← All issues

Week 25 · 2026

11 articles · 5 model releases

AI Model Releases

New models and updates from major AI providers this week

This Week
JetBrains (Mellum)

Mellum2

JetBrains has open-sourced Mellum2, a 12B parameter model specifically engineered for practical deployment in software engineering systems. The model is optimized to handle complex production AI challenges such as latency, throughput, and cost.

  • Open-source availability
  • Optimized for routing, Q&A, and sub-agents
  • Designed for low latency and high throughput in private AI workflows
Kimi (Moonshot)

Kimi K2

Moonshot AI has introduced Kimi K2, a massive 1 trillion parameter Mixture-of-Experts (MoE) model featuring 32 billion activated parameters. The model is specifically optimized for agentic intelligence, demonstrating exceptional performance in tool use, reasoning, and autonomous problem-solving tasks.

  • Large-scale MoE architecture with 1T total parameters trained on 15.5T tokens
  • Utilization of the MuonClip optimizer to ensure training stability at scale
  • Enhanced agentic capabilities for advanced tool use and coding tasks
  • Advanced attention mechanism using Multi-Head Latent Attention (MLA)
Amazon (Nova) 2026-06-15

Gemma 4

Amazon Bedrock has announced the availability of the Gemma 4 family, developed by Google DeepMind. This open-weight model family is designed for high intelligence-per-parameter across various deployment scenarios.

  • Three instruction-tuned variants: 31B, 26B-A4B (MoE), and E2B
  • Built-in reasoning and native function calling
  • Multimodal input capabilities for text and image processing
NVIDIA (Nemotron) 2026-06-16

NVIDIA Nemotron open models

NVIDIA has integrated its Nemotron open models into the NVIDIA Agent Toolkit, now available with HPE Private Cloud AI. This integration is part of a broader effort to provide an agentic AI operating system for enterprises to build and run autonomous multi-agent systems.

  • Integration with NVIDIA Agent Toolkit
  • Support for monitoring agent behavior and enforcing governance policies
  • Part of the HPE Private Cloud AI ecosystem for secure, long-running multi-agent systems
Amazon (Nova) 2026-06-15

Gemma 4 family

Amazon Bedrock has announced the availability of Google DeepMind's Gemma 4 models, an open-weight family optimized for intelligence-per-parameter. The release includes three instruction-tuned variants utilizing both dense and mixture-of-experts (MoE) architectures.

  • Built-in reasoning capabilities
  • Native function calling
  • Multimodal input support across text and image
  • Available in 31B, 26B-A4B, and E2B variants

This Week in Tech

Top stories curated from across the web this week

This Week

Article 1

SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon

Discovery of 'SearchLeak', a three-stage vulnerability chain in Microsoft 365 Copilot Enterprise that enables silent data exfiltration.

TL;DR

Researchers have identified a critical vulnerability chain called SearchLeak that allows attackers to exfiltrate enterprise data via Microsoft 365 Copilot. By combining prompt injection with an HTML race condition and Bing-based SSRF, attackers can bypass security controls with a single click.

The 'SearchLeak' vulnerability represents a sophisticated multi-stage attack chain targeting Microsoft 365 Copilot Enterprise. The process begins with Parameter-to-Prompt (P2P) injection, where an attacker crafts a URL containing a malicious 'q' parameter that instructs the AI to search for sensitive information and embed it within an HTML image tag. During the streaming phase of the AI's response, a race condition occurs: the browser renders the <img> tag before the platform's security sanitizer can wrap the output in protective <code> blocks. To bypass the Content Security Policy (CSP) that prevents direct requests to attacker-controlled domains, the exploit leverages a Server-Side Request Forging (SSRF) vulnerability in Bing's 'Search by Image' feature. By pointing the image source to a Bing endpoint, the attacker forces Bing's backend to fetch the data from the attacker's server, effectively using Bing as an exfiltration proxy. This allows for the silent theft of emails, security codes, and organizational documents without requiring any special permissions or user interaction beyond clicking a trusted Microsoft link. Microsoft has since patched this vulnerability under CVE-2026-42824.

Read full article →

Article 2

Your Privacy My Cloak: Backdoor Attacks on Differentially Private Federated Learning

The research paper introduces 'Ring', a novel backdoor attack that exploits the masking properties of Differential Privacy in Federated Learning to evade defenses while maintaining high attack success rates.

TL;DR

This paper challenges the assumption that Differential Privacy enhances Federated Learning security against backdoor attacks. The authors present 'Ring', an attack mechanism that leverages DP noise to conceal malicious updates from detection systems.

The research investigates a critical vulnerability in privacy-preserving machine learning, specifically focusing on Differentially Private Federated Learning (DP-FL). While DP is traditionally viewed as a defense against backdoor attacks by adding noise to model updates, the authors demonstrate that this noise can actually act as a 'cloak' for adversaries. By analyzing two baseline strategies—DP-opt-in and DP-opt-out—the researchers found that while bypassing DP increases attack effectiveness, it also makes malicious updates easier to detect via statistical anomaly detection. To solve this, the authors propose 'Ring', an adversarial perturbation layer inspired by secret sharing. In a Ring attack, compromised clients collaboratively craft perturbations that mask the backdoor signal at the individual update level but cancel each other out during the aggregation process. This allows the global model to reconstruct a strong backdoor signal while the individual malicious contributions remain statistically indistinguishable from benign, DP-perturbed updates. The study's evaluations across various image and text datasets show that Ring can achieve an average Attack Success Rate of 90.3% against six modern defenses, representing a massive improvement over previous baseline attacks. Ultimately, the paper highlights a fundamental security gap where the pursuit of privacy through DP may inadvertently facilitate more potent and stealthy poisoning attacks.

Read full article →

Article 3

APPO: Agentic Procedural Policy Optimization

The introduction of Agentic Procedural Policy Optimization (APPO), a new reinforcement learning framework designed to improve credit assignment in LLM agents by focusing on critical decision points within reasoning trajectories.

TL;DR

This paper proposes APPO, a method to enhance the training of autonomous LLM agents through more granular credit assignment. It moves beyond trajectory-level rewards by identifying and branching at specific high-impact decision points within the reasoning process.

The evolution of Large Language Models from text generators to autonomous agents has been driven by Reinforcement Learning with Verifiable Rewards (RLVR). However, a significant bottleneck remains: current training paradigms provide feedback only at the end of an entire trajectory. This leads to 'entangled' learning signals where it is difficult to determine which specific intermediate actions or thoughts contributed to a success or failure. While some existing methods attempt to mitigate this by branching trajectories at certain intervals, they typically rely on coarse-grained units such as entire tool-call sequences or large blocks of thinking text. The authors of APPO argue that the most critical information resides in specific 'decision points'—tokens or latent positions where a change in direction would lead to significantly different outcomes. APPO focuses on these high-impact procedural patterns. By identifying tokens with high entropy and branching rollouts around these critical junctures, the framework can more effectively assign credit to the precise moments that drive downstream performance. This approach aims to provide a denser, more informative supervision signal, ultimately leading to more stable and efficient policy improvement for long-horizon agentic tasks.

Read full article →

Article 4

France to Phase Out Non-Quantum Encryption as Bitcoin Security Concerns Grow

France's cybersecurity agency ANSSI has announced a phase-out of non-quantum-safe encryption for certified security products starting in 2027.

TL;DR

France is implementing a mandatory transition to quantum-resistant encryption for all certified security products by 2027. This regulatory shift responds to the growing threat of future quantum computers capable of breaking current cryptographic standards.

The French cybersecurity agency ANSSI has announced a significant policy shift regarding cryptographic standards, stating that it will cease the certification of security products that do not utilize quantum-safe encryption beginning in 2027. This decision is part of a broader strategic move to protect critical infrastructure and government networks from the eventual arrival of cryptographically relevant quantum computers, often referred to as 'Q-Day.' A primary driver for this urgency is the threat of 'harvest now, decrypt later' attacks, where malicious actors intercept encrypted data today with the intent of decrypting it once quantum technology matures. The timeline for this transition is being influenced by global tech leaders; for instance, Google has set a 2029 deadline for its own systems to transition to post-quantum cryptography. This regulatory pressure is mirrored in the cryptocurrency sector, where networks like Ethereum have established dedicated post-quantum security teams, and Stellar has unveiled a multi-stage migration roadmap. While some industry experts warn of the risks to assets like Bitcoin, others caution against panic, noting that the global scientific community is actively working on robust solutions for this transition. Ultimately, the French initiative frames the shift not just as a technical necessity, but as a critical component of national governance, industrial planning, and digital sovereignty.

Read full article →

Article 5

How does torch.compile() achieve massive speedups despite highly optimized NumPy functions? [D]

The tinytorchcompile project demonstrates how operator fusion serves as the primary mechanism for performance gains in torch.compile by reducing memory transfers.

TL;DR

This article introduces tinytorchcompile, a simplified single-file implementation of the torch.compile mechanism focusing on operator fusion. It provides empirical evidence that fusing operations into a single kernel is essential for bypassing memory bandwidth limitations.

The article explores the technical core of PyTorch 2's performance improvements through a project called tinytorchcompile. The central thesis is that 'operator fusion' is the most critical component of torch.compile, as it allows multiple operations to be executed within a single C loop, thereby preventing the need to write intermediate results back to RAM. By analyzing four different execution modes—torch eager, torch.compile, tinytorchcompile unfused, and tinytorpcompile fused—the author demonstrates that fusion alone provides a massive speedup by transforming memory-bound operations into compute-bound ones. The project utilizes a pipeline consisting of tracing via operator overloading, lowering nodes to virtualized buffers, fusing through closure inlining, and finally generating and running C code via clang/gcc and ctypes. This approach not only shows how to optimize simple expressions like ReLU activations but also mirrors the complex behavior seen in TorchInductor when handling ResNet layers. Ultimately, the documentation highlights that while other optimizations like multithreading are important, their efficacy is strictly limited by the memory bottleneck unless operator fusion is first applied.

Read full article →

Article 6

The first unpatchable iPhone exploit in six years targets chips still running Apple's latest iOS

Discovery of the usbliter8 exploit, a hardware-level bootROM vulnerability affecting specific Apple A12 and A13 chips.

TL;DR

Security researchers have identified a new unpatchable bootROM exploit named usbliter8 that affects several older Apple devices. The vulnerability stems from how USB controllers manage data packets, allowing for persistent hardware-level exploits.

Researchers at Paradigm Shift have unveiled 'usbliter8', the first significant iPhone bootROM exploit discovered in approximately six years. This hardware-level vulnerability targets a specific flaw in the USB controller's handling of data packets within the A12 and A13 chip architectures, as well as the S4 and S5 chips used in older Apple Watches and HomePod mini. The core of the issue lies in the failure to reset DMA addresses after packet processing, which leaves SRAM data insecure. Because this flaw is embedded in the SecureROM, it cannot be remediated through standard iOS software updates; only hardware upgrades can permanently resolve the risk. While the exploit requires physical access and specialized hardware like a Raspberry Pi, its implications are significant as it allows for persistent jailbreaking that survives device reboots. The discovery effectively extends the lineage of unpatchable vulnerabilities started by the 2019 checkm8 exploit, meaning devices ranging from the iPhone 4S through the iPhone 11 remain theoretically vulnerable to bootROM-level attacks. Notably, the iPhone 11 remains a relevant target as it is among the oldest devices still receiving active iOS support.

Read full article →

Article 7

Salesforce Data Thefts Continue via Klue App Compromise

Threat actors linked to the Icarus group breached Salesforce instances by exploiting a compromised third-party integration via Klue's Battlecards app.

TL;DR

A supply chain attack targeting Klue's market intelligence platform allowed threat actors to steal Salesforce customer data through OAuth token abuse. The Icarus extortion group is identified as the primary actor behind this recent wave of CRM-focused breaches.

The cybersecurity landscape is facing a significant surge in third-party integration exploits, specifically targeting Salesforce ecosystems. Recent investigations by ReliaQuest and Huntress reveal that threat actors successfully compromised Klue's Battlecards application to access sensitive customer data within Salesforce instances. The attack vector involved the exploitation of a legacy, unmonitored credential within Klue's backend infrastructure, which allowed attackers to push a malicious code update designed to harvest OAuth tokens from integrated customers. Once in possession of these tokens, the attackers leveraged Python scripts to interface with the Salesforce REST API, performing both stealthy low-volume queries and high-speed bulk data exfiltration over a 24-hour period. The stolen data reportedly includes business contacts, price quotes, and sales messaging. This specific campaign has been linked to the Icarus extortion group, an emerging threat actor that recently surfaced in April. Icarus has engaged in extortion attempts using the Session messenger platform and has threatened to leak data from 'big corps' on their Dark Web leak site. The breach follows a pattern of similar attacks seen in previous months involving other SaaS integrations like Salesloft and Gainsight. To mitigate ongoing risks, security professionals are advised to immediately revoke all OAuth grants, client secrets, and service-account passwords associated with the Klue integration. Additionally, organizations should implement IP allowlisting for third-party connected apps and closely monitor Salesforce API activity for anomalous query volumes or unauthorized patterns.

Read full article →

Article 8

Sandia National Laboratories and Quantinuum Validate 98-Qubit Helios Trapped-Ion Framework

Sandia National Laboratories and Quantinuum have validated the performance of Helios, a 98-qubit trapped-ion quantum computer, demonstrating high gate fidelities and classical simulation resistance.

TL;DR

Researchers have successfully validated the Helios 98-qubit trapped-ion quantum processor, showcasing industry-leading gate fidelities and advanced architectural features. The system's real-time control stack allows for complex algorithmic execution that challenges even the most powerful classical supercomputing architectures.

The collaboration between Sandia National Laboratories and Quantinuum has resulted in the successful validation of Helios, a 98-qubit commercial quantum computer based on trapped-ion technology. Peer-reviewed data published in Nature reveals exceptional operational metrics, including single-qubit gate fidelities of 99.9975% and two-qubit gate fidelities of 99.921%. The hardware architecture is centered around a Quantum Charge-Coupled Device (QCCD) design using barium ions (137Ba+). A key innovation in the Helios design is its physical routing capability, which uses a four-way 'X' junction and a rotatable ion storage ring to facilitate all-to-all connectivity without increasing fabrication complexity. This spatial segregation allows for parallel processing of ion sorting and laser-cooling cycles, effectively increasing hardware clock speeds. Furthermore, the Helios runtime software introduces a dynamic control layer that translates virtual qubit operations into physical ion transport commands in real time. This capability enables the execution of complex classical-style programming logic, such as loops and conditional branching, directly on live quantum states. Finally, volumetric evaluations using Random Circuit Sampling (RCS) have demonstrated that simulating the deep random circuits produced by Helios would require exascale-level computing resources and massive energy consumption, effectively proving the processor's quantum advantage over current classical supercomputing capabilities.

Read full article →

Article 9

Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push

Accenture is significantly expanding its operational technology (OT) cybersecurity capabilities through a $4.1 billion acquisition of majority stakes in Dragos, runZero, and NetRise.

TL;DR

Accenture has announced a massive $4.1 billion initiative to dominate the OT cybersecurity market by acquiring stakes in Dragos, runZero, and NetRise. This strategic expansion focuses on providing comprehensive protection for critical infrastructure and industrial environments.

In a major move within the cybersecurity sector, Accenture is executing an aggressive $4.1 billion strategy to enhance its capabilities in protecting Operational Technology (OT) environments. The company is acquiring majority stakes in three industry-leading firms: Drag/os, runZero, and NetRise. This massive investment is designed to address the growing complexity and increasing threat landscape facing critical infrastructure, such as manufacturing, energy, and utilities. By integrating Dragos's expertise in industrial cybersecurity, runZero's capabilities in device visibility and asset discovery, and NetRise's focus on firmware security and supply chain integrity, Accenture aims to offer an end-to-end security solution for OT ecosystems. This acquisition strategy positions Accenture as a primary leader in managing the convergence of IT and OT security, providing clients with the tools necessary to identify vulnerabilities and defend against sophisticated state-sponsored and criminal attacks targeting industrial control systems.

Read full article →

Article 10

Algorand Plans to Be Ready for Quantum Computing Threat by End of 2027

Algorand has announced a comprehensive roadmap to implement post-quantum cryptography across its entire network infrastructure by the end of 2027.

TL;DR

The Algorand Foundation has unveiled a multi-year plan to integrate quantum-resistant protocols into its blockchain ecosystem by 2027. This includes implementing Falcon-based accounts and hybrid signatures to protect against future quantum computing attacks.

The Algorand Foundation has officially announced a strategic roadmap aimed at achieving broad quantum resilience by the end of 2027. Recognizing the long-term threat posed by advancements in quantum computing—often referred to as 'Q-Day'—the foundation intends to upgrade its entire technological stack, including user accounts, digital wallets, institutional custody systems, and core network consensus mechanisms. A primary component of this plan is the introduction of native Falcon-1024 accounts, which utilize post-quantum digital signature systems designed to withstand quantum-based decryption attempts. To ensure a smooth transition, Algorand will also implement hybrid cryptographic signatures that combine traditional methods with post-quantum algorithms, allowing for increased security without immediate loss of compatibility. The rollout is scheduled in phases, with the first significant upgrades expected in 2026. This move places Algorand alongside other major blockchain networks like Bitcoin, Ethereum, and Stellar, which are all exploring or implementing quantum-resistant frameworks. While the threat of a cryptographically relevant quantum computer is not immediate, the foundation emphasizes that proactive preparation is essential to maintain trust and security for developers and institutions in the decades to come.

Read full article →

Article 11

Bitcoin miners need billions to fund AI ambitions, led by IREN’s $21B gap

Bitcoin mining companies are facing massive capital requirements to pivot their energy infrastructure toward AI and high-performance computing data centers.

TL;DR

Bitcoin miners are attempting to pivot toward AI infrastructure to escape declining mining margins, but they face a massive $50 billion funding gap. This transition requires significant capital to upgrade modular mining sites into sophisticated, high-uptime data centers.

The Bitcoin mining industry is undergoing a structural shift as companies attempt to rebrand and repurpose their energy assets for the burgeoning AI market. According to recent reports from Blocksbridge Consulting and VanEck, public miners need an estimated $50 billion in near-term capital to successfully bridge the gap between traditional Bitcoin mining setups and AI-ready data centers. Unlike Bitcoin mining, which utilizes relatively simple modular infrastructure and ASIC fleets capable of handling power curtailment, AI and High-Performance Computing (HPC) facilities require much higher standards for electrical redundancy, advanced cooling, networking, and consistent uptime. Among the industry players, IREN faces the most significant challenge with a $21.1 billion funding gap, while Riot Platforms and HIVE Digital also face multi-billion dollar requirements. This pivot is being driven by severe economic pressures in the Bitcoin mining sector, including declining hashprices—which dropped to as low as $28 per PH/s in early 2024—and the aftermath of the Bitcoin halving event. As profitability for traditional mining wanes, the potential for higher-margin AI cloud services presents a lucrative alternative, even as the massive capital expenditure required poses a significant barrier to entry and execution.

Read full article →