Debunking AI Security Myths for State and Local Governments

by  Jennifer Hebert

Learn how IT officials can secure artificial intelligence systems by building on existing cybersecurity foundations and adopting multilayered strategies.

Summary

State and local governments can secure AI systems by reinforcing existing cybersecurity practices and adapting them to address AI-specific risks.

This involves applying zero-trust principles, securing data, and involving security teams early in AI design. While AI introduces new risks, existing tools and a multilayered defense strategy can effectively mitigate them.

 Read full story at StateTech…

How to Know if Your Asus Router Is One of Thousands Hacked by China-State Hackers

by  Dan Goodin

So far, the hackers are laying low, likely for later use.

Summary

Thousands of end-of-life Asus routers have been compromised in a sophisticated hacking campaign dubbed WrtHug, which researchers attribute to a suspected Chinese state-sponsored group. The attack targets seven unsupported Asus models, primarily in Taiwan, with smaller clusters in South Korea, Japan, Hong Kong, Russia, Europe, and the U.S.

Attackers gain full administrative control, install a malicious self-signed TLS certificate (expiring in 2122 with issuer/subject fields filled with “a”), and exploit Asus’s AICloud feature. No overt malicious payload has been observed, suggesting the routers are being quietly repurposed into a covert operational relay box (ORB) network for espionage—similar to previous Chinese and Russian campaigns.

SecurityScorecard warns that compromised devices can mask future attacks. Users of affected models should immediately check certificates and replace unsupported routers.

 Read full story at arsTechnica…

Trump Calls for Federal AI Standard, Warns China Will 'Easily Catch US'

by  Gyana Swain

A push for unified federal rules comes as state AI regulations create a mounting compliance burden.

Summary

President Donald Trump urged Congress to enact a single federal AI regulation standard, warning that conflicting state laws threaten U.S. economic growth and risk letting China dominate the AI race. In Truth Social posts, he called for preemption language in the National Defense Authorization Act (NDAA) or a standalone bill, citing overregulation by states and attempts to embed “woke” DEI ideology into AI models.

House Republicans, led by Majority Leader Steve Scalise, are exploring adding such preemption to the must-pass NDAA. With nearly 700 state AI bills introduced in 2024 and varying rules in Colorado, California, and Texas, companies face a costly patchwork of compliance requirements for bias testing, impact assessments, and transparency.

Industry leaders like OpenAI and Nvidia support federal preemption for competitiveness, though Anthropic opposes it. Analysts argue the China threat is real but overstated, and advise enterprises to adopt strict internal governance—often based on the EU AI Act—rather than wait for uncertain federal action.

 Read full story at Computerworld…

Apple, Microsoft, or Google: Whose Platform Authenticator Rules Our Passkey Future?

by  David Berlind

As we navigate the bumpy road from passwords to passkeys, the authenticator already in your system could define our passwordless future.

Summary

As passkeys replace passwords, the built-in “platform authenticator” in your device will largely determine your passwordless experience. These free, hardware-backed authenticators — Apple’s iCloud Keychain, Microsoft’s Windows Hello/Edge system, and (to a lesser extent) Google’s Chrome — dominate the ecosystem.

Apple’s implementation syncs all passkeys seamlessly across devices via iCloud Keychain, using the Secure Enclave for security. Microsoft historically tied passkeys to a device’s TPM (making them non-syncable), but as of November 2025 is rolling out cloud-synced passkeys across Edge on all platforms, plus an upcoming OS-level service supporting non-Edge apps and browsers. Google’s Chrome offers synced passkeys but blurs the line between true platform and virtual authentic, especially on non-Android devices.

Your choice of ecosystem increasingly locks in your passkey future.

 Read full story at ZDNET…

Should Your Tech Company Enter the Defense Market? Five Considerations to Weigh.

by  Erik Swabb, Matthew Olsen and Stephanie Evans

From acquisition complexities to investor expectations, law firm experts from WilmerHale detail what dual-use technology companies need to know before pursuing government work.

Summary

The surge in defense-tech funding has opened lucrative doors for dual-use companies to sell to the U.S. government and allies, diversifying revenue and building strategic relationships. Yet entering this market demands far more than commercial sales experience.

Five critical considerations emerge: mastering the complex defense acquisition process — engaging end users, buyers, and Congress — while translating innovation into mission needs; securing internal alignment among leadership, employees, and investors for regulated national-security work; treating rigorous compliance (cybersecurity, export controls, ethics) as a core enabler rather than a burden; ensuring capital sources accept the defense sector’s slow revenue cycles; and weighing long-term tradeoffs such as export restrictions against credibility gains.

Success requires patience, robust compliance infrastructure, and genuine commitment to supporting U.S. and allied defense missions.

 Read full story at Washington Technology…

The Windows Insider Program Is a Confusing Mess

by  Ed Bott

The Insider Program was a game-changer for Windows users. What went wrong?

Summary

The Windows Insider Program, launched in 2014, originally gave enthusiastic users and IT pros early access to pre-release builds, allowing meaningful feedback that shaped final Windows releases. For years, the Fast/Slow (later Dev/Beta) channels provided predictable previews tied to upcoming feature updates, giving enterprises months to prepare.

Everything changed after Windows 11. Preview cycles shrank dramatically, the Dev Channel became an untethered experimental playground where features could appear or vanish without warning, and even the Beta Channel now carries disclaimers that showcased features “may not ship.” Controlled Feature Rollout (CFR) now staggers new capabilities to public releases over weeks or months, turning every Windows user into an unwitting tester.

Recent abrupt departures of longtime program leaders — including Amanda Langowski, Brandon LeBlanc, and Jason Howard — have left the program feeling leaderless and increasingly impersonal. With Windows 11 approaching its fifth birthday, the once-revolutionary Insider initiative has lost its way, becoming unpredictable for testers and end users alike.

 Read full story at ZDNET…

Duke Energy Proposes New Investments in North Carolina to Boost Reliability

by  Duke Energy

Targeted investments will harden the grid against storms and upgrade existing power plants to maximize efficiency, saving customers money

Summary

Duke Energy has filed for revised rates with the North Carolina Utilities Commission (NCUC) for both Duke Energy Carolinas (DEC) and Duke Energy Progress (DEP), requesting a 15-15.1% increase in annual revenue.

If approved, typical residential bills for DEC customers would rise by $17.22 monthly starting in 2027, and DEP customers would see a $23.11 increase. The company asserts that the requested rates, based on a 10.95% return on equity, are necessary to balance enhancing the energy grid&ndashincluding tripling self-healing technology coverage since 2022&ndashand maximizing cost-saving measures.

These cost-saving measures include storm bonds, nuclear tax credits, and the proposed combination of DEC and DEP, which the company claims will save customers over $1 billion in future costs. Investments focus on grid upgrades, maximizing existing generation, and adding $1.7 billion in battery storage projects to power North Carolina’s unprecedented economic growth.

 Read full story at Duke Energy…

Southern Company Gas Leverages Innovative Technology to Enhance the Accuracy and Safety of Underground Mapping

by  Southern Company

Consistent with its longstanding commitment to innovation and serving customers, Southern Company Gas recently completed a pilot program with pioneering technology company Exodigo.

Summary

Southern Company Gas has successfully completed a pilot program with Exodigo, a pioneering technology company, to enhance the safety, reliability, and efficiency of underground infrastructure mapping. Conducted in the greater Atlanta metro area, the initiative involved collaboration between Southern Company Gas's research and development and Cross Bore Program teams and Exodigo personnel.

Exodigo's advanced technology integrates sophisticated sensors, artificial intelligence, and data analytics to create highly accurate, non-invasive maps of subsurface utilities, including pipelines, cables, and other critical infrastructure. Unlike traditional methods—such as manual digging, sewer cameras, and tracer wires——Exodigo's approach minimizes the need for exploratory excavations, reducing cross-bore risks, operational costs, and environmental disruption.

The pilot demonstrated significant benefits, including improved decision-making for maintenance and upgrades, enhanced safety by lowering the risk of accidental strikes, and more efficient prioritization of repairs. Program leaders emphasized that the technology expands their capabilities for monitoring underground infrastructure, enabling smarter, data-driven decisions that bolster system reliability and customer service.

 Read full story at Southern Company…

Why America's Power Grid Will Be Able To Withstand The $2.5 Trillion A.I. Datacenter Building Boom

by  Christopher Helman

Tech giants want to double A.I. electricity consumption in 5 years by enough to power more than 30 million homes. America can do it.

Summary

The world’s largest A.I. companies, including OpenAI and Google, plan to more than double their computing power by 2030, requiring a $2.5 trillion investment over the next five years. This includes $500 billion for new power plants and transmission lines to meet the massive electricity demand.

Experts forecast that American data centers will consume over 10% of total U.S. domestic electricity by 2030, raising alarms about potential power shortages and construction delays. However, optimists argue that the U.S. capital markets can meet the challenge, citing a record 63 GW of new power capacity expected this year.

Developers are bypassing utility delays by building “behind-the-meter” generation, often using natural gas, which Goldman Sachs projects will power 60% of new data center demand. Longer-term solutions include a nuclear power renaissance and increasing grid efficiencies, demonstrating a strong commitment to fueling the A.I. boom.

 Read full story at Forbes…