UK Council Halves Network Contract Cost After Four-Way Contest
One of the UK's largest local authorities is implementing a new enterprise network with a revised budget of £29 million (approximately $37 million), roughly half of its original estimate. The cost reduction was secured after a competitive four‑way tender that attracted multiple vendors. The council expects the modernized network to support its digital services and improve resilience. This procurement demonstrates the impact of rigorous bidding on public‑sector IT spending.
China's Chipmakers Are Reportedly in Triage Mode Ahead of Expected Helium Supply Cliff
China’s semiconductor fabs are entering a triage phase as helium supplies threaten to dry up by late April. The shortage stems from Qatar, which provides roughly one‑third of the world’s helium, halting output after Iranian drone attacks on the Ras...
No More Docx: Open Source Will Be the Mandatory Standard for German Gov
Germany’s federal government announced a sweeping mandate that all public‑sector software must be open source, effectively ending the use of proprietary suites such as Microsoft Office. The decree, slated for full implementation by 2027, includes a €2 billion (≈$2.2 billion) transition fund...
Europe's AI Hope Mistral Lands $830m in Debt, Days After Open-Sourcing Text-to-Speech Contender
Mistral, the French‑based AI startup hailed as Europe’s next big AI player, closed an $830 million debt financing round. The funding came just days after the company open‑sourced its new text‑to‑speech (TTS) model, signaling a shift toward a free‑model, paid‑service strategy....
'The Missing Piece' For Automating Patching Containers at Scale
Container security teams are grappling with the complexity of patching container images at scale, often stalled by tangled dependency trees and coordination across multiple teams. A new automation framework, dubbed the "missing piece," integrates vulnerability scanning, dependency resolution, and rollout...
“Sleeper Cells” In Telcos Seen Using Novel New BPFdoor Malware
Researchers have identified a novel malware called BPFdoor that exploits the Linux kernel’s eBPF subsystem to filter packets at kernel level, evading firewalls, IDS and deep packet inspection. The threat has been observed operating as “sleeper cells” within telecommunications networks,...
F5, Breached by an APT Last Year, Says BIG-IP APM Exploited
F5’s BIG‑IP Access Policy Manager (APM) vulnerability CVE‑2025‑53521 is being actively exploited, granting unauthenticated remote code execution. Attackers can disable SELinux, write in‑memory webshells, and seize control of authentication and VPN services used by Fortune 500 firms. The exploit follows a...
Anthropic Is Officially Running on Azure, Completing Its Hyperscaler Set
Anthropic, the AI startup behind Claude, announced it is now running its models on Microsoft Azure, joining Amazon Web Services and Google Cloud to cover all major hyperscalers. The move gives Anthropic access to Azure’s AI‑optimized GPU clusters and deepens...
The Cluster Management Strategy that Helped Pinterest Shave Millions Off Its Compute Bill
Pinterest reduced its compute expenses by re‑architecting how it moves workloads across Kubernetes clusters. The company built a central scheduler that dynamically shifts jobs between on‑prem, cloud, and spot‑instance environments based on real‑time demand. Predictive scaling and workload profiling let...
Copilot to Train on GitHub, Security Agents Comes Free(ish) to 365 E5
Microsoft announced that GitHub Copilot will continue training on publicly available GitHub code, but enterprise customers are excluded from contributing data to the model. At the same time, Microsoft 365 E5 subscribers will receive Microsoft’s security agents enabled by default...
Google's New Memory Breakthrough Is Moving Chip Markets - and Could Transform AI
Google introduced TurboQuant, an algorithm that dramatically reduces the working memory needed for vector quantisation while preserving model accuracy. The technique cuts inference memory requirements, leading to lower latency and energy use. Early tests show up to 40 % cost savings...
How Morgan Stanley Uses GitOps to Manage 500 Production Kubernetes Clusters
Morgan Stanley has deployed a GitOps workflow powered by Flux to operate 500 production Kubernetes clusters, hosting roughly 100,000 containers on 2,000 nodes. The bank needed a unified, auditable process to meet stringent regulatory and security mandates while scaling its...
Locals Object to $14 Billion British Neocloud Latest Plans, Nscale Pushes On
Nscale is moving forward with a £14 billion (approximately $17.5 billion) neocloud data‑centre project in the United Kingdom despite a local planning committee’s objection. The committee demanded formal assurances that the facility would not overload the regional electricity grid. Nscale has signaled...
Security Researchers Are in the Last-Chance Saloon to Save Their Jobs From AI
At the BSides security conference in San Francisco, former HackerOne chief policy officer Katie Moussouris warned that AI‑driven automation threatens the jobs of security researchers. She stressed that vulnerability detection still relies on human intuition and expertise. Moussouris, who launched...
Attackers Keep Spinning up VMs to Hide From EDR. What's the Answer?
Hackers are increasingly launching QEMU virtual machines at system startup to conceal malicious activity from endpoint detection and response (EDR) tools. Microsoft observed this method in recent attacks on exposed SolarWinds Web Help Desk instances, where a scheduled task creates...
STACKUP: The Stack's Weekly Tech Startups and Funding Wrap
The Stack’s weekly roundup highlights a surge of AI‑driven activity, featuring two startups that crossed the $1 billion valuation threshold to become unicorns. Two former Palantir engineers launched new companies, adding to the talent‑driven momentum. A flood of AI automation tools—from...
Clockwise's Team Joins Salesforce, Sunsetting Platform as They Go
Clockwise, the AI‑driven calendar assistant founded in 2016, announced its staff will join Salesforce and the service will close on March 27. Users have a one‑week window to migrate their data before the platform is sunset. The move comes a...
Oracle Pushes Emergency Fusion Middleware Patch
Oracle released an out‑of‑band emergency patch for a critical pre‑authentication remote code execution vulnerability (CVE‑2026‑21992) affecting Oracle Identity Manager and Oracle Web Services Manager. The flaw, located in the Fusion Middleware REST and security components, is easily exploitable and resembles...
Checkout.com CPO on What’s Next for the Payments Company that Processed $300bn Last Year
Checkout.com processed over $300 bn in e‑commerce volume in 2025 and posted its first full‑year profit, cementing its position as a leading enterprise‑focused PSP. Chief Product Officer Meron Colbeci said the firm will now make measured bets on three growth pillars: agentic...
EU Sanctions and CISA Warnings: Iran's Cyber Attacks Are Evolving
Iran’s cyber‑espionage groups are shifting toward modular, file‑less malware and supply‑chain compromises, making detection harder. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued new alerts describing increased targeting of critical infrastructure and cloud services. Meanwhile, the European Union’s recent...
AMD Keeping Samsung Close Amid Memory Shortage
AMD has entered a strategic agreement with Samsung to secure next‑generation HBM4 memory amid a broader industry shortage. The partnership aims to lock in supply for AMD's upcoming AI‑focused GPUs, addressing concerns raised after the company warned of potential shortages...
7 Tech Companies Worth Trillions Pledge $12.5m to Open Source Security
Seven trillion‑valued tech giants—including Google, Microsoft, Amazon, Meta, Apple, IBM, and Oracle—have jointly pledged $12.5 million to bolster open‑source security. The grant program will fund projects that help maintainers filter out low‑quality, AI‑generated bug reports and prioritize genuine vulnerabilities. By creating...
UK's New Supercomputer Is Coming 13 Months Too Late, NAO Report
The National Audit Office reports that the United Kingdom’s next‑generation supercomputer will miss its original 2026 launch by roughly 13 months, now expected in early 2027. The delay stems primarily from prolonged government funding approvals and procurement bottlenecks. The project,...
4 KVM Vendors, 9 Vulns – Including an Unfixed CVSS 9.8
Researchers at Eclypsium uncovered nine security flaws across consumer‑grade IP KVM devices from four vendors, including two critical vulnerabilities rated CVSS 9.8 and 8.8 that remain unpatched. The affected products range from single‑port, $30 units popular with homelab enthusiasts to...
Alibaba Just Launched an Enterprise Agent Platform, and a Whole Token Business Around It
Alibaba Cloud has introduced an enterprise agent platform designed to run multiple AI agents securely on real‑world workloads. The platform emphasizes document editing and workflow automation, and is paired with a token‑based business model that charges per agent interaction. Tokens...
Hackers Turned a Compromised Npm Package Into Full AWS Admin Access in 72 Hours
Security researchers reported that a maliciously altered npm package was used to obtain full AWS administrative privileges within just 72 hours. The attackers leveraged the compromised library to enumerate S3 buckets, terminate production EC2 and RDS instances, and decrypt application...
Exclusive: Nomura Appoints Tokyo-Based CIO as Patrick Eltridge Leaves
Nomura Holdings, Japan’s largest investment bank, announced that Akio Hori will assume the role of group chief information officer in April, succeeding Patrick Elridge who will leave on March 31. Hori is based in Tokyo, highlighting a shift toward domestic...
How to Defend Against Recruitment as the Attack Surface
Recruitment of software engineers is emerging as a critical attack surface, with nation‑state actors—most notably North Korea—exploiting new hires to infiltrate vulnerable systems. These insiders often receive deep privileges, allowing rapid lateral movement and data exfiltration. The article outlines a...
Microsoft-Owned GitHub Says It'll Move 50% Traffic to Azure by July to Help with Outages
GitHub announced it will route at least half of its traffic through Microsoft Azure by July. The shift responds to a series of high‑impact outages blamed on “extremely rapid” user growth and failover failures in its existing infrastructure. CTO Vlad...
Leonardo's Becrypt Buyout Targets Five Eyes Cyber Deals
Leonardo announced the acquisition of UK‑based endpoint and cloud security specialist Becrypt, expanding its cyber portfolio. The deal gives Leonardo a stronger foothold with the UK government and the broader Five Eyes intelligence alliance. By integrating Becrypt’s capabilities, Leonardo aims...
SAP Says FPS01 Puts S/4HANA One Step Short of Autonomy
SAP introduced the first major features update, FPS01, for its hosted private S/4HANA instances. The update adds AI‑driven agents that analyze tasks across systems and suggest concrete actions, stopping short of autonomous execution. SAP positions this as the penultimate step...
NVIDIA May Be Plotting Enterprise-Grade OpenClaw, but Adoption Fears Persist Across the Globe
NVIDIA is preparing an enterprise‑grade AI platform called "Nemo," explicitly referencing the notorious OpenClaw security framework. The move signals NVIDIA’s intent to embed advanced security features into its AI stack, but it also revives lingering concerns about OpenClaw’s vulnerability history....
The Big Interview: New Look's COO on Migrating to SAP, Leaving IBM for Databricks and More...
Lynda Petherick, originally hired to find a CIO, now serves as both COO and CIO of New Look, a UK fashion retailer that posted $929 million in revenue for 2025. Under her leadership the company is migrating its core ERP to...
UK MoD to Sign £21m Contract to Stay on Janes OSINT Platform
The UK Ministry of Defence will sign a £21 million contract to remain on Janes’ open‑source intelligence (OSINT) platform. The decision follows an internal review that found no viable commercial alternatives to Janes for defence‑grade data. Janes will continue providing curated...
Graph Databases: The Unexpected Secret Sauce of AI Applications?
Graph databases are emerging as essential infrastructure for enterprise AI, offering a way to map relationships that reduces hallucinations, improves explainability, and enforces data governance. Neo4j’s CEO Emil Eifrem highlights that knowledge graphs give LLMs transparent access to corporate data,...
UK's AI Copyright Plans Would Harm Local Industry Say Peers
The UK government is drafting new copyright rules that would extend protection to AI‑generated works, requiring developers to obtain licences for training data. Industry leaders managing over $100 billion in annual IT spend argue the measures will lock UK firms into...
OpenAI Acquires Promptfoo as Enterprise AI Platform Wars Heat Up
OpenAI announced the acquisition of Promptfoo, a fast‑growing platform that automates testing and validation of large‑language‑model prompts. The deal, terms undisclosed, brings Promptfoo’s open‑source tooling and enterprise‑grade safety features under OpenAI’s product umbrella. By integrating Promptfoo, OpenAI aims to streamline...
Online Retailer Zalando Trims AWS Bill by Getting Manual with Flink Stream Filtering
Zalando, which generates roughly €3 billion in quarterly fashion sales, ran into soaring AWS costs and unstable Flink clusters due to the way Flink 1.20’s Table API handled chained joins. The joins caused state to balloon to over 240 GB per application, leading...
Claude Is Much Better at Calling Bull on Nonsense Prompts
Anthropic’s Claude Sonnet and Claude Opus now push back against nonsensical prompts, rejecting them over 70% and eventually more than 90% of the time. A benchmark shows pre‑Q3‑2025 LLMs accepted such prompts at least 50% of the time. Competing models...
Are We Overlooking Small Language Models? Everything You Need to Know About Efficient SLMs
Researchers are championing small language models (SLMs) as a cost‑effective alternative to massive AI systems, highlighting breakthroughs that deliver near‑state‑of‑the‑art performance with a fraction of the parameters. Efficient fine‑tuning techniques and model distillation enable these compact models to run on...
Banks – and Google – Open to Gemini-Powered Exfil via Public API Keys, Researchers Say
Security firm Truffle Security revealed that publicly exposed Google API keys can be upgraded to full‑access Gemini credentials, enabling data exfiltration from any organization using them. A November scan uncovered 2,863 such keys, affecting major banks, security vendors, and even...
Accenture Wins Competition-Free £54m From Post Office
The UK Post Office has awarded Accenture a £54 million, competition‑free contract to manage its back‑office IT services from April 2026 through June 2029. The deal covers finance, ERP, HR, process automation and application modernisation across more than 11,500 branches, but excludes the...
Google's Air Gapped Cloud Gets "Public-Like" Networking
Google Cloud has unveiled a new networking layer that gives its air‑gapped, confidential computing environments public‑like connectivity. The feature leverages zero‑trust VPC Service Controls to keep workloads isolated while allowing them to communicate with external services as if they were...
How This Cybersecurity Firm’s Graph Database Investment Is Paying Off
Darktrace, fresh from its $5.3 billion Thoma Bravo acquisition, migrated its security platform to Amazon Neptune, a managed graph database, to map threats across complex cloud environments in real time. The shift enables multi‑hop relationship queries that relational databases struggle with at...
Natwest Group CEO Touts Near-Term Agentic AI Workflow Future
NatWest Group CEO Paul Thwaite announced that the bank is shifting from basic chatbots to autonomous AI systems capable of executing complex banking workflows for customers. He expects many of the underlying components to be operational within the year. However,...
UK Customers Aren't as Worried About Sovereignty as EU, Cisco Exec Says
Cisco’s EMEA president Gordon Thomson told The Stack that British companies are less preoccupied with data‑sovereignty than their European counterparts. He noted that infrastructure autonomy has become a board‑level fear across the region, while AI localisation requirements are muddying the...