Linux fréttir

Palantir's former IT boss just took over as CEO of Thrive-backed AI MSP platform

Former Palantir CIO Jim Siders has departed the company to join Shield Technology Partners as CEO, in a bid he says is meant to bring AI to bear in the sprawling managed services landscape.…

A critical React vulnerability (CVE-2025-55182) is being actively exploited at scale by Chinese, Iranian, North Korean, and criminal groups to gain remote code execution, deploy backdoors, and mine crypto. The Register reports: React maintainers disclosed the critical bug on December 3, and exploitation began almost immediately. According to Amazon's threat intel team, Chinese government crews, including Earth Lamia and Jackpot Panda, started battering the security hole within hours of its disclosure. Palo Alto Networks' Unit 42 responders have put the victim count at more than 50 organizations across multiple sectors, with attackers from North Korea also abusing the flaw. Google, in a late Friday report, said at least five other suspected PRC spy groups also exploited React2Shell, along with criminals who deployed XMRig for illicit cryptocurrency mining, and "Iran-nexus actors," although the report doesn't provide any additional details about who the Iran-linked groups are and what they are doing after exploitation. "GTIG has also observed numerous discussions regarding CVE-2025-55182 in underground forums, including threads in which threat actors have shared links to scanning tools, proof-of-concept (PoC) code, and their experiences using these tools," the researchers wrote.

Read more of this story at Slashdot.

'Sustained focus on Western critical infrastructure'

Russia's Main Intelligence Directorate (GRU) is behind a years-long campaign targeting energy, telecommunications, and tech providers, stealing credentials and compromising misconfigured devices hosted on AWS to give the Kremlin's snoops persistent access to sensitive networks, according to Amazon's security boss.…

An anonymous reader quotes a report from the Wall Street Journal: JPMorgan Chase is joining the list of traditional financial firms seeking to bring blockchain technology to an investing staple: the money-market fund. The banking giant's $4 trillion asset-management arm is rolling out its first tokenized money-market fund on the Ethereum blockchain. JPMorgan will seed the fund with $100 million of its own capital, and then open it to outside investors on Tuesday. Called My OnChain Net Yield Fund, or "MONY," the private fund is supported by JPMorgan's tokenization platform, Kinexys Digital Assets, and will be open to qualified investors, or individuals with at least $5 million in investments and institutions with a minimum of $25 million. The fund has a $1 million investment minimum. Wall Street has waded deeper into tokenization since the passage of the Genius Act earlier this year. The landmark measure, which establishes a regulatory framework for tokenized dollars known as stablecoins, has unleashed a wave of efforts to tokenize everything from stocks and bonds to funds and real assets. "There is a massive amount of interest from clients around tokenization," said John Donohue, head of global liquidity at J.P. Morgan Asset Management. "And we expect to be a leader in this space and work with clients to make sure that we have a product lineup that allows them to have the choices that we have in traditional money-market funds on blockchain."

Read more of this story at Slashdot.

Merriam-Webster crowned "slop" its 2025 Word of the Year, reflecting growing public awareness and and fatigue around low-quality, AI-generated content flooding the internet. "It's such an illustrative word," said Greg Barlow, Merriam-Webster's president. "It's part of a transformative technology, AI, and it's something that people have found fascinating, annoying and a little bit ridiculous." The Associated Press reports: "Slop" was first used in the 1700s to mean soft mud, but it evolved more generally to mean something of little value. The definition has since expanded to mean "digital content of low quality that is produced usually in quantity by means of artificial intelligence." In other words, "you know, absurd videos, weird advertising images, cheesy propaganda, fake news that looks real, junky AI-written digital books," Barlow said. "Words like 'ubiquitous,' 'paradigm,' 'albeit,' 'irregardless,' these are always top lookups because they're words that are on the edge of our lexicon," Barlow said. "'Irregardless' is a word in the dictionary for one reason: It's used. It's been used for decades to mean 'regardless.'" The announcement can be found here.

Read more of this story at Slashdot.

Big Red said it had sold its stake in its long-time silicon partner last week

Oracle last week announced that it had divested from Ampere Computing. But while Big Red may no longer own part of the Arm CPU maker, it's not ready to stop using the chips just yet.…

Framework looks great for scenarios where a 62 percent completion rate is acceptable

IBM researchers have released an open source AI agent called CUGA that aspires to automate complex enterprise workflows and get it right about half the time, depending on the task.…

If the buy happens, the big question is will they integrate the codebase or keep it separate?

ServiceNow is reportedly nearing a deal to buy security software company Armis for $7.1 billion to give its customers full stack visibility of their IT estate and eliminate security blindspots, according to Bloomberg.…

Ford has effectively pulled the plug on the all-electric F-150 Lightning, pivoting away from full-size BEV pickups toward hybrids, range-extended EVs (EREVs), and even data-center battery storage. Ars Technica reports: Ford's announcements today can't be said to have come out of the blue. Rumors of the F-150's demise have been circulating for more than a month, and last week SK On ended its joint venture with Ford that was building a pair of EV battery plants in Kentucky and Tennessee. We learned then that Ford would keep the Kentucky plant and SK On gets the one in Tennessee, which would focus on the energy storage business instead. Now, we know that something similar will happen at the Kentucky plant -- Ford says it's spending $2 billion to convert the factory to make prismatic lithium iron phosphate (LFP) cells. Those aren't destined for EVs, but they are the preferred cell format for data centers, Ford says. The company says that it will bring the factory online in the next 18 months, reaching an annual output of 20 GWh. Other Ford plants are also being repurposed. With no full-size BEV pickup in the product plans, the assembly plant in Tennessee that was to produce it -- the one near the battery factory that SK On is keeping -- will instead build new gas-powered trucks, although not for another four years. Around that same time, its Ohio assembly plant will begin building new commercial vehicles. All of this will impact Ford's bottom line, to the tune of $19.5 billion over the next few years, $5.5 billion of which will be in cash. Most of that will hit in the final quarter of 2025, but will extend until 2027, Ford said.

Read more of this story at Slashdot.

Washington rediscovers that modern IT doesn’t run itself

After dissolving several federal tech modernization units and shedding large numbers of technologists, the Trump administration has launched a new talent recruitment initiative, suggesting it still needs people to help drag the government's IT into the present.…

An anonymous reader quotes a report from Reuters: Several dozen people protested on Sunday in the Siberian city of Tomsk against Russia's ban on U.S. children's gaming platform Roblox, a rare show of public dissent as popular irritation over the ban gains some momentum. In wartime Russia, censorship is extensive: Moscow blocks or restricts social media platforms such as Snapchat, Facebook, Instagram, WhatsApp and YouTube while distributing its own narrative through a network of social media and Russian media. Russia's communications watchdog Roskomnadzor said on December 3 it had blocked Roblox because it was "rife with inappropriate content that can negatively impact the spiritual and moral development of children." In Tomsk, 2,900 km (1,800 miles) east of Moscow, several dozen people braved the snow to hold up hand-drawn placards reading "Hands off Roblox" and "Roblox is the victim of the digital Iron Curtain" in Vladimir Vysotsky Park, according to photographs provided by an organizer of the protest. "Bans and blocks are all you are able to do," read one placard. The photographs showed about 25 people standing in a circle in the snow, holding up placards. In Russia, the ban on Roblox has triggered a debate over censorship, child safety in relation to technology and even the effectiveness of censorship in a digitalized world where children can bypass many bans in a few clicks.

Read more of this story at Slashdot.

A Kansas man who sued Verizon in small claims court after the carrier refused to unlock his iPhone has won his case, scoring a small but meaningful victory against a company that retroactively applied a policy change to deny his unlock request. Patrick Roach bought a discounted iPhone 16e from Verizon's Straight Talk brand in February 2025, intending to pay for one month of service before switching the device to US Mobile. Under FCC rules dating back to a 2019 waiver, Verizon must unlock phones 60 days after activation on its network. Verizon refused to unlock the phone, citing a new policy implemented on April 1, 2025 requiring "60 days of paid active service." Roach had purchased his device over a month before that policy took effect. Magistrate Judge Elizabeth Henry ruled in October 2025 that applying the changed terms to Roach's earlier purchase violated the Kansas Consumer Protection Act. The court ordered Verizon to refund Roach's $410.40 purchase price plus court costs. Roach had previously rejected a $600 settlement offer because it would have required him to sign a non-disclosure agreement. He estimated spending about 20 hours on the lawsuit but said "it wasn't about" the money.

Read more of this story at Slashdot.

One of the most water-scarce regions on Earth is now experiencing a dramatic atmospheric shift that's pushing moisture onto Oman's northern coast at rates more than 1.5 times the global average, according to a Washington Post investigation of global atmospheric data [non-paywalled source]. The change has turned extreme rainfall into a recurrent source of catastrophe across the Arabian Peninsula. In the 126 years between 1881 and 2007, just six hurricane-strength storms hit Oman or came within 60 miles of the country. At least four more have made landfall in the past 15 years alone. Research from Sultan Qaboos University analyzing 8,000 storms across 69 rainfall stations found that half of all rain in Oman falls within the first 90 minutes of a 24-hour storm. These intense bursts quickly overwhelm the desert's ability to absorb water and send flash floods racing through wadis -- normally dry riverbeds where many communities are built. In response, Dubai is constructing an $8 billion underground stormwater network spanning more than 120 miles. Oman has agreements to build 58 new dams and is studying 14 major wadis that funnel to its al-Batinah coastline.

Read more of this story at Slashdot.

And don't sweat the debt either, we've got plenty of capital at our disposal

Despite Wall Street jitters and reports to the contrary, Oracle insists its $300 billion datacenter deal with OpenAI is on track and proceeding on schedule.…

Powered by the original mobile Linux OS with crowdsourced specs

hands on After successful crowdfunding, the latest release of the original handheld Linux distro will power a new handset coming in mid-2026.…

Cloudflare's sixth annual Year in Review report describes an internet increasingly shaped by two forces: automated traffic and government intervention, as global connectivity grew 19% year over year in 2025. Google's web crawler now dominates automated traffic, dwarfing other AI and indexing bots to become the single largest source of bot activity on the web. Nearly half of all major internet disruptions globally were linked to government actions, and civil society and non-profit organizations became the most attacked sector for the first time. Post-quantum encryption crossed a significant threshold, now protecting 52% of human internet traffic observed by Cloudflare. The company also recorded more than 25 record-breaking DDoS attacks throughout the year.

Read more of this story at Slashdot.

Mobile traffic now accounts for nearly half of requests

Global internet traffic grew by 19 percent during 2025, while nearly half of traffic now comes from mobile devices. A significant and growing portion also comes from bots, many designed to train AI.…

Google has decided to retire its free dark web monitoring tool, saying it wasn't as helpful as the company hoped. From a report: In a support page, Google announced the discontinuation of the "dark web report" tool, two years after offering it as a free perk to Gmail users before expanding it more broadly. The feature worked by scanning for your email addresses to determine whether they had appeared in data breaches, which often circulate on Dark Web marketplaces. The tool could then alert you about where the data was exposed, including any accompanying details such as dates of birth, addresses, and phone numbers.

Read more of this story at Slashdot.

Who hasn't exploited this max-severity flaw?

At least five more Chinese spy crews, Iran-linked goons, and financially motivated criminals are now attacking the React2Shell, a maximum-severity flaw in the widely used React JavaScript library, according to Google.…

Paris Buttfield-Addison literally wrote books on Swift

Apple has blocked a long-time developer from his Apple ID after he failed to redeem what support suggested was a dodgy $500 gift card, leaving him unable to work, cut off from personal files, and barred from what he calls his "core digital identity." …