news aggregator

A new infostealer variant targets macOS users by spoofing Apple, Microsoft, and Google and then then gets to work searching for victims’ password managers so it can steal all of their credentials and access cryptocurrency wallets such as MetaMask and Phantom. The updated SHub stealer variant is called Reaper, and it uses macOS Script Editor, pre-populated with the malicious payload to execute the malware, according to SentinelOne research engineer Phil Stokes, who documented the attack in a Monday blog. But unlike earlier SHub versions and similar macOS stealer campaigns that rely on ClickFix social engineering tactics to trick the user into pasting a ScriptEditor command into Apple’s Terminal command-line interface, Reaper bypasses Terminal altogether and therefore defeats defenses Apple added to Tahoe 26.4. The attack starts with fake WeChat and Miro installer websites, hosted on a domain designed to instill trust in users by typo-squatting a Microsoft URL: mlcrosoft[.]co[.]com. When a user visits these pages, hidden JavaScript collects a ton of information about their system and browser, including IP address, location, WebGL fingerprinting data, and indicators of virtual machines or VPNs. The attack stops if the victim is located in Russia. Assuming that the machine is located elsewhere and the user clicks on the fake tool installer, they open Apple’s Script Editor app via a sneaky link that’s heavily padded with ASCII art and fake terms to push the malicious command far below the visible portion of the window when it loads. When the victim clicks “Run” in Script Editor, the hidden command executes the malicious AppleScript and displays a popup message purporting to be a security update for Apple’s XProtectRemediator tool. Instead of updating the security tool, however, it calls a curl command to silently download the shell script and it asks the victim to enter their login details – which are scraped and used to decrypt various credentials – and then displays a fake error message. Earlier SHub versions harvested users’ browser data, cryptocurrency wallets, developer-related configuration files, macOS Keychain and iCloud account data, and Telegram session data. Reaper does all of this and more. It includes a filegrabber that searches for files that contain business or financial info in the user’s Desktop and Document folders. That approach is similar to the document-theft functionality seen in Atomic macOS Stealer (AMOS). The script also searches for several desktop cryptocurrency tools including Exodus, Atomic Wallet, Ledger Wallet, Ledger Live, and Trezor Suite. If it finds any, it injects the wallet with malware to ensure continued funds theft. And then, to ensure persistence, it backdoors the infected device by creating a directory structure designed to mimic Google Software Update: ~/Library/Application Support/Google/GoogleUpdate.app/Contents/MacOS/. “The LaunchAgent executes the target script GoogleUpdate every 60 seconds,” Stokes explains. “The script functions as a beacon, sending system details to the C2’s /api/bot/heartbeat endpoint.” This ensures the attacker can remotely execute code on the backdoored machine. If the attacker-controlled server sends a “code” payload, the script decodes it, writes it to a hidden file and executes the code with the users’ privileges before deleting the file. The backdoor gives the malware operators “more ways to steal data or pivot to other malicious installs after the initial compromise,” the threat hunter warns. About the only thing it doesn't do is implore the band to add more cowbell. ®

The FBI is seeking up to $36 million for nationwide access to automated license plate reader (ALPRs) data, which could let it query vehicle movements across the U.S. and its territories through a commercial database. 404 Media reports: "The FBI has a crucial need for accessible LPRs to provide a diverse and reliable range of collections across the United States. This data should be available across major highways and in an array of locations for maximum usefulness to law enforcement," a statement of work, which describes what data the FBI is seeking access to, reads. ALPR cameras generally work by constantly scanning the color, brand, model, and license plate of vehicles that drive by. This creates a timestamped record of where a particular vehicle was at a specific time that law enforcement can then query, effectively letting them see exactly where someone drove across time. The technology has existed for decades, but has become more pervasive in recent years. The FBI says it is looking for a vendor that will let it log into a Software-as-a-Service system and then query the collected ALPR data with license plate information, a description of the vehicle, a time or date, and geolocation information. The FBI says it is looking for ALPR coverage in the following areas: Eastern 48 (East of the Mississippi River); Western 48 (West of the Mississippi River); Hawaii; Puerto Rico; Alaska; and outlying areas such as Guam, the U.S. Virgin Islands, or Tribal Territories. In effect, the FBI is looking for ALPR data nationwide and even beyond. An attached price template indicates the FBI is willing to pay $6 million for each of those broad areas, bringing the total to $36 million. The FBI says it intends to award the contract to a single vendor, but if any such vendor is unable to fulfill all of the requirements, the agency may award the contract to up to two vendors. The contract is specifically for the FBI's Directorate of Intelligence, which oversees the agency's intelligence mission. The FBI is not only a law enforcement agency, but also part of the Intelligence Community. The report notes that the contract appears aimed at vendors like Flock or Motorola Solutions, since they're some of the only companies able to provide the sort of data the FBI is seeking. Further reading: Small Town Fights Over Flock's AI-Enhanced Network of License Plate-Reading Cameras

Read more of this story at Slashdot.

OPINION The future of AI is unwritten, but the writing is on the wall – your margin is my opportunity. Amazon founder Jeff Bezos said as much more than a decade ago in support of the e-souk's low-price, low-margin sales strategy. That opportunity exists in the AI training and inference business. But perhaps not for long. Two leading American AI companies, Anthropic and OpenAI, are not actually profitable at this point, but their pitch to investors is something along the lines of "just hang in there a few more years and keep sending cash." Given reports that Claude Code subscribers paying $200 a month can potentially consume $5,000 worth of tokens and that OpenAI is also losing money on subscriptions, it starts to become a bit clear why Anthropic, OpenAI, Google, and Microsoft have already started pushing customers toward metered usage pricing. AI revenue needs to go up for frontier model makers to survive. And then AI adoption needs to grow. Government agencies and large corporations that don't keep a close eye on fees may be terrified enough of AI-enabled exploitation to pay a premium for models like Anthropic's Mythos and OpenAI's GPT-5.5. But more price-sensitive folk may shop for cheaper tokens. And they're likely to find them. Benedict Evans, among the more astute industry observers, expects AI models will be commoditized. In his recently updated presentation, "AI eats the world," he suggests that the AI supply/demand imbalance will ease and the pricing power of leading AI labs will dissipate. He argues that models will become commodity infrastructure and that innovation and pricing power will have to move up the stack. That's already evident in Anthropic's efforts to keep developers interacting through its own tools like the Claude Code CLI and desktop app, and through services that sit atop its models like Claude Cowork, Claude Design, and Claude for Creative Work. But it's more apparent in US companies lobbying for regulatory intervention as a defense against competition from China, some of which has taken the form of copying AI models via a process called distillation. Zilan Qian, a research associate at the Oxford China Policy Lab, recently explored how software developers in China are acquiring AI tokens for pennies on the dollar. She writes that despite the fact that leading US model makers try to prevent people in China from using US models, everyone who wants access can get it through API proxies. "The logs they generate may have become a commodity, traded for purposes ranging from model training to targeted fraud," Qian wrote. "Meanwhile, every layer of control frontier US AI companies have added (geoblocking, phone verification, credit card requirements, and now live biometric KYC checks) has produced a corresponding layer of evasion infrastructure." This process may not be savory or sustainable – Qian posits these token sellers are just trying to acquire customers and obtain data – but it points to the difficulty US firms will have maintaining their margins and their exclusivity. Open weight models like GLM-5.1, Kimi K2.6, DeepSeek V4-Pro, and Qwen3-Coder-Next are already adequate for less demanding software development work and some, like Qwen3.6-27B, run quite well on suitably provisioned local hardware. US companies are estimated to have a lead of about seven months on Chinese AI companies. But that race will not go on forever. Even if US AI models continue to improve at their current pace, open weight models from China and elsewhere should match current leaders Claude Opus 4.7 and OpenAI GPT-5.5 by the end of 2026. At that point, better benchmarks will no doubt be welcomed, but they won't be necessary. Commodity AI will be good enough for enterprise and entrepreneurial software development. And maybe other uses will emerge, but coding right now is what people are paying for. As noted by Andreessen Horowitz, annualized AI spending by enterprises reached $3 billion annually for coding. In other categories (legal $500 million, support $400M, and medical/health $300M), adoption is significantly less. Looking at Evans's "AI eats the world" figures, promoting AI adoption will be a challenge. The tech industry is the only US workplace sector where more than 25 percent use AI on a daily basis. In finance, professional services, healthcare, retail, manufacturing, and government, there's less daily usage. And in the consumer space, only five percent of ChatGPT’s 900 million-plus weekly users pay for the privilege. Among software developers, most of those using AI are not trying to apply it to cutting-edge research or to develop complex attack chains. They're using it for fairly well understood software applications and workflows, or they're experimenting with AI agents. And increasingly, it looks like they can buy tokens at a discount if that matters. Anthropic and OpenAI need pricing and adoption to go up in order to thrive. Their margin is their vulnerability. They're going to strike deals with incumbents to make their models available on desktop and mobile hardware, particularly given the space and power constraints of phones. That will come at a cost. The likely winners will be the companies that control software distribution and delivery – operating system vendors like Apple, Google, and Microsoft, and cloud service providers like Amazon, Google, and Microsoft. Absent regulatory or legal barriers, supply constraints, or practical obstacles, prices face downward pressure where margins are high. And when you're many billions in the hole like Anthropic and OpenAI, that makes escape more difficult. In his presentation, Evans observes, "Sometimes software eats the world, and sometimes it only nibbles." ®

A Shai-Hulud copycat has turned up in yet another npm package just five days after TeamPCP open sourced the worm and announced a supply-chain attack competition on BreachForums. The poisoned package, chalk-tempalte, masquerades as an extension for the popular JavaScript terminal string styling library Chalk. It now contains a clone of Shai-Hulud, which TeamPCP published last week on GitHub after poisoning more than 170 npm packages with the credential-stealing malware as part of the ongoing supply chain attacks targeting open source dev tools. Plus, the same scumbag that uploaded the worm to chalk-tempalte also published three other malicious npm packages - @deadcode09284814/axios-util, axois-utils, and color-style-utils - containing infostealer code, according to Ox security researchers, which detected and reported the malware over the weekend. “The four malwares are inherently different, as the collected data varies between them, including exfiltrated IP addresses, cloud configurations, crypto wallets, environment variables, and even one malware turning the victim’s machine into a DDoS botnet – all from the same npm user,” researcher Moshe Siman Tov Bustan wrote on Sunday. Anyone installing any version of the packages is affected, he added, noting the total number of weekly downloads is 2,678. On Monday, the researchers told The Register that the npm user behind all four new stealer infections ran the supply-chain campaign from a home computer or local server farm. "The use of lhr.life is a clear indicator of a reverse proxy used to expose an internal network to the internet," they wrote in an email, adding that the miscreant(s) seem to be financially motivated as the code targets victims' cryptocurrency wallets and accounts. Plus, the DDoS botnet component "could indicate affiliation with anarchy groups looking to take down infrastructure and services, or intent to sell it as DDoS-as-a-service," they added. If you are running any of the four, immediately uninstall the malicious package and delete any related malicious configuration from IDEs and Claude Code or other coding agents. You should also rotate your keys on any affected machines, and check for GitHub repositories containing the string “A Mini Sha1-Hulud has Appeared,” the application security shop cautions. The Shai-Hulud copycat, like the original worm, steals secrets, credentials, crypto wallets, accounts, and other sensitive data, and sends all of this to a remote command-and-control server: 87e0bbc636999b[.]lhr[.]life. It also uploaded the stolen credentials to a new GitHub repository. The @deadcode09284814/axios-util malware collects and exfiltrates SSH keys, environment variables, and cloud credentials to 80[.]200[.]28[.]28:2222, and the color-style-utils stealer hoovers up IP addresses, IP geo-locations, and crypto wallets and sends them to edcf8b03c84634[.]lhr[.]life. The fourth malicious npm package (axois-utils) calls its payload a “phantom bot.” The code is written in Go, and contains a DDoS botnet that floods websites with HTTP, TCP, UDP and Reset requests. Persistence mechanisms also ensure it remains on the infected machine even after the package has been deleted. All four of these are from the same npm user, and Bustan warns that this influx of infostealers spreading across npm is “just the first phase of an upcoming wave of supply chain attacks coming.”®

A researcher known as Chaotic Eclipse has released a proof-of-concept exploit for a new Windows zero-day dubbed MiniPlasma, which BleepingComputer confirmed can grant SYSTEM privileges on fully patched Windows 11 systems. The researcher claims the bug is effectively a still-exploitable version of a 2020 flaw Microsoft said it had fixed. From the report: At the time, the flaw was assigned the CVE-2020-17103 identifier and reportedly fixed in December 2020. "After investigating, it turns out the exact same issue that was reported to Microsoft by Google project zero is actually still present, unpatched," explains Chaotic Eclipse. "I'm unsure if Microsoft just never patched the issue or the patch was silently rolled back at some point for unknown reasons. The original PoC by Google worked without any changes." BleepingComputer tested the exploit on a fully patched Windows 11 Pro system running the latest May 2026 Patch Tuesday updates. In our test, we used a standard user account, and after running the exploit, it opened a command prompt with SYSTEM privileges, as shown in the image [here]. Will Dormann, principal vulnerability analyst at Tharros, also confirmed the exploit works in his tests on the latest public version of Windows 11. However, he said that the flaw does not work in the latest Windows 11 Insider Preview Canary build. The exploit appears to abuse how the Windows Cloud Filter driver handles registry key creation through an undocumented CfAbortHydration API. Forshaw's original report said that the flaw could allow arbitrary registry keys to be created in the .DEFAULT user hive without proper access checks, potentially enabling privilege escalation. While Microsoft reports having fixed the bug as part of its December 2020 Microsoft Patch Tuesday, Chaotic Eclipse now claims the vulnerability can still be exploited.

Read more of this story at Slashdot.

Opposition to datacenters: it's not just for the Bernie Sanders crowd anymore. An arch-conservative running for the governorship of a solidly Republican state has called for a datacenter moratorium in one of the clearest signs yet that the tech sector is facing a backlash against its AI ambitions. US Representative and gubernatorial candidate Nancy Mace (R-SC) on Monday called for a one-year moratorium on new datacenter projects in her state, saying that reports of the southeastern state becoming a hot destination for datacenters don’t mean her constituents ought to see their power bills rise. "South Carolina is not Big Tech's personal power grid," Mace said in a statement published on Monday in her capacity as a congressional representative. "These companies are planting massive data centers across our state, driving up energy demand, and leaving families and small businesses to pick up the tab. South Carolinians are already stretched thin. The last thing they need is a higher electricity bill subsidizing Big Tech's bottom line." Mace said a one-year pause on new projects would give the state an opportunity to implement rules ensuring any future projects include protections that wouldn’t cause residents to pay more for electricity. She also said she does not want eminent domain seizures of private property on the table either, pointing to an ongoing matter in South Carolina’s neighboring state, Georgia. Mace’s concerns over datacenters leading to higher energy costs aren't an unrealized fear, either. As we reported last week, wholesale power costs in the largest US energy market, the PJM Interconnection, rose by 75 percent over the past year due to datacenter growth. South Carolina isn’t part of the PJM, but if it’s a hot destination for datacenter projects, one could assume similar pains might be felt there if more datacenter operators come knocking. Mace has made statements about datacenters through her gubernatorial campaign as well, calling for South Carolina to adopt legislation that would require datacenter projects to cover their own energy costs, as well as expressing opposition to a bill designed to regulate datacenter development. “While initially appearing to be a framework for sensible regulation, a dissection of this bill illustrates it is a masterclass in corporate welfare while leaving the hardworking citizens of South Carolina to foot the bill and suffer the consequences,” Mace said of South Carolina Senate Bill 867. You don’t need a weatherman to know which way the wind blows To call Mace a conservative is a bit of an understatement: She’s been deep in President Donald Trump’s MAGA camp for years. She and Trump have had an on-again/off-again relationship due to her opposition to Trump’s handling of the January 6 insurrection, insistence on the release of the Epstein files, and uncertainty regarding the Iran war, but she’s continued to support him and seek his endorsement for her race to lead South Carolina. In other words, she’s about as conservative as they come - she’s even called herself “Trump in high heels” in a bid to earn votes in the governor’s race. Speaking of Trump, the President has been a major proponent for datacenter expansion in the US, though he has also called for DC operators to provide their own power without increasing costs for other ratepayers. As for South Carolina, it isn’t exactly a toss-up state in terms of federal or state electoral politics. The governorship has been in Republican hands since 2003, and a Democrat hasn’t won a statewide election there since 2006. The state’s presidential vote has gone to a Republican in 13 of the last 14 elections, with Jimmy Carter’s 1976 win in the state the sole exception. The South Carolina Republican gubernatorial primary is scheduled for June 9, and the race is tight. Mace’s victory isn’t guaranteed - she’s leading in some polls, but competition is fierce heading into the final stretch. If Mace is trotting out a datacenter moratorium plan with less than a month before the primary, she’s trying to win votes, suggesting citizens in deeply conservative South Carolina are just as opposed to bit barns as those everywhere else. Polling outfit Gallup recently reported that more than 70 percent of Americans are opposed to datacenter projects in their neighborhoods, making opposition to new projects something folks on both sides of the aisle are coming together over. That said, Mace doesn’t appear to be entirely opposed to the use of AI (she’s pushed a bill to train federal government employees on the use of the tech) or datacenter projects done responsibly (her moratorium isn’t calling for the state to ban new datacenter projects). “When it is over, the rules are simple: datacenters pay their own way or they do not come here,” Mace said of future datacenter projects in her state. Mace’s teams didn’t respond to specific questions about her broader positions on AI or datacenter projects. ®

Of the world’s most powerful supercomputers, nine of the top 10 are powered by GPUs, but that might not be the case for much longer. As chipmakers like Nvidia prioritize AI FLOPS over the ultra-precise floating point calculations used in scientific computing, US National Labs are turning to new chip architectures to get their FP64 fix. Among the candidates is NextSilicon’s Maverick-2, a dataflow processor designed explicitly with the 64-bit floating point mathematics that dominate the Department of Energy’s most important simulations. Despite its name, the Department of Energy is concerned with far more than the US’ power grid. It operates some of the largest publicly known supercomputers in the world, which are responsible for everything from simulating the physics of nuclear weapons at the moment of criticality and bioweapons defense to public health and safety. Since the Titan Supercomputer made its debut in 2012, a growing number of these supercomputers have been powered by GPUs from Nvidia, and more recently AMD. But that’s not the case for Sandia National Laboratory’s new Spectra supercomputer, which was built in collaboration with Penguin Solutions and NextSilicon. Compared to exascale systems like Frontier or El Capitan, Spectra is tiny. The machine counts 64 nodes and 128 of NextSilicon’s “runtime-configurable” accelerators. But scale isn’t the point. Spectra is a test bed for NextSilicon’s Maverick-2. This week, Sandia gave the chips the thumbs up, announcing that the big iron had met all of its system acceptance requirements, opening the door for the chips to be deployed in larger systems in the future. Not another GPU Despite some similarities to Nvidia’s B200, Maverick-2 is a very different beast. Instead of the standard von Neumann compute architecture that underpins most CPUs and GPUs today, NextSilicon’s chips employ a reconfigurable dataflow architecture. The processor’s two compute dies comprise a grid of arithmetic logic units interconnected in a graph. Each unit is configured at runtime to perform a specific operation, whether it be addition, multiplication, or some other logic operation. But the chip’s real trick is overlapping data flow and compute. As soon as data reaches the next unit in the pipeline, it’s computed immediately, no waiting for load-store operations to shuffle data around. According to NextSilicon, this dramatically improves the performance and efficiency of the chips in real-world workloads. Dataflow architectures aren’t new. Groq, Cerebras, and SambaNova have all built chips based on the concept. However, all of these designs are aimed at AI inference or training. NextSilicon’s is one of the few we’ve seen aimed at HPC. Dataflow is notoriously difficult to program for, which is likely why the chip startups that have built chips around it have largely offered them as a managed or white glove service rather than selling bare metal servers. Rather than trying to port workloads to run on its chips, NextSilicon has built a compiler that it claims allows it to run any existing C, Python, Fortran, or CUDA codebases on its chips. As we understand it, it works by initially running these workloads on the CPU. The compiler then captures the compute graph, maps it to the chips, and then optimizes it to maximize performance. With Spectra, Sandia has now validated the parts across three key workloads: the high-performance conjugate gradient (HPCG) benchmark, the LAMMPS molecular dynamics test suite, and the Sparta Monte Carlo simulation suite. AI is changing GPUs NextSilicon’s focus on HPC comes in stark contrast to the next generation of GPUs from Nvidia. The company’s Rubin GPUs due out later this year promise gobs of memory bandwidth and up to 50 petaFLOPS of FP4 compute. This makes the chips strong contenders for AI inference and training workloads, which is probably why the DoE is also deploying them in systems like the Doudna supercomputer at Lawrence Berkeley National Laboratory. While FP64 compute remains relevant for many existing scientific workloads, for AI workloads, Nvidia's GPUs are still relevant to US Labs. However, all those AI FLOPS come at the expense of hardware FP64 vector and matrix performance. Rubin tops out at 33 teraFLOPS, making it slower than even Nvidia’s nearly four-year-old H100. But that’s not to say it’s not good for scientific computing. For matrix heavy workloads like High Performance Linpack (HPL), Nvidia is leaning on a somewhat controversial spin on the Ozaki scheme, which uses lower precision data types to emulate FP64 compute. Using this approach, Nvidia claims Rubin can deliver up to 200 teraFLOPS of FP64 matrix performance. We dug deeper into Nvidia’s emulated FP64 algorithms earlier this year, but suffice to say it’s not perfect. While it has shown promise in certain HPC workloads, in others, particularly vector-heavy ones, like computational fluid dynamics, it offers little if any benefit. Coincidentally, the latter happens to be the same kind of workload that NextSilicon has focused its attention on. We don’t yet have system-level benchmarks for NextSilicon’s hardware, much less Spectra, but we’re told a single Maverick-2 can deliver about 600 gigaFLOPS of FP64 compute HPCG. The startup claims this performance is roughly on par with leading GPUs while consuming half the power. While Nvidia is clearly prioritizing AI compute in its latest generation of GPUs, AMD has taken a different approach. Like Rubin, AMD’s new MI455X accelerators are tuned for AI inference and training, but it’s only one of several versions of the GPU the House of Zen has baked in TSMC’s oven. For the MI430X, AMD swapped out the AI-centric compute dies for some built specifically for HPC. Earlier this month, we learned the chip would deliver up to 200 teraFLOPS of peak FP64 grunt to the DoE’s upcoming Discovery and Europe's Alice Recoque supercomputers. Who needs GPUs anyway? Chip startups like NextSilicon still need to prove their chips can scale to larger systems. But, across the Pacific, China has already shown that, at least for scientific computing, it doesn’t need GPUs to compete with the West’s best supers. China has a history of building boutique silicon specifically to advance its national supercomputing capability. Some systems, like the Sunway TaihuLight supercomputer, used a custom manycore processor like 260 custom RISC processors. Others, like the Tianhe 2A, used a homegrown digital signal processor (DSP) called the Matrix 2000 for its FP64 compute. More recently, we caught wind of a new supercomputer, called the LineShine, that, similar to the TaihuLight machine, reportedly uses 47,000 custom CPUs, which are expected to push the machine to 2 exaFLOPS of FP64 grunt. Of course, because China doesn’t participate in the annual Top500 ranking of the fastest publicly known supers anymore, we may never know for sure. China’s use of boutique silicon is due in part to US trade restrictions on the sale of high-end accelerators in the region. Even where still legal, these chips have become a supply chain vulnerability for Beijing. In fact, the US government’s decision to bar Intel from selling its Xeon Phi processors to China drove the development of the Matrix 2000. In the US, the bigger challenge may be competing with chip designers' shareholders. AI has made Nvidia the most valuable company in the world; HPC by comparison remains an important, albeit niche market. ®

Nintendo is trying to secure a touchscreen-specific monster-catching patent that could be relevant to Palworld Mobile. Japan's patent office has initially rejected the application for lacking an inventive step over prior art, but the company could appeal or amend the claims. Games Fray reports: The Japan Patent Office (JPO) has now made a new monster-catching patent application by Nintendo public. Patent Application No. 2026-019762 covers monster-catching of the kind already asserted against the PC and console versions of Palworld and is from the same patent family as two of the three patents Nintendo is already asserting against Palworld, but with a touchscreen focus. Potential targets are the upcoming Palworld Mobile game and Tencent's Roco Kingdom: World, which is presently available only in China but likely to expand internationally. Nintendo filed the application this year with a request for a fast-tracked review. The JPO has indeed been quick, and the response is that Nintendo's application lacks an inventive step over the prior art. Nintendo already amended the claims in February and can try to amend them again. It can try to persuade the examiner and potentially appeal the decision. But the initial rejection suggests that Nintendo will not obtain the desired touchscreen monster-catching patent quickly. The rejection was communicated on April 24, 2026. Nintendo could abandon the application now, but Nintendo being Nintendo, they are more likely to try to persuade the examiner to arrive at a different conclusion, even though the reasons for the rejection are strong. In many patent examination processes, the initial rejection is essentially just an invitation to present one's best arguments. Here, however, the rejection notice is so well-reasoned that it will be an uphill battle for Nintendo. Nintendo's application would cover a touchscreen-controlled game in which a player moves through "a field in a virtual space," uses "a capture item for capturing a field character," and can summon "a battle character" to fight that creature. During combat, the game would display "a plurality of commands including at least an attack command and an item command," selected through "an operation input using the touch panel." The key claim is that when the capture item is used "during a battle" or "in a non-battle state," the game performs "a capture success determination," and, if successful, "the field character is captured and set to a state owned by the player."

Read more of this story at Slashdot.

Meta is expected to begin cutting about 8,000 jobs this week as it pours more money into AI infrastructure and looks to "offset" other investments, with additional layoffs reportedly possible later this year. According to CNBC, the morale has worsened inside the company. "Internally, there's an emerging sense of dread across wide swaths of the company," the report says, citing current and former Meta employees. "That's in part because more cuts are expected this year, including a potential round of layoffs in August, followed by another round later in the year, some of the sources said." From the report: [...] Whatever anxiety investors are experiencing, the feelings inside the company are more intense, with some longtime staffers questioning Meta's AI pursuits under AI chief Alexandr Wang, while also weighing if now is the time to leave for opportunities at other companies in the AI race, according to current and former employees. Data aggregated by Blind, an anonymous professional network that requires users to verify their employment with a work email address, reveals some of the internal malaise. Meta's overall rating by employees on Blind has declined 25% from a peak in the second quarter of 2024 to the current period, with a 39% drop in its culture rating. In every category other than compensation, Meta has seen a ratings decline and dramatically underperforms rivals Amazon, Google and Netflix, the Blind data reveals. The company's full-court press with AI included the recent debut of an employee tracking tool intended to collect data from staffers' actions, such as mouse movements and keystrokes on their work computers. The Model Capability Initiative, or MCI, as it's called, is part of Meta's efforts to train AI models to power digital agents that can perform various coding and white-collar tasks. Employees have characterized the data tracking tool as "dystopian," according to messages viewed by CNBC, with some workers expressing fear that personal information could be leaked. Some Meta workers have noted that their workplace computers appear slower since the company initiated the project, adding to their frustration, sources said. Meta workers responded by creating an online petition that urges Zuckerberg and leadership to shutter the project. "Collecting and repurposing this kind of data raises serious concerns around privacy, consent, and trust in the workplace," the petition says. "It should not be the norm that companies of any size are permitted to exploit their employees by nonconsensually extracting their data for the purposes of AI training." Further reading: NYT: 'Meta's Embrace of AI Is Making Its Employees Miserable'

Read more of this story at Slashdot.

After three weeks of testimony, which was covered extensively here on Slashdot, a U.S. jury on Monday ruled against Elon Musk in his lawsuit against OpenAI, finding that he waited too long to bring his claims that the company betrayed its nonprofit mission. Reuters reports: The trial had widely been seen as a critical moment for the future of OpenAI and artificial intelligence generally, both in how it should be used and who should benefit from it. Following the verdict, Musk's lawyer said he reserved the right to appeal, but the judge suggested he may have an uphill battle because whether the statute of limitations ran out before Musk sued was a factual issue. "There's a substantial amount of evidence to support the jury's finding, which is why I was prepared to dismiss on the spot," U.S. District Judge Yvonne Gonzalez Rogers said. In his 2024 lawsuit, Musk accused OpenAI, its Chief Executive Sam Altman and its President Greg Brockman of manipulating him into giving $38 million, then going behind his back by attaching a for-profit business to its original nonprofit and accepting tens of billions of dollars from Microsoft and other investors. Musk called the OpenAI defendants' conduct "stealing a charity." OpenAI was founded by Altman, Musk and several others in 2015. Musk left its board in 2018, and OpenAI set up a for-profit business the next year. OpenAI countered that it was Musk who saw dollar signs, and that he waited too long to claim OpenAI breached its founding agreement to build safe artificial intelligence to benefit humanity. "Mr. Musk may have the Midas touch in some areas, but not in AI," William Savitt, a lawyer for OpenAI, said in his closing argument. The verdict followed 11 days of testimony and arguments where Musk's and Altman's credibility came under repeated attack. Lawyers for OpenAI embraced each other after the verdict was announced. Microsoft faced an aiding and abetting claim. In a statement, a Microsoft spokesperson said, "The facts and the timeline in this case have long been clear and we welcome the jury's decision to dismiss these claims as untimely." Recap: Musk Accused of 'Selective Amnesia', Altman of Lying As OpenAI Trial Nears End (Day Twelve) OpenAI Trial Wraps Up With 'Jackass' Trophy For Challenging Musk (Day Eleven) Sam Altman Testifies That Elon Musk Wanted Control of OpenAI (Day Ten) Microsoft CEO Satya Nadella Testifies In OpenAI Trial (Day Nine) Sam Altman Had a Bad Day In Court (Day Eight) Sam Altman's Management Style Comes Under the Microscope At OpenAI Trial (Day Seven) Brockman Rebuts Musk's Take On Startup's History, Recounts Secret Work For Tesla (Day Six) OpenAI President Discloses His Stake In the Company Is Worth $30 Billion (Day Five) Musk Concludes Testimony At OpenAI Trial (Day Four) Elon Musk Says OpenAI Betrayed Him, Clashes With Company's Attorney (Day Three) Musk Testifies OpenAI Was Created As Nonprofit To Counter Google (Day Two) Elon Musk and OpenAI CEO Sam Altman Head To Court (Day One)

Read more of this story at Slashdot.

UPDATED Web hosting bills getting too expensive? Maybe you ought to consider serving your site from a one-dollar 8-bit microcontroller. Okay, you won’t exactly be serving up a high-performance, graphic-rich website using this project from European developer and blogger Maurycy Zalewski. The setup is limited to one URL, but hey, it actually works, provided an influx of visitors hasn’t killed the site yet. The bargain-basement chip that serves as the central component of this project is the AVR64DD32, which currently retails from DigiKey for $1.30. It has a single 8-bit AVR core with a blistering 24 MHz max clock speed, 8 KB of static RAM, 64 KB of flash memory, and 256 bytes of EEPROM non-volatile memory for storing a very limited amount of data. Zalewski told The Register in an email that the whole build was free for him, as he had everything on hand, but he estimates the total cost of the thing to run closer to $2 or $3 when accounting for resistors and capacitors, the board the chip is attached to, and the like. Serving a web page from such a limited chip is a task, to say the least, and Maurycyz had to do a lot of legwork to get the thing working. The I/O pins on the AVR max out at 12 MHz, which Zalewski explained meant that it wouldn’t be possible to use Ethernet for the project, as the data flow from even the aged baseline Ethernet connection of 10BASE-T is too fast for the chip to handle. “10BASE-T still runs at 10 megabits/second,” Zalewski wrote. “Worse, it uses Manchester encoding: a zero is sent as ‘10’ and a one as ‘01,’ so 10 megabits of data is actually 20 megabits at the wire.” “The proper solution is to buy a dedicated Ethernet chip from DigiKey, but then I'd be waiting weeks to finish this project,” Zalewski noted. Instead of waiting, he decided to take a different approach by turning to Serial Line Internet Protocol (SLIP), just like the guy who turned a discarded vape into a web server last year. For those unfamiliar with SLIP, it’s a 38-year-old protocol designed to encapsulate IP traffic for transmission over serial lines, and it was widely used to make internet connections in the olden days. SLIP is still supported in modern Linux builds due to its compact size and the fact that it’s often used to connect microcontrollers to the internet. Now, giving the AVR an internet connection didn’t solve the harder problem of actually serving a web page to visitors. Zalewski said the chip could generate response packets by swapping the source and destination addresses on incoming traffic and resetting the packet’s TTL value, but implementing TCP still took several days of work. HTTP handling was simplified by returning a hardcoded response for every request, which works as long as the site only serves a single URL. Here’s that limitation we were talking about: “This works fine as long as there's only a single URL on the site,” Zalewski said. Sorry for those wanting to host more pages from that $1 microcontroller. Lastly, Zalewski said he had to figure out how to get requests from the internet to the microcontroller without spending money on a publicly routed IP address. That was resolved by using WireGuard to connect the microcontroller located at his home to a public-facing machine at a Helsinki datacenter, which then proxied requests to the microcontroller using a local address block. “This means that visitors aren't directly connecting to the MCU's TCP/IP stack... but hey, it's the same setup that the Vape Server uses and no one complained,” Zalewski said. And all without having to buy a vape or root through dumpsters to find an old one. Zalewski told us that the hardware he used for the task was so simple that it only took a few minutes to build the thing itself. The software was another thing altogether, though. "Wiring up the board only took a few minutes, but writing the software took multiple days," Zalewski said. Lucky for those wanting to duplicate or add to his work, the source code and a pre-compiled binary that'll run on an 8-bit microcontroller are included in his blog post. ® Updated at 1854 GMT on 3/18/2026 with more information after we spoke to the developer.

An anonymous reader quotes a report from the Wall Street Journal: Going back to grad school has long been the Plan B of young professionals who aspire to climb higher in their careers or struggle to get promoted in a tough job market. New data show that getting a master's degree isn't the guarantee it used to be. The unemployment rate for workers under 35 with a master's degree has rarely been higher in the past 20 years, according to the Burning Glass Institute, a labor-market think tank focused on the future of work, which analyzed data collected by the U.S. Bureau of Labor Statistics going back to 2003. At the same time, the unemployment rate for workers under 35 with a Ph.D., law degree or medical degree has rarely been lower. "For most of the past two decades, these lines moved together -- not anymore," said Gad Levanon, chief economist of Burning Glass. Levanon has a theory about why the payoffs for advanced degrees have uncoupled: "More degrees chasing fewer of the positions those degrees were meant to unlock." [...] While degrees from law school and medical school amount to a license to practice, master's degrees are more of a signal, Levanon said. And a signal loses value when so many people have one, he added: "It's hardly a sure bet to securing a good job." Now master's-degree holders under 35 are at the 77th percentile of unemployment, where the 50th percentile is normal, according to the Burning Glass analysis. Even associate-degree holders have had a higher employment level for the past year. Unemployment among master's-degree holders has been worse only about a quarter of the time in the past 20-plus years. There was a stint during the Covid-19 pandemic when this cohort was out of work at higher rates, and a more prolonged stretch as the U.S. climbed out of the recession in 2008 and 2009. "Every indication is hiring managers now are more receptive than ever to the idea that a person doesn't need a graduate degree to be competitive," said Johnny C. Taylor Jr., president of SHRM, the chief lobbying group for human-resource professionals. "We are seeing that, hands down, especially in the last two or three years with AI," he said of job readiness. Employers just want to know, "Can you do it?"

Read more of this story at Slashdot.

Microsoft is testing long-requested Windows 11 customization options, including a resizable taskbar, smaller taskbar buttons, and a more configurable Start menu that lets users reduce recommended content. BleepingComputer reports: Starting with Windows 11 Insider Preview Build 26300.8493, the taskbar can now be configured to use smaller buttons and moved to the bottom, top, left, or right side of the screen. "The ability to move the taskbar to the top or sides of the screen has been one of the most requested features, and we are bringing it to Windows 11," said Diego Baca, partner director of Microsoft Design. "With this update, when small taskbar is enabled, you get smaller icons, a shorter taskbar, and more vertical space for your apps (see video below). No restart or sign-out is required." [...] Microsoft is also rolling out changes to give Windows users more control over the Start menu, allowing them to toggle off recommended content and customize its size. "These controls are designed to work together. If you want a Start menu with just your pinned apps, you can turn off Recommended and All," Boca added. "If you want a full Start that shows everything, you can leave it all on. The goal is simple: it is your choice, and it should be easy to make." However, Microsoft will maintain a list of recently installed apps, as it is a key way for users to discover new applications alongside the Microsoft Store. Furthermore, Microsoft is improving file relevance by adjusting how files are displayed and ordered to prioritize the most relevant items, and will also allow users to hide their name and profile picture from the Start menu. [...] In addition to taskbar and Start menu improvements, the company plans to reduce notifications, simplify Windows settings, and ensure that device setup on new Windows PCs requires fewer reboots. Microsoft is also working on improving Windows search, aiming for a more consistent experience across the Start menu, taskbar, File Explorer, and Settings.

Read more of this story at Slashdot.

Another Linux kernel flaw has handed local unprivileged users a way to peek at files they should never be able to read, including root-only secrets such as SSH keys. The bug affects multiple LTS kernel lines from 5.10 upward, although a fix has already landed – and there is now a proposal for reducing the odds of similar surprises in future. What FOSS analytics vendor Metabase memorably dubbed the strip-mining era of open source security continues. This time, the culprit is CVE-2026-46333, a local kernel vulnerability that lets an unprivileged user read files they should not be able to access, including those normally available only to root. An attacker who already has login access to an affected machine could therefore potentially grab SSH keys, password files, or other confidential credentials, as the KnightLi blog explains. Despite its official designation, a demo exploit on GitHub calls it ssh-keysign-pwn. It is not quite as catchy a name as Copy Fail, or Dirty Frag, or indeed Fragnesia, but we feel it is safe to say it hasn't been a good month. According to a report on Linux Stans, it affected LTS kernel versions 5.10, 5.15, 6.1, 6.6, 6.12, 6.18 and 7.0. The good news is that it's already been fixed: Linus himself, in commit 31e62c2, called the fix "ptrace: slightly saner 'get_dumpable()' logic." The issue was reported on the oss-security list on Friday by security consultancy Qualys, as noted on X by grsecurity's Brad Spengler. In the same thread, Altan Baig pointed out that the underlying issue was reported by Jann Horn on the Linux Kernel Mailing List way back in 2020. The problem with tracking security reports, which Penguin Emperor Torvalds described recently, is not new, alas. ModuleJail This also seems like a good time to look at what we thought was an interesting new defensive measure, Jasper Nuyens' ModuleJail. The top line of the README summarizes it: The mention of "no AI inside the tool" is arguably something of a giveaway, and you can see a CLAUDE.md file in the repo. Even so, how it works is simple enough. Although Linux has a monolithic kernel, it is modular: when the kernel's source code is compiled, the person or tool building it can choose if each individual component is included (built into the binary), not included at all, or compiled as a module, which can be loaded on the fly as and when it's needed. Since the kernel is mostly device drivers, it's normal for distribution vendors to compile most non-essential components as kernel modules – as the Arch wiki explains. Blacklisting a module just means adding its name to a list of modules not to load. Blacklisting unusued models for added security isn't a new idea. It's in the RHEL 6 documentation, for instance, and a DoHost blog post from last year describes it as a security measure. ModuleJail simply automates the process: it blacklists any modules not currently in use. Probably safe for a server, but rather less ideal for a laptop or machine where you need to plug in new hardware on the fly. Connecting a USB headset, say, is quite different from plugging one into a headphone socket. While a device with a jack plug uses your existing sound controller, by connecting a USB one you're effectively adding a new sound controller – just one that happens to be connected over USB. ModuleJail mentions that its approach avoids changing the initramfs. An initramfs, like an initrd, is a file containing a temporary RAM disk, so that a generic kernel can find and load the drivers it needs for the particular box it's running on – even before it can find the machine's SSD and mount the root partition. Back in the 1990s, as grumpy old graybeards such as this vulture recall, recompiling your kernel was a standard part of periodic system maintenance. One benefit of building the kernel customized for your own computer was eliminating the need for an initramfs. If all the drivers are built in, there's no need for this temporary stage, although as the ArchWiki notes, this does limit some advanced features, which, for instance, systemd uses. We would love to see some of the systemd-free distros incorporate such automatic ModuleJail-style identification of essential modules, and use it to build a custom kernel on the fly, then banish the use of initramfs. (Maybe just keep the all-options-enabled installation kernel around as an emergency fallback.) Aside from a few special cases such as OpenZFS, this should work on most hardware – and make life simpler, quicker, and perhaps slightly more secure. ®

The CFTC says it is ramping up efforts to catch insider trading and market manipulation in prediction markets, using AI tools, blockchain tracing, and other surveillance systems to flag suspicious bets. It's also monitoring activity by U.S. traders accessing offshore platforms like Polymarket through VPNs. Wired reports: [T]he Commodity Futures Trading Commission, which oversees prediction markets, wants you to know that it's watching very, very closely. The agency is searching for suspicious behavior from traders within the United States who have been sneaking onto offshore markets, including Polymarket's crypto platform -- which is blocked stateside -- by using virtual private networks. "We're going to find them, and we're going to bring actions," agency chairman Michael Selig told WIRED this week, speaking from the CFTC's headquarters in Washington, DC. Selig says the agency, which is especially lean right now, is staffing up. Like so many other AI-pilled workplaces, the CFTC is also leaning into automation to handle the growing workload, including tools that analyze trading patterns and flag potential manipulation. "You've got so much data," Selig says. "When we feed it into AI, we get really great information. It can help us understand things, like where we might want to investigate, or when we might need to send a subpoena to a trader." In addition to proprietary surveillance systems developed in-house, the agency's arsenal includes third-party blockchain tracing tools like Chainalysis for crypto platforms, and market abuse detection software including Nasdaq Smarts for centralized markets. (Beyond Nasdaq Smarts, the agency did not specify which AI tools it uses and declined to share more specific examples.) [...] Selig recently told Congress that the company is pursuing "hundreds, if not thousands" of insider trading tips. Investigations are not limited to federally regulated exchanges. "We're surveilling the markets on a global basis," he tells WIRED. Selig says that the agency will exert extraterritorial jurisdiction -- its legal ability to enforce its laws beyond traditional boundaries -- when it finds suspicious activity on offshore platforms like Polymarket, though he says it's a case-by-case approach. "We use it in extreme circumstances," he says, with an eye towards whether charges have a strong chance of sticking in court. "In any extraterritorial litigation, there's going to be challenges to our authority, and that could also impair our ability to bring cases in the future." According to Selig, the 2010 Dodd-Frank Act allows the CFTC more leeway to pursue this kind of enforcement action, by giving it more authority over foreign swap activities that impact the US. When appropriate, the agency works with regulators from other countries, too. "For cases where we're not sure we'll win, or it's less in our wheelhouse and more of a foreign matter, we would relay it to a foreign regulator," he says. "We're constantly referring cases." [...] Selig is insistent that the CFTC is only just getting started. The agency will identify wrongdoers, he says -- no matter "how large or how small."

Read more of this story at Slashdot.

Europe's hunt for secure, high-capacity satellite communications infrastructure has produced a laser-equipped mountaintop ground station in northern Greece. Lithuanian space and defense biz Astrolight says that it has commissioned a new optical ground station in Greece that will support ESA-backed CubeSat missions testing laser-based communications between satellites and Earth. The Holomondas Optical Ground Station was built through the PeakSat project, led by the Aristotle University of Thessaloniki with backing from the European Space Agency and Greece's Ministry of Digital Governance. Its job is to receive data from satellites via infrared laser links rather than the radio systems that space operators have relied on for decades. PeakSat and ERMIS-3, two Greek CubeSats launched in March under ESA's wider Greek IOD/IOV mission program, both carry Astrolight's ATLAS-1 optical communication terminal. Astrolight also built the ground segment, giving the project a fully integrated end-to-end optical communications setup. Astrolight CEO Laurynas Mačiulis told The Register that the company originally pursued laser communications after concluding it "would need to tap into the optical spectrum," as demand for satellite bandwidth continues to grow. He described optical connectivity as "one of the enabling technologies for further expansion into space." The company says the station uses an 808-nanometer laser beacon and an optical C-band receiver capable of receiving data at up to 2.5 Gbps. Unlike traditional RF systems, optical links use tightly focused infrared beams that are harder to intercept or jam while also supporting significantly higher throughput. The engineering problem, however, is slightly more complicated than pointing a laser pointer at the sky and hoping for the best. "You have two moving objects that try to establish a laser link, which means trying to point a very, very narrow laser pointer at your object, which is potentially tens of thousands of kilometers away, moving at eight kilometers per second," Mačiulis said. ESA and its partners are pitching optical comms partly as an answer to an increasingly crowded radio spectrum, but the tech is also drawing attention from defense and dual-use operators interested in more resilient communications systems. "There is a need for networking in space, both for connectivity and tactical reasons, and dual-use defense applications," Mačiulis said, adding that future satellite constellations "will inevitably rely on optical links, because that gives information superiority and security and resistance to jamming electronic warfare." He added "there's also sovereignty aspects, which means that there will never be a single player – there cannot be just Starlink." ®

Netherlands police’s scheme to unmask and shame scammers into submission is proving highly successful, with 74 of its 100 most wanted now known to investigators. The country's “Game Over?!” campaign involved releasing the blurred images of fraudsters into the public domain and threatening to unmask them within two weeks if they did not turn themselves in. True to its word, after two weeks, the Dutch police unblurred the alleged offenders’ faces via social media and advertising boards across the country, including at gas stations, shopping centers, and train stations. The result? Thirty-four handed themselves in, and revealing the remaining faces led to the identification of a further 40 individuals. The police said it received more than 500 tips from the public after it unblurred the faces. Its website was viewed more than two million times, and its campaign images were seen nearly 90 million times on social media. Of the 74 now known to the police, more than half (38) have been questioned, and the interrogations for the rest are already scheduled. Police have arrested six individuals so far, although they stated that this doesn’t necessarily mean the arrests were directly for their alleged crimes. Arrests may take place when someone fails to appear for police questioning, for example, or if a suspect is linked to multiple offenses. Anne Jan Oosterheert, portfolio holder for online crime at the Dutch Politie, said: “This form of crime claims many victims. It has a huge impact on both the victims and society. The goal of Game Over?! is therefore to identify and prosecute the suspects. “With the identification of 74 suspects, this goal has been amply achieved, and so far, we can speak of a successful investigative offensive. We are very satisfied and grateful for all the help we have received from citizens.” An unusual take on appealing to the public for support, Game Over?! aimed to give the alleged offenders the chance to retain their anonymity in exchange for helping the police, and potentially assisting their own prosecution. The idea behind naming the campaign “Game Over?!” came from the term “F-Game,” or fraud game, which is what police say offenders often refer to when discussing their actions. The police’s initial announcement explicitly called the campaign a public attack on criminals, saying that it was also relying on public shaming to eventually apprehend the alleged offenders. The same message also came with a warning that young people were increasingly being recruited to these schemes, often paid very little for the privilege. Of the 74 now identified, the police said today that the youngest suspect was aged just 14, with the oldest being 42. The average age across them all was 22. Game Over?! explicitly targeted banking helpdesk impersonators, fake police officers, and card collectors, with officials saying they had become a “nasty” social problem. “These nasty forms of fraud have now become a social problem that can also be solved in collaboration with society," said Oosterheert previously as part of the campaign’s launch announcement. Of the crime types police strategists are looking to stamp out, cases involving bank helpdesk fraud are the most common, and typically target the elderly. The classic script goes: scammer calls the victim pretending to be a representative of their bank; throughout the course of the phone call, the scammer convinces the victim to surrender enough of their details so they can go away and access their account; the scammer then steals their money. Fake police officer scams are another, more recent scourge on the country, that in some cases have become violent and even deadly. They typically also target the elderly and see criminals knocking on doors, offering to safeguard valuables on the residents’ behalf. Police say that tens of thousands of elderly victims have fallen victim to scams like these, resulting in police fielding calls from victims and their “frightening stories.” “The impact on these often vulnerable victims is enormous,” the police said. “Their sense of security is often completely gone, as is their trust in the government and their fellow human beings.” ®

An anonymous reader quotes a report from the New York Times: The World Health Organization declared on Saturday that the spread of the Ebola virus in the Democratic Republic of Congo and Uganda was a global health emergency. The announcement was made a day after Africa's leading public health authority reported that an outbreak in a province in the northeast of the country was linked to dozens of suspected deaths. By Saturday, cases had also been confirmed in Kampala, the capital of Uganda, the W.H.O. said. In Congo's Ituri province, where the outbreak was first identified, 246 suspected cases and 80 deaths attributed to the virus had been reported, although only eight cases had been definitively linked to the virus through laboratory testing. There is no approved vaccine and no therapeutics for the Bundibugyo species of Ebola behind the outbreak, according to the W.H.O. The scale of the outbreak could be far larger than has been detected and reported, the W.H.O. said in declaring a "public health emergency of international concern." It added that there were "significant uncertainties" about the precise number of people infected and the "geographic spread." The W.H.O.'s declaration signals a public health risk requiring a coordinated international response, and is intended to prompt member countries to prepare for the virus to spread and to share vaccines, treatments and other resources needed to contain the outbreak. [...] The risk of the outbreak spreading is exacerbated by a humanitarian crisis, high population mobility and a large network of informal health care facilities in the area, the agency said. Containing an Ebola outbreak depends on the speed and scale of the public health response. The virus is transmitted through direct contact with the bodily fluids of an infected person, putting family members and caregivers at particular risk. Tracing people who may have come into contact with sufferers, isolating and treating victims promptly and safely, and burying the dead properly are all viewed as critical steps.

Read more of this story at Slashdot.

The AI industry is copying techniques used by tobacco firms, big pharma and oil companies to influence governmental policy and regulation of itself, according to an academic study. Researchers at the University of Edinburgh, Trinity College Dublin, Delft University of Technology, and Carnegie Mellon University claim they identified patterns of "corporate capture" by which regulations and public bodies come to act in the interest of industry rather than the citizens they are meant to protect. Their paper, “Big AI’s Regulatory Capture: Mapping Industry Interference and Government Complicity,” details various mechanisms of capture and how these work. The most frequent include what the researchers identify as Discourse & Epistemic influence (D&EI), Elusion of law, or Direct influence on policy. For evidence, the researchers analyzed 100 news stories covering four global AI events between 2023 and 2025; the EU AI Act negotiations, and the global AI summits held in the UK, South Korea, and France. They report finding numerous cases fitting capture patterns. One of the most prevalent here was “narrative capture,” which is when an industry or company attempts to steer discussion in a direction that benefits them, and influences the position or decisions of public officials and official regulations. As an example, it cites how the European Commission has uncritically followed the industry’s call to "simplify” the AI Act (alongside other digital regulation) even before it has been fully implemented. Earlier this month, The Register reported how enforcement of the rules was delayed, while the rules themselves were cut back after months of angry complaints from AI companies. Narratives deployed emphasized how "regulation stifles innovation" and centered on "red tape," where regulation is portrayed as unnecessary or excessive, setting the stage for later calls explicitly advocating for "deregulation." The researchers found that "elusion of law" (using legal loopholes) is the most recurring after narrative-framing activity. This may comprise violations, such as disregarding existing laws, or contentious interpretations of laws governing areas including antitrust, privacy, copyright and labor laws. Reg readers will be familiar with AI developers' efforts to exempt themselves from copyright laws, for example, by arguing that requiring permission or payment for training data would stifle progress or even destroy the industry entirely. This position has been championed by the Tony Blair Institute and by the UK’s former deputy PM and erstwhile Meta apologist Sir Nick Clegg, who now works for neocloud biz Nscale. The study also identified lobbying and "Revolving Door" as common tools for shaping policy, the latter referring to public officials moving into private sector roles or industry figures securing influential government posts. The UK government’s flagship AI Opportunities Action Plan - for example - was authored by entrepreneur Matt Clifford, who it turns out happens to have financial interests in nearly 500 tech firms, including a number involved with AI. The paper concludes that while it is only right that government regulators attend to the concerns of industry, regulation should always prioritize protecting and promoting the core public values for which governments bear responsibility. It warns that the AI industry’s power, wealth and influence have "far-reaching implications" in terms of impact on the rule of law, the labor market, the environment, knowledge production, and, ultimately, on the functioning of democracy itself. The level of power held by the AI industry is "so corrosive" that policymakers ought to treat it as an emergency, the paper says. Government complicity is detrimental to ensuring the rule of law and to restoring trust in public interest technologies, it points out. ®

The TanStack team has documented security measures and proposals following a damaging breach last week, including the possibility of making pull requests (PRs) by invitation only - a break from the open-contribution model that defines most open source projects. The attack used code from the Shai-Hulud worm, published by malware outfit TeamPCP, which can extract secrets from memory used by GitHub Actions. It began with a PR that triggered an automatic workflow via TanStack's use of the pull_request_target feature, causing the malicious code to be built and run by a GitHub Action, poisoning a cache used across the entire repository. The TanStack team said that its workflow used a pattern GitHub warns against: pull_request_target id intended for PRs that "do not require dangerous processing, say building or running the content of the PR." Since the attack, TanStack has removed all use of pull_request_target from its continuous integration (CI) pipeline, disabled caches used by pnpm (a Node.js package manager) and GitHub Actions, pinned actions to commit SHA (Secure Hash Algorithm) hashes rather than retargetable tags, and disabled use of text messages for 2-factor authentication. The TanStack repository also now uses a feature of pnpm 11 called minimumReleaseAge, which requires dependencies to have been published for a set period before they can be installed. The idea is that compromised packages are usually detected and removed before that period completes. A more drastic proposal is closing the ability for external contributors to open pull requests at all. "We are absolutely not going closed source," the team said, but it could put in place a mechanism where contributions begin with an issue or discussion, and a PR can be submitted only by invitation. TanStack acknowledged that it would be a radical step to take as "open PRs are part of how a lot of us became maintainers in the first place." It might not be necessary if the repository can be hardened enough that malicious PRs cannot cause damage. It is a debate that maintainers of other open source projects will watch with interest. Supply chain security is a huge issue, but making pull requests invitation-only could hurt projects by deterring contributions. Another aspect of this is the extent to which GitHub itself is to blame. "Cache scoping in GitHub Actions shouldn't silently bridge fork PRs and base-repo branches," said the TanStack team.®