Russia'relentlessly targeting' critical infrastructure and democracy, GCHQ says The UK is at a moment of consequence as Russia is relentlessly targeting critical infrastructure, the UK's largest spy agency will warn. GCHQ Director Anne Keast-Butler will set out threats facing the UK and the measures she believes need to be taken to confront them when she makes her inaugural public speech on Wednesday. Russia has been blamed for a string of espionage plots on British soil and, more recently, waging an undeclared'hybrid war' against the UK and other Nato countries. The Kremlin has denied the allegations. Keast-Butler says GCHQ is working tirelessly to fend off cyber attacks and counter what she calls reckless sabotage and assassination attempts.

Microsoft is officially discontinuing SMS verification for personal account logins, pushing users toward more secure passkey authentication methods. PCWorld reports that SMS-based authentication represents a major fraud risk, prompting Microsoft's aggressive transition to biometric and PIN-based passkeys. Users should switch to passkeys soon, which use device-stored keys and biometric data for enhanced two-factor authentication security. For a while now, it's been possible to authenticate your Microsoft account logins by receiving a six-digit code via text message. Windows Latest now reports that SMS verification will be phased out shortly.

Apple's passkeys replace traditional passwords on Mac with biometric authentication and encryption, offering stronger security through Touch ID and Face ID verification.

Passkeys work on computers without cameras or fingerprint readers by using Windows Hello PIN or device passcode for secure authentication instead of traditional passwords.

I have bad news for everyone with weak passwords. A hacker can guess your laziest random passwords in the same amount of time it takes to watch a movie. It turns out when you put the most brutally fast consumer graphics card on the task of, uh, brute-forcing 8-character passwords, it can crack a numbers-only string in 3 hours. Such is the finding of Hive Systems, a cybersecurity firm based in Virginia, as part of the research that went into its 2025 password table. The chart shows how fast a "consumer budget" hacker could brute-force passwords of varying lengths (4 to 18 characters) and compositions (e.g., numbers only, lowercase letters, uppercase and lowercase letters, etc.).

Large Language Models (LLMs) face efficiency bottlenecks due to the quadratic complexity of the attention mechanism when processing long contexts. Sparse attention methods offer a promising solution, but existing approaches often suffer from incomplete effective context and/or require complex implementation of pipeline. We present a comprehensive analysis of sparse attention for autoregressive LLMs from the respective of receptive field, recognize the suboptimal nature of existing methods for expanding the receptive field, and introduce PowerAttention, a novel sparse attention design that facilitates effective and complete context extension through the theoretical analysis. PowerAttention achieves exponential receptive field growth in $d$-layer LLMs, allowing each output token to attend to $2^d$ tokens, ensuring completeness and continuity of the receptive field. Experiments demonstrate that PowerAttention outperforms existing static sparse attention methods by $5\sim 40\%$, especially on tasks demanding long-range dependencies like Passkey Retrieval and RULER, while maintaining a comparable time complexity to sliding window attention. Efficiency evaluations further highlight PowerAttention's superior speedup in both prefilling and decoding phases compared with dynamic sparse attentions and full attention ($3.0\times$ faster on 128K context), making it a highly effective and user-friendly solution for processing long sequences in LLMs.

In what may be a first, the US Department of Justice this week charged a hacker with attempting to cause injury and death by launching distributed denial-of-service (DDoS) attacks against hospitals. Ahmed Omer and his brother Alaa are accused of carrying out a cyberattack spree that targeted hundreds of victims under the hacktivist banner Anonymous Sudan. The group's DDoS victims included Microsoft's Azure cloud services, OpenAI's ChatGPT, and Israel's missile alert system, according to prosecutors. It was the brothers' alleged attacks on hospitals, however, that drew the most serious accusations from the Justice Department, which singled out Ahmed for allegedly seeking to kill people with the crude cyberattacks that overwhelm systems, knocking them offline. If someone told you there's a tool that can--using only open source information--create a "cyber profile" of you that can locate your phone in real time or place you at the scene of a crime at any date in the past, would you believe them?

Whether it stands for artificial intelligence or, er, Apple intelligence, AI is the hot news of the day. Which is why I think it's time to talk about [sits backwards on chair] passwords. It may have been buried in the reporting of last night's Apple event – which the inestimable Kari Paul and Nick Robins-Early covered for us from Cupertino and New York – but one of the more consequential changes coming to the company's platforms in the next year is the creation of a new Passwords app. The average user probably has never heard of 1Password or LastPass, and they may or may not be aware that the iPhone can automatically create and store passwords for them. For users like that, a new Passwords app showing up on their iPhone's Home screen this fall is going to hopefully lead them to a more secure computing future. The straight version of this is that it's a minimal change.

WhatsApp, the popular global messaging platform owned by Meta, has rolled out new features including a different way to log in and an artificial intelligence assistant in the app. Whatsapp said on X, formerly Twitter, on April 24 that this feature was "a more secure way to login." It also avoids any potential challenges in receiving an SMS to log in, with the company adding: "traveling? The messaging app already launched passkeys for Android users in October, as demonstrated by a post shared on Threads, another Meta social media platform. People with Pixel 8 and 8 Pro Google phones can now also use Face Unlock, instead of their fingerprint or PIN, to unlock and view messages on WhatsApp, as reported by 9to5Google.

It is well known that LLMs cannot generalize well to long contexts whose lengths are larger than the training sequence length. This poses challenges when employing LLMs for processing long input sequences during inference. In this work, we argue that LLMs themselves have inherent capabilities to handle long contexts without fine-tuning. To achieve this goal, we propose SelfExtend to extend the context window of LLMs by constructing bi-level attention information: the grouped attention and the neighbor attention. The grouped attention captures the dependencies among tokens that are far apart, while neighbor attention captures dependencies among adjacent tokens within a specified range. The two-level attentions are computed based on the original model's self-attention mechanism during inference. With minor code modification, our SelfExtend can effortlessly extend existing LLMs' context window without any fine-tuning. We conduct comprehensive experiments on multiple benchmarks and the results show that our SelfExtend can effectively extend existing LLMs' context window length. The code can be found at \url{https://github.com/datamllab/LongLM}.