AI Squeeze: Macs Tighten, Clouds Surge, Patch cPanel

Welcome to AI News in 10, your top AI and tech news podcast in about 10 minutes. AI tech is amazing and is changing the world fast, for example this entire podcast is curated and generated by AI using my and my kids cloned voices...

Here’s your quick overview for Sunday, May 3, 2026.

Apple says surging demand for on-device AI is straining supplies of the Mac mini and Mac Studio — and warns memory will get pricier in June.

Alphabet reports that AI in Search is finally translating into revenue momentum, with Google Cloud growth accelerating.

Microsoft, meanwhile, is pushing even harder on AI infrastructure — boosting capital spending by an extra 25 billion dollars as component prices climb — while Copilot adoption crosses the 20 million seat mark.

On security, there’s a critical cPanel authentication bypass now on CISA’s Known Exploited Vulnerabilities list — admins, this one needs weekend attention.

And finally, Vimeo has confirmed a security incident linked to a third-party Anodot breach, with a ransomware crew claiming responsibility.

Let’s get into it.

[BEGINNING_SPONSORS]

Story one: Apple’s AI-driven Mac crunch — and a looming memory bill.

During Apple’s fiscal Q2 call, CEO Tim Cook said demand has outpaced supply for both the Mac mini and the Mac Studio. Customers may face months-long waits for some configurations.

Apple attributes the spike to local AI — developers and teams running models directly on machines with big unified memory pools. Cook cautioned the constraints could persist for several months. That matches what we’re hearing across the component ecosystem: AI is pulling memory and packaging capacity in new directions, and the ripple is now hitting high-RAM desktops, not just GPU servers.

Apple’s quarter was strong — 111.2 billion dollars in revenue and 29.6 billion in profit — but the forward signal is Cook’s warning that memory costs will be significantly higher in the June quarter and will increasingly impact products. If you’re budgeting for fleets or pro workstations, factor in longer lead times and potential upticks on high-memory configurations.

Sources include Tom’s Hardware, TechRadar Pro, and Axios.

One more angle here: if memory prices stay elevated into the summer, vendors may tweak RAM configurations or pricing ladders to preserve margins. And because Apple’s statement lines up with warnings from memory suppliers about persistent shortages, this isn’t a one-week blip — it’s part of the structural AI supply story now landing on the consumer side. TechRadar notes those higher RAM costs start to bite from June.

Story two: Google says AI in Search is paying off.

Alphabet posted 109.9 billion dollars in first-quarter revenue, up 22 percent year over year, and called out AI-driven experiences in Search for pushing queries to an all-time high. Google Cloud had a standout quarter — up 63 percent to 20 billion — as enterprises buy more AI infrastructure and Gemini-powered services.

Alphabet also disclosed hefty capital expenditures — 35.7 billion dollars in the quarter — as it scales Gemini and cloud capacity. The company says paid monthly active users for Gemini are up 40 percent quarter over quarter, and the API is now processing 16 billion tokens per minute — up more than 60 percent from last quarter.

If you’ve been waiting for hard evidence that AI can move core profit-and-loss lines beyond splashy demos... this is it. Search, Cloud, and subscriptions all benefited. Coverage via Android Central.

What should operators and marketers take from this? First, AI in Search is no longer just an engagement story — it’s linked to revenue and ad formats Google is confident enough to scale. Second, spending at this pace suggests Google is steering into model upgrades, training capacity, and inference optimization — so expect lower latency, longer context windows, and multimodal features everywhere as Gemini evolves.

Story three: Microsoft’s AI check just got bigger.

Following its latest quarter — 82.9 billion dollars in revenue with Microsoft Cloud at 54.5 billion — Microsoft says rising component prices are forcing an additional 25 billion dollars in AI capital spending this year. CFO Amy Hood now pegs total 2026 capex around 190 billion dollars, with 40 billion on hardware and data centers next quarter alone.

Two demand signals are driving that: a commercial backlog of roughly 627 billion dollars, and an AI business run rate around 37 billion — up 123 percent year over year. Microsoft 365 Copilot adoption keeps climbing too, with more than 20 million paid seats, and four times as many customers with over fifty thousand seats compared to last year.

For customers, this likely means continued priority on GPU and CPU allocation, aggressive regional buildouts, and premium pricing for high-end inference tiers until supply normalizes. For IT leaders, it’s a heads-up to lock in capacity and budget cycles now — so you’re not priced out later. Reporting via TechRadar Pro.

[MIDPOINT_SPONSORS]

Story four: A critical cPanel authentication bypass is being actively exploited — and it’s now on CISA’s Known Exploited Vulnerabilities list.

If you manage hosting stacks, or rely on a provider that does, pause and check your exposure. The flaw — CVE-2026-41940, CVSS 9.8 — allows attackers to remotely bypass login and take full control of cPanel and WebHost Manager. Patches shipped April 28, but exploitation was observed before disclosure, and multiple security teams report in-the-wild activity.

CISA added the CVE to its Known Exploited Vulnerabilities catalog on April 30, and federal agencies were told to remediate by today, May 3. This is not hypothetical... exploitation is happening, and mass compromise is possible given cPanel’s footprint. If you haven’t already, update to the fixed versions, audit for suspicious sessions and tokens, and rotate credentials and API keys touched by affected hosts. Sources include CyberScoop, TechCrunch, and the Canadian Centre for Cyber Security.

A quick explainer for your comms: cPanel is the control-panel layer millions of websites use — so a pre-auth bypass means an attacker can become the server admin without a password, exfiltrate data, or pivot to every site on that host. If you’re on managed hosting, press your provider for attestation that the April 28 fixes are applied, and ask whether they’ve scoped indicators of compromise across your tenant. TechRadar Pro’s write-up underscores just how sweeping the risk can be for unpatched environments.

Story five: Vimeo confirms a security incident linked to the third-party Anodot breach.

In a notice to users, Vimeo said an unauthorized actor accessed certain user and customer data via a compromised Anodot integration. Early findings suggest the exposed data included technical logs, video titles and metadata, and in some cases email addresses — not video content, login credentials, or payment card data.

Vimeo disabled Anodot credentials, removed the integration, brought in a third-party investigator, and notified law enforcement. The ransomware crew ShinyHunters has claimed responsibility and threatened to publish stolen files unless a ransom was paid by April 30. While the scope isn’t fully quantified, it’s a reminder that supply-chain and analytics integrations can be the weak link. If you embed analytics or anomaly-detection services, inventory those tokens and rotate them — and review what metadata you transmit, and whether it contains sensitive identifiers. Coverage via TechRadar Pro.

Recap for May 3: Apple is signaling tighter Mac supply — and pricier memory — just as on-device AI goes mainstream. Alphabet says AI is lifting core businesses like Search and Cloud, while Microsoft is writing a much bigger AI spending check to keep up with demand as Copilot spreads.

On security, a cPanel pre-auth bypass is under active exploitation and on CISA’s KEV — patch now — and Vimeo’s third-party incident is a fresh case study in supply-chain exposure. We’ll keep watching how AI demand reshapes hardware, budgets, and, critically, your security posture in the days ahead.

Thanks for listening and a quick disclaimer, this podcast was generated and curated by AI using my and my kids' cloned voices, if you want to know how I do it or want to do something similar, reach out to me at emad at ai news in 10 dot com that's ai news in one zero dot com. See you all tomorrow.