news aggregator

This apparently makes VCF more extensible and open to partners

Broadcom will let its hardware allies self-certify their boxes as compliant with a new spec it developed that describes rigs ready to run AI workloads under its VMware Cloud Foundation (VCF) private cloud platform.…

Improves tracking prevention, profile management, PDF editing, and Perplexity creeps into your address bar

Firefox 145 is out, with more privacy, better profile handling, better image search for Google users… and, almost inevitably, more LLM bot integration.…

Metropolitan Police lands lengthy sentence following 'complex' investigation

The Metropolitan Police's seven-year investigation into a record-setting fraudster has ended after she was sentenced to 11 years and eight months in prison on Tuesday.…

Various touch-ups added as MPs seek greater resilience to attacks on critical sectors

UK government introduced the Cyber Security and Resilience (CSR) Bill to Parliament today, marking a significant overhaul of local cybersecurity legislation to sharpen the security posture of the most critical sectors.…

Skies are open for mischief as hard-to-trace drones and fast-moving cyber raids promise new wave of disruption

Britain's aviation watchdog has warned it's only a matter of time before organized drone attacks bring UK airports to a standstill.…

'Don't just give me a price list or licensing module that spikes cost by 20x, show me the value,' says CTO

SAP insists customers wanting "innovation" such as AI must upgrade to its latest platform for ERP, using prescribed cloud migration plans. Kingfisher - which operates 2,000 European retail stores including UK brands Screwfix and B&Q - rejected that approach.…

Pre-tariff purchasing panic also helped to end 18-month growth run

Shipments of tablet computers from minor vendors are on the slide, according to analyst firm IDC.…

A new theory from the agency that brought us ‘America hacked itself to blame Beijing’

China’s National Computer Virus Emergency Response Center (CVERC) has alleged a nation-state entity, probably the USA, was behind a 2020 attack on a bitcoin mining operation and by doing so has gone into bat for entities that Beijing usually blasts.…

Google has unveiled Private AI Compute, a cloud platform designed to deliver advanced AI capabilities while preserving user privacy. As The Verge notes, the feature is "virtually identical to Apple's Private Cloud Compute." From the report: Many Google products run AI features like translation, audio summaries, and chatbot assistants, on-device, meaning data doesn't leave your phone, Chromebook, or whatever it is you're using. This isn't sustainable, Google says, as advancing AI tools need more reasoning and computational power than devices can supply. The compromise is to ship more difficult AI requests to a cloud platform, called Private AI Compute, which it describes as a "secure, fortified space" offering the same degree of security you'd expect from on-device processing. Sensitive data is available "only to you and no one else, not even Google."

Read more of this story at Slashdot.

‘Elite teams’ are pondering cyber-attacks to turn off energy supply or telecoms networks

The head of Australia’s Security Intelligence Organisation (ASIO) has warned that authoritarian regimes “are growing more willing to disrupt or destroy critical infrastructure”, using cyber-sabotage.…

Disney is losing an estimated $4.3 million per day (about $30 million per week) from the ongoing YouTube TV blackout of ESPN, ABC, and other networks amid a contract dispute over carriage fees. Of course, YouTube is also feeling financial pressure from users who have already canceled or intend to cancel their service. Variety reports: Disney is losing an estimated $30 million per week from its networks being pulled off YouTube TV, which works out to nearly $4.3 million per day, according to Morgan Stanley analysts. The figure came in a research note from Morgan Stanley equity analysts Benjamin Swinburne and Thomas Yeh, who said in their financial forecast for Disney's year-end 2025 quarter, they are "layering in 14 days of impact from the ongoing YouTube TV blackout, which we estimate is a $60mm revenue headwind." Nov. 11 marks the 12th day of the Disney blackout on YouTube TV. The Morgan Stanley analysts wrote that they expect the Disney-YouTube TV dispute to be resolved later this week, but estimated that each week its networks are dark on YouTube TV will lower Disney's adjusted earnings per share by 2 cents.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: ClickFix often starts with an email sent from a hotel that the target has a pending registration with and references the correct registration information. In other cases, ClickFix attacks begin with a WhatsApp message. In still other cases, the user receives the URL at the top of Google results for a search query. Once the mark accesses the malicious site referenced, it presents a CAPTCHA challenge or other pretext requiring user confirmation. The user receives an instruction to copy a string of text, open a terminal window, paste it in, and press Enter. Once entered, the string of text causes the PC or Mac to surreptitiously visit a scammer-controlled server and download malware. Then, the machine automatically installs it -- all with no indication to the target. With that, users are infected, usually with credential-stealing malware. Security firms say ClickFix campaigns have run rampant. The lack of awareness of the technique, combined with the links also coming from known addresses or in search results, and the ability to bypass some endpoint protections are all factors driving the growth. The commands, which are often base-64 encoded to make them unreadable to humans, are often copied inside the browser sandbox, a part of most browsers that accesses the Internet in an isolated environment designed to protect devices from malware or harmful scripts. Many security tools are unable to observe and flag these actions as potentially malicious. The attacks can also be effective given the lack of awareness. Many people have learned over the years to be suspicious of links in emails or messengers. In many users' minds, the precaution doesn't extend to sites that instruct them to copy a piece of text and paste it into an unfamiliar window. When the instructions come in emails from a known hotel or at the top of Google results, targets can be further caught off guard. With many families gathering in the coming weeks for various holiday dinners, ClickFix scams are worth mentioning to those family members who ask for security advice. Microsoft Defender and other endpoint protection programs offer some defenses against these attacks, but they can, in some cases, be bypassed. That means that, for now, awareness is the best countermeasure. Researchers from CrowdStrike described in a report a campaign designed to infect Macs with a Mach-O executive. "Promoting false malicious websites encourages more site traffic, which will lead to more potential victims," wrote the researchers. "The one-line installation command enables eCrime actors to directly install the Mach-O executable onto the victim's machine while bypassing Gatekeeper checks." Push Security, meanwhile, reported a ClickFix campaign that uses a device-adaptive page that serves different malicious payloads depending on whether the visitor is on Windows or macOS.

Read more of this story at Slashdot.

Dave Knott writes: Microsoft has released Visual Studio 2026, the first major version of their flagship compiler in almost four years. Release notes are available here. The compiler has also been updated, including improved (but not yet 100%) C++23 core language and standard library implementations.

Read more of this story at Slashdot.

Sony reported that PlayStation 5 sales have reached 84.2 million units, officially surpassing every Xbox console ever released. IGN reports: The PlayStation 5 is now up to 84.2 million copies sold after shifting an additional 3.9 million units during the three-month period ending September 30, Sony has announced. That's a slight increase on the 3.8 million PS5 units Sony sold during the same quarter last year, but it's an impressive result given the price of the console has actually gone up over the course of this generation, rather than come down. [...] As an aside, unlike Sony, Microsoft does not make Xbox Series X and S sales figures public, but analysts have suggested the combined Xbox Series effort is being outsold by the PS5 by at least a factor of 2:1. The more appropriate comparison for the PS5 then, is with its predecessor, the PlayStation 4. Five years into the current console generation, the PS5 is slightly behind the PS4 (the PS4 sold-in to retailers more than 86.1 million units after five years on sale). But Sony has said this console generation is its most financially successful ever, with sales surpassing those made during the reign of all previous Sony consoles.

Read more of this story at Slashdot.

A Munich court ruled that OpenAI violated German copyright law by training its models on lyrics from nine songs and allowing ChatGPT to reproduce them. OpenAI now faces damages as it considers an appeal. Reuters reports: The regional court in Munich found that the company trained its AI on protected content from nine German songs, including Groenemeyer's hits "Maenner" and "Bochum." The case was brought by German music rights society GEMA, whose members include composers, lyricists and publishers, in another sign of artists around the world fighting back against data scraping by AI. Presiding judge Elke Schwager ordered OpenAI to pay damages for the use of copyrighted material, without disclosing a figure. GEMA legal advisor Kai Welp said GEMA hoped discussions could now take place with OpenAI on how copyright holders can be remunerated. OpenAI had argued that its language models did not store or copy specific training data but, rather, reflected what they had learned based on the entire training data set. Since the output would only be generated as a result of user inputs known as prompts, it was not the defendants, but the respective user who would be liable for it, OpenAI had argued. However, the court found that both the memorization in the language models and the reproduction of the song lyrics in the chatbot's outputs constitute infringements of copyright exploitation rights, according to a statement on the ruling.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: The Big G is finally making good on its promise to add its market-leading Nano Banana image-editing model to the app. The model powers a couple of features, and it's not just for Google's Android platform. Nano Banana edits are also coming to the iOS version of the app. [...] The Photos app already had conversational editing in the "Help Me Edit" feature, but it was running an older non-fruit model that produced inferior results. Nano Banana editing will produce AI slop, yes, but it's better slop. Google says the updated Help Me Edit feature has access to your private face groups, so you can use names in your instructions. For example, you could type "Remove Riley's sunglasses," and Nano Banana will identify Riley in the photo (assuming you have a person of that name saved) and make the edit without further instructions. You can also ask for more fantastical edits in Help Me Edit, changing the style of the image from top to bottom. Google is very invested in getting people to use its AI tools, but less-savvy users might not be familiar enough with AI prompting to get the most out of Nano Banana. So Google Photos is also getting a collection of AI templates in a new "Create with AI" section. This menu will offer pre-formed prompts based on popular in-app edits. Some of the options you'll see include "put me in a high fashion photoshoot," "create a professional headshot," and "put me in a winter holiday card." The app is also getting a new "Ask" button, which is not to be confused with "Ask Photos." The former is a new contextual button that appears when viewing a photo, and the latter is Google's controversial natural language search feature. [...] When looking at a photo, you can tap the Ask button to get information about the content of the photo or find related images. You can also describe edits you'd like to see in this interface, and Nano Banana will make them for you.

Read more of this story at Slashdot.

FFmpeg, the open source multimedia framework that powers video processing in Google Chrome, Firefox, YouTube and other major platforms, has called on Google to either fund the project or stop burdening its volunteer maintainers with security vulnerabilities found by the company's AI tools. The maintainers patched a bug that Google's AI agent discovered in code for decoding a 1995 video game but described the finding as "CVE slop." The confrontation centered on a Google Project Zero policy announced in July that publicly discloses reported vulnerabilities within a week and starts a ninety-day countdown to full disclosure regardless of patch availability. FFmpeg, written primarily in assembly language, handles format conversion and streaming for VLC, Kodi and Plex but operates without adequate funding from the corporations that depend on it. Nick Wellnhofer resigned as maintainer of libxml2, a library used in all major web browsers, because of the unsustainable workload of addressing security reports without compensation and said he would stop maintaining the project in December.

Read more of this story at Slashdot.

Democratic U.S. Senator Elizabeth Warren is escalating pressure on the defense industry to stop opposing military right-to-repair legislation, as House and Senate negotiators work to finalize the fiscal 2026 National Defense Authorization Act. From a report: In a sharply-worded November 5 letter to the National Defense Industrial Association (NDIA) obtained by Reuters, Warren accused the industry group of attempting to undermine bipartisan efforts to give the Pentagon greater ability to repair weapons and equipment it owns. She called the group's opposition "a dangerous and misguided attempt to protect an unacceptable status quo of giant contractor profiteering." Currently, the government is often required to pay contractors like NDIA members Lockheed Martin, Boeing and RTX to use expensive original equipment and installers to service broken parts, versus having trained military maintainers 3D print spares in the field and install them faster and more cheaply.

Read more of this story at Slashdot.

China has introduced a visa that will allow young foreign researchers in science, technology, engineering and mathematics to move there without having to secure a job first. From a report: Before the introduction of the K visa, most foreign STEM researchers hoping to move to China had to find a job in advance and then apply for a work visa. The Chinese government is making "a serious bid" to attract the world's brightest minds in STEM, says Jeremy Neufeld, the director of immigration policy at the Institute for Progress, a think tank in Washington DC. South Korea, Singapore and several other countries have also launched STEM-oriented visa programmes. The K visa was officially rolled out on 1 October, but Nature understands that applications are yet to open. Few details about eligibility have been released, except that restrictions will apply on the basis of an applicant's age, education and work experience. Foreign researchers who have graduated from 'famous' universities or institutes in China or abroad with a bachelor-or-higher degree in STEM will be eligible to apply. That also includes people who teach or research STEM topics in such organizations.

Read more of this story at Slashdot.

Animal testing in science would be phased out faster under a new plan to increase the use of artificial intelligence and 3D bioprinted human tissues, a UK minister has said. The Guardian: The roadmap unveiled by the science minister, Patrick Vallance, backs replacing certain animal tests that are still used where necessary to determine the safety of products such as life-saving vaccines and the impact pesticides have on living beings and the environment. The strategy says phasing out the use of animals in science can only happen when reliable and effective alternative methods with the same level of safety for human exposure can replace them. The government said new funding for researchers and streamlined regulation would help develop methods such as organ-on-a-chip systems -- tiny devices that mimic how human organs work using real human cells. Greater use of AI to analyse vast amounts of data about molecules and predict whether new medicines will be safe and work well on humans would be deployed, while 3D bioprinted tissues could create realistic human tissue samples, from skin to liver, for testing. Other plans under the strategy include an end to regulatory testing on animals to assess the potential for skin and eye irritation and skin sensitisation by the end of 2026. By 2027, researchers are expected under the strategy to end tests of the strength of botox on mice, while by 2030 pharmacokinetic studies -- which track how a drug moves through the body over time -- on dogs and non-human primates will be reduced.

Read more of this story at Slashdot.