Developer Tech

GitHub adds stronger governance for AI agents in Copilot

GitHub’s AI agents in Copilot promise faster delivery, but enterprises need guardrails and access policies to avoid uneven ...
Visual Studio Magazine

Azure Cosmos DB Python SDK Update Powers AI with OpenAI Integration

Microsoft announced the stable release of Azure Cosmos DB Python SDK 4.14.0, adding AI-driven document reranking, optimized batch reads, and automatic write retries developed in collaboration with ...
Bleeping Computer

Chinese hackers abuse geo-mapping tool for year-long persistence

Chinese state hackers remained undetected in a target environment for more than a year by turning a component in the ArcGIS geo-mapping tool into a web shell. The ArcGIS geographic information system ...
SecurityWeek

RondoDox Botnet Takes ‘Exploit Shotgun’ Approach

The botnet packs over 50 exploits targeting unpatched routers, DVRs, NVRs, CCTV systems, servers, and other network devices. In June, RondoDox was seen targeting CVE-2024-3721 and CVE-2024-12856, two ...
Ars Technica

Discord says hackers stole government IDs of 70,000 users

Discord says that hackers made off with images of 70,000 users’ government IDs that they were required to provide in order to use the site. Like an increasing number of sites, Discord requires certain ...
Windows Report

Massive DDoS Attack Knocks Out Steam, Riot, and Other Services

The coordinated attack occurred shortly before 11 PM ET in early October. Reports first surfaced from Riot Games, which confirmed problems affecting League of Legends and Valorant players. Within ...
PC Gamer

Today's Steam outage may have been part of a massive DDoS attack targeting Xbox, PlayStation, Riot, and other game companies

Steam went offline earlier today in an odd but thankfully brief hitch that may have been a small part of a much bigger thing: Xbox, PlayStation, Riot Games, and Epic all suffered a very sudden spike ...
Ars Technica

Intel and AMD trusted enclaves, a foundation for network security, fall to physical attacks

In the age of cloud computing, protections baked into chips from Intel, AMD, and others are essential for ensuring confidential data and sensitive operations can’t be viewed or manipulated by ...
Bleeping Computer

Critical WD My Cloud bug allows remote command injection

Western Digital has released firmware updates for multiple My Cloud NAS models to patch a critical-severity vulnerability that could be exploited remotely to execute arbitrary system commands. Tracked ...
marktechpost

Meet oLLM: A Lightweight Python Library that brings 100K-Context LLM Inference to 8 GB Consumer GPUs via SSD Offload—No Quantization Required

oLLM is a lightweight Python library built on top of Huggingface Transformers and PyTorch and runs large-context Transformers on NVIDIA GPUs by aggressively offloading weights and KV-cache to fast ...
PC Magazine

$6.7M Ransom, 700 Jobs Lost, and a 158-Year-Old Business Destroyed—All Thanks to One Bad Password

I've been writing and editing stories for almost two decades that help people use technology and productivity techniques to work better, live better, and protect their privacy and personal data. As ...
The Hacker News

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

GitHub on Monday announced that it will be changing its authentication and publishing options "in the near future" in response to a recent wave of supply chain attacks targeting the npm ecosystem, ...