NerdNews

Google's Threat Intelligence Group found that hackers used AI to develop a zero-day exploit for a popular web administration tool, allowing them to bypass two-factor authentication. The exploit was likely generated using a large language model, and Google has high confidence that AI was used due to the structure and content of the Python exploit code.

Coder Agents is a model-agnostic platform that allows organizations to run AI coding agents on their own infrastructure, providing control over code, data, and execution environments. It separates agent tools from model providers, avoiding vendor lock-in, and offers a conversational interface and API for task assignment and workflow automation.

Netflix introduces a graph-based architecture called Model Lifecycle Graph to manage machine learning systems at enterprise scale. The approach models relationships between datasets, models, features, evaluations, workflows, and production systems, enabling better discoverability, governance, and reuse of ML assets.

OpenAI's Daybreak uses AI models like Codex to prioritize high-impact issues, reduce analysis time, and generate patches. It aims to build cyber defense into software from the start, with partners like Cloudflare and Cisco.

Google's Threat Intelligence Group discovered a zero-day exploit developed with AI, which could have been used in a mass exploitation event. The exploit was found before it could be used, and the targeted company has patched the issue. This is the first reported case of an AI-developed zero-day exploit, and Google believes it's just the beginning of AI-powered cyberattacks.

A ransomware attack by hackers known as ShinyHunters has disrupted the Canvas digital learning platform, affecting thousands of schools across the US. The attack has exposed student information and caused chaos during finals and end-of-year assignments. Instructure, the company behind Canvas, has shut down access to the platform and is negotiating with the hackers.

A new Linux vulnerability, known as Dirty Frag, allows attackers to gain root access to systems. The vulnerability is the second severe one to affect Linux in as many weeks and can be exploited by chaining together two separate vulnerabilities. Patches are available, and users are advised to install them immediately to protect their systems.

Netflix has improved Apache Druid query efficiency by introducing an interval-aware caching strategy, reducing query load by 33% and serving 84% of analytics results from cache. The approach targets rolling window dashboards and decomposes query results into time-aligned segments to enable reuse across overlapping queries.

The Local-First AI Inference pattern is a three-tier architecture that routes 70-80% of documents to deterministic local extraction at zero API cost, reducing Azure OpenAI calls by 75%. It uses a composite scoring function with spatial, anchor, format, and contextual criteria to outperform simple text-presence checks and single-criterion approaches.

Google Cloud's DORA team published a report on the ROI of AI-assisted software development, emphasizing the importance of strong engineering foundations in driving AI return on investment. The report introduces a practical framework for calculating AI ROI and highlights the need for organizational readiness and strategic focus on underlying systems.

Cellular Intelligence, an AI drug startup backed by Mark Zuckerberg, has acquired global rights to an experimental Parkinson's disease cell therapy program from Novo Nordisk. The startup plans to use its AI platform to push the treatment through further clinical development, manufacturing, and commercialization.

Apple's researchers have developed a new benchmarking system to evaluate the spatial-functional intelligence of LLMs and explored using AI for sign language annotation and 3D head modeling, indicating the company's continued interest in AI and spatial computing.

6G networks will offer unprecedented capabilities, but businesses must avoid expensive lock-ins by auditing current vendors, insisting on open interfaces, and building architectural resilience. They should focus on hybrid connectivity and network-agnostic systems, rather than relying on single vendors or closed architectures.

HPE has announced autonomous networking capabilities that enable secure, AI-native, fully autonomous infrastructure. The self-driving network can detect, diagnose, and resolve issues in real time without human intervention, reducing help desk tickets and improving user experience. The capabilities include dynamic capacity optimization, autonomous missing VLAN remediation, and rogue DHCP protection.

Digg has relaunched as an AI news aggregator, focusing on ranking news and tracking influential voices in the AI space. The site uses sentiment analysis, clustering, and signal detection to determine what matters most, and showcases top stories, people, and companies in the AI industry.

GitLab is laying off an unspecified number of employees as it pivots towards AI and reduces its global footprint. The company plans to use the saved money to invest in its business, particularly in its Duo Agent Platform. GitLab's CEO, Bill Staples, claims this layoff is different from others in the industry, with a focus on restructuring and investment rather than cost-cutting.

Cangjie is a general-purpose, high-level language featuring static typing, pattern matching, and metaprogramming. It compiles to raw machine code and supports effect handlers, which simplify dynamic binding and exceptions. Cangjie is positioned as a counterpart to Java, Kotlin, or Swift and is taught by 80+ universities in China.

Apple has added support for end-to-end encrypted RCS messaging in beta as part of iOS 26.5, allowing iPhone users to have secure conversations with Android users. The feature is automatically enabled and indicated by a lock icon and 'Encrypted' message in the chat.

Google's upcoming Tensor G6 chip is expected to be faster and more efficient than its predecessor, but may still lag behind competitors like Apple and Qualcomm in terms of performance. The chip will be built on a 2nm process node and feature a combination of ARM C1-Ultra and C1-Pro cores. Despite potential improvements, Google's Pixel phones may not be able to match the performance of other flagship devices.

Apple and Google have started rolling out end-to-end encrypted RCS messaging in beta, allowing Android and iPhone users to send secure texts to each other. This feature makes messages less susceptible to surveillance and interception.