Slashdot

An anonymous reader quotes a report from BleepingComputer: U.S. cybersecurity company F5 disclosed that nation-state hackers breached its systems and stole undisclosed BIG-IP security vulnerabilities and source code. The company states that it first became aware of the breach on August 9, 2025, with its investigations revealing that the attackers had gained long-term access to its system, including the company's BIG-IP product development environment and engineering knowledge management platform. F5 is a Fortune 500 tech giant specializing in cybersecurity, cloud management, and application delivery networking (ADN) applications. The company has 23,000 customers in 170 countries, and 48 of the Fortune 50 entities use its products. BIG-IP is the firm's flagship product used for application delivery and traffic management by many large enterprises worldwide. [...] F5 is still reviewing which customers had their configuration or implementation details stolen and will contact them with guidance. To help customers secure their F5 environments against risks stemming from the breach, the company released updates for BIG-IP, F5OS, BIG-IP Next for Kubernetes, BIG-IQ, and APM clients. Despite any evidence "of undisclosed critical or remote code execution vulnerabilities," the company urges customers to prioritize installing the new BIG-IP software updates.Read more of this story at Slashdot.

Google is introducing new recovery tools that aim to make it less frustrating to regain access when you're locked out of your account. The Verge: Instead of answering security questions or entering a recovery email address, Google's new security features allow account holders to verify their identity using a linked mobile number, or trusted friends or family members. The Recovery Contacts feature enables users to designate people to confirm their identity in order to regain access to accounts after getting hacked or losing their password or passkey. Google didn't specify how the verification process works, but says the feature provides "a simple and secure way to regain access when standard recovery methods fail." Recovery Contacts is available for eligible personal Google accounts, and can be found under the Security option in the account settings.Read more of this story at Slashdot.

Alexis Ohanian, who helped build Reddit, says much of the internet has become dominated by bots and AI. Speaking on the podcast TBPN, he described the internet as increasingly "quasi-AI" and filled with what he called "LinkedIn slop." Ohanian referenced dead internet theory, the assertion that bot activity exceeds human activity on the web. In September, Sam Altman, OpenAI's CEO, posted that while he had not taken the theory seriously, he now sees "a lot of LLM-run twitter accounts."Read more of this story at Slashdot.

The U.S. passport has fallen out of the top 10 most powerful passports globally for the first time in 20 years in the latest edition of the Henley Passport Index, which ranks nations based on the number of destinations a traveler can visit without needing a visa. From a report: The U.S. ranking is on a steep downward trend, with the U.S. passport now in 12th spot, tied with Malaysia, having already fallen from seventh place last year to 10th place in July. A decade ago, the U.S. passport topped the index. Christian H. Kaelin, chairman of Henley & Partners and creator of the index, said in a news release on Tuesday that the declining strength of the U.S. passport signaled a "fundamental shift in global mobility and soft power dynamics." Kaelin added: "Nations that embrace openness and cooperation are surging ahead, while those resting on past privilege are being left behind."Read more of this story at Slashdot.

The UK should be prepared to cope with weather extremes as a result of at least 2C of global warming by 2050, independent climate advisers have said. BBC: The country was "not yet adapted" to worsening weather extremes already occurring at current levels of warming, "let alone" what was expected to come, the Climate Change Committee (CCC) wrote in a letter addressed to the government. The committee said they would advise that the UK prepare for climate change beyond the long-term temperature goal set out in the Paris Agreement. The letter came as the World Meteorological Organization (WMO) confirmed that 2024 had seen a record rise of carbon dioxide (CO2) in the atmosphere. CO2 is the gas mainly responsible for human-caused climate change and is released when fossil fuels are burnt, as well as other activities.Read more of this story at Slashdot.

Almost 70% of adults in the US would be deemed to have obesity based on a new definition, research suggests. From a report: The traditional definition of obesity, typically based on having a body mass index (BMI) of 30 or greater, has long been contentious, not least as it does not differentiate between fat and muscle. In an effort to tackle the issue, in January medical experts from around the world called for a new definition to be adopted. This would encompass people either with a BMI greater than 40; or those with a high BMI and at least one raised figure for measures such as waist circumference, waist-to-hip ratio, or waist-to-height ratio; or those with two such raised figures regardless of BMI; or those with direct measures of excess body fat based on scans. In addition, they said obesity should be split into two categories: clinical obesity -- where there are signs of illness -- and pre-clinical obesity, where there are not. Now research suggests the revamped definition could result in a dramatic rise in the prevalence of obesity among adults in the US.Read more of this story at Slashdot.

Math teachers across American schools are contending with a classroom disruption that has proven impossible to contain. The numbers six and seven now trigger instant pandemonium among students. They scream the phrase and perform a palms-up seesaw hand gesture whenever the numbers appear in equations or instructions. Teachers have begun avoiding breaking students into groups of six or seven or asking them to turn to page 67. The meme has no meaning, reports WSJ. That absence of meaning is the point. The phenomenon traces back to late last year when Philadelphia rapper Skrilla released "Doot Doot (6 7)," a song referencing 67th street where his friends grew up. The phrase spiraled into youth culture in March through a viral video of a boy with forward-swept hair lurching toward a camera to deliver an animated "six seven." Skrilla is now touring venues where audiences wait for the six-seven line. Some teachers have attempted to neutralize the meme by saying it themselves.Read more of this story at Slashdot.

Apple is releasing its new 14-inch MacBook Pro with the M5 chip in European markets without a charger. Customers in the U.S., Ireland, Germany, Italy, France, Spain, the Netherlands, Norway, and other European countries must supply their own power adapter. Buyers in the U.S. and other regions will receive Apple's 70-watt USB-C adapter. Apple attributed the decision to environmental goals as the European Union implements regulations on electronic waste. A USB-C to MagSafe 3 cable remains included. The adapter costs 59 pounds in the United Kingdom.Read more of this story at Slashdot.

An anonymous reader shares a report: On Wednesday, Pew Research Center published a survey assessing how parents in the US with children under 12 manage their kids' screen time, which revealed that 61% of respondents overall reported their child ever uses or interacts with smartphones -- including 38% of those with children under 2 years old. Much of this smartphone screen time is likely made up by parents streaming kid-friendly cartoons for their little ones to watch on the go: the study also found that YouTube use among children under 2 has risen sharply from 45% to 62% over the last five years. But it appears that most American toddlers only need to wait a few years before they can get devices of their very own. The same survey showed that almost one in four US parents overall allow their children aged 12 and under to have their own smartphones, and this ballooned to nearly 60% when just looking at kids aged 11-12 years old.Read more of this story at Slashdot.

The Japanese government has made a formal request asking OpenAI to refrain from copyright infringement. The request came after Sora 2 began generating videos featuring copyrighted characters from anime and video games. Minoru Kiuchi spoke at the Cabinet Office press conference on Friday and described manga and anime as "irreplaceable treasures" that Japan boasts to the world. The request was made online by the Cabinet Office's Intellectual Property Strategy Headquarters. Sora 2, which launched recently, generates twenty-second videos at 1080p resolution. Social media is getting filled with videos showing characters from One Piece, Demon Slayer, Pokemon and Mario. Digital Minister Masaaki Taira expressed hopes that OpenAI would comply voluntarily. He indicated that measures under Japan's AI Promotion Act may be invoked if the issue remains unresolved.Read more of this story at Slashdot.

Apple will increase investment in China, the company's CEO Tim Cook said during a meeting with the country's industry minister in Beijing on Wednesday, according to an official summary of their exchange. From a report: Many U.S. companies have become cautious about relations with China as the world's two biggest economies have clashed over trade tariffs and as U.S. President Donald Trump seeks to promote manufacture in the United States rather than elsewhere. But Cook told China's industry minister Li Lecheng the iPhone maker will keep investing in China, the Chinese ministry said, although the summary gave no details of the size of the projected investment.Read more of this story at Slashdot.

Several leading news organizations with access to Pentagon briefings have formally said they will not agree to a new defense department policy that requires them to pledge they will not obtain unauthorized material and restricts access to certain areas unless accompanied by an official. The Guardian: The policy, presented last month by the defense secretary, Pete Hegseth, has been widely criticized by media organizations asked to sign the pledge by Tuesday at 5pm or have 24 hours to turn in their press credentials. The move follows a shake-up in February in which long-credentialed media outlets were required to vacate assigned workspaces which was cast as an "annual media rotation program." A similar plan was presented at the White House where some briefing room spots were given to podcasters and other representatives of non-traditional media. On Monday, the Washington Post joined the New York Times, CNN, the Atlantic, the Guardian, Reuters, the Associated Press, NPR, HuffPost and trade publication Breaking Defense in saying it would not sign on to the agreement.Read more of this story at Slashdot.

Apple unveiled a new 14-inch MacBook Pro on Wednesday that features the company's M5 chip and represents what Apple describes as the next major advancement in AI performance for its Mac lineup. The laptop delivers up to 3.5 times faster AI performance than the M4 chip and up to six times faster performance than the M1 chip through a redesigned 10-core GPU architecture that incorporates a Neural Accelerator in each core. The improvements extend beyond AI processing to include graphics performance that runs up to 1.6 times faster than the previous generation and battery life that reaches up to 24 hours on a single charge. Apple also integrated faster storage technology that performs up to twice as fast as the prior generation and allows configurations up to 4TB. The 10-core CPU delivers up to 20% faster multithreaded performance compared to the M4. The laptop runs macOS Tahoe and includes a Liquid Retina XDR display available in a nano-texture option, a 12MP Center Stage camera, and a six-speaker sound system. The 14-inch MacBook Pro is available for pre-order starting Wednesday in space black and silver finishes and begins shipping October 22. The base model costs $1,599.Read more of this story at Slashdot.

The Free Software Foundation (FSF) has launched the LibrePhone Project, an initiative to create a fully free and open-source mobile operating system that eliminates proprietary firmware and binary blobs. From the FSF: "Librephone is a new initiative by the FSF with the goal of bringing full freedom to the mobile computing environment. The vast majority of software users around the world use a mobile phone as their primary computing device. After forty years of advocacy for computing freedom, the FSF will now work to bring the right to study, change, share, and modify the programs users depend on in their daily lives to mobile phones....Practically, Librephone aims to close the last gaps between existing distributions of the Android operating system and software freedom. The FSF has hired experienced developer Rob Savoye (DejaGNU, Gnash, OpenStreetMap, and more) to lead the technical project. He is currently investigating the state of device firmware and binary blobs in other mobile phone freedom projects, prioritizing the free software work done by the not entirely free software mobile phone operating system LineageOS." The project site can be found here.Read more of this story at Slashdot.

A new study shows that common baker's yeast (Saccharomyces cerevisiae) can survive Mars-like conditions, including meteorite shock waves and toxic perchlorate salts found in Martian soil. Phys.org reports: Published in PNAS Nexus, Purusharth I. Rajyaguru and colleagues subjected Saccharomyces cerevisiae, which is a widely used model yeast, to shock waves and perchlorates. The authors chose the yeast in part because it has already been studied in space. When stressed, yeast, humans, and many other organisms form ribonucleoprotein (RNP) condensates, structures made of RNA and proteins that protect RNA and affect the fates of mRNAs. When the stressor passes, the RNP condensates, which include subtypes known as stress granules and P-bodies, disassemble. The authors simulated Martian shock waves at the High-Intensity Shock Tube for Astrochemistry (HISTA) housed in the Physical Research Laboratory in Ahmedabad, India. Yeast exposed to 5.6 Mach intensity shock waves survived with slowed growth, as did yeast subjected to 100 mM sodium salt of perchlorate (NaClO4) -- a concentration similar to that in Martian soils. Yeast cells also survived exposure to the combined stress of shock waves and perchlorate stress. In both cases, the yeast assembled RNP condensates. Shock waves induced the assembly of stress granules and P-bodies; perchlorate caused yeast to make P-bodies but not stress granules. Mutants incapable of assembling RNP condensates were poor at surviving the Martian stress condition. Transcriptome analysis identified specific RNA transcripts perturbed by Mars-like conditions.Read more of this story at Slashdot.

An anonymous reader quotes a report from 404 Media: On Monday, a publicly-sourced archive of more than 10,000 national park signs and monument placards went public as part of a massive volunteer project to save historical and educational placards from around the country that risk removal by the Trump administration. Visitors to national parks and other public monuments at more than 300 sites across the U.S. took photos of signs and submitted them to the archive to be saved in case they're ever removed in the wake of the Trump administration's rewriting of park history. The full archive is available here, with submissions from July to the end of September. The signs people have captured include historical photos from Alcatraz, stories from the African American Civil War Memorial, photos and accounts from the Brown v. Board of Education National History Park, and hundreds more sites. "I'm so excited to share this collaborative photo collection with the public. As librarians, our goal is to preserve the knowledge and stories told in these signs. We want to put the signs back in the people's hands," Jenny McBurney, Government Publications Librarian at the University of Minnesota and one of the co-founders of the Save Our Signs project, said in a press release. "We are so grateful for all the people who have contributed their time and energy to this project. The outpouring of support has been so heartening. We hope the launch of this archive is a way for people to see all their work come together."Read more of this story at Slashdot.

The U.S. Department of Justice seized about $15 billion in bitcoin from wallets tied to Chen Zhi, founder of Cambodia's Prince Holding Group, who is accused of running one of the world's biggest "pig butchering" scams. Prosecutors say Zhi's network trafficked people into forced-labor scam compounds that defrauded victims worldwide through fake crypto investment schemes. CNBC reports: The seizure is the largest forfeiture action by the DOJ in history. An indictment charging the alleged pig butcher, Chen Zhi, was unsealed Tuesday in federal court in Brooklyn, New York. Zhi, who is also known as "Vincent," remains at large, according to the U.S. Attorney's Office for the Eastern District of New York. He was identified in court filings as the founder and chairman of Prince Holding Group, a multinational business conglomerate based in Cambodia, which prosecutors said grew "in secret .... into one of Asia's largest transnational criminal organizations. [...] The scams duped people contacted via social media and messaging applications online into transferring cryptocurrency into accounts controlled by the scheme with false promises that the crypto would be invested and produce profits, according to the office. "In reality, the funds were stolen from the victims and laundered for the benefit of the perpetrators," the release said. "The scam perpetrators often built relationships with their victims over time, earning their trust before stealing their funds." Prosecutors said that hundreds of people were trafficked and forced to work in the scam compounds, "often under the threat of violence." Zhi and a network of top executives in the Prince Group are accused of using political influence in multiple countries to protect their criminal enterprise and paid bribes to public officials to avoid actions by law enforcement authorities targeting the scheme, according to prosecutors.Read more of this story at Slashdot.

Roughly 200,000 Linux-based Framework laptops shipped with a signed UEFI shell command (mm) that can be abused to bypass Secure Boot protections -- allowing attackers to load persistent bootkits like BlackLotus or HybridPetya. Framework has begun patching affected models, though some fixes and DBX updates are still pending. BleepingComputer reports: According to firmware security company Eclypsium, the problem stems from including a 'memory modify' (mm) command in legitimately signed UEFI shells that Framework shipped with its systems. The command provides direct read/write access to system memory and is intended for low-level diagnostics and firmware debugging. However, it can also be leveraged to break the Secure Boot trust chain by targeting the gSecurity2 variable, a critical component in the process of verifying the signatures of UEFI modules. The mm command can be abused to overwrite gSecurity2 with NULL, effectively disabling signature verification. "This command writes zeros to the memory location containing the security handler pointer, effectively disabling signature verification for all subsequent module loads." The researchers also note that the attack can be automated via startup scripts to persist across reboots.Read more of this story at Slashdot.

BrianFagioli shares a report from NERDS.xyz: NordVPN has open sourced its Linux GUI on GitHub, giving the community full access to the code behind its graphical client. The move follows a 70 percent surge in daily active Linux users since the GUI's debut earlier this year, showing clear demand for a user friendly VPN experience on the platform. Alongside the previously open sourced command line tool, the GUI codebase is now available for anyone to audit, modify, and contribute to. While NordVPN's core backend infrastructure remains proprietary, the company says the open source release reflects its commitment to transparency and collaboration with the Linux community. The GUI can also now be installed with a single command using Snap, simplifying setup and ensuring automatic updates across distributions.Read more of this story at Slashdot.

An anonymous reader quotes a report from the Associated Press: Google announced on Tuesday that it will invest $15 billion in India over the next five years to establish its first artificial intelligence hub in the country. Located in the southern city of Visakhapatnam, the hub will be one of Google's largest globally. It will feature gigawatt-scale data center operations, extensive energy infrastructure and an expanded fiber-optic network, the company said in a statement. The investment underscores Google's growing reliance on India as a key technology and talent base in the global race for AI dominance. For India, it brings in high-value infrastructure and foreign investment at a scale that can accelerate its digital transformation ambitions. Google said its AI hub investment will include construction of a new international subsea gateway that would connect to the company's more than 2 million miles (3.2 million kilometers) of existing terrestrial and subsea cables. "The initiative creates substantial economic and societal opportunities for both India and the United States, while pioneering a generational shift in AI capability," the company's statement said.Read more of this story at Slashdot.

Longtime Slashdot reader Gadi Evron writes: Bruce Schneier and Barath Raghavan say agentic AI is already broken at the core. In their IEEE Security & Privacy essay, they argue that AI agents run on untrusted data, use unverified tools, and make decisions in hostile environments. Every part of the OODA loop (observe, orient, decide, act) is open to attack. Prompt injection, data poisoning, and tool misuse corrupt the system from the inside. The model's strength, treating all input as equal, also makes it exploitable. They call this the AI security trilemma: fast, smart, or secure. Pick two. Integrity isn't a feature you bolt on later. It has to be built in from the start. "Computer security has evolved over the decades," the authors wrote. "We addressed availability despite failures through replication and decentralization. We addressed confidentiality despite breaches using authenticated encryption. Now we need to address integrity despite corruption." "Trustworthy AI agents require integrity because we can't build reliable systems on unreliable foundations. The question isn't whether we can add integrity to AI but whether the architecture permits integrity at all."Read more of this story at Slashdot.

Walmart announced a new partnership with OpenAI that will let customers shop using ChatGPT. "For many years now, eCommerce shopping experiences have consisted of a search bar and a long list of item responses. That is about to change," Walmart CEO Doug McMillon said in a statement. NBC News reports: It was unclear Tuesday what the terms of the Walmart-AI partnership would be. The announcement also did not say when shoppers can expect to see ChatGPT integrated with their Walmart online shopping experiences, only that it's coming "soon." The OpenAI announcement is part of a broader push by Walmart, the biggest private employer in the U.S., to incorporate AI into its daily operations. "We're excited to partner with Walmart to make everyday purchases a little simpler. It's just one way AI will help people every day under our work together," Sam Altman, the co-founder and CEO of OpenAI, said in a statement. The partnership could also serve OpenAI by introducing ChatGPT to a massive set of consumers who may not be as accustomed to using AI chats in their shopping as OpenAI's core user base. "There is a native AI experience coming that is multi-media, personalized and contextual," said Walmart's McMillon.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Today is the official end-of-support date for Microsoft's Windows 10. That doesn't mean these PCs will suddenly stop working, but if you don't take action, it does mean your PC has received its last regular security patches and that Microsoft is washing its hands of technical support. This end-of-support date comes about a decade after the initial release of Windows 10, which is typical for most Windows versions. But it comes just four years after Windows 10 was replaced by Windows 11, a version with stricter system requirements that left many older-but-still-functional PCs with no officially supported upgrade path. As a result, Windows 10 still runs on roughly 40 percent of the world's Windows PCs (or around a third of US-based PCs), according to StatCounter data. But this end-of-support date also isn't set in stone. Home users with Windows 10 PCs can enroll in Microsoft's Extended Security Updates (ESU) program, which extends the support timeline by another year. [...] Home users can only get a one-year stay of execution for Windows 10, but IT administrators and other institutions with fleets of Windows 10 PCs can also pay for up to three years of ESUs, which is also roughly the amount of time users can expect new Microsoft Defender antivirus updates and updates for core apps like Microsoft Edge. Obviously, Microsoft's preferred upgrade path would be either an upgrade to Windows 11 for PCs that meet the requirements or an upgrade to a new PC that does support Windows 11. It's also still possible, at least for now, to install and run Windows 11 on unsupported PCs. Your day-to-day experience will generally be pretty good, though installing Microsoft's major yearly updates (like the upcoming Windows 11 25H2 update) can be a bit of a pain.Read more of this story at Slashdot.

Salesforce says it's saving about $100 million a year by using AI tools in the software company's customer service operations. From a report: The company is working to sell AI features that can handle work such as customer service or early-stage sales. To illustrate the value of the Agentforce product to business clients, Salesforce has been vocal about its own use of the technology. Chief Executive Officer Marc Benioff announced the statistic on Salesforce's savings during a speech Tuesday at the annual Dreamforce conference in San Francisco. The company said more than 12,000 customers are using Agentforce. For example, Reddit was able to cut customer support resolution time by 84%, Salesforce said.Read more of this story at Slashdot.

DirecTV wants to use AI to put you, your family, and your pets inside a custom TV screensaver. From a report: If that's not uncanny enough, you'll find items you can shop for within that AI environment, whether it's a piece of clothing similar to the one your AI likeness is wearing or a piece of furniture that pops up alongside it. The satellite TV giant is partnering with the AI company Glance to roll out this experience to DirecTV Gemini devices starting next year. "We are making television a lean-in experience versus lean back," Rajat Wanchoo, the group vice president of commercial partnerships at Glance, tells The Verge. "We want to give users a chance to use the advancements that have happened in generative AI to create a ChatGPT moment for themselves, but on TV." Glance is owned by InMobi, the same company that injected ecommerce bloatware into Motorola's budget phones.Read more of this story at Slashdot.

An anonymous reader shares a report: An attorney in a New York Supreme Court commercial case got caught using AI in his filings, and then got caught using AI again in the brief where he had to explain why he used AI, according to court documents filed earlier this month. New York Supreme Court Judge Joel Cohen wrote in a decision granting the plaintiff's attorneys' request for sanctions that the defendant's counsel, Michael Fourte's law offices, not only submitted AI-hallucinated citations and quotations in the summary judgment brief that led to the filing of the plaintiff's motion for sanctions, but also included "multiple new AI-hallucinated citations and quotations" in the process of opposing the motion. "In other words," the judge wrote, "counsel relied upon unvetted AI -- in his telling, via inadequately supervised colleagues -- to defend his use of unvetted AI." The case itself centers on a dispute between family members and a defaulted loan. The details of the case involve a fairly run-of-the-mill domestic money beef, but Fourte's office allegedly using AI that generated fake citations, and then inserting nonexistent citations into the opposition brief, has become the bigger story.Read more of this story at Slashdot.

Indonesia's film industry has started using generative AI tools to produce films at a fraction of Hollywood budgets. The country's filmmakers are deploying ChatGPT for scriptwriting, Midjourney for image generation, and Runway for video storyboarding. VFX artist Amilio Garcia Leonard told Rest of World that AI has reduced his draft editing time by 70%. The Indonesian Film Producer Association supports the technology. Indonesian films typically cost 10 billion rupiah ($602,500), less than 1% of major Hollywood productions. The sector employed about 40,000 people in 2020 and generated over $400 million in box office sales in 2023. Jobs for storyboarders, VFX artists, and voice actors are disappearing.Read more of this story at Slashdot.

The United Nations Food and Agriculture Organization projects record production of global cereal crops in the 2025-26 farming season. The forecast covers wheat, corn and rice, and comes as the global stocks-to-use ratio stands around 30.6% -- the world is producing nearly a third more of these foundational crops than it currently uses. The U.S. Department of Agriculture reported in August that American farmers would harvest a record corn crop at record yield per acre. The FAO Food Price Index has risen slightly this year but remains nearly 20% below its peak during the early months of the war in Ukraine. Average calories available per person worldwide have climbed from roughly 2,100 to 2,200 kilocalories daily in the early nineteen-sixties to just under 3,000 kilocalories daily by 2022. Cereal yields have roughly tripled since 1961. Yet the World Bank estimates around 2.6 billion people cannot afford a healthy diet, and current famines in Gaza and Sudan stem from political failures rather than crop failures.Read more of this story at Slashdot.

Generative AI models trained on internet data lack exposure to vast domains of human knowledge that remain undigitized or underrepresented online. English dominates Common Crawl with 44% of content. Hindi accounts for 0.2% of the data despite being spoken by 7.5% of the global population. Tamil represents 0.04% despite 86 million speakers worldwide. Approximately 97% of the world's languages are classified as "low-resource" in computing. A 2020 study found 88% of languages face such severe neglect in AI technologies that bringing them up to speed would require herculean efforts. Research on medicinal plants in North America, northwest Amazonia and New Guinea found more than 75% of 12,495 distinct uses of plant species were unique to just one local language. Large language models amplify dominant patterns through what researchers call "mode amplification." The phenomenon narrows the scope of accessible knowledge as AI-generated content increasingly fills the internet and becomes training data for subsequent models.Read more of this story at Slashdot.

California has enacted new legislation that aims to limit companies from charging consumers "exorbitant" fees to cancel fixed-term contracts. From a report: Assembly Bill 483 was signed into law by California Gov. Gavin Newsom on Friday, placing transparency requirements and fee limits on early terminations for installment contracts -- plans that allow consumers to make recurring payments for goods and services over a specified duration. This includes services that lure consumers into signing annual contracts by allowing them to pay in installments that appear similar to rolling monthly subscriptions, but with hefty cancellation fees for not locking in for the full year. The bill bans companies from hiding early termination fee disclosures within fine print or obscured hyperlinks, and limits the total fee amount to a maximum of 30 percent of the total contract cost. The goal is to make it easier for Californians to take these fees into account when comparing between services, and lessen the financial burden if they need to end their contract early.Read more of this story at Slashdot.

Researchers at UC San Diego and the University of Maryland have found that roughly half of geostationary satellite signals transmit sensitive data without encryption. The team spent three years using an $800 satellite receiver on a university rooftop in San Diego to intercept communications from satellites visible from their location. They collected phone calls and text messages from more than 2,700 T-Mobile users in just nine hours of recording. The researchers also obtained data from airline passengers using in-flight Wi-Fi, communications from electric utilities and offshore oil and gas platforms, and US and Mexican military communications that revealed personnel locations and equipment details. The exposed data resulted from telecommunications companies using satellites to relay signals from remote cell towers to their core networks. The researchers examined only about 15% of global satellite transponder communications and presented their findings at an Association for Computing Machinery conference in Taiwan this week. Most companies warned by the researchers have encrypted their satellite transmissions, but some US critical infrastructure owners have not yet added encryption.Read more of this story at Slashdot.

An anonymous reader shares a report: China's expansion of its rare earth export controls appeared to mark another escalation in the US-China trade war last week. But the announcements were also significant in another way: unusually, the documents could not be opened using American word processing software. For the first time, China's Ministry of Commerce issued a slew of documents that could be directly accessed only through WPS Office -- China's answer to Microsoft Office -- as Beijing continues its tech self-reliance drive. Developed by the Beijing-based software company Kingsoft, WPS Office uses a different coding structure to Microsoft Office, meaning WPS text files cannot be opened directly in Word without conversion. Previously, the ministry primarily released text documents in Microsoft Word format.Read more of this story at Slashdot.

An anonymous reader shares a report: After acquiring GitHub in 2018, Microsoft mostly let the developer platform run autonomously. But in recent months, that's changed. With GitHub CEO Thomas Dohmke leaving the company this August, and GitHub being folded more deeply into Microsoft's organizational structure, GitHub lost that independence. Now, according to internal GitHub documents The New Stack has seen, the next step of this deeper integration into the Microsoft structure is moving all of GitHub's infrastructure to Azure, even at the cost of delaying work on new features. [...] While GitHub had previously started work on migrating parts of its service to Azure, our understanding is that these migrations have been halting and sometimes failed. There are some projects, like its data residency initiative (internally referred to as Project Proxima) that will allow GitHub's enterprise users to store all of their code in Europe, that already solely use Azure's local cloud regions.Read more of this story at Slashdot.

Engineer Denis Stetskov, writing in a blog: The Apple Calculator leaked 32GB of RAM. Not used. Not allocated. Leaked. A basic calculator app is hemorrhaging more memory than most computers had a decade ago. Twenty years ago, this would have triggered emergency patches and post-mortems. Today, it's just another bug report in the queue. We've normalized software catastrophes to the point where a Calculator leaking 32GB of RAM barely makes the news. This isn't about AI. The quality crisis started years before ChatGPT existed. AI just weaponized existing incompetence. [...] Here's what engineering leaders don't want to acknowledge: software has physical constraints, and we're hitting all of them simultaneously. Modern software is built on towers of abstractions, each one making development "easier" while adding overhead: Today's real chain: React > Electron > Chromium > Docker > Kubernetes > VM > managed DB > API gateways. Each layer adds "only 20-30%." Compound a handful and you're at 2-6x overhead for the same behavior. That's how a Calculator ends up leaking 32GB. Not because someone wanted it to -- but because nobody noticed the cumulative cost until users started complaining. [...] We're living through the greatest software quality crisis in computing history. A Calculator leaks 32GB of RAM. AI assistants delete production databases. Companies spend $364 billion to avoid fixing fundamental problems. This isn't sustainable. Physics doesn't negotiate. Energy is finite. Hardware has limits. The companies that survive won't be those who can outspend the crisis. There'll be those who remember how to engineer.Read more of this story at Slashdot.

Preteens who use increasing amounts of social media perform poorer in reading, vocabulary and memory tests in early adolescence compared to those who use little or no social media. A study published in JAMA examined data from over 6,000 children ages 9 to 10 through early adolescence. Researchers classified the children into three groups: 58% used little or no social media over several years, 37% started with low-level use but spent about an hour daily on social media by age 13, and 6% spent three or more hours daily by that age. Even low users who spent about one hour per day performed 1 to 2 points lower on reading and memory tasks compared to non-users. High users performed 4 to 5 points lower than non-social media users. Jason Nagata, a pediatrician at the University of California, San Francisco and study author, said the findings were notable because even modest social media use correlated with lower cognitive scores.Read more of this story at Slashdot.

Apple has rebranded its streaming service Apple TV+ to simply Apple TV, further blurring the already confusing line between the Apple TV device, the Apple TV app, and the Apple TV service. As John Gruber notes, users can now "watch Apple TV in Apple TV on Apple TV." From Daring Fireball: In some ways, I get it. Like, if you're telling someone how much you enjoy Slow Horses and they ask how to watch it, it's more natural and conversational to just say "It's on Apple TV." That's what most people say. That's what I say -- and as part of my job, I completely understand the difference between Apple TV the device, Apple TV the (free) app, and Apple TV+ the (paid) streaming service. But right there in Apple's own "About Apple TV" description, you see just how overused "Apple TV" now is. You can watch Apple TV in Apple TV on Apple TV -- the paid service in the free app on the set-top box. But you can watch any streaming service you want on the box, in that service's own app. But many of those services are also available in the Apple TV app. And the Apple TV streaming service is also available on just about all other popular set-top hardware platforms. So don't need an Apple TV to watch Apple TV. It's a bit like Abbott and Costello's classic "Who's on First" routine.Read more of this story at Slashdot.

schwit1 shares a report from Hackread: On October 3, 2025, Hackread.com published an in-depth report in which hackers claimed to have stolen 989 million records from 39 major companies worldwide by exploiting a Salesforce vulnerability. The group demanded that Salesforce and the affected firms enter negotiations before October 10, 2025, warning that if their demands were ignored, they would release the entire dataset. The hackers, identifying themselves as "Scattered Lapsus$ Hunters," a collective said to combine elements of Scattered Spider, Lapsus$, and ShinyHunters, have now published data allegedly belonging to 6 of the 39 targeted companies. The companies named in the leak are as follows: Fujifilm, GAP, INC., Vietnam Airlines, Engie Resources, Quantas Airways Limited, and Albertsons Companies, Inc. In all 6 leaks, the record contains personal details of customers, business, including email addresses, full names, addresses, passport numbers, phone numbers. The hackers said on Telegram that they will not be releasing any additional information, stating, "A lot of people are asking what else will be leaked. Nothing else will be leaked. Everything that was leaked was leaked, we have nothing else to leak, and obviously, the things we have cannot be leaked for obvious reasons."Read more of this story at Slashdot.

NASA's Jet Propulsion Laboratory is laying off around 550 employees, or roughly 11% of its workforce, as part of an effort to "restructure and establish an appropriate size to ensure future success." According to JPL Director Dave Gallagher, the job cuts "are not related to the current government shutdown." CNBC reports: JPL is a research and development lab funded by NASA -- the federal space agency -- and managed by the California Institute of Technology. "While not easy, I believe that taking these actions now will help the Lab transform at the scale and pace necessary to help achieve humanity's boldest ambitions in space," Gallagher wrote in a separate mekor to JPL employees and contractors. Gallagher, in the public announcement, noted that the reorganization of JPL began in July, and "over the past few months, we have communicated openly with employees about the challenges and hard choices ahead." "This week's action, while not easy, is essential to securing JPL's future by creating a leaner infrastructure, focusing on our core technical capabilities, maintaining fiscal discipline, and positioning us to compete in the evolving space ecosystem -- all while continuing to deliver on our vital work for NASA and the nation," Gallagher wrote. Gallagher said that JPL employees will be notified of their status on Tuesday, and the "new Lab structure ... will become effective Wednesday."Read more of this story at Slashdot.

An anonymous reader quotes a report from The Register: Security researchers have resurrected a 12-year-old data-stealing attack on web browsers to pilfer sensitive info from Android devices. The attack, dubbed Pixnapping, has yet to be mitigated. Conceptually, it's the equivalent of a malicious Android app being able to screenshot other apps or websites. It allows a malicious Android application to access and leak information displayed in other Android apps or on websites. It can, for example, steal data displayed in apps like Google Maps, Signal, and Venmo, as well as from websites like Gmail (mail.google.com). It can even steal 2FA codes from Google Authenticator. "First, the malicious app opens the target app (e.g., Google Authenticator), submitting its pixels for rendering," explained [Alan Wang, a PhD candidate at UC Berkeley]. "Second, the malicious app picks the coordinates of a target pixel whose color it wants to steal. Suppose for example it wants to steal a pixel that is part of the screen region where a 2FA character is known to be rendered by Google Authenticator, and that this pixel is either white (if nothing was rendered there) or non-white (if part of a 2FA digit was rendered there). Third, the malicious app causes some graphical operations whose rendering time is long if the target pixel is non-white and short if it is white. The malicious app does this by opening some malicious activities (i.e., windows) in front of the target app. Finally, the malicious app measures the rendering time per frame of the above graphical operations to determine whether the target pixel was white or non-white. These last few steps are repeated for as many pixels as needed to run OCR over the recovered pixels and guess the original content." The researchers have demonstrated Pixnapping on five devices running Android versions 13 to 16 (up until build id BP3A.250905.014): Google Pixel 6, Google Pixel 7, Google Pixel 8, Google Pixel 9, and Samsung Galaxy S25. Android 16 is the latest operating system version. Other Android devices have not been tested, but the mechanism that allows the attack to work is typically available. A malicious Android app implementing Pixnapping would not require any special permissions in its manifest file, the authors say. The researchers detail the attack in a paper (PDF) titled "Pixnapping: Bringing Pixel Stealing out of the Stone Age."Read more of this story at Slashdot.

SpaceX's Starship megarocket successfully completed its 11th test flight, achieving major milestones like engine relight, satellite deployment, and a controlled splashdown in the Indian Ocean. From a report: This mission marks the second clean test run for Version 2, following a successful showing during its last test mission in August. Earlier this year, however, Starship Version 2 suffered three in-flight failures and an explosive accident during ground testing. Today's test mission is expected to be the last for the current iteration of Starship prototypes. The company has said it will debut a scaled up Version 3 for the next flight. You can watch a recording of the launch on YouTube.Read more of this story at Slashdot.

The FCC has forced major U.S. online retailers to remove millions of listings for prohibited Chinese-made electronics, including products from Huawei, ZTE, Hikvision, and Dahua, citing national security risks. Reuters reports: FCC Chair Brendan Carr said in an interview [on Friday] that the items removed are either on a U.S. list of barred equipment or were not authorized by the agency, including items like home security cameras and smart watches from companies including Huawei, Hangzhou Hikvision, ZTE, and Dahua Technology Company. Carr said companies are putting new processes in place to prevent future prohibited items as a result of FCC oversight. "We're going to keep our efforts up," Carr said. The FCC issued a new national security notice reminding companies of prohibited items including video surveillance equipment. Carr said the items could allow China to "surveil Americans, disrupt communications networks and otherwise threaten U.S. national security."Read more of this story at Slashdot.

Palmer Luckey's defense tech firm Anduril has unveiled EagleEye, an AI-powered mixed-reality combat helmet built in partnership with Meta. The system integrates AR displays, spatial audio, and drone control to create what Luckey calls "a new teammate" for soldiers. "The idea of an AI partner embedded in your display has been imagined for decades. EagleEye is the first time it's real," said Luckey. The Verge reports: Anduril, which also manufactures border control tech, lethal drones, and military aircraft, has been developing EagleEye since its inception, and already provides software for the Army's existing MR goggles, based on Microsoft's HoloLens hardware. Its partnership with Meta was announced this May, and the company told TechCrunch at the time that the collaboration was to develop EagleEye. It's a reunion of sorts for Luckey and Mark Zuckerberg, after Meta purchased Luckey's then-start-up Oculus in 2014 and fired the founder three years later.Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Britain said on Monday it had issued U.S. internet forum site 4chan with a $26,644 fine for failing to provide information about the risk of illegal content on its service, marking the first penalty under the new online safety regime. Media regulator Ofcom said 4chan had not responded to its request for a copy of its illegal harms risk assessment nor a second request relating to its qualifying worldwide. Ofcom said it would take action against any service which "flagrantly fails to engage with Ofcom and their duties under the Online Safety Act" and they should expect to face penalties. The act, which is designed to protect children and vulnerable users from illegal content online, has caused tension between U.S. tech companies and Britain. Critics of the law have said it threatens free speech and targets U.S. companies. Technology minister Liz Kendall said the government "fully backed" Ofcom in taking action. "This fine is a clear warning to those who fail to remove illegal content or protect children from harmful material," she said. 4chan and Kiwi Farms filed a lawsuit in the United States against Ofcom in August, arguing that the threats and fines issued by the regulator "constitute foreign judgements that would restrict speech under U.S. law." The lawsuit claims that both entities are entirely based in the U.S., have no operations in the U.K., and therefore are not subject to its local laws.Read more of this story at Slashdot.

Google's viral Nano Banana AI image editor is being woven into Search, NotebookLM, and Photos. Engadget reports: Perhaps the most notable integration here is with NotebookLM. Nano Banana is being used to drastically change up Video Overviews, offering up six new styles like watercolor and anime. It also now generates contextual illustrations based on sources and there's a new option for micro-videos called Briefs. For the uninitiated, Video Overviews is a neat little tool available to NotebookLM users that automatically generates explainer videos from documents. It can even whip up a narrated slideshow with visuals. The AI-heavy update starts rolling out to Pro users this week and to all users in "the upcoming weeks." Search integration offers new ways to make and edit images while using the official Google app. The company says folks can use a chat prompt to, say, ask the bot to create a stylized version of a pre-existing image. Additionally, photos can be snapped directly from the Lens tool and then edited via the AI. This is rolling out right now in English for US customers, with more countries and languages coming in the near future. We don't have any actual information as to what the Photos integration will look like, with Google simply saying it's bringing Nano Banana to the platform in "the weeks ahead."Read more of this story at Slashdot.

"Dutch authorities have temporarily nationalized Nexperia, owned by Chinese company Wingtech, over fears of critical product unavailability," writes longtime Slashdot reader evil_aaronm. Reuters reports: The Hague invoked never-before-used powers under a Dutch law known as the "Availability of Goods Act." The decision led to a 10% fall in Wingtech's shares in Shanghai on Monday. The Dutch government will not take ownership of Nexperia, but it will now have the power to reverse or block management decisions it considers harmful. The company's regular production is continuing. [...] Wingtech called the Dutch government's intervention in Nexperia, once part of Dutch electronics group Philips, "excessive interference driven by geopolitical bias." Wingtech also alleged that non-Chinese Nexperia executives had tried to forcibly alter the company's equity structure through legal proceedings in a "cloaked power grab" on the company. A copy of an Amsterdam commercial court ruling dated October 7 and seen by Reuters showed that the court decided on October 1 to suspend Wingtech CEO Zhang Xuezheng from his position as executive director at Nexperia after finding "well founded reasons to doubt" the company was pursuing correct management policy or actions under Dutch civil law. It appointed Dutch businessman Guido Dierick to take Zhang's position with a "deciding vote", and transferred control of almost all of Nexperia's shares to a Dutch lawyer for management. The Dutch state and the company's labour council had supported the moves, the document showed. [...] In its statement, the Dutch government said that administrative problems at Nexperia posed a threat to the company's "crucial technological knowledge" without elaborating."The loss of these capabilities could pose a risk to Dutch and European economic security," it said. Nexperia is one of the world's largest makers of simple computer chips such as diodes and transistors, though it also develops more advanced technologies such as "wide gap" semiconductors used in electrical settings and useful for electric cars, chargers and AI data centres. Wingtech said in a filing to the Shanghai stock exchange on Monday that its control over Nexperia would be temporarily restricted due to the Dutch order and court rulings, affecting decision making and operational efficiency.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Owners of some Jeep Wrangler 4xe hybrids have been left stranded after installing an over-the-air software update this weekend. The automaker pushed out a telematics update for the Uconnect infotainment system that evidently wasn't ready, resulting in cars losing power while driving and then becoming stranded. Stranded Jeep owners have been detailing their experiences in forum and Reddit posts, as well as on YouTube. The buggy update doesn't appear to brick the car immediately. Instead, the failure appears to occur while driving -- a far more serious problem. For some, this happened close to home and at low speed, but others claim to have experienced a powertrain failure at highway speeds. Jeep pulled the update after reports of problems, but the software had already downloaded to many owners' cars by then. A member of Stellantis' social engagement team told 4xe owners at a Jeep forum to ignore the update pop-up if they haven't installed it yet. Owners were also advised to avoid using either hybrid or electric modes if they had updated their 4xe and not already suffered a powertrain failure. Yesterday, Jeep pushed out a fix.Read more of this story at Slashdot.

Car manufacturers decided they would rather cheat to prioritise "customer convenience" and sell cars than comply with the law on deadly pollutants, the first day of the largest group action trial in English legal history has been told. From a report: More than a decade after the original "dieselgate" scandal broke, lawyers representing 1.6 million diesel car owners in the UK argue that manufacturers deliberately installed software to rig emissions tests. They allege the "prohibited defeat devices" could detect when the cars were under test conditions and ensure that harmful NOx emissions were kept within legal limits, duping regulators and drivers. Should the claim be upheld, estimated damages could exceed $8 billion. The three-month hearing that opened at London's high court on Monday will focus on vehicles sold by five manufacturers -- Mercedes, Ford, Renault, Nissan and Peugeot/Citroen -- from 2009. In "real world" conditions, when driven on the road, lawyers argue, the cars produced much higher levels of emissions. The judgment on the five lead defendants will also bind other manufacturers including Jaguar Land Rover, Vauxhall/Opel, Volkswagen/Porsche, BMW, FCA/Suzuki, Volvo, Hyundai-Kia, Toyota and Mazda, whose cases are not being heard to reduce the case time and costs.Read more of this story at Slashdot.

BrianFagioli writes: TP-Link has officially achieved the first successful Wi-Fi 8 connection using a prototype device built through an industry collaboration. The company confirmed that both the beacon and data throughput worked, marking a real-world validation of next-generation wireless tech. It's an early glimpse of what the next leap in speed and reliability could look like, even as the Wi-Fi 8 standard itself remains under development. The Verge adds: Like its predecessor, Wi-Fi 8 will utilize 2.4GHz, 5GHz, and 6GHz bands with a theoretical maximum channel bandwidth of 320MHz and peak data rate of 23Gbps, but aims to improve real-world performance and connection reliability. The goal is to provide better performance in environments with low signal, or under high network loads, where an increasing number of devices are sharing the same connection.Read more of this story at Slashdot.

Chinese companies now produce most of the world's freely available AI models. DeepSeek leads Hugging Face in popularity. Chinese firms like Alibaba receive higher ratings than OpenAI and Meta on LMArena. The site uses blind tests to measure user preferences. Chinese developers ship open models more frequently than American rivals. Irene Solaiman is chief policy officer at Hugging Face. She said Chinese companies build their user base by shipping frequently and quickly. American companies like OpenAI and Google keep their best models proprietary. Meta once led in open AI models. Mark Zuckerberg argued last year that the world would benefit if AI companies shared their technology freely. He pledged Meta would release its AI openly. The company has since become more cautious. Zuckerberg wrote in a new essay that Meta might need to keep the best models for itself.Read more of this story at Slashdot.

California Governor Gavin Newsom signed three bills on Monday that establish the nation's most comprehensive framework for regulating how technology companies interact with minors. AB 56 requires social media platforms to display health warnings to users under 18. A child must view a skippable ten-second warning upon logging on each day. An unskippable thirty-second warning must appear if a child spends more than three hours on a platform. That warning repeats after each additional hour. The warnings must state that social media "can have a profound risk of harm to the mental health and well-being of children and adolescents." Minnesota passed a similar law in July. SB 243 makes California the first state to regulate AI companion chatbots. The law takes effect January 1, 2026. Companies must implement age verification and disclose that interactions are artificially generated. Chatbots cannot represent themselves as healthcare professionals. Companies must offer break reminders to minors and prevent them from viewing sexually explicit images. The legislation gained momentum after teenager Adam Raine died by suicide following conversations with OpenAI's ChatGPT. A Colorado family filed suit against Character AI after their daughter's suicide following problematic conversations with the company's chatbots. AB 1043 requires device-makers like Apple and Google to collect birth dates when parents set up devices for children. Device-makers must group users into four age brackets and share this information with apps. Google, Meta, OpenAI, and Snap supported the bill. The Motion Picture Association opposed it.Read more of this story at Slashdot.