news aggregator

Archer Aviation is "the official air taxi partner" of the 2028 Olympic Games in Los Angeles, Electrek reported in May. In June it entered "a key development phase ahead of full-fledged flight certification and commercial operations" by completing a piloted flight in its flagship Midnight aircraft, "demonstrating a conventional takeoff and landing instead of vertical (it can do both)." During that flight, which took place in the skies above Salinas, California, the eVTOL achieved a top speed of 125 mph and a maximum altitude of 1,500 feet above ground level. Most recently, Archer has taken its Midnight eVTOL above Salinas again, achieving its longest flight to date. Per Archer, the recent successful flight in California lasted 31 minutes, and the piloted Midnight eVTOL traveled 55 miles — the company's longest recorded flight yet with a pilot onboard... [Again with speeds exceeding 125 mph] United Airlines CFO Mike Leskinen, who led the airline's early investment in Archer Aviation, was present at the test facility to witness the milestone flight. Leskinen congratulated the Archer team on its longest eVTOL flight and expressed his satisfaction with the Midnight aircraft's quiet operation. Their aircraft even "reached speeds of nearly 150 miles per hour" the week before, according to Archer's announcement. They're calling it another milestone "as the company advances toward FAA certification in the U.S. and near-term commercialization in the United Arab Emirates." And Archer's Founder/CEO said crossing the 50-mile mark at speed "is another clear step toward commercialization that shows the maturity of our program."

Read more of this story at Slashdot.

"Good news, everyone! The new version of Mozilla's browser now makes even more extensive use of AI," writes the Register, "providing summaries of linked content and offering developers the ability to add LLM support to extensions." Firefox 142 brings some visible shininess, but due to the combination of regional restrictions and Mozilla's progressive rollout system, not everybody can see all the features just yet... Not geofenced but subject to phased rollout are link previews, for various native-English-speaking regions. Hover over, long-press, or right-click a link and pick Preview Link, and a summary should appear. Mozilla's summary says: "Previews can optionally include AI-generated key points, which are processed on your device to protect your privacy." "Link Previews is gradually rolling out to ensure performance and quality," Firefox says in their release notes, "and is now available in en-US, en-CA, en-GB, en-AU for users with more than 3 GB of available RAM." (The notes also add a welcome for "the developers who contributed their first code change to Firefox in this release, 20 of whom were brand new volunteers!") The Register notes that Firefox 142 also gives developers the ability to add LLM support to extensions using wllama, a Wasm binding interfacing with llama.cpp, which lets you run Meta's Llama LLM and other models, locally or in the cloud.

Read more of this story at Slashdot.

The Hill reports: Russian state-sponsored hackers have targeted thousands of networking devices associated with U.S. critical infrastructure sectors over the past year, the FBI warned Wednesday. The cyber actors are associated with the Russian Federal Security Service's (FSB) Center 16 and have taken aim at a vulnerability in certain Cisco devices, according to an agency public service announcement. In some cases, hackers have been able to modify configuration files to enable unauthorized access, which they have used to conduct reconnaissance on networks. This has "revealed their interest in protocols and applications commonly associated with industrial control systems," the FBI said. Cisco's threat intelligence research arm, Talos, explained in a separate advisory that a subcluster of this group, which it has named "Static Tundra," is targeting a seven-year-old vulnerability in the company's Smart Install feature. The firm has offered a patch for the vulnerability, but it remains a problem in unpatched and end-of-life network devices, it warned. "Once they establish initial access to a network device, Static Tundra will pivot further into the target environment, compromising additional network devices and establishing channels for long-term persistence and information gathering," warns the Talos blog. "This is demonstrated by the group's ability to maintain access in target environments for multiple years without being detected." In a statement emailed to The Register, a Cisco spokesperson "said the company is aware of ongoing exploitation targeting this flaw." "We strongly urge customers to immediately upgrade to fixed software versions as outlined in the security advisory and follow our published security best practices," the spokesperson said, directing customers to the FBI's announcement and Cisco Talos blog for additional details. The ongoing campaign targets telecommunications, higher education, and manufacturing organizations across North America, Asia, Africa, and Europe, "with victims selected based on their strategic interest to the Russian government," according to Talos researchers Sara McBroom and Brandon White. "We assess that the purpose of this campaign is to compromise and extract device configuration information en masse, which can later be leveraged as needed based on then-current strategic goals and interests of the Russian government," McBroom and White wrote. And while both security alerts focus on the FSB's latest round of network intrusions, "many other state-sponsored actors also covet the access these devices afford," the Talos team warned. "Organizations should be aware that other advanced persistent threats (APTs) are likely prioritizing carrying out similar operations as well." Some context from Hot Hardware: Cisco indicated in its advisory that "Only Smart Install client switches are affected by the vulnerability". The list of affected devices is in Table A-1 here. For a successful attack, hackers exploit a vulnerability tracked as CVE-2018-0171. This was a vulnerability that was patched way back in 2018.

Read more of this story at Slashdot.

Everything you need to know to build, run, serve, optimize and quantize models on your PC

Hands on Training large language models (LLMs) may require millions or even billion of dollars of infrastructure, but the fruits of that labor are often more accessible than you might think. Many recent releases, including Alibaba's Qwen 3 and OpenAI's gpt-oss, can run on even modest PC hardware.…

For incentives remember the three Fs – finance, fame, and fixing it

feature Thirty years ago, Netscape kicked off the first commercial bug bounty program. Since then, companies large and small have bought into the idea, with mixed results.…