Linux fréttir

The vuln affects the Oat++ MCP implementation

A security flaw in the Oat++ implementation of Anthropic's Model Context Protocol (MCP) allows attackers to predict or capture session IDs from active AI conversations, hijack MCP sessions, and inject malicious responses via the oatpp-mcp server.…

France and Spain are calling on the European Union to stick with plans to ban combustion engine cars in the bloc after 2035, at odds with German Chancellor Friedrich Merz ahead of a meeting of leaders in Brussels this week. From a report: The European Commission, the bloc's executive branch, is currently reviewing rules designed to accelerate the automotive sector's green transition. Merz has called on the bloc to give up its 2035 deadline to help Germany's troubled car industry. France and Spain "hope that the upcoming review will preserve the 2035 cap and the environmental ambition of the CO2 emissions trajectory that underpins it," a paper presented to climate ministers in Luxembourg on Tuesday, and seen by Bloomberg says. "This revision should in no way call into question the zero emissions exhaust target in 2035."

Read more of this story at Slashdot.

OpenAI released ChatGPT Atlas on Tuesday, an AI-powered web browser that CEO Sam Altman described as "smooth" and "quick" during a livestream announcement. The browser is available globally on macOS while versions for Windows, iOS, and Android are expected soon. Atlas includes memory features that personalize the browsing experience and an agent mode that allows ChatGPT to perform tasks such as booking reservations and flights or editing documents. Users can manage these stored memories through the browser's settings and can open incognito windows. The browser displays a split-screen view by default when users click links from search results. The view shows both the webpage and the ChatGPT transcript simultaneously. Atlas also offers webpage summarization and a feature called "cursor chat" that allows users to select text and have ChatGPT revise it inline.

Read more of this story at Slashdot.

Apple lashed out at the European Union's attempts to tame the power of Silicon Valley in the most far-reaching legal challenge of the bloc's Big Tech antitrust rules. From a report: The iPhone maker's lawyer Daniel Beard told the General Court in Luxembourg on Tuesday that the Digital Markets Act "imposes hugely onerous and intrusive burdens" at odds with Apple's rights in the EU marketplace. The DMA came onto the EU's books in 2023 and is designed to clip the wings of the world's largest technology platforms with a slew of dos and don'ts. But over recent months, the law has also drawn the ire of US President Donald Trump and plagued EU-US trade talks. Apple -- seen as the biggest renegade against the EU's crackdown -- challenged the law on three fronts: EU obligations to make rival hardware work with its iPhone, the regulator's decision to drag the hugely profitable App Store under the rules, and a decision to probe whether iMessage should have faced the rules, which it later escaped.

Read more of this story at Slashdot.

Amazon's hours-long cloud blackout transformed the future of sleep into a sauna and cat care into chaos

When Amazon's cloud face-planted on Monday, it didn't just take down some of the world's most popular apps – it took down dignity, comfort, and the occasional cat toilet.…

London police finally understand why 80,000 phones disappeared from the city's streets last year. The answer involves budget cuts [non-paywalled source] that hollowed out British policing in the 2010s, the arrival of electric bikes that made theft easy, and a lucrative black market in China where stolen British phones retain full functionality. The Metropolitan Police discovered an industrial-scale operation in December when officers traced a woman's iPhone to a Heathrow warehouse on Christmas Eve. Boxes labeled as batteries and bound for Hong Kong contained almost 1,000 stolen iPhones. The police arrested two men in their thirties in September as suspected ringleaders of a group that sent up to 40,000 stolen phones to China. The epidemic took root after Conservative-led austerity measures reduced police numbers and budgets. In 2017 the Metropolitan Police announced it would stop investigating low-level crimes to focus resources on serious violence and sexual offenses. Thieves on rented electric bikes began mounting sidewalks to snatch phones at high speed while wearing balaclavas and hoods. Police data shows only 495 people were charged out of 106,000 phones reported stolen between March 2024 and February 2025. Thieves earn up to $401 per device. The phones sell for up to $5,000 in China because Chinese network providers do not subscribe to the international blacklist for stolen devices.

Read more of this story at Slashdot.

24,500 devs polled, two blog posts, one confusion

JetBrains has released its State of the Developer Ecosystem survey, with more than 24,500 responses, revealing AI's impact on developer tools and programming language trends - including the claim that PHP and Ruby are in "long term decline."…

President Trump's $100,000 H-1B visa fee will apply only to new visa applicants outside the country, the government confirmed in new guidance on Monday. From a report: That means that under the new policy, employers won't need to pay the fee for anyone already living in the U.S., such as international students. The new guidance: Under the new guidance published on Monday, U.S. Citizenship and Immigration Services said the $100,000 fee will apply only to new applicants living outside the country. Employers will need to pay the fee after their prospective employee's visa is approved, allowing them to move to the U.S. Previously, the White House had said the fee would apply to all new visa applicants, except those who work for companies or industries that have secured a special waiver. In 2024, roughly 54% of the 141,000 new H-1B visas issued went to immigrants who were already in the U.S. on a different visa type, according to government statistics. If that trend holds, the new fee wouldn't apply to over half of the applicants.

Read more of this story at Slashdot.

Filipino workers in Manila are remotely operating robots that restock convenience store shelves across Tokyo. The partnership represents a new economic model where physical labor can be offshored through telepresence. Around 60 workers at Astro Robotics monitor the machines and intervene when problems occur about 4% of the time. They earn between $250 and $315 per month. Japan faces severe labor shortages but has resisted expanding immigration. Offshoring the work through robots solves this while dramatically reducing costs. Filipino workers are also training the AI systems designed to eliminate the need for human operators entirely. Tokyo-based Telexistence has collected extensive data from its workers and is providing it to a San Francisco startup building fully autonomous robots. The combination of automation and offshoring creates what one University of Michigan professor called a "double whammy" for workers in developed nations. It also exploits workers in developing countries who build the tools meant to replace them. The market for AI agents is expected to grow eightfold to $43 billion by 2030. Human-only work is forecast to drop 27% over the next five years.

Read more of this story at Slashdot.

Dev unveils a faster, modernized take on Microsoft's file system for penguin-powered PCs

Just under four years after the Linux kernel gained built-in read-write access to Windows drives, an alternative option has appeared.…

Amazon executives believe the company can avoid hiring more than 160,000 workers in the United States by 2027 through robotic automation. Internal documents viewed by The New York Times show the automation would save approximately 30 cents on each item the company picks, packs and delivers. The documents reveal that executives told Amazon's board last year they hoped automation would allow the company to flatten its U.S. workforce growth over the next decade. Amazon expects to sell twice as many products by 2033. That projection translates to more than 600,000 positions Amazon would not need to fill. Amazon opened its most advanced warehouse in Shreveport, Louisiana last year as a template for future facilities. The site uses a thousand robots and employed a quarter fewer workers than it would have without automation. The company plans to replicate this design in approximately 40 facilities by the end of 2027. A facility in Stone Mountain, Georgia currently employs roughly 4,000 workers. After a planned robotic retrofit, internal analyses project it will process 10% more items but need as many as 1,200 fewer employees. The documents show Amazon's robotics team has set a goal to automate 75% of its operations.

Read more of this story at Slashdot.

Pixels of the past 'created just for fun'

The pifmgr.dll still lingers in modern Windows installations - a throwback to a simpler and blockier time, according to veteran Microsoft engineer Raymond Chen.…

An anonymous reader quotes a report from The Register: Lloyds Banking Group claims employees save 46 minutes daily using Microsoft 365 Copilot, based on a survey of 1,000 users among nearly 30,000 deployed licenses. According to Lloyds Banking Group (LBG), the rollout is "helping teams summarize documents, prepare for meetings, and reduce administrative tasks." Almost 5,000 engineers are also using GitHub Copilot. Vic Weigler, chief technology officer at the finance corp, said in a statement: "We converted 11,000 lines of code across 83 files in half the expected time." An insider at the bank, a self-professed fan of the technology, listed some of the ways it was being used in their business area. These ranged from the mundane -- drafting and summarizing emails, transcribing meetings, and comparing documents to group standards -- to the eyebrow-raising, such as drafting legal clauses, undertaking due diligence, and creating complex Excel formulas. They told us the next step is creating bots and agents to perform repetitive data-based tasks and rolling out the technology to customer-facing processes. That said, they also noted the AI tools occasionally make mistakes. The "golden rule," is to "never use the output without checking it."

Read more of this story at Slashdot.

Lunar landing reality distortion field slips for Musk's rocketeers

NASA's Acting Administrator has admitted that SpaceX is behind in plans to return astronauts to the Moon, has reopened lander contract competition, and pushed the deadline for a lunar landing to the end of the Trump administration in 2029.…

MAST Upgrade team claims first suppression of pesky edge instabilities in a spherical tokamak

Scientists at the UK Atomic Energy Authority (UKAEA) claim they have taken a significant step toward making fusion energy possible by applying a 3D magnetic field to counteract instabilities in a spherical tokamak plasma for the first time.…

Japanese retailer halts online orders after attack cripples third-party vendor

Japanese retailer Muji is suspending online orders after logistics partner Askul was knocked offline by a ransomware attack.…

CISA adds high-severity flaw to KEV list, urges swift updating

Uncle Sam's cyber wardens have warned that a high-severity flaw in Microsoft's Windows SMB client is now being actively exploited – months after it was patched.…

Alibaba Cloud claims its new Aegaeon GPU pooling system cuts Nvidia GPU use by 82%, letting 213 H20 accelerators handle workloads that previously required 1,192. The advancements have been detailed in a paper (PDF) at the 2025 ACM Symposium on Operating Systems (SOSP) in Seoul. Tom's Hardware reports: Unlike training-time breakthroughs that chase model quality or speed, Aegaeon is an inference-time scheduler designed to maximize GPU utilization across many models with bursty or unpredictable demand. Instead of pinning one accelerator to one model, Aegaeon virtualizes GPU access at the token level, allowing it to schedule tiny slices of work across a shared pool. This means one H20 could serve several different models simultaneously, with system-wide "goodput" -- a measure of effective output -- rising by as much as nine times compared to older serverless systems. The system was tested in production over several months, according to the paper, which lists authors from both Peking University and Alibaba's infrastructure division, including CTO Jingren Zhou. During that window, the number of GPUs needed to support dozens of different LLMs -- ranging in size up to 72 billion parameters -- fell from 1,192 to just 213. While the paper does not break down which models contributed most to the savings, reporting by the South China Morning Post says the tests were conducted using Nvidia's H20, one of the few accelerators still legally available to Chinese buyers under current U.S. export controls.

Read more of this story at Slashdot.

DevOps guru and ex-Googler say vibes beat reading diffs but there are risks

"Accept All. Always. Don't read the diffs anymore."…

Security pros explore whether infection-spoofing code can immunize Windows systems against attack

Feature What's better, prevention or cure? For a long time the global cybersecurity industry has operated by reacting to attacks and computer viruses. But given that ransomware has continued to escalate, more proactive action is needed.…