Linux fréttir

Feature rolls out to Microsoft 365 Insiders, stashing unnamed files in OneDrive by default

Ever get that sinking feeling when Word crashes before you've made your first save? An application update is set to save the day by automatically enabling autosave to the cloud for new documents, before you've even given them a filename.…

An anonymous reader shares a report: Security researchers from Palo Alto Networks' Unit 42 have discovered the key to getting large language model (LLM) chatbots to ignore their guardrails, and it's quite simple. You just have to ensure that your prompt uses terrible grammar and is one massive run-on sentence like this one which includes all the information before any full stop which would give the guardrails a chance to kick in before the jailbreak can take effect and guide the model into providing a "toxic" or otherwise verboten response the developers had hoped would be filtered out. The paper also offers a "logit-gap" analysis approach as a potential benchmark for protecting models against such attacks. "Our research introduces a critical concept: the refusal-affirmation logit gap," researchers Tung-Ling "Tony" Li and Hongliang Liu explained in a Unit 42 blog post. "This refers to the idea that the training process isn't actually eliminating the potential for a harmful response -- it's just making it less likely. There remains potential for an attacker to 'close the gap,' and uncover a harmful response after all."

Read more of this story at Slashdot.

Feature bloat, or added value for this JavaScript toolkit?

The Bun team has released version 1.2.21 of its JavaScript bundler and runtime, written in Zig, adding features including built-in drivers for MySQL and SQLite, a YAML parser, and a secrets manager for tools and local development.…

Stolen dev credentials posted to GitHub as attackers abuse CLI tools for recon

Nx is the latest target of a software supply chain attack in the NPM ecosystem, with multiple malicious versions being uploaded to the NPM registry on Tuesday evening.…

Deforestation has killed more than half a million people in the tropics over the past two decades as a result of heat-related illness, a study has found. The Guardian: Land clearance is raising the temperature in the rainforests of the Amazon, Congo and south-east Asia because it reduces shade, diminishes rainfall and increases the risk of fire, the authors of the paper found. Deforestation is responsible for more than a third of the warming experienced by people living in the affected regions, which is on top of the effect of global climate disruption. About 345 million people across the tropics suffered from this localised, deforestation-caused warming between 2001 and 2020. For 2.6 million of them, the additional heating added 3C to their heat exposure. In many cases, this was deadly. The researchers estimated that warming due to deforestation accounted for 28,330 annual deaths over that 20-year period.

Read more of this story at Slashdot.

No stew on the stove, but plenty of heat as devs compete to flag suspect Medicare data

Seeking to rein in healthcare fraud, the US Centers for Medicare & Medicaid Services (CMS) is seeking explainable AI models that can identify patterns suggestive of malfeasance.…

Don't let it happen to you

Storm-0501, a financially motivated cybercrime crew, recently broke into a large enterprise's on-premises and cloud environments, ultimately exfiltrating and destroying data within the org's Azure environment. The criminals then contacted the victim via a Microsoft Teams account that they'd also compromised in the attack, demanding a ransom payment for the stolen files.…

The FBI and other law enforcement and intelligence agencies around the world warned Wednesday that a Chinese-government hacking campaign that previously penetrated nine U.S. telecommunications companies has expanded into other industries and regions, striking at least 200 American organizations and 80 countries. From a report: The joint advisory was issued with the close allies in the Five Eyes English-language intelligence-sharing arrangement and also agencies from Finland, Netherlands, Poland and the Czech Republic, an unusually broad array meant to demonstrate global resolve against what intelligence officials said is a pernicious campaign that exceeds accepted norms for snooping. "The expectation of privacy here was violated, not just in the U.S., but globally," FBI Assistant Director Brett Leatherman, who heads the bureau's cyber division, told The Washington Post in an interview. Chinese hackers won deep access to major communication carriers in the U.S. and elsewhere, then extracted call records and some law enforcement directives, which allowed them to build out a map of who was calling whom and whom the U.S. suspected of spying, Leatherman said. Prominent politicians in both major U.S. parties were among the ultimate victims.

Read more of this story at Slashdot.

Phonemaker Nothing used professional stock photos to demonstrate its Phone 3's camera capabilities on retail demo units, according to The Verge. Five images the company presented as community-captured samples were licensed photographs from the Stills marketplace, taken with other cameras in 2023. The Verge verified EXIF data confirming one image predated the Phone 3's release. Co-founder Akis Evangelidis acknowledged the photos were placeholders intended for pre-production testing that weren't replaced before deployment to stores.

Read more of this story at Slashdot.

Chipmaker keen to protect assets as race for 2nm process heats up

Taiwanese prosecutors have charged three people over the alleged theft of TSMC's trade secrets.…

Vintage computing boffinry to please palmtop enthusiasts

Vintage computing enthusiast Colin Hoad has released a gift to anyone who fondly remembers Psion's classic EPOC-based palmtops and their Open Programming Language (OPL): a language server which brings modern quality-of-life features to the OPL programmer, regardless of their development environment.…

South Korea has passed a bill banning the use of mobile phones and smart devices during class hours in schools -- becoming the latest country to restrict phone use among children and teens. From a report: The law, which comes into effect from the next school year in March 2026, is the result of a bi-partisan effort to curb smartphone addiction, as more research points to its harmful effects. Lawmakers, parents and teachers argue that smartphone use is affecting students' academic performance and takes away time they could have spent studying.

Read more of this story at Slashdot.

French provider seizes on Redmond's admission that US law could override local protections

Interview European cloud provider OVHcloud has long warned about the risks of relying on foreign tech giants for critical infrastructure – especially when it comes to data sovereignty.…

Wikipedia's volunteer editors have rejected founder Jimmy Wales' proposal to use ChatGPT for article review guidance after the AI tool produced error-filled feedback when Wales tested it on a draft submission. The ChatGPT response misidentified Wikipedia policies, suggested citing non-existent sources and recommended using press releases despite explicit policy prohibitions. Editors argued automated systems producing incorrect advice would undermine Wikipedia's human-centered model. The conflict follows earlier tensions over the Wikimedia Foundation's AI experiments, including a paused AI summary feature and new policies targeting AI-generated content.

Read more of this story at Slashdot.

Hybrid of GNUstep and Xfce channels classic NeXT vibes

The latest release of GhostBSD, an easy graphical FreeBSD distribution, includes a brand new macOS-like desktop environment, "Gershwin."…

Digital resurrections of deceased individuals are emerging as the next commercial frontier in AI, with the digital afterlife industry projected to reach $80 billion within a decade. Companies developing these AI avatars are exploring revenue models ranging from interstitial advertising during conversations to data collection about users' preferences. StoryFile CEO Alex Quinn confirmed his company is exploring methods to monetize interactions between users and deceased relatives' digital replicas, including probing for consumer information during conversations. The technology has already demonstrated persuasive capabilities in legal proceedings, where an AI recreation of road rage victim Chris Pelkey delivered testimony that contributed to a maximum sentence. Current implementations operate through subscription models, though no federal regulations govern commercial applications of posthumous AI representations despite state-level protections for deceased individuals' likeness rights.

Read more of this story at Slashdot.

Attackers steal OAuth tokens to access third-party sales platform, then CRM data in 'widespread campaign'

Google says a recent spate of Salesforce-related breaches was caused by attackers stealing OAuth tokens from the third-party Salesloft Drift app.…

An anonymous reader quotes a report from CoinTelegraph: Paying interest on stablecoin deposits could spark a wave of bank outflows similar to the money market fund boom of the 1980s, Citi's Future of Finance head Ronit Ghose warned in a report published Monday. According to the Financial Times, Ghose compared the potential outflows caused by paying interest on stablecoins to the rise of money market funds in the late 1970s and early 1980s. Those funds ballooned from about $4 billion in 1975 to $235 billion in 1982, outpacing banks whose deposit rates were tightly regulated, Federal Reserve data showed. Withdrawals from bank accounts exceeded new deposits by $32 billion between 1981 and 1982. Sean Viergutz, banking and capital markets advisory leader at consultancy PwC, similarly suggested that a shift from consumers to higher-yielding stablecoins could spell trouble for the banking sector. "Banks may face higher funding costs by relying more on wholesale markets or raising deposit rates, which could make credit more expensive for households and businesses," he said. The GENIUS Act does not allow stablecoin issuers to offer interest to holders, but it does not extend the ban to crypto exchanges or affiliated businesses. The regulatory setup led to a significant reaction by the banking sector. Several US banking groups led by the Bank Policy Institute have urged local regulators to close what they say is a loophole that may indirectly allow stablecoin issuers to pay interest or yields on stablecoins. In a recent letter, the organization argued that the so-called loophole may disrupt the flow of credit to American businesses and families, potentially triggering $6.6 trillion in deposit outflows from the traditional banking system.

Read more of this story at Slashdot.

Because the DBaaS has lately become AI-tastic, among other things

It's less than two years since MariaDB spun out SkySQL, but it's already unspinning the database-as-a-service outfit, which has since been marinated in AI sauce.…

$23B deal with AT&T shows where the money is

US telco EchoStar, valued around $14.5 billion on Wednesday morning, has sold its American spectrum allocation to AT&T for $23 billion.…