Podcasts about Mozilla

With major leadership shakeups and rumors of studio closures, the future of XBOX inside Microsoft suddenly looks uncertain. Is this the beginning of a Game Pass overhaul, or could XBOX face an outright split from the company? Plus, PowerToys 0.100 (yes, point one hundred) arrives with so many improvements. And the Windows Insider program is leaving even seasoned users scratching their heads over Microsoft's so-called "simplification." Windows Windows Insider Program: Microsoft releases a record 7 builds to the allegedly simpler Insider Program You can't tell the players without a program Experimental: Less disruptive Windows Update, Windows Search improvements Beta 26H1: Screen tint Beta 25H2: Screen tint, quieter Widgets, Magnifier zoom controls Release Preview 25H2: Screen tint, quieter Widgets, Magnifier zoom controls, Bluetooth connectivity improvements All (?) get Voice access and Voice typing improvements, and new right-click Touchpad settings Good God, Microsoft Hardware Microsoft announces Snapdragon X2-based Surface Laptop 8 and Surface Laptop 13 and the prices are eye-watering Samsung announces Snapdragon X2-based Galaxy Book6 Edge and, yes, the prices are eye-watering The component crisis is a disaster but limitations are driving innovation, as they always have Google releases Android 17 alongside a new Pixel Drop, setting the stage for Googlebooks Software Microsoft Edge to follow Chrome to a two-week development schedule because we all love updating our web browsers Mozilla releases Firefox 152 and a new roadmap for the browser AI FINALLY AN AI-FREE WEEK XBOX and gaming Fear & loathing at XBOX! The Microsoft fiscal year ends in two weeks, and big changes are coming XBOX leadership set to reveal "hard truths" that will absolutely include layoffs and studio and game closures Microsoft is looking at all options for XBOX, including a spin-off XBOX Studios CEO and chief of staff announce their departures ahead of expected layoffs XBOX reportedly closing Ninja Theory, makers of the Hellblade games Compulsion Games is likely on the chopping block too XBOX is coming to Gamescon this year Xbox June Update arrives with new boot animation, more while Microsoft continues testing minor UX changes in the Insider Program COD: Vanguard, EA Sports FC 26 and more coming to Game Pass in the second half of June Rockstar Games is giving free GTA V upgrades to Xbox One and PS4 players Tips and picks Tip of the week: Don't doomscroll, learnscroll instead App pick of the week: PowerToys 0.100 RunAs Radio this week: 47 Day Certificates with Todd Gardner Brown liquor pick of the week: Thornæs Kagerup Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsor: trustedtech.team/windowsweekly365

With major leadership shakeups and rumors of studio closures, the future of XBOX inside Microsoft suddenly looks uncertain. Is this the beginning of a Game Pass overhaul, or could XBOX face an outright split from the company? Plus, PowerToys 0.100 (yes, point one hundred) arrives with so many improvements. And the Windows Insider program is leaving even seasoned users scratching their heads over Microsoft's so-called "simplification." Windows Windows Insider Program: Microsoft releases a record 7 builds to the allegedly simpler Insider Program You can't tell the players without a program Experimental: Less disruptive Windows Update, Windows Search improvements Beta 26H1: Screen tint Beta 25H2: Screen tint, quieter Widgets, Magnifier zoom controls Release Preview 25H2: Screen tint, quieter Widgets, Magnifier zoom controls, Bluetooth connectivity improvements All (?) get Voice access and Voice typing improvements, and new right-click Touchpad settings Good God, Microsoft Hardware Microsoft announces Snapdragon X2-based Surface Laptop 8 and Surface Laptop 13 and the prices are eye-watering Samsung announces Snapdragon X2-based Galaxy Book6 Edge and, yes, the prices are eye-watering The component crisis is a disaster but limitations are driving innovation, as they always have Google releases Android 17 alongside a new Pixel Drop, setting the stage for Googlebooks Software Microsoft Edge to follow Chrome to a two-week development schedule because we all love updating our web browsers Mozilla releases Firefox 152 and a new roadmap for the browser AI FINALLY AN AI-FREE WEEK XBOX and gaming Fear & loathing at XBOX! The Microsoft fiscal year ends in two weeks, and big changes are coming XBOX leadership set to reveal "hard truths" that will absolutely include layoffs and studio and game closures Microsoft is looking at all options for XBOX, including a spin-off XBOX Studios CEO and chief of staff announce their departures ahead of expected layoffs XBOX reportedly closing Ninja Theory, makers of the Hellblade games Compulsion Games is likely on the chopping block too XBOX is coming to Gamescon this year Xbox June Update arrives with new boot animation, more while Microsoft continues testing minor UX changes in the Insider Program COD: Vanguard, EA Sports FC 26 and more coming to Game Pass in the second half of June Rockstar Games is giving free GTA V upgrades to Xbox One and PS4 players Tips and picks Tip of the week: Don't doomscroll, learnscroll instead App pick of the week: PowerToys 0.100 RunAs Radio this week: 47 Day Certificates with Todd Gardner Brown liquor pick of the week: Thornæs Kagerup Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsor: trustedtech.team/windowsweekly365

With major leadership shakeups and rumors of studio closures, the future of XBOX inside Microsoft suddenly looks uncertain. Is this the beginning of a Game Pass overhaul, or could XBOX face an outright split from the company? Plus, PowerToys 0.100 (yes, point one hundred) arrives with so many improvements. And the Windows Insider program is leaving even seasoned users scratching their heads over Microsoft's so-called "simplification." Windows Windows Insider Program: Microsoft releases a record 7 builds to the allegedly simpler Insider Program You can't tell the players without a program Experimental: Less disruptive Windows Update, Windows Search improvements Beta 26H1: Screen tint Beta 25H2: Screen tint, quieter Widgets, Magnifier zoom controls Release Preview 25H2: Screen tint, quieter Widgets, Magnifier zoom controls, Bluetooth connectivity improvements All (?) get Voice access and Voice typing improvements, and new right-click Touchpad settings Good God, Microsoft Hardware Microsoft announces Snapdragon X2-based Surface Laptop 8 and Surface Laptop 13 and the prices are eye-watering Samsung announces Snapdragon X2-based Galaxy Book6 Edge and, yes, the prices are eye-watering The component crisis is a disaster but limitations are driving innovation, as they always have Google releases Android 17 alongside a new Pixel Drop, setting the stage for Googlebooks Software Microsoft Edge to follow Chrome to a two-week development schedule because we all love updating our web browsers Mozilla releases Firefox 152 and a new roadmap for the browser AI FINALLY AN AI-FREE WEEK XBOX and gaming Fear & loathing at XBOX! The Microsoft fiscal year ends in two weeks, and big changes are coming XBOX leadership set to reveal "hard truths" that will absolutely include layoffs and studio and game closures Microsoft is looking at all options for XBOX, including a spin-off XBOX Studios CEO and chief of staff announce their departures ahead of expected layoffs XBOX reportedly closing Ninja Theory, makers of the Hellblade games Compulsion Games is likely on the chopping block too XBOX is coming to Gamescon this year Xbox June Update arrives with new boot animation, more while Microsoft continues testing minor UX changes in the Insider Program COD: Vanguard, EA Sports FC 26 and more coming to Game Pass in the second half of June Rockstar Games is giving free GTA V upgrades to Xbox One and PS4 players Tips and picks Tip of the week: Don't doomscroll, learnscroll instead App pick of the week: PowerToys 0.100 RunAs Radio this week: 47 Day Certificates with Todd Gardner Brown liquor pick of the week: Thornæs Kagerup Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsor: trustedtech.team/windowsweekly365

Watch on YouTube. Peter Rojas has built new things at almost every scale there is, and he planted the seed for this show years ago in an email to Michael. In this episode, Peter and Michael discuss: How building new products inside a big company differs from a startup, and why you have to invest ahead of traction Why corporate product development is a harder numbers game than a venture portfolio AI, vibe coding, and the Mozilla Pioneers program for widening the top of the funnel Why incumbents keep losing the next technology wave Why coordination breaks down at scale, and the clarity that fixes it About Peter: Peter Rojas co-founded Gizmodo and Engadget, two publications that changed how people understand technology. He has been an operator and investor across AOL, Meta, and BetaWorks, where he was a founder and VC. Today he leads new product development at Mozilla and runs Mozilla Pioneers. 00:00 Cold open 01:46 The email that started the show 03:33 Startup vs building inside a company 06:57 The corporate product numbers game 11:03 Vibe coding and Mozilla Pioneers 15:13 When a trusted brand is the advantage 18:04 Why incumbents lose the next wave 21:58 Meta's metaverse bet vs AI 25:44 If I were running Meta 29:02 Was the VR bet a failure 30:27 Why coordination breaks at scale 35:07 Fear, focus, and the CEO filter 38:56 How Mozilla runs on KPIs 40:30 The founder who hid his idea 46:33 Where to find Peter Resources mentioned: Mozilla Pioneers: https://newproducts.mozilla.org/mozilla-pioneers/ WordPress: https://wordpress.org Lovable: https://lovable.dev Replit: https://replit.com Claude Code: https://www.anthropic.com/claude-code Rec Room: https://recroom.com Connect with Peter: LinkedIn: https://www.linkedin.com/in/peterrojas/ Connect with Michael: LinkedIn: https://www.linkedin.com/in/michael-koenig514 Building Helm: https://helmapp.ai Subscribe to Between Two COOs: Apple Podcasts: https://podcasts.apple.com/us/podcast/between-two-coos/id1635533318 Spotify: https://open.spotify.com/show/2NjVgGm6mqLPEbJUvHnHEH Newsletter: https://betweentwocoos.com Watch on YouTube.

Scott and Wes sit down with Jake Archibald from Mozilla to unpack how web standards actually get made at Firefox. From browser features and developer feedback to the drama around the Prompt API. They discuss Interop 2026, the future of web APIs, and what it's really like shaping the web after a career spanning both Google and Mozilla. Show Notes 00:00 The Importance of Sunscreen 02:29 Welcome to Syntax! 04:35 Transitioning from Google to Mozilla 06:00 Brought to you by Sentry.io 06:43 Mozilla's Current Position and Development Priority HTML Sanitizer API 08:35 Feature Implementation and Developer Feedback 13:12 JPEG XL and AVIF: The Future of Image Formats 18:06 Balancing User Features and Web Standards 20:56 Navigating the AI Translation Dilemma 23:03 Understanding the Prompt API Controversy 32:56 Rethinking the Future of Prompt APIs 39:00 Exploring Local Models and User Control 44:04 The State of Firefox DevTools 45:42 Browser Stability and Developer Editions 47:39 Introduction to the Heading Offset API 51:14 Interop APIs and Their Importance Headingoffset & Headingreset attributes 54:10 Developer Feedback and Browser Features Developer Signals 58:05 Animating Display None and Its Challenges 01:00:44 HTML and Canvas: Opportunities and Concerns 01:04:01 Sick Picks + Shameless Plugs Sick Picks Scott: Wes: Jake: Clues by Sam Shameless Plugs Scott: Wes: Jake: Bluesky Mastodon Threads LinkedIn YouTube X Insatgram Tiktok Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

Paramount Skydance's WBD acquisition moves forward, Roku explores a potential sale/partnership, Mozilla says almost no one uses the Firefox AI kill switch. MP3 Please SUBSCRIBE HERE for free or get DTNS shows ad-free. A special thanks to all our supporters–without you, none of this would be possible. If you enjoy what you see you canContinue reading "Anthropic Disables Fable 5 and Mythos 5 For All Customers – DTH"

Most enterprises are renters, not owners, of their technology and AI. Raffi Krikorian, Chief Technology Officer of Mozilla, explains why dependence on a handful of closed model providers means losing control over model behavior, pricing, and your own data.In CXOTalk episode 920, Krikorian lays out where open-source AI actually wins in the enterprise, how lock-in happens quietly, and what CIOs and CTOs should do about it now. Krikorian draws on his experience building infrastructure at Twitter and running the self-driving division at Uber to ground the discussion in real engineering and economic tradeoffs, not hype.YOU'LL DISCOVER✅ Why 85% of enterprises believed they could switch AI vendors, but only about 30% actually could when they tried✅ The "renters vs. owners" framing and what it means to control your AI destiny✅ Why Krikorian wants data "protected by architecture, not legal handshakes"✅ How Pinterest reportedly saved on the order of $10 million in a single quarter by switching from closed to open models✅ Why IT is becoming "the HR team for agents," and the read/write "dangerous triangle" of agentic permissions✅ The case for recording your prompts and running your own evaluations instead of trusting public benchmarks✅ Why roughly 70% of enterprise GPUs sit idle, and the missing "LAMP stack for AI" that could put them to work✅ How closed "validation machines" can quietly steer answers toward sponsored outcomes⏱️ TIMESTAMPS (estimated, verify before publishing)0:00 Renters vs. owners: who controls enterprise AI2:26 The risks of depending on closed model makers6:23 How lock-in happens and where open source fits9:53 Regression testing and building your own evals13:24 Pricing instability and the post-IPO cost question23:31 Governance: IT as HR for AI agents32:38 Can a small organization own its AI stack end-to-end?38:47 Validation machines, trust, and sponsored answers43:39 Keeping humans at the center, not in the loop47:23 Can open source beat big tech in AI?51:39 Inside Mozilla.ai: Otari, CQ, Octanus, Thunderbolt55:21 The "rebel alliance" strategy

Parce que… c'est l'épisode 0x305! Shameless plug 24 et 25 juin 2026 - Troopers 26 et 27 juin 2026 - leHACK 19 septembre 2026 - Bsides Montréal 1 au 3 décembre 2026 - Forum INCYBER - Canada 2026 24 et 25 février 2027 - SéQCure 2027 Description Dans cet épisode, l'animateur réunit son trio composé de Cyndie Feltz, Nicholas Milot et Dominique Derrier pour discuter de Mythos, un sujet qui fait beaucoup les manchettes. D'entrée de jeu, l'équipe précise que l'important n'est pas tant Mythos en soi — entouré de beaucoup de bruit et de marketing — que la prise de conscience qu'il provoque : les modèles d'IA, qu'ils soient spectaculaires comme Mythos ou plus sobres comme Opus, marquent un changement de paradigme dans la découverte de vulnérabilités et dans la façon dont les attaquants opèrent. L'enjeu central pour les PME est simple : il deviendra encore plus facile de s'attaquer aux systèmes, alors que c'était déjà facile. Qu'est-ce que Mythos ? Pour ceux qui auraient « vécu sous une roche » ces dernières semaines, l'équipe explique le concept. Nous sommes à l'ère de l'IA et des LLM (large language models), capables de générer des images, de communiquer, de faire du « vibe coding ». Des chercheurs ont eu l'idée d'utiliser ces modèles pour découvrir des vulnérabilités dans les applications. En poussant le modèle, on obtient une puissance démultipliée — quoique coûteuse en tokens — capable d'analyser du code, de tester et de trouver les failles permettant de pénétrer les systèmes. Mythos est un modèle hautement spécialisé qui n'est pas encore réellement accessible au public; seules de grosses organisations et certains gouvernements peuvent y accéder. L'équipe évoque le fait qu'Anthropic l'utiliserait elle-même pour tester de grands projets open source, et mentionne un projet (« Glass Wind » ou similaire) regroupant de gros joueurs comme CrowdStrike, Amazon et Apple, qui utiliseraient Mythos pour sécuriser les systèmes. Un participant souligne avec ironie l'angle marketing : si l'outil était vraiment si dangereux, Anthropic n'en aurait simplement pas parlé et l'aurait gardé à l'interne. Un outil à double tranchant Les intervenants insistent : il s'agit avant tout d'un excellent outil d'analyse de code permettant de corriger des vulnérabilités. C'est précisément le travail quotidien de Nicholas et Cyndie. L'avantage d'une machine, c'est qu'elle ne dort pas la nuit ni les fins de semaine — elle fonctionne 24/7, sans relâche. L'exploit le plus médiatisé a été la découverte de vulnérabilités dans le navigateur Firefox, des failles qu'un humain n'aurait peut-être pas trouvées dans un temps ou avec une logique humaine. Un point technique crucial est soulevé : Mythos n'est pas un outil « point and shoot ». Il ne suffit pas de pointer une URL pour faire pirater une application. Il faut fournir le code source de l'application. C'est une nuance importante, d'autant que bien des organisations — voire des gouvernements — ne savent même pas où se trouve leur propre code source. L'équipe reste honnête : en mai 2026, leur propre métier de recherche de failles repose déjà sur l'IA, tout en conservant un volet manuel. Ils perfectionnent leurs propres outils. Et les acteurs malveillants, moins scrupuleux, font exactement la même chose. C'est là le vrai message : l'IA va faciliter et accélérer les attaques. L'aspect positif demeure : connaître ces vulnérabilités permet de les corriger et de produire du code plus sécuritaire. La fondation Mozilla profite ainsi du travail effectué, et personne ne peut s'opposer à du code plus solide — surtout pour un navigateur, qui constitue notre principale porte d'entrée vers Internet. La limite des humains et des machines Preuve que l'IA ne remplace pas tout : Anthropic a justement lancé un programme de bug bounty cette semaine. À la question « pourquoi ne pas simplement utiliser Mythos? », la réponse est que le modèle n'est pas encore capable de trouver tous les bugs qu'un humain détecterait, et vice versa. L'humain et l'IA ne perçoivent pas le code ni l'application de la même manière. L'impact pour les PME Faut-il paniquer? Non, mais il faut accélérer. Le mantra d'hygiène de base en cybersécurité reste valable, mais doit devenir plus strict. Il faut accélérer les déploiements et l'application des correctifs. D'autres modèles arriveront, possiblement bon marché (un « DeepSeek » de la vulnérabilité), donc la pression de correction touchera toutes les entreprises. Les notions d'inventaire, de mise à jour et d'application des correctifs deviennent incontournables : on ne pourra plus dire « on sait qu'on a des portes ouvertes et on vivra avec ça. » Les intervenants notent toutefois avec lucidité que beaucoup de clients peinaient déjà à maintenir un inventaire à jour et à gérer leur programme de vulnérabilités, avec des outils comme Tenable. S'exciter pour Mythos sans d'abord régler ces bases serait contre-productif. Il faut prendre le dessus sur ses vulnérabilités actuelles et tenir un inventaire d'actifs à jour avant même de songer à utiliser ce type d'outil. Cette hygiène n'est plus optionnelle : sans elle, impossible de sortir la tête de l'eau. Et dès qu'une vulnérabilité reçoit un nom médiatisé — comme Heartbleed ou Dirty COW —, on ne peut plus l'ignorer : sinon, c'est le patron ou les clients qui exigeront une action. L'analogie finale L'animateur propose une analogie : avant, les voleurs d'autos étaient peu nombreux dans un quartier tranquille. Aujourd'hui, votre voiture se trouve dans un quartier chaud où de nombreux voleurs potentiels circulent. Vous n'êtes pas mieux protégé, mais votre risque augmente fortement. La priorité n'est plus de craindre les outils sophistiqués, mais de commencer par verrouiller ses portes. L'équipe conclut que, là où l'on connaissait peut-être un incident par année, on risque désormais un incident par mois sans une hygiène suffisante. Le message final : verrouillez vos portes, car vous n'avez plus le choix. Collaborateurs Nicolas-Loïc Fortin Dominique Derrier Cyndie Feltz Nicholas Milot Crédits Montage par Intrasecure inc Locaux virtuels par Riverside.fm

Raffi Krikorian, the chief technology officer of Mozilla, has spent the past few months building an argument that the central question in AI isn't open versus closed, but owning versus renting—whether AI becomes something we control or something we lease from a handful of companies. A technologist by background with stops at Twitter, Uber, and the Democratic National Committee, he writes about all of this in his newsletter, Owners Not Renters, and in other outlets, most recently in a New York Times op-ed on what he called the "Mythos moment." Justin Hendrix spoke to him about the idea that generosity is the hidden infrastructure of the internet, how to expand access to powerful AI tools rather than closing it down for security's sake, how to overcome misaligned incentives to build a better information environment, how to counter surveillance, and why those concerned with AI governance should spend more time thinking about the protocol and harness layers.

In this episode, we reflect on the 19th edition of CPDP (Computers, Privacy and Data Protection), the major Brussels tech policy conference, held last week under this year's theme, "Competing Visions, Shared Futures." We discuss the dominant debates from the gathering, including the contested Digital Omnibus simplification package, digital and tech sovereignty, researcher access to platform data under the Digital Services Act, the rising prominence of child online safetWe feature voices from across the conference, including Tech Policy Press contributing editor Mark Scott, AlgorithmWatch's Oliver Marsh, the Knight-Georgetown Institute's Peter Chapman, the Center for Democracy and Technology's Marie Seck, Project SENTIMENT's Joel Baumann, Mozilla's Svea Windwehr, and conference director Barbara Lazarotto.And, you'll hear two interviews: a conversation with European Data Protection Supervisor Wojciech Wiewiórowski on whether the GDPR needs reform amid the simplification push, and a wide-ranging reflection from CPDP founder Paul De Hert on how the conference and the field of data protection have evolved over nearly two decades, the value of reasoned disagreement, and why Europe should be more self-critical.

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

This is a recap of the top 10 posts on Hacker News on May 17, 2026. This podcast was generated by wondercraft.ai (00:30): Mozilla to UK regulators: VPNs are essential privacy and security toolsOriginal post: https://news.ycombinator.com/item?id=48166459&utm_source=wondercraft_ai(02:00): Security researcher says Microsoft built a Bitlocker backdoor, releases exploitOriginal post: https://news.ycombinator.com/item?id=48168856&utm_source=wondercraft_ai(03:31): I don't think AI will make your processes go fasterOriginal post: https://news.ycombinator.com/item?id=48168221&utm_source=wondercraft_ai(05:02): At least 25 Flock cameras have been destroyed in five states since April 2025Original post: https://news.ycombinator.com/item?id=48170798&utm_source=wondercraft_ai(06:33): Native all the way, until you need textOriginal post: https://news.ycombinator.com/item?id=48168058&utm_source=wondercraft_ai(08:04): AI subscriptions are a ticking time bomb for enterpriseOriginal post: https://news.ycombinator.com/item?id=48168056&utm_source=wondercraft_ai(09:35): AI is a technology not a productOriginal post: https://news.ycombinator.com/item?id=48168626&utm_source=wondercraft_ai(11:06): Apple Silicon costs more than OpenRouterOriginal post: https://news.ycombinator.com/item?id=48168198&utm_source=wondercraft_ai(12:37): I turned a $80 RK3562 Android tablet into a Debian Linux workstationOriginal post: https://news.ycombinator.com/item?id=48168668&utm_source=wondercraft_ai(14:08): WHO declares Ebola outbreak a global health emergencyOriginal post: https://news.ycombinator.com/item?id=48168708&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

It's not just Recall: Security vulnerabilities that require you to sign into an account on your PC are not necessarily vulnerabilities. Also, Windows 11 gets its first big feature updates in this week's Patch Tuesday releases. Snapseed 4.0 comes to Android/iOS, and Claude FM is great for relaxing or getting coding/work done. Plus, the Helium browser has emerged as a favorite with 2 notable caveats: No online settings sync and no mobile client. Windows 25H2/24H2: Xbox Mode, Agents on the Taskbar, more 26H1: Smart App Control improvements, other things we saw previously (26H1 is like the stable version of Canary, it seems) Microsoft used a new Mythos-like model called MDASH to find vulnerabilities this month, so expect the numbers of fixed bugs to jump in coming months A low-latency profile for Windows will let it optimize for app/UI launch performance just like mobile platforms already do New builds across most channels with two major changes: Touchpad improvements in Experimental and free upgrade path to Pro for education users in Experimental Beta. A new threat emerges Google announces Googlebook, an Android-based laptop platform with Google Intelligence Some morning-after thoughts, including Microsoft promising AI and that Copilot will be the new Start, while Google delivers AI and is remaking the laptop as an intelligent device AI Microsoft Edge gets big AI and productivity updates on desktop and mobile An Anthropic engineer argues that AI should use HTML for output, not Markdown. He's right. About that 4 GB Gemini Nano model that Chrome secretly downloads OpenAI brings Codex to Google Chrome Security A Bitlocker concern emerges Microsoft Edge loads all saved passwords into plain text when it launches, Microsoft says this is as intended Mozilla patched 423 vulnerabilities in Firefox during April, most courtesy of Anthropic Mythos 465 million Amazon customers have enrolled in passkeys Xbox & gaming Xbox Insider Program: New build for console with previously announced new boot animation, tiered Gamerscore badges, new filters in Game Library Forza Horizon 6 leaks on Steam, those who play it early will be banned until the sun swallows the earth Discord Nitro now has an Xbox Game Pass Starter Edition perk Mojang will host a special MINECRAFT LIVE event on May 30 Sony sold just 1.5 million PS5s in most recent quarter, its lowest number yet Nintendo sold just 2.49 million Switch 2s in quarter, lowers annual estimates Supreme Court gives Apple the

It's not just Recall: Security vulnerabilities that require you to sign into an account on your PC are not necessarily vulnerabilities. Also, Windows 11 gets its first big feature updates in this week's Patch Tuesday releases. Snapseed 4.0 comes to Android/iOS, and Claude FM is great for relaxing or getting coding/work done. Plus, the Helium browser has emerged as a favorite with 2 notable caveats: No online settings sync and no mobile client. Windows 25H2/24H2: Xbox Mode, Agents on the Taskbar, more 26H1: Smart App Control improvements, other things we saw previously (26H1 is like the stable version of Canary, it seems) Microsoft used a new Mythos-like model called MDASH to find vulnerabilities this month, so expect the numbers of fixed bugs to jump in coming months A low-latency profile for Windows will let it optimize for app/UI launch performance just like mobile platforms already do New builds across most channels with two major changes: Touchpad improvements in Experimental and free upgrade path to Pro for education users in Experimental Beta. A new threat emerges Google announces Googlebook, an Android-based laptop platform with Google Intelligence Some morning-after thoughts, including Microsoft promising AI and that Copilot will be the new Start, while Google delivers AI and is remaking the laptop as an intelligent device AI Microsoft Edge gets big AI and productivity updates on desktop and mobile An Anthropic engineer argues that AI should use HTML for output, not Markdown. He's right. About that 4 GB Gemini Nano model that Chrome secretly downloads OpenAI brings Codex to Google Chrome Security A Bitlocker concern emerges Microsoft Edge loads all saved passwords into plain text when it launches, Microsoft says this is as intended Mozilla patched 423 vulnerabilities in Firefox during April, most courtesy of Anthropic Mythos 465 million Amazon customers have enrolled in passkeys Xbox & gaming Xbox Insider Program: New build for console with previously announced new boot animation, tiered Gamerscore badges, new filters in Game Library Forza Horizon 6 leaks on Steam, those who play it early will be banned until the sun swallows the earth Discord Nitro now has an Xbox Game Pass Starter Edition perk Mojang will host a special MINECRAFT LIVE event on May 30 Sony sold just 1.5 million PS5s in most recent quarter, its lowest number yet Nintendo sold just 2.49 million Switch 2s in quarter, lowers annual estimates Supreme Court gives Apple the

It's not just Recall: Security vulnerabilities that require you to sign into an account on your PC are not necessarily vulnerabilities. Also, Windows 11 gets its first big feature updates in this week's Patch Tuesday releases. Snapseed 4.0 comes to Android/iOS, and Claude FM is great for relaxing or getting coding/work done. Plus, the Helium browser has emerged as a favorite with 2 notable caveats: No online settings sync and no mobile client. Windows 25H2/24H2: Xbox Mode, Agents on the Taskbar, more 26H1: Smart App Control improvements, other things we saw previously (26H1 is like the stable version of Canary, it seems) Microsoft used a new Mythos-like model called MDASH to find vulnerabilities this month, so expect the numbers of fixed bugs to jump in coming months A low-latency profile for Windows will let it optimize for app/UI launch performance just like mobile platforms already do New builds across most channels with two major changes: Touchpad improvements in Experimental and free upgrade path to Pro for education users in Experimental Beta. A new threat emerges Google announces Googlebook, an Android-based laptop platform with Google Intelligence Some morning-after thoughts, including Microsoft promising AI and that Copilot will be the new Start, while Google delivers AI and is remaking the laptop as an intelligent device AI Microsoft Edge gets big AI and productivity updates on desktop and mobile An Anthropic engineer argues that AI should use HTML for output, not Markdown. He's right. About that 4 GB Gemini Nano model that Chrome secretly downloads OpenAI brings Codex to Google Chrome Security A Bitlocker concern emerges Microsoft Edge loads all saved passwords into plain text when it launches, Microsoft says this is as intended Mozilla patched 423 vulnerabilities in Firefox during April, most courtesy of Anthropic Mythos 465 million Amazon customers have enrolled in passkeys Xbox & gaming Xbox Insider Program: New build for console with previously announced new boot animation, tiered Gamerscore badges, new filters in Game Library Forza Horizon 6 leaks on Steam, those who play it early will be banned until the sun swallows the earth Discord Nitro now has an Xbox Game Pass Starter Edition perk Mojang will host a special MINECRAFT LIVE event on May 30 Sony sold just 1.5 million PS5s in most recent quarter, its lowest number yet Nintendo sold just 2.49 million Switch 2s in quarter, lowers annual estimates Supreme Court gives Apple the

It's not just Recall: Security vulnerabilities that require you to sign into an account on your PC are not necessarily vulnerabilities. Also, Windows 11 gets its first big feature updates in this week's Patch Tuesday releases. Snapseed 4.0 comes to Android/iOS, and Claude FM is great for relaxing or getting coding/work done. Plus, the Helium browser has emerged as a favorite with 2 notable caveats: No online settings sync and no mobile client. Windows 25H2/24H2: Xbox Mode, Agents on the Taskbar, more 26H1: Smart App Control improvements, other things we saw previously (26H1 is like the stable version of Canary, it seems) Microsoft used a new Mythos-like model called MDASH to find vulnerabilities this month, so expect the numbers of fixed bugs to jump in coming months A low-latency profile for Windows will let it optimize for app/UI launch performance just like mobile platforms already do New builds across most channels with two major changes: Touchpad improvements in Experimental and free upgrade path to Pro for education users in Experimental Beta. A new threat emerges Google announces Googlebook, an Android-based laptop platform with Google Intelligence Some morning-after thoughts, including Microsoft promising AI and that Copilot will be the new Start, while Google delivers AI and is remaking the laptop as an intelligent device AI Microsoft Edge gets big AI and productivity updates on desktop and mobile An Anthropic engineer argues that AI should use HTML for output, not Markdown. He's right. About that 4 GB Gemini Nano model that Chrome secretly downloads OpenAI brings Codex to Google Chrome Security A Bitlocker concern emerges Microsoft Edge loads all saved passwords into plain text when it launches, Microsoft says this is as intended Mozilla patched 423 vulnerabilities in Firefox during April, most courtesy of Anthropic Mythos 465 million Amazon customers have enrolled in passkeys Xbox & gaming Xbox Insider Program: New build for console with previously announced new boot animation, tiered Gamerscore badges, new filters in Game Library Forza Horizon 6 leaks on Steam, those who play it early will be banned until the sun swallows the earth Discord Nitro now has an Xbox Game Pass Starter Edition perk Mojang will host a special MINECRAFT LIVE event on May 30 Sony sold just 1.5 million PS5s in most recent quarter, its lowest number yet Nintendo sold just 2.49 million Switch 2s in quarter, lowers annual estimates Supreme Court gives Apple the

It's not just Recall: Security vulnerabilities that require you to sign into an account on your PC are not necessarily vulnerabilities. Also, Windows 11 gets its first big feature updates in this week's Patch Tuesday releases. Snapseed 4.0 comes to Android/iOS, and Claude FM is great for relaxing or getting coding/work done. Plus, the Helium browser has emerged as a favorite with 2 notable caveats: No online settings sync and no mobile client. Windows 25H2/24H2: Xbox Mode, Agents on the Taskbar, more 26H1: Smart App Control improvements, other things we saw previously (26H1 is like the stable version of Canary, it seems) Microsoft used a new Mythos-like model called MDASH to find vulnerabilities this month, so expect the numbers of fixed bugs to jump in coming months A low-latency profile for Windows will let it optimize for app/UI launch performance just like mobile platforms already do New builds across most channels with two major changes: Touchpad improvements in Experimental and free upgrade path to Pro for education users in Experimental Beta. A new threat emerges Google announces Googlebook, an Android-based laptop platform with Google Intelligence Some morning-after thoughts, including Microsoft promising AI and that Copilot will be the new Start, while Google delivers AI and is remaking the laptop as an intelligent device AI Microsoft Edge gets big AI and productivity updates on desktop and mobile An Anthropic engineer argues that AI should use HTML for output, not Markdown. He's right. About that 4 GB Gemini Nano model that Chrome secretly downloads OpenAI brings Codex to Google Chrome Security A Bitlocker concern emerges Microsoft Edge loads all saved passwords into plain text when it launches, Microsoft says this is as intended Mozilla patched 423 vulnerabilities in Firefox during April, most courtesy of Anthropic Mythos 465 million Amazon customers have enrolled in passkeys Xbox & gaming Xbox Insider Program: New build for console with previously announced new boot animation, tiered Gamerscore badges, new filters in Game Library Forza Horizon 6 leaks on Steam, those who play it early will be banned until the sun swallows the earth Discord Nitro now has an Xbox Game Pass Starter Edition perk Mojang will host a special MINECRAFT LIVE event on May 30 Sony sold just 1.5 million PS5s in most recent quarter, its lowest number yet Nintendo sold just 2.49 million Switch 2s in quarter, lowers annual estimates Supreme Court gives Apple the

It's not just Recall: Security vulnerabilities that require you to sign into an account on your PC are not necessarily vulnerabilities. Also, Windows 11 gets its first big feature updates in this week's Patch Tuesday releases. Snapseed 4.0 comes to Android/iOS, and Claude FM is great for relaxing or getting coding/work done. Plus, the Helium browser has emerged as a favorite with 2 notable caveats: No online settings sync and no mobile client. Windows 25H2/24H2: Xbox Mode, Agents on the Taskbar, more 26H1: Smart App Control improvements, other things we saw previously (26H1 is like the stable version of Canary, it seems) Microsoft used a new Mythos-like model called MDASH to find vulnerabilities this month, so expect the numbers of fixed bugs to jump in coming months A low-latency profile for Windows will let it optimize for app/UI launch performance just like mobile platforms already do New builds across most channels with two major changes: Touchpad improvements in Experimental and free upgrade path to Pro for education users in Experimental Beta. A new threat emerges Google announces Googlebook, an Android-based laptop platform with Google Intelligence Some morning-after thoughts, including Microsoft promising AI and that Copilot will be the new Start, while Google delivers AI and is remaking the laptop as an intelligent device AI Microsoft Edge gets big AI and productivity updates on desktop and mobile An Anthropic engineer argues that AI should use HTML for output, not Markdown. He's right. About that 4 GB Gemini Nano model that Chrome secretly downloads OpenAI brings Codex to Google Chrome Security A Bitlocker concern emerges Microsoft Edge loads all saved passwords into plain text when it launches, Microsoft says this is as intended Mozilla patched 423 vulnerabilities in Firefox during April, most courtesy of Anthropic Mythos 465 million Amazon customers have enrolled in passkeys Xbox & gaming Xbox Insider Program: New build for console with previously announced new boot animation, tiered Gamerscore badges, new filters in Game Library Forza Horizon 6 leaks on Steam, those who play it early will be banned until the sun swallows the earth Discord Nitro now has an Xbox Game Pass Starter Edition perk Mojang will host a special MINECRAFT LIVE event on May 30 Sony sold just 1.5 million PS5s in most recent quarter, its lowest number yet Nintendo sold just 2.49 million Switch 2s in quarter, lowers annual estimates Supreme Court gives Apple the

Neste episódio, Guilherme Goulart e Vinícius Serafim analisam casos reais e tendências que colocam em xeque a segurança digital e física no Brasil. Você vai descobrir como criminosos burlaram um sistema de reconhecimento facial em condomínios de Porto Alegre usando engenharia social, expondo os riscos do teatro da segurança, do solucionismo tecnológico e da hipossuficiência técnica dos consumidores. Em seguida, você vai entender o que está por trás do lançamento do modelo Mitos da Anthropic — classificado como perigoso demais para uso público —, e por que os resultados práticos com o Firefox e o cURL geraram ceticismo no meio da cibersegurança, levantando questões sobre propaganda de IA, governança, regulação e concorrência no mercado de inteligência artificial. Neste episódio, você também acompanha a análise da lei 15.397, que atualizou crimes digitais no Brasil com penas mais severas para furto qualificado digital, cessão de conta laranja e fraude eletrônica — e por que, sem investimento em capacidade investigativa, isso pode ser apenas populismo penal. Além disso, são discutidas duas vulnerabilidades críticas no Linux (CVE Copyfile e Dirty Frag) com exploits já circulando antes da correção, e como a IA pode acabar com o anonimato na internet ao identificar autores por fingerprint de texto com apenas 125 palavras. Os temas de privacidade, proteção de dados, LGPD, segurança ofensiva, pentest e infraestrutura em nuvem permeiam toda a conversa. Assine o Segurança Legal na sua plataforma favorita, siga o perfil nas redes sociais e avalie o podcast para ajudar a ampliar o alcance deste projeto independente de conteúdo sobre segurança da informação. Você também pode apoiar diretamente pelo Apoia.se (apoia.se/segurancalegal) ou simplesmente indicar o podcast para colegas e amigos — cada compartilhamento faz diferença. Entre em contato pelo e-mail podcast@segurancalegal.com ou pelo Mastodon, Instagram, Bluesky, YouTube e TikTok. Esta descrição foi realizada a partir do áudio do podcast com o uso de IA, com revisão humana.  Visite nossa campanha de financiamento coletivo e nos apoie!  Conheça o Blog da BrownPipe Consultoria e se inscreva no nosso mailing Shownotes Polícia prende suspeitos de invadir e furtar apartamentos de alto padrão em Porto Alegre; grupo usava fraude em reconhecimento facial Polícia desarticula grupo de criminosos que furtava apartamentos de luxo via redes sociais Atualização do Código Penal para alguns crimes digitais Will AI end anonymity? I tested it I can never talk to an AI anonymously again Anthropic's most dangerous AI model just fell into the wrong hands Unauthorized group has gained access to Anthropic's exclusive cyber tool Mythos, report claims It’s a myth that you need Mythos to find bugs: Open source models can do it just as well Filme: Quebra de Sigilo (Sneakers) BC Protege Livro – Sob a sombra da suástica: a França ocupada Filme – Viagem ao mundo dos sonhos Artigo – Em louvor ao Teatro da Segurança Imagem do episódio: The Ancient Days, Willia, Blanke

  In this episode, Ray Cochrane leads with Mozilla shipping Firefox 150 with 271 patched bugs found by Anthropic’s Mythos system, the first major real-world deployment of the AlphaGo-Moment cybersecurity tooling. He also covers a 9-year dormant Linux kernel root, a college student stopping Taiwan’s high-speed rail with a software-defined radio, GitHub MCP secret scanning going GA, the NVIDIA NeMo lawsuit surviving its motion to dismiss, the Hugging Face Reachy Mini app store, Anthropic’s Auto Mode for Claude Code, and the 4-gigabyte AI model Chrome silently installed on your computer. – Want to start a podcast? Its easy to get started! Sign-up at Blubrry – Thinking of buying a Starlink? Use my link to support the show. Subscribe to the Newsletter. Email Ray if you want to get in touch! Like and Follow Geek News Central’s Facebook Page. Support my Show Sponsor: Best Godaddy Promo Codes Get 1Password Full Summary Cochrane opens the show with the AlphaGo Moment moving from theory into production. Mozilla shipped Firefox 150 this week with 271 patched bugs that Anthropic’s Mythos system found. Furthermore, the broader episode threads a clear pattern: AI tooling is reshaping security, developer workflows, and consumer software faster than the surrounding ecosystem can absorb it. The show closes on the four-gigabyte AI model Chrome installed on a billion machines without explicit consent. Mozilla Ships 271 Mythos Bugs in Firefox 150 Mozilla ran Anthropic’s restricted Mythos system against the Firefox 150 codebase before shipping. The result: 271 found bugs (180 high severity, 80 moderate, 11 low) baked into the release. However, the bigger number is the year-over-year jump. April 2026 shipped 423 total Firefox security fixes versus 31 a year prior. The breakdown for April: 271 from Mythos, 41 from external researchers, and 111 from other internal sources. Cochrane is sticking to his guns on calling this the AlphaGo Moment for cybersecurity. Skeptics argue Mythos is industrial-scale fuzzing because most found bugs sit in memory-safety territory. However, his counter is the velocity itself. Furthermore, he frames the resistance as carriage-versus-cars: humans-first research still grounds the tool, but throughput is the win. The Firefox CTO put it directly: defenders finally have a chance to win, decisively. For developers asking whether Mythos changes anything if they already run fuzzers, Cochrane’s answer is yes, and not even close. Additionally, he notes Mythos is restricted-access. The broadly available tier is Claude Opus 4.7, which Mozilla used since February before getting onto the restricted program for the Firefox 150 cycle. Run Opus 4.7 first. Sponsor: GoDaddy GoDaddy has been sponsoring this show for over twenty years. Economy hosting starts at $6.99/month, WordPress hosting at $12.99/month, and domains at $11.99. Use codes at geeknewscentral.com/godaddy for exclusive deals and to directly support the show. Copy Fail: 9-Year Linux Kernel Bug, 732 Bytes to Root A 9-year-old dormant Linux kernel bug got disclosed April 29 as CVE-2026-31431. Researchers published a 732-byte Python script that roots every major Linux distribution shipped since 2017. Additionally, CISA added the CVE to its Known Exploited Vulnerabilities catalog on May 1 with a May 15 federal deadline. The bug lives in the kernel’s crypto socket layer through the AF_ALG AEAD interface, originating in a 2017 in-place crypto optimization that lacked bounds checking. Cloudflare published their post-mortem this week. Their first instinct was to remove the kernel module entirely. However, service dependencies forced a workaround instead. Cloudflare resumed normal patched-kernel reboot automation across their 330-city fleet on May 4, with manual reboots and rollouts continuing after. Taiwan Rail Stopped by a 23-Year-Old With a Software-Defined Radio A 23-year-old Taiwanese university student with the surname Lin spoofed a TETRA general alarm signal on April 5, stopping trains on Taiwan’s high-speed rail. The accomplice supplied the radio parameters. Both were arrested by month-end. Lin posted NT$100,000 bail; the accomplice posted NT$80,000. The incident hit at 11:23 PM during the Qingming holiday weekend, stopping three revenue passenger trains plus one deadhead. Furthermore, the system has been in service for 19 years without rotating its cryptographic parameters once. Cochrane notes this is exactly the type of long-dormant infrastructure flaw that Mythos-class tooling catches, if anyone bothers to point it at the wires we already have. GitHub MCP Secret Scanning Goes GA GitHub’s secret scanning in the MCP server hit GA on May 5, with dependency scanning entering public preview the same day. Both released after a seven-week public preview run starting March 17. Additionally, the feature lets MCP-compatible coding agents (Copilot CLI, VS Code, JetBrains, Claude Code, Cursor, Windsurf) detect exposed secrets before commits or pull requests. Findings are ephemeral. They surface only in the current chat session and don’t persist as GitHub alerts. Sources disagree on scope: GitHub’s GA changelog says repo-level or org-level settings work, while the docs say only org-level applies. Cochrane flags the open question of whether MCP prompt injections could be exploited to send discovered secrets elsewhere. Subquadratic Debuts a 12-Million-Token Context Window Miami-based Subquadratic emerged from stealth on May 5 with a $29 million seed round and a reported $500 million valuation. Their model, SubQ 1M-Preview, runs on a new Subquadratic Sparse Attention architecture (their technical writeup calls it Selective Attention; same acronym, different second word). The headline claim: a thousand-times reduction in attention compute at 12 million tokens versus frontier models. However, that figure is vendor marketing math. There is no peer-reviewed paper, no public weights, and no independent benchmark replication. Researchers are demanding independent proof. Furthermore, CTO Alex Whedon’s pull line, “Retrieval / RAG plumbing is a waste of human intelligence,” signals how aggressively they want to position against retrieval-augmented architectures. ChatGPT Goblins, China’s “Catch You Steadily”: Sycophancy Is Universal Last week’s ChatGPT goblin obsession has a Chinese-language twin. The model overuses a phrase translating as “I will steadily catch you.” Additionally, a new Stanford and CMU study called ELEPHANT shows social sycophancy is universal across all 11 LLMs tested with 2,400-plus participants. Models endorsed users 49 percent more than humans did, and 47 percent even on harmful prompts. Alibaba’s Qwen and DeepSeek topped the rankings. Cochrane notes sycophancy is obvious once you’re aware of it but tricky to dissuade. Even with explicit instructions, longer context windows can reintroduce the behavior as the instructions get diluted. Furthermore, the trap is believing you’ve handled it. Once you think you’ve got it under control, you’re more prone to being influenced because you stopped watching for it. NVIDIA NeMo Lawsuit: Judge Tigar Denies Motion to Dismiss Three authors filed Nazemian v. NVIDIA in March 2024, alleging NVIDIA used The Pile and Books3 (approximately 196,640 pirated books) to train its NeMo AI framework. NVIDIA’s defense relied on the Sony v. Universal Betamax doctrine, arguing NeMo’s training scripts are general-purpose tools like a VCR. This week, Judge Tigar denied NVIDIA’s motion to dismiss in the Northern District of California. The headline quote: NeMo’s training scripts “have no other purpose than to speed up the process of infringement.” Furthermore, the judge rejected the VCR analogy outright. NeMo’s scripts are not general-purpose tools; they were allegedly purpose-built to ingest pirated material. Cochrane reads the Betamax framing as legal-jargon arbitrage rather than honest defense. The Humanoid Robot Market Is Smaller Than the Hype Michael Barnard at CleanTechnica argues that scenario-math against the global labor market puts realistic humanoid TAM at $200 billion to $1 trillion, not $20 trillion. Near-term wins cluster in warehouses, not homes. Additionally, the framework weighs dexterity burden against human-proximity safety burden. Real opportunities cluster where both burdens are low. Cochrane connects this to last week’s reservations about humanoids in the household. Furthermore, the risk profile is the issue: these robots aren’t prepared for every scenario, can’t make dynamic decisions, and one software update can change the definition of “safe.” Hugging Face Launches Reachy Mini App Store Hugging Face launched an open-source app store for the Reachy Mini robot this week, $299 for the Lite tethered version and $449 wireless. There are 200-plus community-built apps at launch from over 150 creators, with nearly 10,000 Reachy Minis cumulative shipped. Additionally, apps are forkable, with the default agent (ML Intern) able to modify, write, test, and ship code on any existing app. Examples at launch include an office receptionist built in under two hours, a Reachy Phone Home anti-procrastination app, baby-monitor-style apps, a cooking assistant, and a 78-year-old Joel Cohen’s voice-controlled CEO peer-group app. Pollen Robotics, the company behind Reachy, was acquired by Hugging Face on April 14, 2025. Bebop the Humanoid Robot Delays Southwest Flight 1568 A 4-foot, 70-pound humanoid robot named Bebop delayed Southwest flight 1568 from Oakland to San Diego by more than 73 minutes on April 30. The crew flagged the lithium battery as oversized. Furthermore, the battery was reportedly four times the cabin limit. Bebop belongs to Dallas-based Elite Event Robotics, which bought a full-price cabin ticket because the robot exceeded checked-baggage weight. Bebop danced for passengers at the gate before boarding. However, Southwest had Elite remove the batteries before departure, and replacements were overnighted to Chicago for the next event. Cochrane flags the obvious: batteries have always been flagged in aviation, so forgetting that with a humanoid robot in tow is a strange miss. Ouster Rev8: Native Color Lidar With Google, Volvo, Skydio Stating Intent Ouster announced the Rev8 OS Family on May 4 in San Francisco. The sensors fuse depth and color via SPAD detectors (single photon avalanche diodes) on Ouster’s custom L4 and L4 Max chips. Google, Volvo Autonomous Solutions, Skydio, Liebherr, Epiroc, and PlusAI have stated intent to adopt, though nothing is formally signed. Specs include 48-bit color, 116 dB dynamic range, and pre-fused 3D colorized point clouds. The OS1 Max gets 500-meter max detection. Available to order today and shipping this quarter, with no pricing disclosed. CEO Angus Pacala in his TechCrunch interview: “The goal is to obviate cameras. There’s no reason that one sensor can’t do both.” TagTinker Lets a Flipper Zero Mess With Electronic Shelf Labels A new Flipper Zero app called TagTinker uses infrared signals to push images and text to electronic shelf labels. Additionally, these are the same kind of price tags grocery chains are starting to use for surveillance pricing. The app and GitHub repo went public this week. Maryland’s HB 895, signed by Governor Wes Moore, takes effect October 1 as the first-in-nation surveillance pricing law. It covers food retailers and third-party food delivery service providers. Furthermore, ESLs use the same IR signaling as TV remotes with weak security. The dev’s disclaimer states it’s strictly for educational research, security curiosity, and displaying digital art on hardware you legally own. Fitbit App Becomes Google Health, Plus Fitbit Air, Plus Google Fit Sunset Google announced May 7 that the Fitbit app becomes Google Health on May 19, rolling through May 26. The launch ships with the new $99.99 Fitbit Air screenless tracker and the long-rumored Google Fit shutdown. Additionally, the four-tab interface (Today, Fitness, Sleep, Health) bundles a Gemini-powered AI Health Coach. Coach is premium-gated at $9.99/month or $99/year. Medical records integration is US-only at launch. The Fitbit Air gets up to one week of battery life and 50-meter water resistance. However, Cochrane flags conflicting privacy framing: Google’s AI summary bullets say “your data stays private,” but the actual document copy says only “committed to not using Fitbit user health and wellness data for Google Ads.” Those are not the same statement. Russinovich on Why Win32 Won and WinRT Didn’t Microsoft Azure CTO Mark Russinovich said via Microsoft Dev Docs video that Win32, the 1995 API, is still foundational to Windows 11. WinRT, the modernization replacement, “didn’t play out the way a lot of people expected.” Mostly clickbait framing per Windows Latest, but the substantive angle is real. Microsoft is pivoting back to native WinUI 3 development after years of pushing developers toward WebView2 and Electron. Additionally, Electron-based apps are known for insane RAM usage, and everyone is hurting for RAM right now. Furthermore, the bigger open question is whether Electron survives the test of time, especially with the React engine reportedly being rewritten in Rust. “Tabula Plena”: The Brain Starts Full, Not Blank A Nature Communications study from the Institute of Science and Technology Austria found that the mouse hippocampal CA3 recurrent network begins densely connected and refines through pruning. ISTA’s press release frames this as “tabula plena,” meaning full slate, counter to tabula rasa. The paper published April 21. First author Victor Vargas-Barroso and senior author Professor Peter Jonas studied mice at three developmental stages. Furthermore, the “starting overloaded enables faster sensory integration” framing is Jonas’s hypothesis from the press release, not a paper conclusion. Cochrane closes on the bigger question: did we have human growth and experience mapped wrong from the start? The Aqueous Battery You Can Pour Down the Drain A Chinese research team led by Professor Chunyi Zhi at City University of Hong Kong built an aqueous battery using a custom organic polymer electrode plus neutral magnesium and calcium salts (food-grade tofu coagulants) as electrolyte. Published in Nature Communications on February 18. Numbers to know: 120,000-plus charge cycles, full-cell energy density of 48.3 watt-hours per kilogram. That’s well below typical lithium-ion. However, post-cycling analysis showed only magnesium, calcium, chlorine, carbon, and copper, with no heavy metals. The cell complies with US RCRA, ISO 14001, and China’s GB 18599-2020 for direct environmental disposal. Additionally, the “300-plus years” framing is journalists extrapolating from the 120,000 cycles, not a paper claim. ResoNix Klippel Tests Expose Car-Audio Spec Lies Nick Apicella, founder of ResoNix Sound Solutions in Stony Point, New York, spent around $23,000 on independent Klippel LSI and TRF testing of 40 subwoofers. He published 21 results showing widespread misrepresentation of Xmax (excursion) and thermal/power-handling claims. Test data published in three batches between December 2025 and January 2026. Specifics: Wavtech thinPRO12 claimed 20 mm of excursion but delivered 8.85 mm, scoring 15 out of 100 on marketing accuracy. One driver hit 44 percent of advertised excursion. Another tripped thermal protection at half its rated power. Additionally, nine of 21 drivers scored below 50 out of 100. Brands tested include JL Audio, Sundown, Focal, Morel, Audiofrog, Adire, Stereo Integrity, and Dynaudio. Conflict-of-interest flag: ResoNix’s own GUS-15, 12, and 10 prototypes conveniently rank one, two, three. JetBrains Opens 2026 Developer Ecosystem Survey JetBrains opened the 10th annual Developer Ecosystem Survey this week. It takes about 30 minutes, with prizes including a MacBook Pro 16-inch and a $1,000 Amazon gift card. Anonymized raw data is published publicly, and cumulative scale is 100,000-plus developers across recent years. Additionally, the survey is going fully anti-AI: “evil bots, dishonest respondents, and AI agents will be excluded from prize distribution.” Cochrane is curious whether TypeScript holds its 2025 crown after knocking Python off, and whether Rust shows real growth given the wave of LLM-driven Rust rewrites in the past few months. Anthropic’s Claude Code Auto Mode Goes Live Anthropic launched Auto Mode for Claude Code roughly six weeks ago. Claude Code’s previous behavior required user approval for most file modifications and command executions, generating heavy approval-fatigue complaints during longer sessions. Auto Mode is the answer: Claude can run multi-step development tasks without per-action approval. Additionally, the architecture is a two-stage classifier, with stage one a fast yes/no filter and stage two doing chain-of-thought on flagged actions. Cochrane runs his own Claude Code in YOLO mode but with custom rejection rules baked into settings to block commands he doesn’t want, even with skip-permissions on. He recommends configuring settings as the actual policy layer rather than relying on classifier judgment alone. Furthermore, recent posts about Claude deleting websites or wiping production databases reinforce why the settings layer matters more than the auto-mode toggle. Chrome Quietly Installed a 4GB AI Model on Your Computer Google Chrome silently downloads on-device AI model weights (Gemini Nano family) to a `weights.bin` file in the OptGuideOnDeviceModel directory, around four gigabytes in Alexander Hanff’s audit. Furthermore, the model re-downloads if you delete it. Hanff timed his own install at 14 minutes 28 seconds on macOS. Affected platforms include Windows, macOS (including Apple Silicon), and Linux. Hanff frames this as a multi-front legal violation: a direct breach of Europe’s ePrivacy Directive, two articles of GDPR, and an environmental harm of a magnitude that would be notifiable under the Corporate Sustainability Reporting Directive. At one billion users, the four-gigabyte distribution represents roughly 240 gigawatt-hours of network and storage energy paired with about 60,000 tonnes of CO2-equivalent emissions. However, no EU regulator action or formal complaint has surfaced as of this episode. The model powers on-device features (email writing, scam detection, summarization, smart paste, tab grouping) but not the visible AI Mode button, which routes to the cloud. To disable, Cochrane recommends Chrome Settings, then System, then On-device AI, toggle to off. Two more paths exist via `chrome://flags` or a Windows registry edit. Cochrane closes the show with show housekeeping: GNC Insider at geeknewscentral.com/insider, email at geeknews@gmail.com, newsletter signup at geeknewscentral.com, and Pocket Casts as a solid modern podcast app pick. Have a wonderful night. The post Mozilla Meets Mythos #1864 appeared first on Geek News Central.

L'intelligenza artificiale non è più una promessa futuristica: è diventata infrastruttura, potere economico e leva geopolitica globale. In questa 9° puntata di Intelligenze Emergenti, analizziamo la settimana che ha ridefinito gli equilibri dell'AI mondiale: Anthropic supera OpenAI nelle valutazioni di mercato, le Big Tech bruciano centinaia di miliardi per costruire nuove infrastrutture, mentre la corsa a energia, chip e data center trasforma il settore tecnologico in una vera industria pesante.Parliamo di:Valutazioni record e nuovi rapporti di forza nella Silicon ValleyCrisi energetica e guerra globale per la potenza di calcoloAI Factory, data center spaziali e sovranità tecnologicaLicenziamenti di massa e trasformazione del lavoroSicurezza, regolamentazione e rischi sistemici dell'AITensioni geopolitiche tra Stati Uniti e CinaIl futuro delle aziende che integrano l'intelligenza artificiale nei processi operativiUna puntata intensa e strategica che mostra come l'AI stia diventando l'ossatura della nuova economia globale.In collaborazione con Claudio Ricci, Amministratore unico di Recomb, una realtà specializzata nel fornire aggiornamenti personalizzati alle organizzazioni orientate all'innovazione sugli sviluppi dell'intelligenza artificiale, oltre a offrire corsi di aggiornamento professionale Per maggiori informazioni: info@recomb.aiFonti principali:crypto.newsAnthropic supera OpenAI nelle valutazioni di mercato. The New York TimesCrescita record e nuovi scenari economici dell'AI. AxiosAnthropic e SpaceX accelerano sui mega data center. Financial TimesLe Big Tech investono miliardi nell'infrastruttura AI. TNWOpenAI punta sulla consulenza integrata nelle aziende. The Wall Street JournalAnthropic amplia la propria presenza enterprise. The Times of IndiaAccenture distribuisce Copilot a 743.000 dipendenti. Forbes AustraliaAI e tagli del personale nelle Big Tech. NVIDIA NewsroomNascono le AI Factory integrate alla rete elettrica. 404 MediaLa domanda AI fa esplodere il costo degli hard disk. ReutersNuove azioni legali contro chatbot AI. VarietyGolden Globes: limiti ai contenuti generati dall'AI. Mozilla HacksClaude aiuta Mozilla a trovare vulnerabilità storiche.

Nintendo raised the Switch 2 price to $500 amid a global memory shortage. ShinyHunters forced Canvas offline during finals season. Researchers found 5,000+ insecure vibe-coded apps, Mozilla credits Mythos for 423 Firefox bug fixes in April, and France escalates its Musk probe. Nintendo says it will increase the price of the Switch 2 globally on September 1, from $450 to $500 in the US, and the price of the original Switch in Japan (Bloomberg) Instructure disables its Canvas edtech platform, used by thousands of schools, universities, and companies, amid a data extortion attack claimed by ShinyHunters (Krebs on Security) Researchers: 5,000+ web apps built using AI coding tools like Lovable, Base44, and Replit have little to no authentication, and ~40% exposed sensitive data (Wired) Mozilla says Anthropic's Mythos Preview and other AI models helped it identify and ship 423 Firefox security bug fixes in April, compared to 31 a year earlier (TechCrunch) French prosecutors escalate an investigation into Elon Musk and X, focused on alleged algorithmic manipulation and sexual deepfakes, to a criminal probe (CNBC) Longreads Anthropic co-founder Jack Clark explains why there's a 60%+ chance of AI systems autonomously building their successors by 2029 and the consequences of automated AI R&D (Import AI) How Delta SkyMiles and airline loyalty programs turned carriers into fintech companies with wings, and why most airlines couldn't survive without them (NY Mag) Learn more about your ad choices. Visit megaphone.fm/adchoices

Dia Bondi is the Founder, Communications Coach, and Advisor at Dia Bondi Communications, where she works with senior leaders, founders, and other professionals to help them identify and lead with their voice. With over 20 years of experience as a leadership communications coach, she has worked with world-class brands like Intel, Mozilla, Dropbox, and Salesforce. Dia helped Rio de Janeiro secure the 2016 Summer Olympics and has coached world leaders at United Nations gatherings. She is also the author of Ask Like An Auctioneer, which aims to empower one million women to ask for more and get it. In this episode… Many women professionals struggle with asking for what they truly want, often fearing rejection, seeming too aggressive, or being seen as "not worth it." This hesitation limits earning potential and stifles personal and professional growth. If making bold requests feels intimidating or unrealistic, how can leaders and entrepreneurs shift their mindset to embrace their value and move confidently toward their goals? According to communications expert and auctioneer Dia Bondi, the key lies in understanding the difference between value and worth and designing requests that challenge your comfort zone. By leveraging the "zone of freaking out" (ZOFO) concept, women can view fear as a sign of stepping into new potential. Dia suggests creating a clear "ask plan," which includes setting a tangible goal, identifying bold moves to reach it, and preparing for rejection as an obstacle rather than a failure. By separating your worth from the outcomes of an ask, you can make substantial requests to receive more. In this week's episode of the Lead Like a Woman Show, Andrea Heuston chats with Dia Bondi, the Founder, Communications Coach, and Advisor at Dia Bondi Communications, about how to make requests to achieve your goals. Dia discusses the difference between price and worth, her core belief, and leadership lessons learned from auctioneering.

Google is sneaking a massive 4.7GB AI model into Chrome, and Mozilla is fighting back as the future of browsers threatens to turn into an AI arms race. Find out what's really happening behind this push and why it's setting off alarm bells across the web. Hackers AI-code a portal, forget to add authentication. The UK's NCSC issues a Mythos warning. Where's CISA? Another (of many) Linux local privilege escalations. AI may be spelling the end of bug bounties. Anthropic releases "Claude Security" mini-Mythos. ChatGPT gets very serious about login security. Syncthing's SyncTrayzor v1 abandoned; v2 created. Google drops an AI API into Chrome; Mozilla objects Show Notes - https://www.grc.com/sn/SN-1077-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security meter.com/securitynow bitwarden.com/twit hoxhunt.com/securitynow trustedtech.team/securitynow365

Google is sneaking a massive 4.7GB AI model into Chrome, and Mozilla is fighting back as the future of browsers threatens to turn into an AI arms race. Find out what's really happening behind this push and why it's setting off alarm bells across the web. Hackers AI-code a portal, forget to add authentication. The UK's NCSC issues a Mythos warning. Where's CISA? Another (of many) Linux local privilege escalations. AI may be spelling the end of bug bounties. Anthropic releases "Claude Security" mini-Mythos. ChatGPT gets very serious about login security. Syncthing's SyncTrayzor v1 abandoned; v2 created. Google drops an AI API into Chrome; Mozilla objects Show Notes - https://www.grc.com/sn/SN-1077-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit zscaler.com/security meter.com/securitynow bitwarden.com/twit hoxhunt.com/securitynow trustedtech.team/securitynow365

Google is sneaking a massive 4.7GB AI model into Chrome, and Mozilla is fighting back as the future of browsers threatens to turn into an AI arms race. Find out what's really happening behind this push and why it's setting off alarm bells across the web. Hackers AI-code a portal, forget to add authentication. The UK's NCSC issues a Mythos warning. Where's CISA? Another (of many) Linux local privilege escalations. AI may be spelling the end of bug bounties. Anthropic releases "Claude Security" mini-Mythos. ChatGPT gets very serious about login security. Syncthing's SyncTrayzor v1 abandoned; v2 created. Google drops an AI API into Chrome; Mozilla objects Show Notes - https://www.grc.com/sn/SN-1077-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security meter.com/securitynow bitwarden.com/twit hoxhunt.com/securitynow trustedtech.team/securitynow365

Google is sneaking a massive 4.7GB AI model into Chrome, and Mozilla is fighting back as the future of browsers threatens to turn into an AI arms race. Find out what's really happening behind this push and why it's setting off alarm bells across the web. Hackers AI-code a portal, forget to add authentication. The UK's NCSC issues a Mythos warning. Where's CISA? Another (of many) Linux local privilege escalations. AI may be spelling the end of bug bounties. Anthropic releases "Claude Security" mini-Mythos. ChatGPT gets very serious about login security. Syncthing's SyncTrayzor v1 abandoned; v2 created. Google drops an AI API into Chrome; Mozilla objects Show Notes - https://www.grc.com/sn/SN-1077-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security meter.com/securitynow bitwarden.com/twit hoxhunt.com/securitynow trustedtech.team/securitynow365

Google is sneaking a massive 4.7GB AI model into Chrome, and Mozilla is fighting back as the future of browsers threatens to turn into an AI arms race. Find out what's really happening behind this push and why it's setting off alarm bells across the web. Hackers AI-code a portal, forget to add authentication. The UK's NCSC issues a Mythos warning. Where's CISA? Another (of many) Linux local privilege escalations. AI may be spelling the end of bug bounties. Anthropic releases "Claude Security" mini-Mythos. ChatGPT gets very serious about login security. Syncthing's SyncTrayzor v1 abandoned; v2 created. Google drops an AI API into Chrome; Mozilla objects Show Notes - https://www.grc.com/sn/SN-1077-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit zscaler.com/security meter.com/securitynow bitwarden.com/twit hoxhunt.com/securitynow trustedtech.team/securitynow365

Google is sneaking a massive 4.7GB AI model into Chrome, and Mozilla is fighting back as the future of browsers threatens to turn into an AI arms race. Find out what's really happening behind this push and why it's setting off alarm bells across the web. Hackers AI-code a portal, forget to add authentication. The UK's NCSC issues a Mythos warning. Where's CISA? Another (of many) Linux local privilege escalations. AI may be spelling the end of bug bounties. Anthropic releases "Claude Security" mini-Mythos. ChatGPT gets very serious about login security. Syncthing's SyncTrayzor v1 abandoned; v2 created. Google drops an AI API into Chrome; Mozilla objects Show Notes - https://www.grc.com/sn/SN-1077-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security meter.com/securitynow bitwarden.com/twit hoxhunt.com/securitynow trustedtech.team/securitynow365

Google is sneaking a massive 4.7GB AI model into Chrome, and Mozilla is fighting back as the future of browsers threatens to turn into an AI arms race. Find out what's really happening behind this push and why it's setting off alarm bells across the web. Hackers AI-code a portal, forget to add authentication. The UK's NCSC issues a Mythos warning. Where's CISA? Another (of many) Linux local privilege escalations. AI may be spelling the end of bug bounties. Anthropic releases "Claude Security" mini-Mythos. ChatGPT gets very serious about login security. Syncthing's SyncTrayzor v1 abandoned; v2 created. Google drops an AI API into Chrome; Mozilla objects Show Notes - https://www.grc.com/sn/SN-1077-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit zscaler.com/security meter.com/securitynow bitwarden.com/twit hoxhunt.com/securitynow trustedtech.team/securitynow365

This is a recap of the top 10 posts on Hacker News on April 30, 2026. This podcast was generated by wondercraft.ai (00:30): Claude Code refuses requests or charges extra if your commits mention "OpenClaw"Original post: https://news.ycombinator.com/item?id=47963204&utm_source=wondercraft_ai(01:58): Where the goblins came fromOriginal post: https://news.ycombinator.com/item?id=47957688&utm_source=wondercraft_ai(03:26): Belgium stops decommissioning nuclear power plantsOriginal post: https://news.ycombinator.com/item?id=47961319&utm_source=wondercraft_ai(04:54): The Zig project's rationale for their anti-AI contribution policyOriginal post: https://news.ycombinator.com/item?id=47957294&utm_source=wondercraft_ai(06:23): Mozilla's opposition to Chrome's Prompt APIOriginal post: https://news.ycombinator.com/item?id=47959463&utm_source=wondercraft_ai(07:51): Can I disable all data collection from my vehicle?Original post: https://news.ycombinator.com/item?id=47967786&utm_source=wondercraft_ai(09:19): How Mark Klein told the EFF about Room 641A [book excerpt]Original post: https://news.ycombinator.com/item?id=47965060&utm_source=wondercraft_ai(10:47): Meta in row after workers who saw smart glasses users having sex lose jobsOriginal post: https://news.ycombinator.com/item?id=47961838&utm_source=wondercraft_ai(12:16): Spain's parliament will act against massive IP blockages by LaLigaOriginal post: https://news.ycombinator.com/item?id=47964034&utm_source=wondercraft_ai(13:44): For Linux kernel vulnerabilities, there is no heads-up to distributionsOriginal post: https://news.ycombinator.com/item?id=47965108&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

We discuss a couple of big stories from the week where insiders made a big profit on the prediction markets. We've discussed Polymarket and Kalshi before, but the concerns are going mainstream. We've also got some other tech news and tips to get caught up on, so you can get out there and tech better. Watch on YouTube! - Notnerd.com and Notpicks.com INTRO (00:00) Social Media Marketing World (02:20) AirPods - One backup is none backup (04:35) MAIN TOPIC: I wouldn't bet on that (07:20) France investigates suspected tampering with weather sensors after Polymarket bets DOJ arrests soldier who made $400,000 betting on Maduro's removal https://polymarket.com/ DAVE'S PRO-TIP OF THE WEEK: iOS Photos quick tools access (16:35) JUST THE HEADLINES: (21:05) Fans angry over Pokemon Go champion's disqualification for allegedly shaking the table Study finds a third of new websites are AI-generated Mozilla uses Anthropic's Mythos to fix 271 bugs in Firefox Home security giant ADT data breach affects 5.5 million people Ping-pong robot Ace makes history by beating top-level human players BMW is one step closer to selling you a color-changing car America now has 70% more bookstores than in 2020, says bookshop.org founder TAKES: China blocks Meta's $2 billion takeover of AI startup Manus (24:20) 20,000 job cuts at Meta, Microsoft raise concern that AI-driven labor crisis is here (28:45) BONUS ODD TAKE: Livestream of the Big Bear bald eagle nest (31:40)

Our 242nd episode with a summary and discussion of last week's big AI news!Recorded on 04/22/2026Hosted by Andrey Kurenkov and Jeremie HarrisFeel free to email us your questions and feedback at andreyvkurenkov@gmail.com and/or hello@gladstone.aiRead out our text newsletter and comment on the podcast at https://lastweekin.ai/In this episode:OpenAI released a new ChatGPT image model that excels at accurate text and screenshot-like generations, suggesting a transformer-style approach aligned with agentic “computer use” ambitions.Chinese model activity accelerated with Alibaba's Qwen 3.6 Max Preview moving to an API-only offering, plus open releases from Moonshot AI (Kimi K2.6, a 1T-parameter MoE) and Minimax (Minimax M 2.7) showing strong benchmark results.Google expanded Deep Research with a “Max” option built on Gemini 3.1 Pro and MCP support for accessing proprietary data, while Mozilla reported using Anthropic's Claude to find and fix 271 Firefox bugs. Business and policy updates include a reported SpaceX–Cursor deal with a $60B buy option, Cerebras filing for an IPO, Amazon adding $5B to Anthropic alongside a $100B AWS spending pledge, and platform responses to synthetic media like AI music spam and YouTube deepfake takedown requests.Timestamps:(00:00:10) Intro / Banter(00:01:05) News Preview(00:01:41) Sponsors(00:04:41) Response to listener commentsTools & Apps(00:09:40) ChatGPT's new Images 2.0 model is surprisingly good at generating text | TechCrunch(00:16:02) Alibaba Drops Qwen 3.6 Max Preview—Its Most Powerful Model Yet - Decrypt(00:19:26) Google launches Deep Research and Deep Research Max agents to automate complex research(00:25:00) Mozilla Used Anthropic's Mythos to Find and Fix 271 Bugs in Firefox | WIRED(00:28:35) Ordering with the Starbucks ChatGPT app was a true coffee nightmare | The VergeApplications & Business(00:29:48) SpaceX is working with Cursor and has an option to buy the startup for $60B | TechCrunch(00:34:11) AI chip startup Cerebras files for IPO | TechCrunch(00:38:23) Two startups want to replace how AI learns: one just raised $180M, another is seeking up to $1B(00:38:56) Months-old start-up Recursive Superintelligence raises $500mn for self-teaching AI(00:41:36) Anthropic takes $5B from Amazon and pledges $100B in cloud spending in return | TechCrunch(00:45:09) Kevin Weil and Bill Peebles exit OpenAI as company continues to shed 'side quests' | TechCrunch(00:46:04) Meta hires five Thinking Machines Lab founders including a reported $1.5 billion engineer - Meta cuts 198 Bay Area jobs as even larger layoffs reportedly loom(00:50:12) Meta employees are up in arms over a mandatory program to train AI on their mouse movements and keystrokes(00:51:43) Chinese fabs import record volumes of US chipmaking equipment via Singapore and Malaysia — homegrown tool makers booked record 2025 revenues as price competition squeezes margins(00:54:01) Google Eyes New Chips to Speed Up AI Results, Challenging Nvidia(00:54:20) Canadian quantum company Xanadu soars to $16 billion valuation after Nvidia releaseProjects & Open Source(01:00:13) Moonshot AI releases Kimi-K2.6 model with 1T parameters, attention optimizations - SiliconANGLE(01:05:22) MiniMax Just Open Sourced MiniMax M2.7: A Self-Evolving Agent Model that Scores 56.22% on SWE-Pro and 57.0% on Terminal Bench 2 - MarkTechPostPolicy & Safety(01:06:25) Infusion: Shaping Model Behavior by Editing Training Data via Influence Functions(01:10:25) Scoop: NSA using Anthropic's Mythos despite blacklist(01:11:03) Unauthorized group has gained access to Anthropic's exclusive cyber tool Mythos, report claimsResearch & Advancements(01:17:21) Parcae: Scaling Laws For Stable Looped Language Models(01:24:20) OccuBench: Evaluating AI Agents on Real-World Professional Tasks via Language Environment SimulationSynthetic Media & Art(01:27:01) Deezer says 44% of songs uploaded to its platform daily are AI-generated | TechCrunch(01:29:47) Celebrities will be able to find and request removal of AI deepfakes on YouTube | The VergeSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Take a Network Break! We start with follow up on Anthropic’s Project Glasswing and Linux 7.0. On the news side, Cisco announces a prototype quantum switch that promises to support multiple quantum encoding modalities, Cato Networks adds an enterprise browser to its security offerings, and Mozilla validates the bug-finding powers of Anthropic’s Mythos model. Anthropic... Read more »

Take a Network Break! We start with follow up on Anthropic’s Project Glasswing and Linux 7.0. On the news side, Cisco announces a prototype quantum switch that promises to support multiple quantum encoding modalities, Cato Networks adds an enterprise browser to its security offerings, and Mozilla validates the bug-finding powers of Anthropic’s Mythos model. Anthropic... Read more »

Take a Network Break! We start with follow up on Anthropic’s Project Glasswing and Linux 7.0. On the news side, Cisco announces a prototype quantum switch that promises to support multiple quantum encoding modalities, Cato Networks adds an enterprise browser to its security offerings, and Mozilla validates the bug-finding powers of Anthropic’s Mythos model. Anthropic... Read more »

AI is democratizing the making of things, from bespoke/custom apps to websites, designs of all kinds, and everything else you might imagine. It's a new world, and it's time to create. Plus, Helium is a new Chromium-based web browser that's completely open source, lightweight, secure, and private. There's a native version for Windows 11 on Arm, too. Also, Firefox 150 arrives with over 270 security fixes! Windows 11 Reports of a Recall security vulnerability are, once again, bogus, Microsoft says New builds on all channels, still on the old system Xbox Mode is now available in all channels Release Preview shows us the May Patch Tuesday updates: Xbox Mode, File Explorer improvements, Haptic improvements, Drop Tray renaming, Agents on the Taskbar Lenovo Yoga Slim 7x - Snapdragon X2 Elite, 14-inch display impressions Lenovo IdeaPad 5x - Snapdragon X2 Plus, 15.3-inch display impressions Microsoft 365, Surface, more OneDrive now supports Markdown natively New Surface PCs with Intel chips coming soon Microsoft is making changes to its Rewards program AI GitHub Copilot moves to token-based billing in a sign of the true cost of AI Claude Design democratizes visual design on the heels of Claude Opus 4.7 OpenAI Codex moves into productivity OpenAI releases ChatGPT Images 2.0 Chrome AI Mode gets a big update Mozilla announces Thunderbolt, sovereign AI for businesses Google brings vibe coding to Android apps with Android CLI Xbox and gaming Microsoft drops Xbox Game Pass prices (!), but also drops Call of Duty from Day One Plus, Xbox teases a Game Pass Discord perk More Game Pass titles for April: Kiln, Vampire Crawlers, more Xbox April Update is here with that Quick Resume feature we all want There's an ID@Xbox event on April 23 to highlight indie games Xbox is selling Forza Horizon 6 limited edition controller and headsets Starfield is coming to the Nintendo Switch 2 A Call of Duty movie will finally arrive in 2028 Try out the Modern Warfare remake on Game Pass, it's a reminder of COD's gritty past PS5 Digital is down to its $399 launch price temporarily Tips and picks Tip of the week: Just make it App pick of the week: Helium RunAs Radio this week: The Life and Death of Microsoft Deployment Toolkit with Michael Niehaus Brown liquor pick of the week: Ned Australian Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: webroot.com/twit threatlocker.com/twit

On this week's show, Patrick Gray and James Wilson are joined by special guest The Grugq. They discuss the week's cybersecurity news, including: Vercel got owned, and there's a few infostealer and compromised employee dots to connect Mozilla used Mythos to find 271 bugs, which feels like a sign of the bug-pocalypse Speaking of the bug-pocalypse, is that why NIST is noping out of enriching a bunch of bugs? The NSA is using Mythos even though the government did that whole Anthropic blacklisting thing And DDos attacks hit a couple of smaller-player socials This week's episode is sponsored by Permiso. Ian Ahl chats to Pat about the subtle signals Permiso uses to detect ShinyHunters-style activity in cloud and on-prem environments. This episode is also available on Youtube. Show notes Vercel April 2026 Security incident Vercel breach linked to infostealer infection at Context.ai Vercel confirms breach as hackers claim to be selling stolen data Matt Johansen: “This is not a good look” | X NIST limits vulnerability analysis as CVE backlog swells | Cybersecurity Dive CISA Cyber on X Ransomware attack continues to disrupt healthcare in London nearly two years later | The Record from Recorded Future News Lawmakers ponder terrorism designations, homicide charges over hospital ransomware attacks | CyberScoop In defeat for Trump, House extends electronic spying program for just 10 days | The Record from Recorded Future News Crypto infrastructure company blames $290 million theft on North Korean hackers | The Record from Recorded Future News US-sanctioned currency exchange says $15 million heist done by "unfriendly states" - Ars Technica Hackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunch Mozilla Used Anthropic's Mythos to Find and Fix 271 Bugs in Firefox | WIRED NSA using Anthropic's Mythos despite Defense Department blacklist Beyond the breach: inside a cargo theft actor's post-compromise playbook | Proofpoint US Beware scam messages offering ships safe transit through Hormuz Strait, says security firm | The Straits Times New Jersey men given lengthy sentences for running North Korean laptop farms | The Record from Recorded Future News Turns Out We're Not Alone - Volodymyr Styran US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms | Cybersecurity Dive Bluesky blames app outage on ‘sophisticated' DDoS attack | The Record from Recorded Future News Mastodon says its flagship server was hit by a DDoS attack | TechCrunch An IT expert explained under what conditions using a VPN can cause a smartphone to explode

AI is democratizing the making of things, from bespoke/custom apps to websites, designs of all kinds, and everything else you might imagine. It's a new world, and it's time to create. Plus, Helium is a new Chromium-based web browser that's completely open source, lightweight, secure, and private. There's a native version for Windows 11 on Arm, too. Also, Firefox 150 arrives with over 270 security fixes! Windows 11 Reports of a Recall security vulnerability are, once again, bogus, Microsoft says New builds on all channels, still on the old system Xbox Mode is now available in all channels Release Preview shows us the May Patch Tuesday updates: Xbox Mode, File Explorer improvements, Haptic improvements, Drop Tray renaming, Agents on the Taskbar Lenovo Yoga Slim 7x - Snapdragon X2 Elite, 14-inch display impressions Lenovo IdeaPad 5x - Snapdragon X2 Plus, 15.3-inch display impressions Microsoft 365, Surface, more OneDrive now supports Markdown natively New Surface PCs with Intel chips coming soon Microsoft is making changes to its Rewards program AI GitHub Copilot moves to token-based billing in a sign of the true cost of AI Claude Design democratizes visual design on the heels of Claude Opus 4.7 OpenAI Codex moves into productivity OpenAI releases ChatGPT Images 2.0 Chrome AI Mode gets a big update Mozilla announces Thunderbolt, sovereign AI for businesses Google brings vibe coding to Android apps with Android CLI Xbox and gaming Microsoft drops Xbox Game Pass prices (!), but also drops Call of Duty from Day One Plus, Xbox teases a Game Pass Discord perk More Game Pass titles for April: Kiln, Vampire Crawlers, more Xbox April Update is here with that Quick Resume feature we all want There's an ID@Xbox event on April 23 to highlight indie games Xbox is selling Forza Horizon 6 limited edition controller and headsets Starfield is coming to the Nintendo Switch 2 A Call of Duty movie will finally arrive in 2028 Try out the Modern Warfare remake on Game Pass, it's a reminder of COD's gritty past PS5 Digital is down to its $399 launch price temporarily Tips and picks Tip of the week: Just make it App pick of the week: Helium RunAs Radio this week: The Life and Death of Microsoft Deployment Toolkit with Michael Niehaus Brown liquor pick of the week: Ned Australian Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: webroot.com/twit threatlocker.com/twit

AI is democratizing the making of things, from bespoke/custom apps to websites, designs of all kinds, and everything else you might imagine. It's a new world, and it's time to create. Plus, Helium is a new Chromium-based web browser that's completely open source, lightweight, secure, and private. There's a native version for Windows 11 on Arm, too. Also, Firefox 150 arrives with over 270 security fixes! Windows 11 Reports of a Recall security vulnerability are, once again, bogus, Microsoft says New builds on all channels, still on the old system Xbox Mode is now available in all channels Release Preview shows us the May Patch Tuesday updates: Xbox Mode, File Explorer improvements, Haptic improvements, Drop Tray renaming, Agents on the Taskbar Lenovo Yoga Slim 7x - Snapdragon X2 Elite, 14-inch display impressions Lenovo IdeaPad 5x - Snapdragon X2 Plus, 15.3-inch display impressions Microsoft 365, Surface, more OneDrive now supports Markdown natively New Surface PCs with Intel chips coming soon Microsoft is making changes to its Rewards program AI GitHub Copilot moves to token-based billing in a sign of the true cost of AI Claude Design democratizes visual design on the heels of Claude Opus 4.7 OpenAI Codex moves into productivity OpenAI releases ChatGPT Images 2.0 Chrome AI Mode gets a big update Mozilla announces Thunderbolt, sovereign AI for businesses Google brings vibe coding to Android apps with Android CLI Xbox and gaming Microsoft drops Xbox Game Pass prices (!), but also drops Call of Duty from Day One Plus, Xbox teases a Game Pass Discord perk More Game Pass titles for April: Kiln, Vampire Crawlers, more Xbox April Update is here with that Quick Resume feature we all want There's an ID@Xbox event on April 23 to highlight indie games Xbox is selling Forza Horizon 6 limited edition controller and headsets Starfield is coming to the Nintendo Switch 2 A Call of Duty movie will finally arrive in 2028 Try out the Modern Warfare remake on Game Pass, it's a reminder of COD's gritty past PS5 Digital is down to its $399 launch price temporarily Tips and picks Tip of the week: Just make it App pick of the week: Helium RunAs Radio this week: The Life and Death of Microsoft Deployment Toolkit with Michael Niehaus Brown liquor pick of the week: Ned Australian Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: webroot.com/twit threatlocker.com/twit

AI is democratizing the making of things, from bespoke/custom apps to websites, designs of all kinds, and everything else you might imagine. It's a new world, and it's time to create. Plus, Helium is a new Chromium-based web browser that's completely open source, lightweight, secure, and private. There's a native version for Windows 11 on Arm, too. Also, Firefox 150 arrives with over 270 security fixes! Windows 11 Reports of a Recall security vulnerability are, once again, bogus, Microsoft says New builds on all channels, still on the old system Xbox Mode is now available in all channels Release Preview shows us the May Patch Tuesday updates: Xbox Mode, File Explorer improvements, Haptic improvements, Drop Tray renaming, Agents on the Taskbar Lenovo Yoga Slim 7x - Snapdragon X2 Elite, 14-inch display impressions Lenovo IdeaPad 5x - Snapdragon X2 Plus, 15.3-inch display impressions Microsoft 365, Surface, more OneDrive now supports Markdown natively New Surface PCs with Intel chips coming soon Microsoft is making changes to its Rewards program AI GitHub Copilot moves to token-based billing in a sign of the true cost of AI Claude Design democratizes visual design on the heels of Claude Opus 4.7 OpenAI Codex moves into productivity OpenAI releases ChatGPT Images 2.0 Chrome AI Mode gets a big update Mozilla announces Thunderbolt, sovereign AI for businesses Google brings vibe coding to Android apps with Android CLI Xbox and gaming Microsoft drops Xbox Game Pass prices (!), but also drops Call of Duty from Day One Plus, Xbox teases a Game Pass Discord perk More Game Pass titles for April: Kiln, Vampire Crawlers, more Xbox April Update is here with that Quick Resume feature we all want There's an ID@Xbox event on April 23 to highlight indie games Xbox is selling Forza Horizon 6 limited edition controller and headsets Starfield is coming to the Nintendo Switch 2 A Call of Duty movie will finally arrive in 2028 Try out the Modern Warfare remake on Game Pass, it's a reminder of COD's gritty past PS5 Digital is down to its $399 launch price temporarily Tips and picks Tip of the week: Just make it App pick of the week: Helium RunAs Radio this week: The Life and Death of Microsoft Deployment Toolkit with Michael Niehaus Brown liquor pick of the week: Ned Australian Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: webroot.com/twit threatlocker.com/twit

AI is democratizing the making of things, from bespoke/custom apps to websites, designs of all kinds, and everything else you might imagine. It's a new world, and it's time to create. Plus, Helium is a new Chromium-based web browser that's completely open source, lightweight, secure, and private. There's a native version for Windows 11 on Arm, too. Also, Firefox 150 arrives with over 270 security fixes! Windows 11 Reports of a Recall security vulnerability are, once again, bogus, Microsoft says New builds on all channels, still on the old system Xbox Mode is now available in all channels Release Preview shows us the May Patch Tuesday updates: Xbox Mode, File Explorer improvements, Haptic improvements, Drop Tray renaming, Agents on the Taskbar Lenovo Yoga Slim 7x - Snapdragon X2 Elite, 14-inch display impressions Lenovo IdeaPad 5x - Snapdragon X2 Plus, 15.3-inch display impressions Microsoft 365, Surface, more OneDrive now supports Markdown natively New Surface PCs with Intel chips coming soon Microsoft is making changes to its Rewards program AI GitHub Copilot moves to token-based billing in a sign of the true cost of AI Claude Design democratizes visual design on the heels of Claude Opus 4.7 OpenAI Codex moves into productivity OpenAI releases ChatGPT Images 2.0 Chrome AI Mode gets a big update Mozilla announces Thunderbolt, sovereign AI for businesses Google brings vibe coding to Android apps with Android CLI Xbox and gaming Microsoft drops Xbox Game Pass prices (!), but also drops Call of Duty from Day One Plus, Xbox teases a Game Pass Discord perk More Game Pass titles for April: Kiln, Vampire Crawlers, more Xbox April Update is here with that Quick Resume feature we all want There's an ID@Xbox event on April 23 to highlight indie games Xbox is selling Forza Horizon 6 limited edition controller and headsets Starfield is coming to the Nintendo Switch 2 A Call of Duty movie will finally arrive in 2028 Try out the Modern Warfare remake on Game Pass, it's a reminder of COD's gritty past PS5 Digital is down to its $399 launch price temporarily Tips and picks Tip of the week: Just make it App pick of the week: Helium RunAs Radio this week: The Life and Death of Microsoft Deployment Toolkit with Michael Niehaus Brown liquor pick of the week: Ned Australian Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: webroot.com/twit threatlocker.com/twit

Old Bugs are getting fixed, like the 20-year-old Enlightenment bug, finally landing per-screen virtual desktops in KDE, and even more X11 vulnerabilities. Mint is making the slower release cadence official, Fedora is pushing 44 off a week, and Tumbleweed is going to systemd-boot. Linux is finally dropping 486 support, Mozilla has announced Thunderbolt, and the FSF has entered the office. For tips, we have Netwatch-tui for live network stats, wtf for modular TUI dashboards, v4l2loopback-ctl for managing virtual cameras, and a tour of a working Grafana dashboard. You can find the show notes at https://bit.ly/4tkp3PI and happy Linuxing! Host: Jonathan Bennett Co-Hosts: Rob Campbell, Ken McDonald, and Jeff Massie Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.