By Deepti Pathak The Chinese tech firm OPPO unveiled new on-device AI advancements at Mobile World Congress 2026 in…
The post OPPO and MediaTek Highlight New On-Device AI Features at MWC 2026 appeared first on Fossbytes.

Source:: Fossbytes

By Shikhar Mehrotra Two companies, four earbuds, and a price gap that’s quietly disappeared. Samsung and Apple are closer than they’ve ever been — and further apart in ways that will matter differently depending on who you are.
The post Samsung vs. Apple earbuds in 2026: Everything you need to know before spending $179 or $249 appeared first on Digital Trends.

Source:: Digital Trends

By Manisha Priyadarshini Researchers in Japan have built an AI projector system that beams makeup onto your face based on the mood you describe, turning phrases like “night rose” into real color combinations.
The post AI projector system beams makeup on your face by just saying the look you want appeared first on Digital Trends.

Source:: Digital Trends

A new iPhone-hacking exploit has exposed the uncomfortable truth that when governments build offensive attacks, they eventually come for all of us.

Revealed by Google’s Threat Intelligence Group (GTIG) and iVerify, the Coruna exploit can compromise iPhones running iOS 13 through to iOS 17.2.1, though Apple has secured its systems against this threat in iOS 26.

What Coruna does

Coruna is dangerous and can hijack any iOS device just when a user visits a website. Its existence is a perfect illustration of how weaponized hacking tools do nothing to make us safer, and everything to make people more insecure.

Coruna can steal data and cryptocurrency information, expose personal information, and more. Once hacked, the exploit will install software with root access that can run additional modules and collect text snippets from the device. 

It’s a complex set of tools that includes five exploit chains and 23 vulnerabilities that seem to have been designed to infiltrate devices and exfiltrate sensitive data. Everything about the kit screams of it being built by a highly resourced nation-state hacking organization.

It’s so sophisticated it even recognizes when a device is in Lockdown Mode, at which point it ceases its attack.

Made in the USA?

The code is polished, the tools comprehensive, and it uses exploitation methods and security avoidance tricks the team hadn’t come across before. That’s why it looks like a well-financed exploit, one that first appeared in use by surveillance-as-a-service mercenary firms, later by a Russian espionage group, then by a Chinese group. Wired warns that it “may have been originally created by a US contractor and sold to the American government.” 

In other words, it’s a perfect illustration of how highly sophisticated attacks developed for nation-state use can, do, and indeed already are falling into the hands of criminals. 

The experts at iVerify who also studied the exploit warn: “Coruna is one of the most significant examples we’ve observed of sophisticated spyware-grade capabilities proliferating from commercial surveillance vendors into the hands of nation-state actors and ultimately mass-scale criminal operations. 

The attack really demonstrates that the only way we can effectively protect our digital world is to ensure that everyone in that world is as safe as everybody else. 

There’s no such thing as a safe hack, no such thing as a controllable zero-day attack, no such thing as a safe backdoor.

There are no safe back doors

When it comes to Coruna, experts warn that thousands, perhaps tens of thousands, of iPhones might already have fallen victim since it is so effective and already so widely proliferated. That’s a particular threat given that 26% of all iPhones introduced since 2022 are not yet running iOS 26, which means they aren’t yet protected against the attack.

“The mobile threat landscape is not standing still, and the tools once reserved for targeting heads of state are now being deployed against ordinary iPhone users,” iVerify warned.

This was inevitable. Sophisticated attacking tools used by state hackers or those adjacent to those hackers will always slip into wider use eventually; even the NSO Group’s earliest Pegasus software exploits are allegedly now available for sale on the dark web. 

Those high-value attacks were originally used against human rights activists and journalists in the Middle East and Europe. While such exploits are usually described as being so sophisticated and costly to launch most of us need not fear them, the truth is that when those attacks proliferate, they do threaten everyone.

Come together

We know Apple is attempting to stay ahead in the security race. It doubled its available security bounty just last year, and its recently introduced Memory Integrity Enforcement (MIE) protection should help secure its platforms against attacks of this kind.

But security protection is never perfect, humans remain the weakest link, and ordinary users seem increasingly likely to be exposed to sophisticated attacks as they reach down the food chain.

Coruna may have been in use for years. But if you care about security, whoever it was who first built these attacks should have decided to report the vulnerability to Apple, not weaponize it to make a buck. If we work together, we make things safer. If we fail to find some way to get along, then no one will be safe — to the detriment of all.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Source:: Computer World

By Varun Mirchandani Amazon has introduced Amazon Connect Health, an AI platform designed to automate healthcare tasks like appointment scheduling, patient verification, and medical documentation.
The post Amazon’s AI could soon help run your doctor’s office appeared first on Digital Trends.

Source:: Digital Trends

Anthropic is attempting to renegotiate the terms of its AI contract with the US Department of Defense (DoD). CEO Dario Amodei has been in meetings with Emil Michael, the US under-secretary of defense for research and engineering, to iron out contractual disagreements that led the DoD to mark Anthropic as a supply-chain risk, the Financial Times cited sources as saying.

The disagreements were specifically about clauses the DoD wanted in the contract that would allow it to use Anthropic’s systems to carry out mass domestic surveillance and build autonomous weapons systems, both of which are ethical red lines that Anthropic is not prepared to cross.

The latest renegotiation push appears to stem from Amodei’s recent discussions with investors and backers including Amazon, Nvidia, Lightspeed, and Iconiq, to find a path to de-escalate tensions with the DoD, Reuters reported citing sources familiar with the matter.

The sources also told Reuters that some of Anthropic’s investors were also reaching out to their contacts in Washington to lobby in favor of the model provider.

Separately, the Information Technology Industry Council, an industry group representing major technology companies including Amazon, Nvidia, Apple and OpenAI, has also written to US Defense Secretary Pete Hegseth expressing concern over the fact that the department would go to the extent of marking a US company with the supply-chain risk label over a procurement dispute.

The letter, Reuters reported, even goes to the extent of suggesting that that the move could restrict the government’s access to best-in-class technologies from American firms serving agencies across the federal government.

Rather, the Council suggested that the department should take a continued negotiation approach to solving the issue or select another vendor as the label of supply-chain risk is usually reserved for companies that have been marked as foreign adversaries.

Contractual and technical compromises could save the deal

While tensions have escalated, analysts and legal experts say Amodei’s latest push to renegotiate the contract could offer a pathway for both sides to find common ground.

“A workable compromise is origin (of the data) and use-based allowing bulk analysis where the inputs are foreign signals intelligence, while contractually barring use of Anthropic’s systems to process commercially acquired data of US citizens without an Article III warrant, backed by clear covenants and oversight mechanisms,” said Anandaday Misshra, managing partner of Amlegals, a law firm specializing in AI regulatory intelligence and data protection.

This could work, Misshra noted, as the core dispute is over acquisition of “bulk” data.

While DoD wants an “all lawful purposes” standard, including “analysis of bulk acquired data,” which in practice covers large volumes of commercially available information (CAI), such as US citizens’ location data purchased without warrants under the Third‑Party Doctrine, Anthropic reasonably views model‑driven processing of such data as de facto domestic surveillance, Misshra added.

Echoing Misshra, Greyhound Research chief analyst Sanchit Vir Gogia said the contract language could include provisions for governing mechanisms that provide measurable oversight in the form of immutable audit logs that capture prompts and outputs and periodic compliance reviews that evaluate how models are being used in operational systems.

Analysts also see a resolution in how Anthropic’s models are ultimately deployed within the DoD.

One possible compromise could involve deploying specialized versions of frontier models in tightly controlled environments for specific national security tasks, Gogia said.

Additionally, other controls could include enforcing policy at a gateway layer where requests are screened through identity checks, role-based permissions, and predefined rules before reaching the model, allowing Anthropic to retain safeguards while governments maintain operational oversight, Gogia added.

Similarly, Pareekh Jain, principal analyst at Pareekh Consulting, said that the technical deployment architecture could include inclusion of third-party Red Teams, which could be used to periodically check whether the implemented polices and safeguards continue to be effective as models evolve.

OpenAI is renegotiating as well

OpenAI, which moved quickly to secure a contract with the DoD after Anthropic was effectively barred last week, is also looking to revise the terms of its agreement.

CEO Sam Altman said in a post on X that the deal had been “rushed” and needed to be reworked following criticism online and reports of users uninstalling ChatGPT.

Earlier, OpenAI had published a blog post suggesting its arrangement with the DoD included contractual provisions preventing the use of its models for weapons systems or mass domestic surveillance in the US, positioning the agreement as more restrictive than the one under discussion with Anthropic.

Continuing its efforts to manage the optics around the entire imbroglio, OpenAI has sought to emphasize that its guardrails align with those of Anthropic.

Its executive, Connie LaRossa, who looks after national policy, told delegates at a conference in California on Wednesday that her company shared the same ethical red lines as Anthropic and was working to support efforts to have Anthropic’s supply-chain risk designation removed, Reuters reported.

Advantage Anthropic?

However, if Anthropic and the DoD fail to reach a deal, the legal advantage may remain firmly with the former, Misshra said.

“Anthropic has meaningful legal leverage. A $200 million engagement of this type is likely structured as an Other Transaction Authority (OTA) agreement, which is designed to preserve commercial terms, including Terms of Service and Acceptable Use Policies,” Misshra said.

“The government cannot simply import Federal Acquisition Regulation “Changes” mechanisms to rewrite those terms without courting material breach,” Misshra noted, adding that this can be seen as statutory overreach.

“Under the Administrative Procedure Act (APA), the government must prove Anthropic actually poses a national security risk. Rejecting a contract clause on domestic surveillance doesn’t meet that bar,” Misshra explained.

Anthropic’s board, as a Delaware Public Benefit Corporation, has a statutory duty to advance its stated AI safety public benefit, he said: “Authorizing effectively unrestricted military use, especially for US citizens’ surveillance, would be difficult to reconcile with that duty”.

Capitulation could set a risky precedent for AI vendors

If Anthropic does give in to the DoD’s demands, especially given Amodei’s public refusal until now to cross his company’s ethical red lines, it could set a risky precedent for the company and its peers, analysts and experts say.

“If Anthropic capitulates, it will set a precedent that commercial Acceptable Use Policies are effectively waivable under government pressure. DoD would be seen as free to accept ethical guardrails to access frontier capabilities, then later use tools like supply‑chain risk designations to strip those limits,” Misshra said.

“That dynamic incentivizes a race to the bottom, favoring contractors willing to abandon internal safety and human‑rights policies. For a company expressly structured around responsible AI, helping to establish that precedent is both strategically and legally risky,” Misshra added.

Capitulation to the US government could also risk the company’s brand image and erode the company’s credibility with independent users and developers who recently migrated from ChatGPT partly because of trust in Anthropic’s stated values, said Jain.

On the commercial side, Jain added, full concession to the US DoD without strong governance provisions could hurt Anthropic’s enterprise positioning, especially with European clients who are increasingly sensitive to military AI entanglement.

In fact, the European Policy Centre, an independent think tank, has already started raising concerns about the implications for European citizens as artificial intelligence becomes more deeply integrated into surveillance systems and military technologies.

In a blog post addressed to policymakers in the European Union, the think tank pointed to a recent resolution adopted by the United Nations General Assembly that calls on states to ensure human oversight and accountability in the development and deployment of military AI systems.

The resolution urges governments to put in place safeguards to ensure that AI-enabled systems used in defense or security contexts remain consistent with international law, including humanitarian and human rights obligations.

Jitse Goutbeek, an AI Fellow at the Europe’s Political Economy team at the EPC, wrote that such international commitments are particularly important as governments begin integrating frontier AI models into intelligence, surveillance, and defense planning.

Further, Goutbeek argued that procurement decisions and defense partnerships should increasingly take these commitments into account, suggesting that European governments may need clearer assurances from technology vendors and defense agencies about how human oversight and operational safeguards will be maintained when AI systems are deployed in sensitive national security environments.

Source:: Computer World

By Hisan Kidwai All-in-one PCs have always been special, simply because they promise the size of a desktop without…
The post ASUS Expands Desktop Lineup With V501 Series and AiO V400 PCs appeared first on Fossbytes.

Source:: Fossbytes

By Hisan Kidwai Thanks to all our AI usage, it’s no secret that smartphones are getting more expensive. It’s…
The post OPPO K14 5G Confirmed to Launch on March 9 With 7000mAh Battery appeared first on Fossbytes.

Source:: Fossbytes

By Manisha Priyadarshini Spectre I is a portable device that prevents nearby microphones from recording your voice, by creating a protection zone around you that blocks smart devices, phones, and AI recorders from capturing conversations.
The post This smart device stops sneaky AI gadgets from listening to your conversations appeared first on Digital Trends.

Source:: Digital Trends

Starting in September, Google’s Chrome browser will receive a new release every two weeks, the company has announced. Since 2021, Chrome has been on a four-week release schedule for new major versions.

The rationale for the faster two-week cycle is to enable faster delivery of performance improvements, bug fixes, security updates, and new features to both users and developers, the company said.

Although updates will be more frequent, each individual update will contain fewer changes; that, according to Google, should reduce the risk of problems and make it easier to troubleshoot any issues after launch.

The new cadence model will begin with Chrome 153, whose stable version is scheduled for release on Sept. 8, 2026. The change applies to Chrome versions for the desktop, Android, and iOS.

Source:: Computer World

Turning to the Mac, Apple on Tuesday updated the world’s most popular laptop, introducing the MacBook Air with an M5 chip. It also unveiled super-powered M5 Pro and M5 Max chips inside the MacBook Pro, a new Studio Display and all-new Studio Display XDR.   

The latest product introductions follow Monday’s announcement of a new M4-powered iPad Air and the all-new iPhone 17e, and we expect even more news during the rest of the week.

The biggest highlight concerns the M5 chip used in these Macs. It promises superb performance and will only make Apple even more ascendant in terms of power and efficiency in its class. I’d argue these are now the best laptops money can buy.

There are some slight price increases. For example, both the M5 Pro and M5 Max Macs cost roughly $200 more than their predecessors, while the M5 MacBook Air now starts at $1,099 rather than $999. That cost increase is balanced by the fact that you do get twice the storage as before in the basic models.

Apple forges forward with M5 chips

The M5 Pro and M5 Max are engineered for AI and built using the new Apple-designed Fusion Architecture. The chip design combines two dies into a single system on a chip, promising tremendous performance boosts. M5 Pro and M5 Max feature a new up-to-18-core CPU with 6 super cores, and 12 all-new performance cores, optimized for power-efficient, multithreaded pro workloads — altogether delivering up to 30% faster performance.

The chip designs are remarkable in and of themselves, combining a powerful CPU, scalable GPU, Media Engine, unified memory controller, Neural Engine, and Thunderbolt 5 capabilities.

Apple shared a few statistics to suggest what these chips deliver in performance terms:

30% increase in performance for pro tasks.

4X faster for AI operations.

35% increase in ray-tracing performance in contrast to the M4 Pro and M4 Max systems.

Apple

“M5 Pro and M5 Max are a monumental leap forward for Apple silicon, leveraging our new Fusion Architecture to scale the capabilities of Apple silicon while preserving its core tenets of performance, power efficiency, and unified memory architecture,” said Johny Srouji, Apple’s senior vice president of hardware technologies. “Both chips underscore our relentless pace of innovation.”

Don’t let the dizzying array of data points confuse you. What they mean is that every single one of these Macs will deliver performance that’s considerably faster than the preceding models. The chips cement Apple’s growing reputation for offering the best and most performant systems in the world.

Apple

MacBook Air with M5 chip

Apple seems to have impressed itself with the M5 MacBook Air, describing it as being up to 4x faster than the M4 model for AI functions and an astonishing 9.5x faster than the MacBook Air with an M1 chip.

The move to M5 puts a huge amount of performance with the reach of most consumer users and will do nothing to dent growing demand for these Macs from among enterprise pros.

“The new MacBook Air with M5 brings incredible performance and even more capability to the world’s most popular laptop,” said John Ternus, Apple senior vice president of hardware engineering. “With M5, MacBook Air powers through a wide range of tasks, from everyday productivity to creative workloads.”

The M5 processor in the Air has a 10-core CPU.

There’s an up-to-10-core GPU with a Neural Accelerator in each core.

Storage now starts with a 512GB SSD that promises about twice the read/write speeds of the last version of the Mac.

The Macs are available with 13.6-in. or 15.3-in. Liquid Retina displays offering 500nits brightness and a 12MP camera.

Connectivity includes an Apple N1 wireless chip for Wi-Fi 7 and Bluetooth 6. You also get two USB-C/Thunderbolt ports and MagSafe charging.

They’re available in sky blue, midnight, starlight, and silver and boast of up to 18 hours of battery life on a single charge.

Pre-orders begin March 4, with availability on March 11. As noted, prices start at $1,099.

Apple

MacBook Pro (M5 Pro and M5 Max)

Aimed at professionals and capable of the heaviest tasks, the new MacBook Pro models are so highly specified they should munch through any task you throw at them.“MacBook Pro with M5 Pro and M5 Max redefines what’s possible on a pro laptop, now up to 4x faster than the previous generation,” said Ternus.

“With Neural Accelerators in the GPU, the new MacBook Pro enables professionals to run advanced LLMs on device and unlock capabilities that no other laptop can do — all while maintaining exceptional battery life,” he said. “Combined with even faster unified memory and storage, it empowers users to take their work even further, unleashing new possibilities and pushing the boundaries of what they can do.”

You can also opt for the base 14-in. M5 MacBook Pro at prices from $1,699.

The M5 processors are available with up to 18 CPU cores (6 super cores and 12 performance cores).

There’s a next-gen GPU, each core with a Neural Accelerator for AI compute

The new models are up to 4× faster with on-device AI vs. the previous gen and up to 8× faster than the M1 Pro/Max.

Unified memory bandwidth is impressive — up to 64GB memory at 307 GBps on the M5 Pro, and up to 128GB memory at 614 GBps on the Mac Max.

Storage starts at 1TB SSD for M5 Pro models, or 2TB SSD in the M5 Max machines. The SSD speeds are twice as fast as before.

They feature a Liquid Retina XDR display with anano-texture option, a 12MP Center Stage camera, a studio-quality mic array and a 6-speaker system.

Connectivity includes an Apple N1 wireless chip for Wi-Fi 7 and Bluetooth 6 and Thunderbolt 5 ports.

Available in space black and silver, they deliver up to 24 hours of battery life on a single charge.

Pre-orders begin March 4, with availability on March 11. The M5 MacBook Pro starts at $1,699; M5 Pro models start at $2,199 and M5 Max costs from $2,699. 

Apple

Apple’s new Studio Displays

Of course, even if you use a notebook most of the time, there are times when it helps to do your computing on a larger screen — particularly when handling intensive professional tasks. That is what Apple’s two new displays are for, including a redesigned 27-in. Studio Display for everyday use, and a new 27-in. Studio Display XDR particularly targeted at pro workflows.

The big changes in this generation include support for Thunderbolt 5 rather than the older Thunderbolt 3 Apple’s earlier displays supported. This lets you daisy-chain multiple displays and accessories and provides much higher bandwidth. The cameras are better, supporting features like Desk View, for instance.

But the big leap in display tech is the move to Mini-LED with HDR. Use of this tech in the Studio Display XDR makes for dramatic improvements in contrast, black levels and HDR performance. It also means a bright display, which will be particularly useful for pro video editors, as will be the far faster and smoother 120Hz refresh in the high-end display. You also gain support for AdobeRGB, which these displays lacked until now. Eagle-eyed readers might note that the 5K LCD display in the standard model remains the same, but with much better tech.

“Apple has led the industry in delivering the world’s most advanced displays for pros to do their life’s best work, and today we do that once again with the introduction of the new Studio Display family,” said Ternus, the man hotly-tipped to become the next Apple CEO.

What are the specifications of the new displays?

For the 27-in. Studio Display:

A 5,120×2,880 5K Retina panel.

600 nits of brightness and P3 wide color.

12MP Center Stage camera and a studio-quality three-mic array.

A six-speaker system with Spatial Audio designed for video calls, creative workflows, and immersive sound. 

Thunderbolt 5 with two downstream ports (to enable daisy-chaining), 2x USB-C ports, and up to 96W charging for notebooks via included cable.

Tilt-adjustable stand standard, with tilt-and-height adjustable stand an optional extra.

Nano-texture glass available for glare control .

Price: $1,599, with pre-orders starting March 4 and availability on March 11. 

For the 27-in. Studio Display XDR (Pro Model)

5K Retina XDR with mini-LED backlight.

2,000 nits peak HDR brightness and 1,000 nits SDR.

More than 2,000 local dimming zones for deep contrast.

P3 + Adobe RGB wide color gamuts for professional workflows.

120Hz refresh rate with adaptive Sync for smoother motion and variable frame support.

12MP Center Stage camera, studio-quality three-mic array and a six-speaker system with Spatial Audio.

DICOM medical imaging presets and optional Medical Imaging Calibrator (for diagnostic work, pending FDA clearance).

Two Thunderbolt 5 ports, 2xUSB-C ports, and up to 140 W charging for larger notebooks.

Tilt- and height-adjustable stand, with a VESA mount adapter available .

Price: $3,299, with pre-orders starting March 4 and availability on March 11.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe. Also, now on Mastodon.

Source:: Computer World

By Vikhyaat Vivek The secret to safer self-driving cars might be this tiny radar device.
The post This low-cost orange-sized sensor could be what self-driving cars need to hit public roads appeared first on Digital Trends.

Source:: Digital Trends

Microsoft has warned that phishers are exploiting a built-in behavior of the OAuth authentication protocol to redirect victims to malware, using links that point to legitimate identity provider domains such as Microsoft Entra ID and Google Workspace. The links look safe but ultimately lead somewhere that isn’t.

“OAuth includes a legitimate feature that allows identity providers to redirect users to a specific landing page under certain conditions, typically in error scenarios or other defined flows,” Microsoft’s Defender Security Research Team wrote in a blog post. “Attackers can abuse this native functionality by crafting URLs with popular identity providers, such as Entra ID or Google Workspace, that use manipulated parameters or associated malicious applications to redirect users to attacker-controlled landing pages.”

The company said it has disabled several malicious OAuth applications linked to the activity but warned that related campaigns are continuing and require ongoing monitoring.

How the attack works

The attack starts with a phishing email, with observed lures impersonating e-signature requests, HR communications, Microsoft Teams meeting invites, and password reset alerts, the malicious links embedded either in the email body or inside a PDF attachment, Microsoft researchers wrote in the blog post.

The link points to a real OAuth authorization endpoint but is built with deliberately broken parameters. Attackers use a “prompt=none” value, requesting a silent authentication with no login screen, and pair it with an invalid scope value. The combination is designed to fail. When it does, the identity provider redirects the user’s browser to a URI registered by the attacker.

“Although this behavior is standards-compliant, adversaries can abuse it to redirect users through trusted authorization endpoints to attacker-controlled destinations,” the researchers wrote in the blog post.

The technique represents a structural shift in how attackers approach identity, said Greyhound Research chief analyst Sanchit Vir Gogia. “The first hop is real. The browser is behaving correctly. The identity provider is behaving correctly. The trust signal is authentic,” he said. “This shifts phishing from deception at the brand layer to manipulation at the workflow layer.”

In one campaign Microsoft detailed in the blog post, the redirect delivered a ZIP archive containing a malicious shortcut file to the victim’s device. Opening the file triggered a PowerShell script that ran reconnaissance commands and ultimately connected to an attacker-controlled server, the post said. Microsoft described the subsequent activity as consistent with pre-ransomware behavior.

Other campaigns the blog post detailed routed victims to adversary-in-the-middle frameworks such as EvilProxy to harvest credentials and session cookies.

Context, not the URL, is the new red flag

Sakshi Grover, Senior Research Manager at IDC Asia/Pacific, said the longstanding advice to hover over a link and verify its domain was built for an era of lookalike domains and that it no longer holds in environments where authentication flows routinely pass through trusted identity providers.

“Organizations should shift awareness messaging from ‘check the link’ to ‘validate the context,’” she said. “Employees should be trained to question whether an authentication request was expected, whether it aligns with a current business activity, and whether the application is requesting permissions that make sense.”

Gogia said enterprises need to go further and change the underlying behavior entirely. “Never initiate authentication journeys from unsolicited inbound links,” he said. “Authentication should begin from controlled starting points, not from email triggers.” He added that reporting unexpected login journeys must be made frictionless, and that speed of reporting is more valuable than confidence in personal judgment.

The governance gap attackers exploit

Both analysts pointed to OAuth application governance as the deeper structural gap this campaign exploits.

Grover of IDC said governance maturity remains uneven across enterprises. “Broad default consent settings and limited monitoring of redirect URIs remain common, particularly in environments where cloud and SaaS adoption have outpaced identity governance controls,” she said.

The scale of the problem is easy to underestimate, according to Gogia of Greyhound Research. “Every SaaS integration, automation workflow, and collaboration tool may require an application registration. Over time, tenants accumulate hundreds or thousands of registered apps. Redirect URIs are configured during setup and rarely revisited,” he said. “Telemetry exists. Interpretation does not.”

Microsoft said in the blog post that organizations should restrict user consent to third-party OAuth applications, audit app permissions regularly, and remove applications that are unused or over-privileged. The post also published 16 client IDs linked to the threat actors’ malicious applications and a list of initial redirection URLs as indicators of compromise. KQL hunting queries for Microsoft Defender XDR customers are included in the post to help identify related activity across email, identity, and endpoint signals.

The technique will remain effective for as long as enterprises leave these gaps unaddressed, Gogia warned. “It does not require breaking encryption,” he said. “It requires exploiting administrative complacency.”

This article first appeared on CSOonline.

Source:: Computer World

By Paulo Vargas ESA and Airbus hit 2.6 Gbps using a laser link between a plane and a satellite 36,000 km away, proving that fast, reliable in-flight internet is finally within reach.
The post Forget Starlink. ESA just tested gigabit-class satellite-to-airplane internet service appeared first on Digital Trends.

Source:: Digital Trends

By Paulo Vargas TCL showed off the Tbot desktop robot at MWC 2026. It pairs with kids smartwatches to handle routines, learning, and bedtime when the watch is charging. But it is still a concept with no price or release date yet.
The post TCL turned your kid’s smartwatch into a cutesy desktop robot appeared first on Digital Trends.

Source:: Digital Trends

By Rachit Agarwal Instead of sending your voice and video to remote servers, these new smart glasses process everything locally, redefining privacy in wearable AI.
The post Brilliant Lab’s $349 Halo smart glasses handle all AI workloads on-device and it’s a huge privacy win appeared first on Digital Trends.

Source:: Digital Trends

By Hisan Kidwai After the success of the Find X9 series in pushing camera boundaries, the Chinese smartphone maker…
The post OPPO Find X9 Ultra Set for Global Release With Next-Gen Camera Tech appeared first on Fossbytes.

Source:: Fossbytes

By Deepti Pathak After the pretty exciting Xiaomi 17 series, the Chinese maker announced the new Xiaomi Pad 8…
The post Xiaomi Pad 8 Series Launched: Big Battery, Flagship Chip & Sleek 11.2-Inch Display appeared first on Fossbytes.

Source:: Fossbytes

A new study published in the journal Nature Medicine raises concerns about the safety of Open AI’s health service ChatGPT Health, which in many cases fails to recommend emergency care when it ‘ actually needed, according to The Guardian.

Researchers tested ChatGPT Health with 60 realistic patient scenarios, ranging from mild discomfort to acute medical conditions. Three doctors assessed in advance the level of care required, and the results were then compared with the AI tool’s recommendations. In more than half of the cases where a patient should have been sent to the hospital immediately, the system instead advised them to stay home or get a regular doctor’s appointment.

According to the study, the service performed better in clear emergency situations, such as strokes or severe allergic reactions, but had trouble handling more complex or ambiguous symptoms. The researchers also point to shortcomings in how the system handled suicide risk, where warning functions sometimes disappeared depending on what additional information was added to the scenario.

In response, OpenAI said the study does not reflect how the service is typically used in practice and that the model is continuously updated, The Guardian reported.

Source:: Computer World

By Pranob Mehrotra The Xiaomi Watch 5 takes smartwatch interaction beyond simple wrist flicks, adding advanced, customizable gestures that make hands-free control more powerful than ever.
The post This WearOS watch pushes the boundaries of gesture control and Apple should take note appeared first on Digital Trends.

Source:: Digital Trends