Breaking AI & Tech News Analyzed

Google has issued a warning that quantum computers could potentially break most existing encryption systems by 2029, posing a significant threat to current cryptographic standards. The tech giant is urging banks, governments, and technology providers to prepare for this emerging threat.In a blog post, Google stated that the encryption currently used to keep information confidential and secure could easily be broken by a large-scale quantum computer in the coming years. The company, owned by Alphabet, emphasized the need for post-quantum cryptography migration to protect sensitive data.While quantum computers are still a nascent technology, Google, Microsoft, and universities across the UK and the US are actively building systems that harness the physics of quantum mechanics to perform extremely sophisticated mathematical calculations. However, constructing a powerful quantum computer with hundreds of thousands or even millions of stable qubits remains a significant technological challenge.Leonie Mueck, formerly the chief product officer of Riverlane, a Cambridge-based quantum startup, noted that Google's statement does not necessarily mean a working quantum computer capable of breaking encryption will definitely exist by 2029. Most timelines for a cryptographically relevant quantum computer range from the 2030s to the 2050s.Despite this, governments and organizations are already preparing for the eventuality that data stored to today's encryption standards would be exposed when the technology sufficiently advances. The UK's cybersecurity agency, the National Cyber Security Centre, has urged organizations to guard their systems against quantum hackers by 2035.Google's timeline suggests that engineering teams across the technology industry should consider measures to protect sensitive data by migrating to more advanced encryption systems now. Certain kinds of attacks predicated on the future availability of quantum decryption – “store now, decrypt later” – may currently be being deployed across the field.

The Co-op Group has announced that its chief executive, Shirine Khoury-Haq, will step down this weekend after a challenging year that included a cyber-attack and recent claims of a “toxic” culture at the business.Khoury-Haq will depart on 29 March, and Kate Allum, a board member and former boss of the dairy group First Milk, will step in as interim boss while a permanent replacement is sought.The company, which owns more than 800 funeral parlours and an insurance and legal advisory business, as well as operating more than 2,000 convenience stores, reported an underlying loss of £125m. This is a significant drop from a £45m profit the year before, largely due to a £107m profits hit from the damaging IT hack.Khoury-Haq denied that her resignation was linked to the allegations of a toxic culture, stating that her decision to leave was a personal one. She expressed her desire to “go and do something else”.Sales at Co-op fell 2.3% to £11bn in the year to 3 January, following the mutual’s shops being left with gaps on shelves after the cyber-attack, which knocked £285m off sales.The group cited a “contracting convenience market” and “layered cost headwinds” of about £150m during the year, due to increases in employers’ national insurance, pay and packaging taxes.Khoury-Haq’s departure comes a month after reports of concerns about the culture at the top of the group. In February, the Co-op defended the behaviour of its bosses after reports said senior managers had complained of a “toxic” environment at the retailer.

The chasm between Silicon Valley's tech elite and everyday people is growing ever larger, as the industry doubles down on artificial intelligence. Nvidia's CEO Jensen Huang predicts $1tn in sales by 2028, a staggering figure that equates to 3% of the entire US yearly GDP.Meanwhile, 65% of Americans don't use AI in their work at all, according to Pew Research. The survey also shows that Americans are wary of AI and believe both political parties are regulating it poorly. Meta is reallocating huge amounts of its spending to AI, cutting jobs and scaling back metaverse ambitions. The company's Reality Labs division has recorded losses of $80bn since 2020.In a stark illustration of the divide, Mark Zuckerberg is building an AI agent to perform his work as CEO of Meta. The AI industry is splitting away from the lives of everyday people, with exclusive polling conducted for the Guardian finding that twice as many Americans believe their financial security is getting worse than better.In other tech news, Tesla's Cybertruck has been involved in several fiery crashes, resulting in fatalities and lawsuits. The vehicle's unique design and materials have raised safety concerns, with experts alleging that the truck's design led to these worst-case scenarios.

The Anatomy of the DarkSword LeakSecurity researchers have uncovered a significant escalation in iPhone vulnerabilities following the public release of the DarkSword exploit kit on the code-sharing site GitHub. Unlike sophisticated zero-days that require specialized knowledge to deploy, the leaked files are uncomplicated HTML and JavaScript scripts that can be hosted on a server in a matter of minutes. This accessibility has turned a tool previously associated with state-sponsored actors into a potential weapon for any criminal actor.The toolkit specifically targets iPhones and iPads running older versions of Apple’s operating system, such as iOS 18, which have not yet been updated to the latest iOS software. The code is designed to work "out of the box," meaning no iOS expertise is required to execute the attack. Researchers note that the leaked samples share infrastructure with previous campaigns analyzed by iVerify and Google, indicating a continuity in the threat landscape.The Scale of the VulnerabilityThe implications of this leak are vast, given the sheer number of devices potentially affected. According to Apple’s own data, approximately one-quarter of all iPhone and iPad users are still running older operating systems. With over 2.5 billion active devices globally, this suggests that hundreds of millions of users are currently exposed to the capabilities of DarkSword.Targeted Data: The exploit is capable of exfiltrating forensically relevant files, including contacts, messages, call history, and the iOS keychain (which stores Wi-Fi passwords and secrets).Historical Context: DarkSword was previously alleged to be used by Russian government hackers against Ukrainian targets, linking this new leak to geopolitical cyber warfare.From State-Sponsored to Criminal PlaygroundThe ease with which DarkSword can be repurposed has raised alarms within the cybersecurity community. Matthias Frielingsdorf, co-founder of mobile security startup iVerify, described the situation as "bad" and warned that the tool cannot be contained. The transition of such advanced spyware from a restricted government tool to a public commodity lowers the barrier to entry for cybercriminals.Kimberly Samra of Google and security hobbyist matteyeux have independently confirmed that the leaked code is trivial to use. Matteyeux successfully demonstrated the exploit on an iPad mini running iOS 18, proving that the threat is immediate and actionable for malicious actors.The Future of iOS Security and Lockdown ModeApple has responded by issuing an emergency update on March 11 for devices unable to run recent versions of iOS. The company emphasizes that keeping software up to date is the "single most important thing" for security and notes that devices with updated software are not at risk.Furthermore, Apple highlighted that Lockdown Mode would block these specific attacks. As the industry moves forward, the reliance on software updates and hardening features like Lockdown Mode will become increasingly critical in defending against the commoditization of exploit kits like DarkSword.

The WebKit Vulnerability and the New Patching MechanismApple has officially rolled out its first 'background security improvement' update, marking a significant evolution in its software maintenance strategy. This latest release targets a critical vulnerability discovered in WebKit, the browser engine that powers Safari across iPhones, iPads, and Macs.The advisory reveals that the bug, if exploited, could allow a malicious website to potentially access data from another website within the same browser session. To mitigate this risk, Apple introduced a new category of updates designed to be 'lightweight' and pushed between major software releases.Target Version: iOS, iPadOS, and macOS 26.1 and higher.Scope: Fixes for Safari, WebKit, and system libraries.Deployment: Background updates without requiring a full system reinstall.Efficiency in Security Response: The 'Quick Reboot' AdvantageOne of the most notable aspects of this update is the user experience. Unlike traditional major updates that often require lengthy reboots, this background security improvement only necessitates a quick device restart. This suggests a streamlined deployment process that minimizes user friction while maximizing security coverage.Apple has been testing this feature with software testers prior to the public release, indicating a deliberate effort to refine the mechanism before a wider rollout. The decision to withhold a specific reason for the patch from the public advisory highlights the sensitive nature of the vulnerability.Redefining the Security Patching LifecycleThe introduction of this update model fundamentally changes how Apple addresses the threat landscape. By decoupling critical security fixes from major feature updates, Apple can respond to zero-day threats and active exploits much faster.This approach reduces the 'window of exposure' for users, ensuring that security patches are applied as soon as they are available, rather than waiting for the next annual or bi-annual major OS release cycle.The Future of Continuous SecurityAs this is the inaugural release of the background security improvement program, it sets a precedent for future updates. We can expect to see a shift toward a more continuous security model, where minor but critical patches are pushed regularly to keep devices secure against evolving cyber threats.