news aggregator

Investigators of a deadly Boeing 787 crash "are studying possible dual engine failure as a scenario that prevented the Boeing Co. 787 jet from staying airborne," reports Bloomberg: Pilots from the airline reenacted the doomed aircraft's parameters in a flight simulator, including with the landing gear deployed and the wing flaps retracted, and found those settings alone didn't cause a crash, according to people familiar with the investigation. [Also, analysis of the wreckage "suggests the wing flaps and slats, which help an aircraft increase lift during takeoff, were extended correctly."] The result, alongside the previous discovery that an emergency-power turbine deployed seconds before impact, has reinforced the focus on a technical failure as one possible cause, said the people, who asked not to be identified discussing nonpublic deliberations... [The turbine deploys "in the case of electrical failure," the article points out, and "was activated before the plane crashed, according to previous findings. That fan helps provide the aircraft with vital power, though it's far too small to generate any lift."] Pilots who reviewed the footage have pointed to the fact that the landing gear was already partially tilted forward, suggesting the cockpit crew had initiated the retraction sequence of the wheels. At the same time, the landing-gear doors had not opened, which pilots say might mean that the aircraft experienced a loss of power or a hydraulic failure — again pointing to possible issues with the engines that provide the aircraft's electricity.

Read more of this story at Slashdot.

"California residents who lit illegal fireworks over the July 4 holiday may be in for a nasty surprise in the mail thanks to covert fire department operations," reports SFGate. "A number of California cities, including Sacramento, have begun using drones to locate people shooting off illegal fireworks." From Wednesday to Saturday night, the Sacramento Fire Department's special fireworks task force patrolled the streets with unmarked cars and drones, focusing on neighborhoods where they've had prior complaints. Task force officers and the drones took photos of the illegal activity, and within 30 days the property owner where the fireworks were used could receive a fine in the mail... This year, Sacramento upped the fine to $1,000 for the first firework, $2,500 for the second and $5,000 per firework after that. If you lit a firework on city property, such as a park or a school, the fine goes up to $10,000 each. There's no limit to how many fines you can be issued... This year, a number of cities across the state announced they would be using drones to find scofflaws, among them Indio, Riverside, Hemet, Brea and towns in Tulare County... Fox40 reported on Saturday that around 60 citations were being prepared in Sacramento, with more likely on the way as fire officials review surveillance footage. Last year for illegal fireworks, one Sacramento-area resident received a $100,000 fine.

Read more of this story at Slashdot.

China "is pouring money into building an AI supply chain with as little reliance on the U.S. as possible," reports the Wall Street Journal. And now Chinese AI companies "are loosening the U.S.'s global stranglehold on AI," reports the Wall Street Journal, "challenging American superiority and setting the stage for a global arms race in the technology." In Europe, the Middle East, Africa and Asia, users ranging from multinational banks to public universities are turning to large language models from Chinese companies such as startup DeepSeek and e-commerce giant Alibaba as alternatives to American offerings such as ChatGPT... Saudi Aramco, the world's largest oil company, recently installed DeepSeek in its main data center. Even major American cloud service providers such as Amazon Web Services, Microsoft and Google offer DeepSeek to customers, despite the White House banning use of the company's app on some government devices over data-security concerns. OpenAI's ChatGPT remains the world's predominant AI consumer chatbot, with 910 million global downloads compared with DeepSeek's 125 million, figures from researcher Sensor Tower show. American AI is widely seen as the industry's gold standard, thanks to advantages in computing semiconductors, cutting-edge research and access to financial capital. But as in many other industries, Chinese companies have started to snatch customers by offering performance that is nearly as good at vastly lower prices. A study of global competitiveness in critical technologies released in early June by researchers at Harvard University found China has advantages in two key building blocks of AI, data and human capital, that are helping it keep pace... Leading Chinese AI companies — which include Tencent and Baidu — further benefit from releasing their AI models open-source, meaning users are free to tweak them for their own purposes. That encourages developers and companies globally to adopt them. Analysts say it could also pressure U.S. rivals such as OpenAI and Anthropic to justify keeping their models private and the premiums they charge for their service... On Latenode, a Cyprus-based platform that helps global businesses build custom AI tools for tasks including creating social-media and marketing content, as many as one in five users globally now opt for DeepSeek's model, according to co-founder Oleg Zankov. "DeepSeek is overall the same quality but 17 times cheaper," Zankov said, which makes it particularly appealing for clients in places such as Chile and Brazil, where money and computing power aren't as plentiful... The less dominant American AI companies are, the less power the U.S. will have to set global standards for how the technology should be used, industry analysts say. That opens the door for Beijing to use Chinese models as a Trojan horse for disseminating information that reflects its preferred view of the world, some warn.... The U.S. also risks losing insight into China's ambitions and AI innovations, according to Ritwik Gupta, AI policy fellow at the University of California, Berkeley. "If they are dependent on the global ecosystem, then we can govern it," said Gupta. "If not, China is going to do what it is going to do, and we won't have visibility." The article also warns of other potential issues: "Further down the line, a breakdown in U.S.-China cooperation on safety and security could cripple the world's capacity to fight future military and societal threats from unrestrained AI." "The fracturing of global AI is already costing Western makers of computer chips and other hardware billions in lost sales... Adoption of Chinese models globally could also mean lost market share and earnings for AI-related U.S. firms such as Google and Meta."

Read more of this story at Slashdot.

Also, Swiss ransomware posture looks like its cheese, the CVE Program wants YOU, more sus checks and more

Infosec In Brief A security researcher looking at samples of stalkerware discovered an SQL vulnerability that allowed him to steal a database of 62,000 user accounts. …

The Free Software Foundation's services face "ongoing (and increasing) distributed denial of service (DDoS) attacks," senior systems administrator Ian Kelling wrote Wednesday. But "Even though we are under active attack, gnu.org, ftp.gnu.org, and savannah.gnu.org are up with normal response times at the moment, and have been for the majority of this week, largely thanks to hard work from the Savannah hackers Bob, Corwin, and Luke who've helped us, your sysadmins." "We've shielded these sites for almost a full year of intense attacks now, and we'll keep on fighting these attacks for as long as they continue." Our infrastructure has been under attack since August 2024. Large Language Model (LLM) web crawlers have been a significant source of the attacks, and as for the rest, we don't expect to ever know what kind of entity is targeting our sites or why. - In the fall Bulletin, we wrote about the August attack on gnu.org. That attack continues, but we have mitigated it. Judging from the pattern and scope, the goal was likely to take the site down and it was not an LLM crawler. We do not know who or what is behind the attack, but since then, we have had more attacks with even higher severity. - To begin with, GNU Savannah, the FSF's collaborative software development system, was hit by a massive botnet controlling about five million IPs starting in January. As of this writing, the attack is still ongoing, but the botnet's current iteration is mitigated. The goal is likely to build an LLM training dataset. We do not know who or what is behind this. - Furthermore, gnu.org and ftp.gnu.org were targets in a new DDoS attack starting on May 27, 2025. Its goal seems to be to take the site down. It is currently mitigated. It has had several iterations, and each has caused some hours of downtime while we figured out how to defend ourselves against it. Here again, the goal was likely to take our sites down and we do not know who or what is behind this. - In addition, directory.fsf.org, the server behind the Free Software Directory, has been under attack since June 18. This likely is an LLM scraper designed to specifically target Media Wiki sites with a botnet. This attack is very active and now partially mitigated... Even though we are under active attack, gnu.org, ftp.gnu.org, and savannah.gnu.org are up with normal response times at the moment, and have been for the majority of this week, largely thanks to hard work from the Savannah hackers Bob, Corwin, and Luke who've helped us, your sysadmins. We've shielded these sites for almost a full year of intense attacks now, and we'll keep on fighting these attacks for as long as they continue. The full-time FSF tech staff is just two systems administrators, "and we currently lack the funds to hire more tech staff any time soon," Kelling points out. Kelling titled his post "our small team vs millions of bots," suggesting that supporters purchase FSF memberships "to improve our staffing situation... Can you join us in our crucial work to guard user freedom and defy dystopia?" Kelling also points out they're also facing "run-of-the-mill standard crawlers, SEO crawlers, crawlers pretending to be normal users, crawlers pretending to be other crawlers, uptime systems, vulnerability scanners, carrier-grade network address translation, VPNs, and normal browsers hitting our sites..." "Some of the abuse is not unique to us, and it seems that the health of the web has some serious problems right now."

Read more of this story at Slashdot.

Three space probes are leaving our solar system — yet are still functioning. After the two Voyager space probes, New Horizons "was launched in 2006, initially to study Pluto," remembers New Scientist. But "it has since travelled way beyond this point, ploughing on through the Kuiper belt, a vast, wide band of rocks and dust billions of miles from the sun. It is now speeding at tens of thousands of kilometres per hour..." And it's just performed the first ever example of interstellar navigation... As it hurtles out of our solar system, NASA's New Horizons spacecraft is so far from Earth that the stars in the Milky Way appear in markedly different positions compared with our own view... due to the parallax effect. This was demonstrated in 2020 when the probe beamed back pictures of two nearby stars, Proxima Centauri and Wolf 359, to Earth. Now, Tod Lauer at the US National Optical-Infrared Astronomy Research Laboratory in Arizona and his colleagues have used this effect to work out the position of New Horizons... Almost all spacecraft calculate their bearings to within tens of metres using NASA's Deep Space Network, a collection of radio transmitters on Earth that send regular signals out to space. In comparison, the parallax method was far less accurate, locating New Horizons within a sphere with a radius of 60 million kilometres, about half the distance between Earth and the sun. "We're not going to put the Deep Space Network out of business — this is only a demo proof of concept," says Lauer. However, with a better camera and equipment they could improve the accuracy by up to 100 times, he says. Using this technique for interstellar navigation could offer advantages over the DSN because it could give more accurate location readings as a spacecraft gets further away from Earth, as well as being able to operate autonomously without needing to wait for a radio signal to come from our solar system, says Massimiliano Vasile at the University of Strathclyde, UK. "If you travel to an actual star, we are talking about light years," says Vasile. "What happens is that your signal from the Deep Space Network has to travel all the way there and then all the way back, and it's travelling at the speed of light, so it takes years." Just like a ship's captain sailing by the stars, "We have a good enough three-dimensional map of the galaxy around us that you can find out where you are," Lauer says. So even when limiting your navigation to what's on-board the spacecraft, "It's a remarkable accuracy, with your own camera!"

Read more of this story at Slashdot.

A Maine police department has now acknowledged "it inadvertently shared an AI-altered photo of drug evidence on social media," reports Boston.com: The image from the Westbrook Police Department showed a collection of drug paraphernalia purportedly seized during a recent drug bust on Brackett Street, including a scale and white powder in plastic bags. According to Westbrook police, an officer involved in the arrests snapped the evidence photo and used a photo editing app to insert the department's patch. "The patch was added, and the photograph with the patch was sent to one of our Facebook administrators, who posted it," the department explained in a post. "Unbeknownst to anyone, when the app added the patch, it altered the packaging and some of the other attributes on the photograph. None of us caught it or realized it." It wasn't long before the edited image's gibberish text and hazy edges drew criticism from social media users. According to the Portland Press Herald, Westbrook police initially denied AI had been used to generate the photo before eventually confirming its use of the AI chatbot ChatGPT. The department issued a public apology Tuesday, sharing a side-by-side comparison of the original and edited images. "It was never our intent to alter the image of the evidence," the department's post read. "We never realized that using a photoshop app to add our logo would alter a photograph so substantially."

Read more of this story at Slashdot.

"Scientists have created the first lasers made entirely from edible materials," reports Science magazine "which could someday help monitor and track the properties of foods and medications with sensors that can be harmlessly swallowed." [The researchers' report] shows that tiny droplets of everyday cooking oils can act like echo chambers of light, otherwise known as lasers. By providing the right amount of energy to an atom, the atom's electrons will excite to a higher energy level and then relax, releasing a photon of light in the process. Trap a cloud of atoms in a house of mirrors and blast them with the right amount of energy, and the light emitted by one excited atom will stimulate one of its neighbors, amplifying the atoms' collective glow... [The researchers] shot purple light at droplets of olive oil, whose surfaces can keep photons of light bouncing around, trapping them in the process. This reflected light excited the electrons in the oil's chlorophyll molecules, causing them to emit photons that triggered the glow of other chlorophyll molecules — transforming the droplet into a laser. The energy of the chlorophyll's radiation depends on the oil droplets' size, density, and other properties. The study's authors suggest this sensitivity can be exploited to track different properties of food or pharmaceutical products. When researchers added oil droplets to foods and then measured changes in the laser light the droplets emitted, they could reliably infer the foods' sugar concentration, acidity, exposure to high temperatures, and growth of microorganisms. They also used the lasers to encode information, with droplets of different diameters functioning like the lines of a barcode. By mixing in sunflower oil droplets of seven specific sizes — all less than 100 microns wide — the researchers encoded a date directly into peach compote: 26 April, 2017, the first international Stop Food Waste Day. Thanks to long-time Slashdot reader sciencehabit for sharing the news.

Read more of this story at Slashdot.

"Apple quietly dropped a new AI model on Hugging Face with an interesting twist," writes 9to5Mac. "Instead of writing code like traditional LLMs generate text (left to right, top to bottom), it can also write out of order, and improve multiple chunks at once." "The result is faster code generation, at a performance that rivals top open-source coding models." Traditionally, most LLMs have been autoregressive. This means that when you ask them something, they process your entire question, predict the first token of the answer, reprocess the entire question with the first token, predict the second token, and so on. This makes them generate text like most of us read: left to right, top to bottom... An alternative to autoregressive models is diffusion models, which have been more often used by image models like Stable Diffusion. In a nutshell, the model starts with a fuzzy, noisy image, and it iteratively removes the noise while keeping the user request in mind, steering it towards something that looks more and more like what the user requested... Lately, some large language models have looked to the diffusion architecture to generate text, and the results have been pretty promising... This behavior is especially useful for programming, where global structure matters more than linear token prediction... [Apple] released an open-source model called DiffuCode-7B-cpGRPO, that builds on top of a paper called DiffuCoder: Understanding and Improving Masked Diffusion Models for Code Generation, released just last month... [W]ith an extra training step called coupled-GRPO, it learned to generate higher-quality code with fewer passes. The result? Code that's faster to generate, globally coherent, and competitive with some of the best open-source programming models out there. Even more interestingly, Apple's model is built on top of Qwen2.5-7B, an open-source foundation model from Alibaba. Alibaba first fine-tuned that model for better code generation (as Qwen2.5-Coder-7B), then Apple took it and made its own adjustments. They turned it into a new model with a diffusion-based decoder, as described in the DiffuCoder paper, and then adjusted it again to better follow instructions. Once that was done, they trained yet another version of it using more than 20,000 carefully picked coding examples. "Although DiffuCoder did better than many diffusion-based coding models (and that was before the 4.4% bump from DiffuCoder-7B-cpGRPO), it still doesn't quite reach the level of GPT-4 or Gemini Diffusion..." the article points out. But "the bigger point is this: little by little, Apple has been laying the groundwork for its generative AI efforts with some pretty interesting and novel ideas."

Read more of this story at Slashdot.

SafePay crew claims responsibility for intrusion at one of world's largest tech distributors

Ingram Micro, one of the world’s largest distributors, has confirmed it is trying to restore systems following a ransomware attack.…

An anonymous reader shared this report from the San Francisco Standard: About an hour into my meeting with the undisputed hackathon king of San Francisco, Rene Turcios asked if I wanted to smoke a joint with him. I politely declined, but his offer hardly surprised me. Turcios has built a reputation as a cannabis-loving former professional Yu-Gi-Oh! player who resells Labubus out of his Tenderloin apartment when he's not busy attending nearly every hackathon happening in the city. Since 2023, Turcios, 29, has attended more than 200 events, where he's won cash, software credits, and clout. "I'm always hustling," he said. The craziest part: he doesn't even know how to code. "Rene is the original vibe coder," said RJ Moscardon, a friend and fellow hacker who watched Turcios win second place at his first-ever hackathon at the AGI House mansion in Hillsborough. "All the engineers with prestigious degrees scoffed at him at first. But now they're all doing exactly the same thing...." Turcios was vibe coding long before the technique had a name — and was looked down upon by longtime hackers for using AI. But as Tiger Woods once said, "Winning takes care of everything...." Instead of vigorously coding until the deadline, he finished his projects hours early by getting AI to do the technical work for him. "I didn't write a single line of code," Turcios said of his first hackathon where he prompted ChatGPT using plain English to generate a program that can convert any song into a lo-fi version. When the organizers announced Turcios had won second place, he screamed in celebration.... "I realized that I could compete with people who have degrees and fancy jobs...." Turcios is now known for being able to build anything quickly. Businesses reach out to him to contract out projects that would take software engineering teams weeks — and he delivers in hours. He's even started running workshops to teach non-technical groups and experienced software engineers how to get the most out of AI for coding. "He grew up in Missouri to parents who worked in an international circus, taming bears and lions..."

Read more of this story at Slashdot.

Got to be a 'clean space superpower' – right, Brits?

Britain's space agency is looking for a supplier to build a robotic spacecraft to capture and de-orbit two defunct UK-licensed satellites from low Earth orbit.…

"Tesla has launched its new Oasis Supercharger," reports Electrek, "the long-promised EV charging station of the future, with a solar farm and off-grid batteries." Early in the deployment of the Supercharger network, Tesla promised to add solar arrays and batteries to the Supercharger stations, and CEO Elon Musk even said that most stations would be able to operate off-grid... Last year, Tesla announced a new project called 'Oasis', which consists of a new model Supercharger station with a solar farm and battery storage enabling off-grid operations in Lost Hills, California. Tesla has now unveiled the project and turned on most of the Supercharger stalls. The project consists of 168 chargers, with half of them currently operational, making it one of the largest Supercharger stations in the world. However, that's not even the most notable aspect of it. The station is equipped with 11 MW of ground-mounted solar panels and canopies, spanning 30 acres of land, and 10 Tesla Megapacks with a total energy storage capacity of 39 MWh. It can be operated off-grid, which is the case right now, according to Tesla. With off-grid operations, Tesla was about to bring 84 stalls online just in time for the Fourth of July travel weekend. The rest of the stalls and a lounge are going to open later this year. The article makes that point that "This is what charging stations should be like: fully powered by renewable energy."

Read more of this story at Slashdot.

"A computer science degree used to be a golden ticket to the promised land of jobs," a college senior tells the New York Times. But "That's no longer the case." The article notes that in the last three years there's been a 65% drop from companies seeking workers with two years of experience or less (according to an analysis by technology research/education organization CompTIA), with tech companies "relying more on AI for some aspects of coding, eliminating some entry-level work." So what do college professors teach when AI "is coming fastest and most forcefully to computer science"? Computer science programs at universities across the country are now scrambling to understand the implications of the technological transformation, grappling with what to keep teaching in the AI era. Ideas range from less emphasis on mastering programming languages to focusing on hybrid courses designed to inject computing into every profession, as educators ponder what the tech jobs of the future will look like in an AI economy... Some educators now believe the discipline could broaden to become more like a liberal arts degree, with a greater emphasis on critical thinking and communication skills. The National Science Foundation is funding a program, Level Up AI, to bring together university and community college educators and researchers to move toward a shared vision of the essentials of AI education. The 18-month project, run by the Computing Research Association, a research and education nonprofit, in partnership with New Mexico State University, is organising conferences and roundtables and producing white papers to share resources and best practices. The NSF-backed initiative was created because of "a sense of urgency that we need a lot more computing students — and more people — who know about AI in the workforce," said Mary Lou Maher, a computer scientist and a director of the Computing Research Association. The future of computer science education, Maher said, is likely to focus less on coding and more on computational thinking and AI literacy. Computational thinking involves breaking down problems into smaller tasks, developing step-by-step solutions and using data to reach evidence-based conclusions. AI literacy is an understanding — at varying depths for students at different levels — of how AI works, how to use it responsibly and how it is affecting society. Nurturing informed skepticism, she said, should be a goal. The article raises other possibilities. Experts also suggest the possibility of "a burst of technology democratization as chatbot-style tools are used by people in fields from medicine to marketing to create their own programs, tailored for their industry, fed by industry-specific data sets." Stanford CS professor Alex Aiken even argues that "The growth in software engineering jobs may decline, but the total number of people involved in programming will increase." Last year, Carnegie Mellon actually endorsed using AI for its introductory CS courses. The dean of the school's undergraduate programs believes that coursework "should include instruction in the traditional basics of computing and AI principles, followed by plenty of hands-on experience designing software using the new tools."

Read more of this story at Slashdot.

OpenBSD Journal writes: Yes, you read that right: KDE 6.4.0 Plasma is now in OpenBSD packages... The news was announced 2025-07-04 via a fediverse post and of course the commit message itself, where the description reads.... "[I]n 6.4 the KDE Kwin team split kwin into kwin-x11 and kwin (wayland). This seems to be the sign that X11 is no longer of interest and we are focussing on Wayland. As we currently only support X11, kwin-x11 has been added as a runtime dependency to kwin. So nobody should have to install anything later. This ports update also includes Aurorae; a theme engine for KWin window decorations."

Read more of this story at Slashdot.

Interesting Engineering reports: Astral Systems, a UK-based private commercial fusion company, has claimed to have become the first firm to successfully breed tritium, a vital fusion fuel, using its own operational fusion reactor. This achievement, made with the University of Bristol, addresses a significant hurdle in the development of fusion energy.... Scientists from Astral Systems and the University of Bristol produced and detected tritium in real-time from an experimental lithium breeder blanket within Astral's multi-state fusion reactors. "There's a global race to find new ways to develop more tritium than what exists in today's world — a huge barrier is bringing fusion energy to reality," said Talmon Firestone, CEO and co-founder of Astral Systems. "This collaboration with the University of Bristol marks a leap forward in the search for viable, greater-than-replacement tritium breeding technologies. Using our multi-state fusion technology, we are the first private fusion company to use our reactors as a neutron source to produce fusion fuel." Astral Systems' approach uses its Multi-State Fusion (MSF) technology. The company states this will commercialize fusion power with better performance, efficiency, and lower costs than traditional reactors. Their reactor design, the result of 25 years of engineering and over 15 years of runtime, incorporates recent understandings of stellar physics. A core innovation is lattice confinement fusion (LCF), a concept first discovered by NASA in 2020. This allows Astral's reactor to achieve solid-state fuel densities 400 million times higher than those in plasma. The company's reactors are designed to induce two distinct fusion reactions simultaneously from a single power input, with fusion occurring in both plasma and a solid-state lattice. The article includes this quote from professor Tom Scott, who led the University of Bristol's team, supported by the Royal Academy of Engineering and UK Atomic Energy Authority. "This landmark moment clearly demonstrates a potential path to scalable tritium production in the future and the capability of Multi-State Fusion to produce isotopes in general." And there's also this prediction from the company's web site: "As we progress the fusion rate of our technology, aiming to exceed 10 trillion DT fusions per second per system, we unlock a wide range of applications and capabilities, such as large-scale medical isotope production, fusion neutron materials damage testing, transmutation of existing nuclear waste stores, space applications, hybrid fusion-fission power systems, and beyond." "Scientists everywhere are racing to develop this practically limitless form of energy," write a climate news site called The Cooldown. (Since in theory nuclear fusion "has an energy output four times higher than that of fission, according to the International Atomic Energy Agency.") Thanks to long-time Slashdot reader fahrbot-bot for sharing the news.

Read more of this story at Slashdot.

"Microsoft has released the source code for the GitHub Copilot Chat extension for VS Code under the MIT license," reports BleepingComputer. This provides the community access to the full implementation of the chat-based coding assistant, including the implementation of "agent mode," what contextual data is sent to large language models (LLMs), and the design of system prompts. The GitHub repository hosting the code also details telemetry collection mechanisms, addressing long-standing questions about data transparency in AI-assisted coding tools... As the VS Code team explained previously, shifts in AI tooling landscape like the rapid growth of the open-source AI ecosystem and a more level playing field for all have reduced the need for secrecy around prompt engineering and UI design. At the same time, increased targeting of development tools by malicious actors has increased the need for crowdsourcing contributions to rapidly pinpoint problems and develop effective fixes. Essentially, openness is now considered superior from a security perspective. "If you've been hesitant to adopt AI tools because you don't trust the black box behind them, this move opensources-github-copilot-chat-vscode/offers something rare these days: transparency," writes Slashdot reader BrianFagioli" Now that the extension is open source, developers can audit how agent mode actually works. You can also dig into how it manages your data, customize its behavior, or build entirely new tools on top of it. This could be especially useful in enterprise environments where compliance and control are non negotiable. It is worth pointing out that the backend models powering Copilot remain closed source. So no, you won't be able to self host the whole experience or train your own Copilot. But everything running locally in VS Code is now fair game. Microsoft says it is planning to eventually merge inline code completions into the same open source package too, which would make Copilot Chat the new hub for both chat and suggestions.

Read more of this story at Slashdot.

"Some of our basic assumptions about the biological process of aging might be wrong," reports the New York Times — citing new research on a small Indigenous population in the Bolivian Amazon. [Alternate URL here.] Scientists have long believed that long-term, low-grade inflammation — also known as "inflammaging" — is a universal hallmark of getting older. But this new data raises the question of whether inflammation is directly linked to aging at all, or if it's linked to a person's lifestyle or environment instead. The study, which was published Monday, found that people in two nonindustrialized areas experienced a different kind of inflammation throughout their lives than more urban people — likely tied to infections from bacteria, viruses and parasites rather than the precursors of chronic disease. Their inflammation also didn't appear to increase with age. Scientists compared inflammation signals in existing data sets from four distinct populations in Italy, Singapore, Bolivia and Malaysia; because they didn't collect the blood samples directly, they couldn't make exact apples-to-apples comparisons. But if validated in larger studies, the findings could suggest that diet, lifestyle and environment influence inflammation more than aging itself, said Alan Cohen, an author of the paper and an associate professor of environmental health sciences at Columbia University. "Inflammaging may not be a direct product of aging, but rather a response to industrialized conditions," he said, adding that this was a warning to experts like him that they might be overestimating its pervasiveness globally. "How we understand inflammation and aging health is based almost entirely on research in high-income countries like the U.S.," said Thomas McDade, a biological anthropologist at Northwestern University. But a broader look shows that there's much more global variation in aging than scientists previously thought, he added... McDade, who has previously studied inflammation in the Tsimane group, speculated that populations in nonindustrialized regions might be exposed to certain microbes in water, food, soil and domestic animals earlier in their lives, bolstering their immune response later in life. More from The Independent: Chronic inflammation is thought to speed up the ageing process and contribute to various health conditions such as Alzheimer's disease, arthritis, cancer, heart disease, and Type 2 diabetes... However, other experts shared a word of caution before jumping to conclusions from the study. Vishwa Deep Dixit, director of the Yale Center for Research on Aging, told the New York Times it's not surprising that people less exposed to pollution would see lower rates of chronic disease. Aurelia Santoro, an associate professor at the University of Bologna, also cautioned about the results, according to the Times. "While they had lower rates of chronic disease, the two Indigenous populations tended to have life spans shorter than those of people in industrialized regions, meaning they may simply not have lived long enough to develop inflammaging, Santoro said." And Bimal Desai, a professor of pharmacology who studies inflammation at the University of Virginia School of Medicine, told the Times that the study "sparks valuable discussion" but needs more follow-up "before we rewrite the inflammaging narrative."

Read more of this story at Slashdot.

We're living in a new world now — one where it's an AI-powered penetration tester that "now tops an eminent US security industry leaderboard that ranks red teamers based on reputation." CSO Online reports: On HackerOne, which connects organizations with ethical hackers to participate in their bug bounty programs, "Xbow" scored notably higher than 99 other hackers in identifying and reporting enterprise software vulnerabilities. It's a first in bug bounty history, according to the company that operates the eponymous bot... Xbow is a fully autonomous AI-driven penetration tester (pentester) that requires no human input, but, its creators said, "operates much like a human pentester" that can scale rapidly and complete comprehensive penetration tests in just a few hours. According to its website, it passes 75% of web security benchmarks, accurately finding and exploiting vulnerabilities. Xbow submitted nearly 1,060 vulnerabilities to HackerOne, including remote code execution, information disclosures, cache poisoning, SQL injection, XML external entities, path traversal, server-side request forgery (SSRF), cross-site scripting, and secret exposure. The company said it also identified a previously unknown vulnerability in Palo Alto's GlobalProtect VPN platform that impacted more than 2,000 hosts. Of the vulnerabilities Xbow submitted over the last 90 days, 54 were classified as critical, 242 as high and 524 as medium in severity. The company's bug bounty programs have resolved 130 vulnerabilities, and 303 are classified as triaged. Notably, though, roughly 45% of the vulnerabilities it found are still awaiting resolution, highlighting the "volume and impact of the submissions across live targets," Nico Waisman, Xbow's head of security, wrote in a blog post this week... To further hone the technology, the company developed "validators," — automated peer reviewers that confirm each uncovered vulnerability, Waisman explained. "As attackers adopt AI to automate and accelerate exploitation, defenders must meet them with even more capable systems," XBOW's CEO said this week, as the company raised $75 million in Series B funding to grow its platform, bringing its total funding to $117 million. Help Net Security reports: With the new funding, XBOW plans to grow its engineering team and expand its go-to-market efforts. The product is now generally available, and the company says it is working with large banks, tech firms, and other organizations that helped shape the platform during its early testing phase. XBOW's long-term goal is to help security teams stay ahead of adversaries using advanced automation. As attackers increasingly turn to AI, the company argues that defenders will need equally capable systems to match their speed and sophistication.

Read more of this story at Slashdot.

This week Hewlett-Packard Enterprise settled its antitrust case with America's Justice Department, "paving the way for its acquisition of rival kit maker Juniper Networks," reported Telecoms.com: Under the agreement, HPE has agreed to divest its Instant On unit, which sells a range of enterprise-grade Wi-Fi networking equipment for campus and branch deployments. It has also agreed to license Juniper's Mist AIOps source code — a software suite that enables AI-based network automation and management. HPE can live with that, since its primary motivation for buying Juniper is to improve its prospects in an IT networking market dominated by Cisco, where others like Arista and increasingly Nokia and Nvidia are also trying to make inroads. And after receiving regulatory clearance, HPE "very quickly closed the deal..." reports The Motley Fool. "In the press release heralding the news, the buyer wrote that it "doubles the size of HPE's networking business and provides customers with a comprehensive portfolio of networking solutions." Investors were obviously happy about this, as according to data compiled by S&P Global Market Intelligence the company's stock price ballooned by nearly 16% across the week, largely on the news.... The Justice Department had alleged, in a lawsuit filed in January, that an HPE/Juniper tie-up would essentially result in a duopoly in networking equipment. It claimed that a beefed-up HPE and networking incumbent Cisco would hold more than 70% combined of the domestic market. Thanks to long-time Slashdot reader AmiMoJo for sharing the news.

Read more of this story at Slashdot.