Google says AI Search will have ads, and they’re here to stay. Robby Stein from Google assures us ads will evolve with AI, offering context like matching shoes or booking allergy-friendly restaurants. So, while Google Ads aren’t leaving, they might just become your new AI-powered shopping buddy!

Ask Copilot on the taskbar is the star of Windows 11 Build 26220.7051, letting you chat with AI without lifting a browser finger. It’s like having a digital sidekick who won’t eat your snacks. Just enable it in Settings and feel your inner superhero emerge, minus the cape.

Bronze Butler exploited a Lanscope Endpoint Manager flaw to deploy Gokcpdoor malware, according to Sophos researchers. The cyber-espionage group used this vulnerability, CVE-2025-61932, to steal data before a patch was released. With no workarounds available, patching remains the best defense against these attacks.

Hezi Rash, aka Black Force, is the latest hacktivist group on the block, flexing their digital muscles with a barrage of DDoS attacks. With a mission to protect Kurdish society, they’re causing cyber chaos worldwide, including Japan and Israel. Their secret weapon? A network of alliances and rented DDoS tools.

Watch out, Australia! BADCANDY isn’t a sweet treat; it’s a sneaky malware. Unpatched Cisco IOS XE devices are under attack, thanks to a vulnerability that gives hackers remote control. With 400 devices compromised and counting, it’s time to patch up and lock down. Don’t let BADCANDY spoil your tech party!

UNC6384, a China-linked group, is exploiting a Windows zero-day to spy on European diplomats. Using crafty emails and sneaky malware, they’re targeting Hungary, Belgium, and beyond, proving once again that espionage isn’t just for the movies. PlugX malware is their tool of choice, making sure their cyber sleuthing remains under the radar.

The EU Council’s push for scanning encrypted messages gets shot down yet again. This “zombie proposal” refuses to stay buried, but public outcry keeps it in the grave. Lawmakers, it’s time to accept that client-side scanning undermines encryption and human rights. Let’s stop the surveillance sequel and find real solutions!

In Russia’s latest cyber caper, three IT whiz kids were nabbed for operating the Meduza Stealer malware service. Their mistake? Breaching a local government, ignoring the unwritten rule: “Don’t hack where you snack.” The Meduza Stealer saga has everyone wondering: Was it worth trading keyboard clicks for handcuffs?

Windows 11’s “shared audio” feature lets you play DJ with two Bluetooth devices simultaneously, but you won’t need a turntable—just a Copilot+ PC. Now you can blast music to two speakers or earbuds, making it the perfect excuse for a silent disco in your living room or avoiding sharing earbuds with your chatty seatmate.

UNC6384 is targeting European diplomatic entities with cyber-espionage, exploiting a Windows vulnerability and refined social engineering. Their tools? Malicious LNK files disguised as European Commission meetings! With PlugX malware in their arsenal, they’re serious; it’s like bringing a bazooka to a pillow fight. European diplomats better up their cybersecurity game!

Nation-state hackers are back at it, targeting US telecom firms like they’re the latest trend. Ribbon Communications, a Texas-based company, recently revealed a year-long cyber intrusion. Despite the breach, Ribbon claims no critical data was stolen. They’re now in full cybersecurity mode, trying to keep hackers at bay.

FCC to vote on reversing wiretap security measures aimed at countering Chinese cyberespionage. Chairman Brendan Carr argues the previous ruling exceeded authority and was ineffective against threats. With a Republican majority, the vote to repeal seems likely, raising concerns about cybersecurity and the potential for misuse of surveillance systems.

OpenAI’s Aardvark, powered by GPT-5, is the superhero of code security, tirelessly scanning, understanding, and patching vulnerabilities like a digital caped crusader. This “agentic security researcher” ensures developers sleep soundly as it vigilantly watches over codebases, detecting and fixing flaws before they become the villains of the tech world.

Ransomware gangs have revived the Linux kernel flaw CVE-2024-1086 for their devious deeds. Despite being patched, this vulnerability is still the life of the cybercrime party, making it clear that some bugs never truly go out of style.

In the world of AI, compliance might be an API problem, not just a bureaucratic inconvenience. With new regulations turning compliance into a business accelerator, securing APIs is essential. After all, without securing APIs, securing AI is like trying to lock your house with an open door.

The University of Pennsylvania was hit by a cybersecurity incident, with students and alumni receiving offensive emails claiming a data breach. Subject lines read “We got hacked (Action Required),” urging recipients to question the University’s security practices. Penn’s Incident Response team is on the case, while students are advised to simply delete the emails.

Microsoft Edge is getting a new scareware sensor that notifies Defender SmartScreen to block scam pages faster. Edge users, beware of fraudsters posing as tech support! This sensor detects scams in real-time and helps keep your browsing experience scam-free. Now, if only it could block those pesky cookie consent pop-ups too.

The 2026 NDAA is on the horizon, and it’s all about speed over due diligence. The Secretary of Defense wants to fast-track tech acquisitions, especially AI, with fewer hoops to jump through. But is bypassing oversight the best strategy, or just a fast track to buyer’s remorse? Only time—and taxpayers—will tell!

Airstalk malware misuses the AirWatch API to create a covert command-and-control channel, targeting enterprise browsers like Island. Suspected to be a nation-state threat, Airstalk can capture screenshots and exfiltrate data, making it a terrifyingly efficient cyber-spy. Its presence is as welcome as a surprise visit from your in-laws.

In the battle of bytes, cybersecurity professionals agree: Artificial Intelligence is the new heavyweight champion, knocking out traditional defenses. According to Keeper Security’s new report, both the UK and US teams feel like they’re in the early rounds, while Germany is slightly more ready for AI-enhanced attacks.