Meta Smart Glasses Face Recognition Code Turns AI Eyewear Into a Privacy Fight
Meta removed dormant face-recognition code from its smart-glasses companion app after WIRED found the NameTag system inside Meta AI. The dispute now centers on whether consumer AI glasses can add biometric identification without turning everyday eyewear into a surveillance platform.
Microsoft Defender RoguePlanet Zero-Day Leaves Windows Teams Waiting for a Patch
Microsoft has acknowledged RoguePlanet, a Microsoft Defender elevation-of-privilege flaw tracked as CVE-2026-50656, but a patch is still in development. The public proof of concept turns Defender’s own file-handling workflow into a path to SYSTEM privileges, so Windows teams should tighten execution controls and monitoring while they wait for Microsoft’s fix.
Cisco ISE Flaws Put Network Access Control on a Patch Clock
Cisco patched two Identity Services Engine flaws that can expose hashed credentials and let an authenticated attacker run commands on the underlying operating system. The urgency is highest for teams running ISE 3.4, ISE 3.5, or ISE-PIC, especially because one Cisco ISE 3.5 fix is not due in the normal patch stream until August.
Nothing’s CMF Phone Cancellation Shows AI’s Memory Crunch Has Hit Budget Gadgets
Nothing is skipping this year’s CMF Phone successor because RAM prices have made a budget upgrade too expensive. The decision turns the AI-driven memory shortage into a consumer gadget story, with pressure spreading across Android phones, PCs, AI PCs, SSDs, and lower-cost devices.
ChatGPT Health Update Puts Medical AI Advice in Front of Free Users
OpenAI says GPT-5.5 Instant now gives stronger health and wellness answers to free ChatGPT users, backed by physician-led evaluations and a 71% drop in flagged factuality issues. The update matters because health questions are already one of ChatGPT’s largest uses, even as regulators scrutinize safety, minors, and sensitive data.
Gravity SMTP Exploit Puts WordPress Mail API Keys at Risk
Attackers are actively exploiting CVE-2026-4020 in the Gravity SMTP WordPress plugin, a flaw that can expose mail-service API keys, OAuth tokens, plugin versions, and server details. Site owners should update to Gravity SMTP 2.1.5 or later, check logs, and rotate affected email credentials.
Apple’s Beats Studio Buds Patch Fixes a Bluetooth Eavesdropping Risk
Apple’s Beats Firmware Update 1B211 fixes CVE-2025-20701, a Bluetooth pairing flaw that could let a nearby attacker listen through unpaired Beats Studio Buds while they are seeking pairing requests. Here is what changed and how to check your firmware.
AWS AgentCore Turns Enterprise AI Agents Into an Operations Stack
AWS used its New York Summit to expand Bedrock AgentCore, launch AWS Context and AWS Continuum, and push AI agents deeper into enterprise operations. The real story is not another chatbot layer, but a managed stack for grounding, governing, testing, and remediating agent behavior.
Unreal Engine 6 Turns Fortnite Into Epic’s Test Bed for Portable Games
Epic’s Unreal Engine 6 roadmap merges UE5 and UEFN, moves gameplay toward Verse, and uses Fortnite cosmetics as the first test of portable game assets. The plan could reshape game development, but adoption, AI tooling, and creator-economy incentives remain open questions.
AWS WAF Gives Publishers a Way to Charge AI Bots at the Edge
AWS WAF now lets CloudFront publishers charge AI bots and agents per request using HTTP 402, x402 payments, Coinbase settlement, and stablecoins. The launch turns AI crawler access into an edge-security and machine-payments problem.