India's Computer Emergency Response Team (CERT-In) says defenders should endevor to patch or mitigate exploited n-day vulnerabilities within 12 hours as the cybercrime landscape continues its AI-ification. The organization's recommended half-day window applies only to bugs that affect internet-facing or "crown jewel" systems and are known to be exploited. In these cases, CERT-In told defenders to "patch, mitigate, or remove exposure within 12 hours where feasible." For other flaws, such as a standard critical vulnerability (CVSS 9.0 or higher) affecting an internal system, or a known exploited bug affecting an internal system, defenders can enjoy a much more leisurely 24-hour window. The revised suggestions come as part of a new guide released by CERT-In this week to help infosec pros better protect against AI-assisted cyberattacks. "AI-assisted cyber exploitation reduces the time required for adversaries to identify, weaponize, and exploit vulnerabilities, exposed services, weak identities, insecure APIs, and misconfigured systems," CERT-In's report reads. "As organizations become increasingly dependent on interconnected digital infrastructure, cloud ecosystems, software supply chains, operational technologies, and AI-enabled platforms, the potential impact of AI-enabled cyber threats continues to increase across sectors." CERT-In's report follows a trail of news stories in 2026 that all suggest AI is becoming an increasingly important part of cybersecurity for both attackers and defenders. The field of agentic AI has especially matured rapidly in the past year. Consumer-grade tools like OpenClaw have made it easier for non-technical users to experiment with autonomous tech, raising its profile and awareness of its capabilities. Agents are equipped with all the necessary permissions to make significant system changes, but as global intelligence agencies recently highlighted, their behavior can at times be unexpected, and they're also prone to mischief. Security pros are starting to see the potential for AI agents in their workflows, but for attackers, the technology represents an opportunity to hasten all parts of their process, from recon and exploitation to privilege escalation and data theft. CERT-In cited agentic AI as one of the core concerns behind the report's recommendations, and because of the disparate supply chains on which organizations are increasingly reliant, any vulnerability can lead to cascading damage on interconnected systems. Beyond agentic AI, the launches of frontier models such as Anthropic's Mythos and OpenAI's GPT-5.5, two certified cyber workhorses, threaten to empower attackers further with capabilities to uncover and exploit critical vulnerabilities at pace. A 12-hour window: Is it feasible? Any cybersecurity practitioner will attest to the onerous nature of the patching process, and how it's not as easy as clicking "Update," which is why a 12-hour patch window might seem initially unrealistic to some. Urgent warnings and demands for immediate patching are routinely delivered alongside critical vulnerability disclosures, but these fail to account for the downtime required to apply patches, or the testing required to prove that by applying them, everything else won't break. Microsoft has had its fair share of these cases, for example, and many readers will have borne the brunt. CISA's Known Exploited Vulnerabilities catalog is another prominent resource that sets patching deadlines, albeit only for federal agencies, but these are typically set at two to three weeks, or a number of days for the most serious vulnerabilities. The cybersecurity pros who spoke to The Register, weighing in on the CERT-In recommendations, agreed that 12 hours is far too short a window to properly test and deploy a patch, although they said the organization was on to something with its approach. Dray Agha, senior manager of security operations at Huntress, said that CERT-In’s recommendation to "patch, mitigate, or remove exposure within 12 hours where feasible" was solid advice, largely because of the caveat that it doesn’t necessitate a full patch within that time. "By explicitly encouraging temporary mitigations, such as isolation, access restriction, or disablement until a patch is ready, this turns the patching deadline into a highly feasible and necessary containment strategy," Agha told The Register. "And this corroborates the guidance we dispense at Huntress for critical threats: we often advise our community to deploy temporary mitigations to 'get them out of trouble' as soon as humanly possible, and then come up with a more coordinated strategy for patching that respects the business's need to function in its enterprises." Agha added that AI-assisted cyberattacks are seen every day in the wild, compressing the time taken to exploit vulnerabilities, meaning defenders must adapt to this new reality. In the pre-AI days, a 12-hour window to mitigate or patch a known exploited vulnerability was seen as excessively tight, but increased availability of advanced tooling and automation is reshaping the demands of vulnerability management. "Defenders must fundamentally reshape their operations to focus on quicker mitigations – prior to AI, at Huntress, we have seen vulnerabilities exploited within a handful of hours, let alone a full 12 hours," said Agha. He said the 12-hour guideline is less about an arbitrary clock, more about "forcing a necessary readjustment in how organizations drive their security approaches to be beyond compliance and move to a continuous defensive posture. "And this will involve the enterprise functions of the business being a part of the security posture – not just IT, thank you very much – as the consequences of AI-driven exploitation mean faster, higher impact cascading negatives on a targeted business; much better to proactively defend than reactively recover." ®

The Insider said this suggested U.S. authorities had not permitted the sanctioned tanker to proceed to Cuba.

Rospotrebnadzor said there have been no imported cases of the virus recorded in Russia since the outbreak began earlier this month.

‘I left Venezuela after someone held a gun to my head. But I returned to show what beauty it has – like these two boys coming back from a fishing trip at an amazing beach’

My parents encouraged me to leave Venezuela. The situation in the country at that time, the mid 2010s, had started to get really hard, with food and medicine shortages – and violent robberies were becoming a regular thing. A lot of people had started to leave and my parents were worried that if I stayed something bad would happen. I had already seen my mum robbed and I’d had a gun held to my head, but that was normal. I was lucky enough to be able to go to England. But when I arrived, to study at Huddersfield University, I had the feeling many immigrants have – of not belonging, questioning who I was and where I was from. I understood what I was losing, too, and it hurt.

I remain deeply connected to Venezuela and whenever I go back to visit my parents we always go to the beach. My whole family loves the ocean: it’s how I spent a lot of my childhood. I started shooting there, too, hanging out with kids, spending time with young people and seeing what they were going through, but I also felt I could give something back. The kids had so much fun during those shoots.

Continue reading...

banzainetsurfer has added a photo to the pool:

Tateyama Murodo-daira, Toyama Prefecture, Japan

DirtyGlassEye has added a photo to the pool:

This was another b-lister that wasn't really supposed to make it to the big screen but I saw some light on it so I decided to give it an honest shot, consider it a filler of sorts.
It's been a while since I posted anything from here so allow me to explain again. This was a bnb I stayed at in Kyoto by the name of Nachiya, and it was a damn good one, probably the best one I ever stayed at. And the owner gave me the green light to take pictures around the property. It was a good consolation prize cause I didn't know what I was going to successfully shoot in Kyoto (especially since it was a bit more urban than the brochures said). So to be able to crash at a place that resembled the historical look I was pining for was a real good failsafe.
The courtyard had a wood gate with double doors, and an inscription of the property on it in Hiragana. Beyond it was a bamboo banister going up stone steps. The lights you see is on the inside of a sliding front door and a wall seperating the side yards. The property is surrounded by bamboo but it was too dark to see at this time. The shadow on the closer part of the banister isn't mine I didn't add that in editing, I think it was the light on the underside of the gate that I was standing underneath to get this.
But what I did do in editing was turn the clarity up on the stone steps, I turned down the highlights on the overhead ceiling lights, not enough to get rid of it's illumination of the roof and wall around them, but just to keep them from being eyecatchers. I saturated the wall and the front door, and decided to edit out some of the visible bamboo lines in the foliage it looked more like physical damage to old camera film than an actual part to the photo.

Nederland wil drones testen op het Letse oefenterrein Selonia. Een overeenkomst maakt dit in de toekomst mogelijk. Minister Dilan Yeşilgöz-Zegerius en de Letse minister-president Evika Siliņa hebben het document vandaag in de Letse hoofdstad Riga getekend. Daarmee wordt de toch al nauwe samenwerking met de Baltische Staat op het gebied van drones verder versterkt.

An anonymous reader quotes a report from Reuters: Elon Musk's Starlink and Amazon's low-earth-orbit satellite business may be able to acquire some European mobile satellite spectrum next year, two people with direct knowledge of the matter said on Tuesday. But they said two-thirds of the satellite spectrum that allows mobile devices and vehicles to communicate seamlessly even in remote locations, would be reserved for European companies.

U.S. companies Viasat and EchoStar hold licenses that are due to expire in May 2027 and the European Commission has been considering how to allocate future spectrum at the same time as the bloc pushes to reduce reliance on U.S. tech. The European Union's IRIS2 multi-orbit array of 290 satellites, a response to Starlink, will be among the European companies to receive some spectrum, the sources said. British and Norwegian companies can also bid for a license, the people said. Details of the proposal, set to be announced on Wednesday, could still change at a meeting of commissioners on the day, one of the sources. Commission spokesman Thomas Regnier said EU-wide satellite connectivity was "synonymous with resilience, security, and capability" given the current geopolitical context.

"Satellite connectivity is a key piece of our technological sovereignty, our security, and our defense, as also highlighted by IRIS2," he added.

Read more of this story at Slashdot.

Best leuk hoor, vogeltjes loeren. Ook leuk dat er tegenwoordig in menig nestkast een camera hangt waarmee het broedende gevogelte onderdeel wordt van een soort Big Brother Vogelbescherming-editie, maar de mensen die naar zo'n stream zitten te kijken kunnen ook maar zo getuige zijn van een VERSCHRIKKELIJK DRAMA. Afgelopen vrijdag beleefde een nestje Torenvalken in Eesveen een "zwarte nacht" toen er plots een moordlustige bosuil de nestkast binnendrong. In slechts een paar seconden werd moeder torenvalk weggejaagd, werden twee kuikentjes met de klauwen van de uil aan stukken gehakt en opgepeuzeld en werden nog eens twee kuikens ontvoerd (beelden hier). Kortom: de natuur deed natuurdingen en zo gaat dat in de natuur dus iedereen ging natuurlijk weer verder met zijn dag, behalve dan de WOESTE VOGELVOYEURS die het drama live hadden gezien. Er waren nog een paar eieren niet uitgekomen en de moedervalk koos eieren voor haar geld heeft het nest tijdens de verschrikkingen van vrijdag voorgoed verlaten, dus begonnen de kijkers van de livestream aan een heilige missie om die achtergebleven kuikens te REDDEN. Er werden dierenambulances gebeld, er werd beroep gedaan op de Vogelbescherming die de eieren (inmiddels was er ook 1 uitgekomen) moest en zou helpen, er werden zelfs namen van medewerkers in de comments genoemd om degenen die hier PERSOONLIJK VERANTWOORDELIJK voor zijn op te sporen. Heisa. Om de vogelbeschermers te beschermen heeft de Vogelbescherming de stream nu offline gehaald. Vogelvrouw Ramona (47) uit Doesburg heeft inmiddels AANGIFTE gedaan en eist sancties tegen de Vogelbescherming. Die opgevroten kuikens hadden geluk.

SHANGHAI (ANP/BLOOMBERG) - Het moederbedrijf van de Chinese webwinkel Temu heeft in het eerste kwartaal meer omzet geboekt. Wel viel de groei tegen vergeleken met de verwachtingen van analisten. Het bedrijf, PDD Holdings, heeft nog altijd last van hevige concurrentie in China.

De omzet groeide in het afgelopen kwartaal met 11 procent naar 106,2 miljard yuan, zo'n 13,5 miljard euro. Analisten hadden volgens persbureau Bloomberg in doorsnee gerekend op 108,6 miljard yuan.

Het e-commercebedrijf hield er een lagere nettowinst aan over. De winst zakte met 15 procent tot 12,5 miljard yuan. PDD Holdings wijst in zijn resultaten op hogere kosten voor onder meer het afhandelen van orders en het verwerken van betalingen.

Temu, dat bekendstaat om zijn goedkope producten, heeft ook te maken met kritiek. Zo zeiden Europese consumentenorganisaties vorig jaar na onderzoek dat zeven van de tien producten die via Chinese webshops als Temu Europa binnenkomen, niet voldoen aan de veiligheidsnormen.