Longtime Slashdot reader hackingbear shares a report from TOP500: The 67th edition of the TOP500 list of the world's most powerful supercomputers was announced today at the ISC 2026 conference in Hamburg, Germany. LineShine, a previously unlisted system installed in China, debuts at No. 1, displacing El Capitan as the world's most powerful supercomputer as measured by the High Performance Linpack (HPL) benchmark. LineShine achieved 2.198 Exaflop/s on HPL -- about 80 percent of its 2.736 Exaflop/s theoretical peak -- making it the first system on the TOP500 to exceed two exaflops of sustained double-precision performance using CPUs only. Installed at the National Supercomputing Centre in Shenzhen (NSCS) and built by the Shenzhen Cloud Computing Center, the system is based on a custom Chinese processor and the "LingKun" platform: 13.79 million cores across 304-core LX2 processors running at 1.55 GHz, linked by the proprietary LingQi interconnect and running Kylin OS. LineShine draws approximately 42.2 megawatts of power, for an efficiency of 52.07 Gigaflops/Watt. Its debut marks the first time since 2017 that a Chinese system has led the TOP500, and it also takes over the No. 1 position on the HPCG ranking with 22.00 HPCG-Petaflop/s. On the HPL-MxP mixed-precision benchmark, LineShine reached 7.92 Exaflop/s for fourth place, a comparatively modest 3.6x speedup over its HPL score that points to a CPU-only design without dedicated low-precision accelerators. While impressive, "the results may say more about Beijing's desire to show self-sufficiency in computing systems than its standing in the global AI race," reports Reuters. Reuters interviewed tech and policy experts who said that the results "do not mean that China has the world's fastest computer for AI work because of changes in the computing industry in recent years and the methods used to compile the list." The reports notes that LineShine "ranked fourth on a benchmark test designed to simulate computing work that is more similar to AI." Jimmy Goodrich, a senior fellow at the University of California's Institute for Global Conflict and Cooperation, said: "If the hyperscalers submitted their systems, this 'world's fastest' would not crack the top five." Addison Snell, CEO of Intersect360 Research, a firm that focuses on supercomputers, added: "I'm not surprised it's the number one system. What I'm surprised by is that they submitted it and want recognition for it."

Read more of this story at Slashdot.

President Donald Trump signed two executive orders Monday to accelerate the federal government’s transition to post-quantum encryption and reprioritize government financing to support the domestic quantum computing industry. 

The orders, which CyberScoop first reported on last year, direct the government to throw its weight behind the quantum computing industry. They are part of a broader effort by the Trump administration to put its stamp on the development of another key emerging technology.

In May, the Department of Commerce announced letters of intent for more than $2 billion in federal financing incentives for nine quantum companies under the CHIPS and Science Act. Last year, the administration did something similar with its AI-focused executive orders and action plan that created special federal export programs for AI technology and equipment, directed federal agencies to mobilize federal financing tools to support the industry, and cut or curtail regulations that the administration said may impede domestic growth. 

Ahead of the signing, sources previewed details of those orders to CyberScoop. Per one of those sources, who spoke on condition of anonymity to discuss pending administration actions, a “whole of government approach is used to empower research and development into quantum computing, as well as quantum sensing [and other resources].”

They described the Trump administration’s attitude for propping up industry as “don’t let us miss out on prioritizing the feeders for the research or the development of quantum.” 

The second order requires federal civilian networks to adopt quantum-resistant encryption faster than the current 2035 deadline. The new encryption algorithms, vetted by the National Institute of Standards and Technology, will protect against future quantum computer attacks. 

Agencies that miss the new deadline must report to the Office of Management and Budget explaining why. 

On hand for the signing were Department of Energy Undersecretary for Science Darío Gil, Department of Commerce Secretary Howard Lutnick, National Cyber Director Sean Cairncross, Defense Secretary Pete Hegseth, Federal Chief Information Officer Greg Barbaccia, and Office of Science and Technology Policy Director Michael Kratisos.

Multiple executives from technology companies were also on hand for the order’s signing, complimentary of the government’s efforts in boosting the industry.

“IBM applauds the Administration for taking this important, timely step forward,” said IBM CEO Arvind Krishna in a statement. “Sound policy, sustained investment and public-private partnership are vital to sustaining U.S. quantum leadership and technological resilience. We’re proud to keep building on this foundation — strengthening U.S. competitiveness and bolstering national security as we shape the quantum future together.”

“At Google, we are proud of our sustained breakthroughs in quantum computing and post-quantum cryptography,” said Google President and Chief Investment Officer Ruth Porat. “Quantum computing is a transformational technology that can advance national security, drug discovery, energy solutions and more.”

Update; 6/22/26; 5:20 p.m.: This story was updated after the signing with details about the orders, signing ceremony attendees, and comments from IBM’s Arvind Krishna and Google’s Ruth Porat.

The post Trump executive orders speed up post-quantum migration, boost industry appeared first on CyberScoop.

Apple has released quantum-resistant cryptographic code and the mathematical verification tools it developed to prove the code’s correctness, making them publicly available for independent review and broader use across the industry.

The release includes implementations of two quantum-secure algorithms, ML-KEM and ML-DSA, along with the formal verification libraries and tools Apple created to validate their accuracy. The company also published detailed documentation of its verification methodology, which it describes as achieving the strongest known correctness results for any widely deployed production implementation of these algorithms.

The quantum-secure algorithms are integrated into corecrypto, Apple’s cryptographic library used across its operating systems. The library handles encryption, decryption, hashing, and digital signatures on over 2.5 billion active devices. Apple began deploying quantum-resistant encryption in iMessage in 2024 and has expanded the technology to VPN services and TLS networking protocols.

One of the tools released is the company’s Cryptol-to-Isabelle translator, which converts cryptographic models between formal languages, along with supporting libraries needed to reproduce the results. Formal verification uses mathematical proofs to show that code works correctly for all possible inputs. Apple translated its code into Cryptol, a formal language developed by Galois, then into Isabelle, a proof assistant from the University of Cambridge and The Technical University of Munich, to prove both matched the official standards. Apple has used Isabelle previously to verify hardware cryptographic components.

The verification process uncovered errors that conventional testing would have missed. Researchers found a missing computational step in the ML-DSA code that would have silently broken digital signatures. If this bug had reached production, messages in iMessage may have appeared authenticated when they actually weren’t, leaving users unaware their communications lacked proper security.

Even with these tools, Apple acknowledged that it still depends on conventional cryptographic testing and evaluation is needed for assurance. Formal verification can catch errors that traditional testing simply cannot find. Testing works by trying many scenarios, but with complex cryptographic code, there are too many possible inputs to test exhaustively. Subtle bugs can hide in the gaps between test cases and never trigger a warning. Formal verification, by contrast, uses mathematics to prove correctness across all possible inputs at once.

However, Apple’s team writes that it couldn’t formally verify every single aspect of their code with the tools available, so they combined approaches: formal verification for core mathematical correctness, conventional testing for aspects formal methods couldn’t cover, and careful evaluation of how all the pieces work together. Apple argues this hybrid approach provides the most robust security for critical cryptographic software.

“Based on our work to date, we believe that the strongest assurance possible comes from combining formal verification with conventional methods and critically evaluating the end-to-end results,” the blog post reads.

Furthermore, the blog states that Apple selected ML-KEM and ML-DSA from among several standardized quantum-resistant algorithms because they best matched the company’s requirements for security, performance, and compact parameters. The algorithms address the threat posed by future quantum computers, which could potentially break the encryption methods currently protecting digital communications.

More information can be found on Apple’s corecrypto GitHub page. 

The post Apple open-sources quantum-resistant encryption code appeared first on CyberScoop.

The growth of data centers — and adversaries’ targeting of them — left lawmakers at a hearing Wednesday contemplating whether the federal government has the right setup for defending them.

Some industry witnesses and experts at the hearing of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection testified that the answer might be to give data centers their own standalone designation as a critical infrastructure sector.

The question of how to secure data centers against cyber and physical attacks coincides with artificial intelligence fuelling a boom in the building of such facilities across the United States. Last month, Iranian drones targeted two Amazon data centers in response to the U.S.-Israel bombing campaign on Iran, and a third data center in Bahrain was struck as well.

“If a major data center is attacked, disrupted, or taken offline, the consequences can reach far beyond one company or one sector,” Rep. Andy Ogles, R-Tenn., said in prepared opening remarks. “Yet our current framework does not provide a clear, unified approach to data center security. It does not clearly answer which federal agency is responsible for understanding the risk, coordinating with industry, or leading the response when this infrastructure is targeted.”

Three providers account for 63 percent of the market share of data centers: Amazon Web Services, Microsoft Azure and Google Cloud Platform. 

The United Kingdom already has deemed data centers as a standalone critical infrastructure sector. Reps. Vince Fong, R-Calif., and LaMonica McIver, D-N.J., asked panel witnesses Wednesday about federal protection of them.

“Given the scrutiny that is required to make sure that those data centers are secure, there would be a benefit in having them work together as a unique coordinating council,” said Robert Mayer, senior vice president for cybersecurity and innovation at USTelecom, an industry group.

The Foundation for Defense of Democracies’ Mark Montgomery suggested a sector that combines data centers and cloud providers, given the overlap in ownership. The 2024 rewrite of a White House national security memo left some experts disappointed that it didn’t designate cloud computing as a critical infrastructure sector. 

Samuel Visner, chair of the board of directors of the Space Information Sharing and Analysis Center, said he agreed, given the role data centers are playing in the U.S. economy, military and other dependencies. “Finding a way to regard them as part of our critical infrastructure and protect them accordingly is sine qua non, absolutely necessary,” he said.

A fourth witness didn’t weigh in on the need for a separate critical infrastructure designation. But Scott Algeier, executive director of Information Technology Information Sharing and Analysis Center, said his organization had created a “special interest group” for data center providers.

“The data centers are integrated already into the critical infrastructure discussions,” he told the panel.

The post Congress, industry ponder government posture for protecting data centers appeared first on CyberScoop.

When Google announced last month it was moving up its own internal timeline for migrating to quantum-resistant forms of encryption, it started a broader conversation in the cybersecurity and cryptography communities: Just what was pushing one of the largest tech companies in the world to significantly accelerate its adoption of post-quantum protections for its systems, devices and data?

In the weeks since, new research has lended weight to those claims. A joint research paper from the California Institute of Technology, its tech startup Oratomic and the University of California concluded that technological advancements in neutral atom arrays indicate a quantum computer capable of breaking classical encryption may require as few as 10,000 quantum bits (or qubits), not millions as previously thought.

Qian Xu, a CalTech researcher and coauthor of the paper, said the findings are significant and indicates that such a computer could potentially be operational by the end of the decade.

“For decades, qubit count has been viewed as the main obstacle to fault-tolerant quantum computing,” Xu said in a statement. “I hope our work helps shift that perspective.”

Google’s Quantum AI division released its own research paper around the same time, outlining a twenty-fold decrease in the number of physical qubits believed to be needed to break some of the most popular forms of 256-bit elliptic curve encryption algorithms used to currently protect cryptocurrencies.

“We note that while viable solutions like [post-quantum cryptography] exist, they will take time to implement, bringing increasing urgency to act,” wrote Ryan Babbush, director of research and Hartmut Neven, vice president of engineering at Google.

Google’s decision to accelerate its shift to post-quantum encryption reflects a growing consensus.  Over the past year, CyberScoop has heard similar concerns from tech and government officials, typically centered on two quantum-related threats facing governments and businesses today.

One is the capability of foreign nations and cybercriminals to collect sensitive, encrypted data today in the hopes of breaking it later with a quantum computer. This “harvest now, decrypt later” technique is one of the main reasons proponents push for faster adoption of post-quantum encryption.

The second stems from a string of notable quantum computing breakthroughs over the past two years, many led by researchers in China.

Andrew McLaughlin, chief operating officer for SandboxAQ, a Software-as-a-Service company that focuses AI and quantum computing technologies, said concerns can be summed up as “hardware, math and China.

Advancements in areas like neutral atom arrays have given scientists more powerful hardware, while breakthroughs in mathematics like that in the Google research paper have found ways to use that hardware more efficiently. 

But he also pointed to what he described as exciting (and worrying) advancements in the field from some of America’s greatest international rivals.

Beijing has invested heavily in quantum computing, empowering top scientists like Pan Jianwei, a professor at China’s University of Science and Technology, with the resources and support to push the boundaries of technological development and position China as a world leader in quantum science.

Late last year, Chinese state media reported that Huanyuan 1, a 100-qubit quantum computer developed by researchers at Wuhan University on a Chinese government grant program, had been approved for commercial use. The reports claim that orders worth more than 40 million yuan (or $5.6 million dollars) have already been processed in sales, including to subsidiaries at domestic telecom China Mobile and the government of Pakistan.

Experts say quantum computers pose a potentially exceptional threat to blockchain-based cryptocurrencies.

Nathaniel Szerezla, chief growth officer at Naoris Protocol, a company that develops quantum-resistant encryption for blockchain infrastructure, said the paper from Oratomic and Caltech has “shifted the timeline” for planning around quantum encryption, particularly for cryptocurrency and blockchain platforms.

The underlying assumption was a “fault tolerant” quantum computer (i.e. one capable of threatening classical encryption) would require millions of qubits, but the paper suggests that it may actually only need as few as 10,000 qubits.

“Ultimately, we have gone from planning for a threat two decades out to one that overlaps with systems actively being deployed and funded,” Szerezla said.

For digital assets like cryptocurrency, the implications are “immediate” because the private key encryption underpinning billions of dollars on the blockchain were never designed to withstand attacks from a quantum computer.

“Migrating a live blockchain to post-quantum standards is a different problem entirely from upgrading a centralized system,” Szerezla continued. “You are dealing with immutable ledgers, billions in locked liquidity, and decentralized governance that cannot mandate a coordinated upgrade.”

Not everyone believes that we are on the cusp of a quantum hacking apocalypse.

On BlueSky Matthew Green, a computer science professor and cryptography expert at Johns Hopkins University, called the Google and Oratomic papers a good “precautionary” analysis of the long-term challenge of quantum encryption.

However, he expressed skepticism that quantum computing had enough “lucrative immediate applications” to push the field beyond its foundational research stage to more practical applications. He also questioned whether some of the newer quantum-resistant algorithms vetted by NIST would truly stand up to a real quantum computer. They were designed to protect against a threat that is still largely theoretical, and several of the post-quantum algorithms initially evaluated by NIST have turned out to contain vulnerabilities that could be exploited by classical computers.

That’s if one does indeed arrive in the next decade. Green said this week that he’s not convinced quantum-enabled hacks will be something to worry about in his lifetime, though he acknowledged that prediction might “haunt him” someday.

Nevertheless, “I’d bet huge amounts of money against a relevant quantum computer by 2029 or even 2035,” he wrote.

The post Why is the timeline to quantum-proof everything constantly shrinking? appeared first on CyberScoop.

Apple garnered a huge amount of publicity with the MacBook Neo, which is still exploding on YouTube and other social media. I don’t think the Neo is selling at a loss, but if it were it would probably be worth the “Hey, look at me!” moment. I’m starting to think this is an opening salvo […]

After decades of development, quantum computing is now becoming increasingly available for advanced scientific and commercial use. The potential marvels range from accelerating drug discovery and materials science, to optimizing complex logistics and financial modeling.

But there’s a paradox to this trend: Quantum computing also poses a growing threat to data security.

The risk is that the algorithms and protocols currently used to secure devices, applications and computer systems could eventually be broken by malicious actors using quantum computing, compromising even the strongest security measures. By some estimates, widely used encryption standards such as RSA and ECC could be cracked by quantum computers as soon as 2029—a doomsday known as “Q-Day,” when current security standards would be rendered ineffective by quantum computing’s number-calculating prowess.

The possibility that quantum computing could break today’s data protection protocols is prompting chief security officers and chief technology officers to ramp up countermeasures. They’re doing it with post-quantum cryptography (PQC), a niche area of cybersecurity that is rising in priority across the business world. Lack of preparedness could be costly, with one report putting the potential U.S. economic cost of a quantum attack at more than $3 trillion. Even before that potential calamity, the current average cost of a data breach is upwards of $10 million, and that number will only increase commensurate to the scale of a quantum-induced breach.

That is why the quantum threat should not be treated as a concern only for forward-thinking executives. It must become a board-level issue for every enterprise. Organizations should launch a comprehensive PQC initiative that builds enterprise-wide awareness and updates digital systems and data assets to be resilient against quantum attacks.

Waiting until Q-Day would be mistake because people will not know when it occurs. It probably will not arrive with press releases or product announcements. Instead, in may unfold quietly as attackers try to maximize what they can steal before anyone notices. The reality is that sensitive data is already at risk of being stolen and stored away so it can be decoded – an attack referred to as “harvest now, decrypt later”- when Q-Day is a reality. Security pros need to give this immediate attention, even if the ultimate threat appears to be a few years away.

Quantum-proofing data at scale

Security teams are usually focused on immediate threats, but they still have a window of opportunity to prepare for Q-Day, as long as they start now. 

One interim measure underway is the transition to more robust versions of the digital certificates and keys that are already pervasive in business and everyday life. Such certificates, which act as identity credentials, are used to authenticate billions of users, devices, documents and other forms of communications and endpoints. The certificates contain cryptographic keys. Security teams are phasing in “47-day keys,” which are designed to expire and be replaced within 47 days—much more frequently than the current generation. It’s a step in the right direction, but not enough.

Establishing a hardened PQC defense requires much more than a standard software patch or upgrade to the public key infrastructure (PKI) used most everywhere to manage digital certificates and encrypt data. An enterprise-wide PQC strategy must be adopted and implemented at scale.

Consider the rapid rise of agentic AI, where organizations may need to assign digital identities to thousands or even millions of AI agents. That will require a level of authentication that goes well beyond existing infrastructure.

These projects will be led by the CISO but planning and execution should include other business leaders because post-quantum security must reach every part of the organization’s digital environment. Boards also need to be involved, given the governance stakes and the significant capital investment required. 

Developing a multi-year, multi-pronged strategy

Organizations in regulated industries—banking, healthcare and government, for example—are generally a step ahead in bracing for the post-quantum threat. Regardless of industry, though, few are fully prepared because readiness requires a detailed picture of an organization’s end-to-end data and security landscape.

In my experience, that holistic view is a rarity. For CISOs and their line-of-business colleagues, a good starting point is creating a comprehensive inventory of systems and data across the enterprise, then prioritizing what needs to be safeguarded.

Another important step is to begin testing and adopting the latest quantum-resistant algorithms and protocols that have been standardized by NIST. A growing range of PKI products and platforms support those specifications. That’s essential because the only way enterprises will be able to orchestrate, monitor and manage the scope of deployment is through automation.

Such updates are vital, but this isn’t a matter of simply replacing pre-quantum specs with newer ones. Because PQC will be a multi-year undertaking, organizations must bridge the gap between old and new. The best strategy for some will be a hybrid approach that combines classical cryptography and next-gen algorithms, though standardization remains a work in progress. Other organizations are driving toward a “pure” or unblended post-quantum model.

As for those harvest attacks, the best defense is straightforward: Encrypt your most sensitive long-lived data with quantum-resistant algorithms ASAP.

PQC is a shared responsibility

Unfortunately, there is no finish line in the race to quantum-era security. And even if an organization locks down its systems against emerging threats, there’s no guarantee that customers and business partners will do the same.

 Many vulnerabilities will still remain, which is why the business case for PQC includes protecting customer data and safeguarding reputation and brand trust as digital threats evolve quickly. Even today, a major breach can cost millions and inflict lasting damage to a corporate brand.

Quantum computing promises to bring many new capabilities to business and society—from transforming supply chain optimization and risk analysis, to enabling breakthrough discoveries in medicine and climate science. But the potential risks are just as substantial. After years of watching and waiting for quantum, business leaders have little choice but to take action.

Chris Hickman is the chief security officer of Keyfactor, a leading provider of quantum-safe security solutions. 

The post It’s time to get serious about post-quantum security. Here’s where to start. appeared first on CyberScoop.

Beau Bullock // Overview The traditional methodology of a remote attacker who has no preconceptions of a target network used to be fairly static. With organizations moving to “the cloud”, […]

The post Storm Chasing: How We Hacked Your Cloud appeared first on Black Hills Information Security, Inc..