AI is everywhere, and the IoT space is no exception—as networks of “smart” devices evolve, they’ll need to incorporate new technologies.

At this year’s CES, we talked to tech experts about how the IoT sector is changing, and how AI fits into it.

Do the evolution. There is a “Cambrian explosion” of AI capabilities right now, Akamai EVP and CTO Bobby Blumofe told IT Brew, and it’s spreading to the IoT space. For professionals in that sector, he said, the potential goes beyond LLMs and chatbots.

“A lot of the real value that we’re getting out of AI, whether it’s to detect fraud, recommend products, drive a car autonomously, or run a robot in a warehouse—in almost all cases, those are not LLMs,” Blumofe said. “Those are deep learning models that are specialized to solving the particular problem at hand.”

One CIO compares today’s AI to electricity.—EH

Same misconfigurations, different day.

That’s how ethical hackers described misconfigurations they observed in 2025 that still place organizations at risk.

Kent Ickler, senior penetration tester at Black Hills Information Security, told IT Brew that he has been doing penetration testing for years, and while missteps by companies haven’t changed much, they have evolved with the times.

“The weakest link is still the person. It’s still the employee,” Ickler said.

Same old, same old. During a Nov. 18 panel at Live! 360 Tech Con in Orlando, Florida, Onevinn CTO Stefan Schörling said it’s still common to see service accounts added to domain admins, a mistake that can lead to major issues if that account is compromised.

Also: Adversaries are calling the help desk.—BM

It’s the moment we all dread: Your laptop flashes the infamous blue screen of death. But in this case, it isn’t a critical system error fixed by a few keystrokes. Instead, you’ve unintentionally installed malware on your device.

Campaign summary. That’s the core of a new malware campaign dubbed PHALT#BLYX, which was revealed by Securonix threat researchers in a Jan. 5 blog post. The researchers claim to have seen the PHALT#BLYX campaign evolve from an easy-to-detect infection chain into its now-sophisticated form, with a focus during this past holiday season on the hospitality industry.

The attack is straightforward: Victims receive an email that appears to come from hotel booking website Booking.com, notifying them of a reservation cancellation and soliciting a large fee. The email causes the victim, who’s likely panicked, to click the link leading to a malicious domain impersonating Booking.com, complete with a fake error message. (The emails’ fake room charges are in Euros, suggesting the campaign is targeting people in Europe.)

Guess what happens if you click “refresh.”—BM