning, exploiting HTTP and ADB-based vulnerabilities, detecting the CPU architecture, SSH/telenet login, and checking IP addresses. Its main purpose is to move laterally on the network.

Once it gains access to a device, the malware copies itself to hidden locations such as ‘/tmp/.sys,’ ‘/var/tmp/.sys,’ and ‘/dev/shm/.sys,’ and then creates cron jobs that relaunch it every 15 minutes. Also, shell startup files are modified to enable automatic execution.

Furthermore, C0XMO actively scans running processes to identify competitor botnet clients on the host, as well as red-team tools, programming tools, and network services that may interfere with its operation, and terminates them.

It does so by deleting binaries and removing their persistence mechanisms, including cron jobs, init scripts, system services, and shell profile entries.

After that, it connects to a hardcoded command-and-control (C2) address using a custom multi-stage handshake that includes magic strings and shared secrets, and then awaits commands.

The supported commands include heartbeat checks, starting and stopping scans, and launching DDoS attacks using one of the 19 supported methods.

The general recommendation for defending against C0XMO and other botnet malware is to keep devices up to date, use unique admin credentials, and disable remote access capabilities when not needed.

Fortinet describes C0XMO as having “a considerably more advanced architecture and feature set compared to earlier IoT botnets.”

The researchers note that the overall design of the malware indicates “a greater degree of operational sophistication and complexity than typical Gafgyt malware.”

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper