In an industry once dominated by live-action stars, digital characters are increasingly gaining traction. At a summit in Zurich, actress, comedian, and technologist Ellin van der Velden announced that her AI agency, Xicoia, is in talks with several major agents to sign its first virtual talent: an AI actress named Tilly Norwood. Ellin van der Velden presented her initiative at a panel dedicated to artificial intelligence in the entertainment industry. She described her AI production studio Particle6 , which later evolved into Xicoia , an agency specializing in the creation, management, and monetization of “hyperrealistic digital stars.” Tilly Norwood is the first

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in the popular Sudo utility, used on Linux and Unix-like systems, to its catalog of currently exploitable vulnerabilities (KEVs). The bug is filed as CVE-2025-32463 and has a CVSS score of 9.3 . It affects Sudo versions prior to 1.9.17p1 and allows a local user, via the -R (–chroot) option, to execute arbitrary commands as root, even if their execution is not specified in the sudoers configuration. The issue was first reported by Stratascale researcher Rich Mirch in late June 2025. While the exact exploitation of the vulnerability and

The Open Source Hongmeng Technology Conference 2025, recently held in Changsha, highlighted the achievements of HarmonyOS ” Hongmeng ” (鸿蒙), the open source operating system developed by Huawei. Richard Yu, Huawei Executive Director and President of Device BG, said in a video message: “Over the past five years, with the support of the Open Atom Open Source Foundation, industry, academia, and research have collaborated to develop HarmonyOS as an open source project, creating a true miracle in the history of Chinese software development.” According to the latest data, the HarmonyOS open source community has over 9,200 contributors and more than 130 million

In recent years, many companies have gone cloud-first , outsourcing critical infrastructure and business services to platforms managed by external providers. However, recent events and growing concerns about digital sovereignty are prompting many organizations to reconsider their level of dependence on uncontrollable cloud services within their regions. The vulnerability of critical data and the possibility that external political or commercial decisions could limit access to resources have made it clear that internal management and the choice of open source solutions can represent a more secure strategic alternative. The Austrian Armed Forces have completed a major overhaul of their IT infrastructure, completely abandoning

In recent years, cyberattacks have become a major threat to businesses, regardless of industry. While technical departments focus on troubleshooting and restoring systems, the true test of an organization’s ability to communicate clearly and credibly with the public is the organization’s ability to address these issues. In a digital crisis, in fact, reputation risks suffering damage that is often more severe than the economic losses resulting from the attack itself. Reputation, a fragile asset The trust of customers, partners, and even employees is an intangible asset that is built over time and can be compromised in a matter of hours. It’s not

The cybersecurity industry is undergoing a transformation: artificial intelligence is becoming not just a tool for developers, but also a weapon for attackers. And we’ve talked about this extensively. This concept was brought to the attention of Ami Luttwak, CTO of Wiz, explaining that new technologies inevitably expand the attack surface and that integrating AI into business processes accelerates both the development and the emergence of vulnerabilities. According to Luttwak, accelerating development through vibe coding and integrating AI agents often leads to bugs in core mechanisms, such as the authentication system. This is because the agents perform their assigned tasks literally and

On September 29, 2025, Broadcom released security advisory VMSA-2025-0016 , addressing three vulnerabilities identified in VMware vCenter and VMware NSX products. The bugs affect several solutions in the VMware ecosystem and have a severity rating of High , with a CVSSv3 score between 7.5 and 8.5 . The vulnerabilities affect the following components and platforms: Vulnerability Details The identified vulnerabilities are classified as CVE-2025-41250, CVE-2025-41251 and CVE-2025-41252 . CVE-2025-41250 – SMTP Header Injection in vCenter A weakness in VMware vCenter allows SMTP header injection. A user with non-administrative privileges, but authorized to create scheduled tasks, could manipulate notification emails sent by the

Some spyware producer is probably doing gymnastics… tearing their hair out. But it’s the usual charade: someone finds, someone cashes in, someone integrates, and then the researcher on duty comes along to ruin the party—for ethics or some other theatrical reason. A security flaw was recently discovered in WhatsApp that allows zero-click remote code execution (RCE). This vulnerability is already being actively exploited by attackers on Apple platforms, including iOS, macOS, and iPadOS. Researchers at DarkNavyOrg have discovered a flaw by exploiting two vulnerabilities, CVE-2025-55177 and CVE-2025-43300, in a proof-of-concept. This weakness allows devices to be compromised silently, without requiring any user

Alarming trends are emerging in the IT job market. More and more computer science graduates are unable to find work, even at minimum wage. A computer science degree was once considered a gateway to a well-paying career with rapid advancement . But mass layoffs at major tech companies, coupled with the introduction of new tools that eliminate the need for in-depth technical knowledge, have radically changed the rules of the game. The stories of young professionals are disheartening. A University of Oregon graduate said he sent out nearly six thousand resumes and had thirteen interviews in two years, without ever receiving a

The U.S. Department of Justice has received court authorization to conduct a remote inspection of Telegram’s servers as part of an investigation into child exploitation. The prosecutor’s motion stated that this measure was necessary due to the company’s refusal to cooperate with law enforcement and respond to official inquiries. The judge granted permission to use a specialized remote access technique that allows a series of requests to be sent to Telegram servers. These requests force the system to return information about the target account, including messages and associated data. The decision was reported by CourtWatch , citing court documents; however, direct links