Morning Brief

1. Alienware 15 launched by Dell Alienware
2. Spotify to support Apple HLS video podcast technology
3. The U.S. government approves sales of NVIDIA H200 chips to 10 Chinese companies
4. Four updates related to Microsoft
5. A major NGINX vulnerability hidden for 18 years has been disclosed
6. Three government departments deploy measures to further strengthen new energy vehicle safety management
7. News Worth a Quick Look

---

Alienware 15 launched by Dell Alienware

On May 13, Dell Alienware officially introduced the Alienware 15 entry-level gaming laptop. The product uses older-generation processors and lower-tier graphics cards, with a total performance power (TPP) rating of 110W. The Alienware 15 features a dual-fan, triple-heatpipe rear-exhaust cooling system. Processor options include the AMD Ryzen 7 260 / Ryzen 5 220 or the Intel Core 7 240H / Core 5 210H, while GPU options include the NVIDIA GeForce RTX 5060 Laptop GPU, NVIDIA GeForce RTX 5050 Laptop GPU, and NVIDIA GeForce RTX 4050 Laptop GPU. The laptop comes with a 15.3-inch 1920×1200 165Hz display covering 62.5% sRGB, along with an HD webcam, dual-array microphones, dual 2W speakers, and support for 180-degree hinge opening. Ports include two USB-C ports, two USB-A ports, one RJ45 Ethernet port, one HDMI port, and one 3.5mm audio jack. Pricing starts at US$1,299 for the AMD version and US$1,349 for the Intel version. Source

---

Spotify to support Apple HLS video podcast technology

Spotify has announced that it will support the HTTP Live Streaming (HLS) technology introduced earlier this year by Apple across its Spotify for Creators and Megaphone platforms. The technology is designed to improve the distribution and playback experience for video podcasts, and Apple is expected to roll it out more broadly across its products with OS 27. Spotify’s adoption of the technology will make it easier for creators to distribute content across both Apple Podcasts and Spotify. In addition, Spotify will collaborate with Apple so that creators distributing content through Apple Podcasts can also monetize their work. Source

---

The U.S. government approves sales of NVIDIA H200 chips to 10 Chinese companies

According to Reuters, the U.S. Department of Commerce has recently approved the sale of NVIDIA H200 artificial intelligence chips to 10 Chinese companies, including Alibaba, Tencent, ByteDance, and JD.com. Under the export license terms, each approved customer is limited to purchasing up to 75,000 chips. In addition, distributors such as Lenovo and Foxconn have also received authorization to resell the chips. Despite the regulatory approval, actual deliveries remain stalled.

Sources familiar with the matter said that no physical shipments have been completed so far. The deadlock is reportedly caused by newly added U.S. compliance requirements, including demands that buyers demonstrate “adequate security procedures” to ensure the chips are not used for military purposes. At the same time, the Chinese government has also taken a cautious stance toward the purchases due to concerns over supply chain security and domestic industry protection, encouraging local companies to prioritize the development and adoption of homegrown AI chips. Source

---

Microsoft Updates Roundup

Edge Browser Removes Copilot Mode, Integrates AI Features Directly Into the Browser

On May 13, the official Microsoft Edge Blog announced that Microsoft Edge is removing its dedicated Copilot Mode, with AI capabilities now being integrated directly into various browser features. On mobile, Edge is introducing a new Journeys feature that can automatically organize browsing history into meaningful topics. Copilot can also gather information from all open tabs for combined reasoning tasks, while the redesigned new tab page is now available on mobile devices as well. In addition, all versions now include long-term memory functionality, allowing Copilot to reference past conversations and browsing history when answering questions. Edge is also adding a learning mode capable of transforming currently viewed content into quizzes and flashcards, while tab content can also be used to generate podcasts. New features such as a writing assistant are also being introduced. Source

Microsoft Introduces Cloud-Initiated Driver Recovery for Windows

Microsoft recently announced a new feature for Windows updates called “Cloud-Initiated Driver Recovery.” When enabled, if Microsoft detects quality issues or failed reviews during driver update distribution, it can remotely trigger a recovery command from the cloud, allowing affected devices to automatically roll back to a previously stable driver version without requiring manual user intervention or hardware partners to resubmit patches. The entire process is officially managed end-to-end, requiring no changes to existing APIs or development workflows from partners, while unaffected drivers continue operating normally. The feature entered manual validation and testing in May and is expected to roll out fully in September this year. Source

Security Researcher Publicly Reveals Two Backdoor-Level Windows BitLocker Vulnerabilities

Security researcher Chaotic Eclipse publicly disclosed two Windows BitLocker vulnerabilities on May 13, named YellowKey and GreenPlasma. The YellowKey vulnerability reportedly requires only a USB drive containing specific files and a very simple operation to bypass BitLocker full-disk encryption, granting unrestricted access to all encrypted files. The exploit takes advantage of low-level logic within the Windows boot architecture, turning mechanisms originally reserved for system maintenance into a high-risk security vulnerability.

In a follow-up blog post, Chaotic Eclipse stated that TPM+PIN protections recommended by Microsoft specialists are ineffective against the exploit. He said the vulnerabilities were publicly disclosed due to dissatisfaction with Microsoft’s handling of the reports, adding that more disclosures are planned for next Tuesday. Chaotic Eclipse previously revealed the BlueHammer and RedSun vulnerabilities targeting Microsoft Defender in April after Microsoft allegedly failed to respond effectively. RedSun was later quietly patched without a CVE identifier, while BlueHammer has reportedly already been exploited in the wild. Source

Microsoft Releases Last Year’s BitLocker Recovery Mode Fix Only for Windows 11

This week, Microsoft released a critical patch for BitLocker encryption that fixes a severe issue causing devices to repeatedly enter recovery mode after installing the July 2024 security updates. The bug forced many enterprise users to enter a 48-digit recovery key every time their devices rebooted. The root cause was traced to a previous security update that unintentionally altered Secure Boot parameters, leading the TPM to interpret the hardware environment as changed and triggering BitLocker’s protection mechanism. Affected systems include Windows 11, Windows 10, and Windows Server 2022, but this week’s fix is currently available only for users running Windows 11 versions 22H2 and 23H2. Other affected users must continue relying on temporary workarounds. Source

---

A major NGINX vulnerability hidden for 18 years has been disclosed

On May 14, security research firm DepthFirst announced the disclosure of a major security vulnerability that had remained hidden within the core modules of NGINX for 18 years. The vulnerability, codenamed “NGINX Rift” and tracked as CVE-2026-42945, carries a CVSS score of 9.2, with no known reports of active exploitation in the wild at this time. The issue exists within the ngx_http_rewrite_module and has reportedly been present since version 0.6.27 released in 2008. Remote, unauthenticated attackers can trigger a heap overflow through specially crafted URI requests, potentially allowing control of NGINX worker processes and enabling remote code execution or denial-of-service attacks. NGINX is a widely used open-source, high-performance lightweight web server, reverse proxy, and email proxy server. Official security updates have already been released, and users are strongly advised to upgrade to NGINX 1.30.1, 1.31.0, or later versions as soon as possible. Source

---

Three government departments deploy measures to further strengthen new energy vehicle safety management

According to Xinhua News Agency, on May 14, the First Department of Equipment Industry of China’s Ministry of Industry and Information Technology, the Quality Development Bureau of the State Administration for Market Regulation, and the Fire Supervision Department of the National Fire and Rescue Administration jointly held a video conference to further strengthen safety management for new energy vehicles and ensure the healthy and sustainable development of the industry. The meeting called on vehicle manufacturers and power battery producers to take primary responsibility for product quality and safety, strengthen risk prevention across product R&D, manufacturing, supply chain management, operational monitoring, and after-sales services, and strictly fulfill disclosure obligations to guide consumers toward proper vehicle usage while prohibiting exaggerated or misleading marketing claims. Companies were also instructed to establish internal reward mechanisms for reporting safety hazards, deepen safety risk investigations, and firmly safeguard safety standards. Source

---

News Worth a Quick Look

• Brazilian outlet Tecnoblog has revealed a new Xbox Cloud Gaming controller. According to the report, the controller supports Bluetooth and Wi-Fi 6 with bandwidth limited to 20 MHz, uses the Realtek RTL8730E wireless chip, includes a built-in 500 mAh battery, and features a USB-C port. Source

• Leaker aaronp613 on X claimed to have discovered the product name “Google Home Display” within the code of the iOS version of the Google Home app, suggesting it could be the successor to the Google Nest Hub lineup, whose latest generation was released in 2021. Source
• According to Reuters, Microsoft is continuing to seek further investments in the AI sector following its investment in OpenAI. The company is reportedly exploring acquisitions of AI startup teams to acquire talent and technology, with one of the companies under consideration said to be Inception, which develops large language models. Source
• Reports claim that James Mitchell stated during Tencent’s Q1 2026 earnings call that GPUs used for personalized advertising technologies and related businesses can achieve faster returns on investment. However, the company also believes continued investment in its Hunyuan large language model remains strategically important and said it is satisfied with the current progress. Source