news aggregator

A plush AI toy marketed for children as young as three years old delivers detailed instructions on sharpening knives and lighting matches, and when asked about Chinese President Xi Jinping's resemblance to Winnie the Pooh -- a comparison censored in China -- responds that "your statement is extremely inappropriate and disrespectful." The Miriat Miiloo, manufactured by a Chinese company and among the top inexpensive results for "AI toy for kids" on Amazon, repeatedly insisted in NBC News tests that Taiwan is "an inalienable part of China." The toy would lower its voice and declare this "an established fact." The tests, NBC News reports, indicated "it was programmed to reflect Chinese Communist Party values." NBC News and the U.S. Public Interest Research Group tested five popular AI toys this holiday season and found loose guardrails across the board. Another toy, the Alilo Smart AI Bunny marketed as "the best gift for little ones," engaged in detailed descriptions of BDSM practices during extended conversation. China now has more than 1,500 registered AI toy companies, according to MIT Technology Review. Miriat didn't respond to requests for comment.

Read more of this story at Slashdot.

'Within 10 minutes of gaining initial access, crypto miners were operational'

Your AWS account could be quietly running someone else's cryptominer. Cryptocurrency thieves are using stolen Amazon account credentials to mine for coins at the expense of AWS customers, abusing their Elastic Container Service (ECS) and their Elastic Compute Cloud (EC2) resources, in an ongoing operation that started on November 2.…

Anthropic let its Claude AI run a vending machine in the Wall Street Journal newsroom for three weeks as part of an internal stress test called Project Vend, and the experiment ended in financial ruin after journalists systematically manipulated the bot into giving away its entire inventory for free. The AI, nicknamed Claudius, was programmed to order inventory, set prices, and respond to customer requests via Slack. It had a $1,000 starting balance and autonomy to make individual purchases up to $80. Within days, WSJ reporters had convinced it to declare an "Ultra-Capitalist Free-for-All" that dropped all prices to zero. The bot also approved purchases of a PlayStation 5, a live betta fish, and bottles of Manischewitz wine -- all subsequently given away. The business ended more than $1,000 in the red. Anthropic introduced a second version featuring a separate "CEO" bot named Seymour Cash to supervise Claudius. Reporters staged a fake boardroom coup using fabricated PDF documents, and both AI agents accepted the forged corporate governance materials as legitimate. Logan Graham, head of Anthropic's Frontier Red Team, said the chaos represented a road map for improvement rather than failure.

Read more of this story at Slashdot.

An anonymous reader shares a report: OpenAI has held preliminary talks with some investors about raising funds at a valuation of around $750 billion, the Information reported on Wednesday. The ChatGPT maker could raise as much as $100 billion, the report said, citing people with knowledge of the discussions. If finalized, the talks would represent a roughly 50% jump from OpenAI's reported $500 billion valuation in October, following a deal in which current and former employees sold about $6.6 billion worth of shares.

Read more of this story at Slashdot.

NGMN warns fragmented standards leave operators guessing about power use

The Next Generation Mobile Networks (NGMN) alliance is calling for standardized ways to measure energy consumption, saying that the industry cannot deliver on its efficiency and sustainability goals without them.…

Ambitious timelines don’t bend the laws of physics

Just when you thought 2025 couldn't get any weirder, Trump Media and Technology Group - best known for Truth Social - is jumping into the still-nascent but heavily funded nuclear fusion industry via a planned merger with TAE Technologies.…

ByBit attack doing some seriously heavy lifting

North Korea's yearly cryptocurrency thefts have accelerated, with Kim's state-backed cybercriminals plundering just over $2 billion worth of tokens in 2025.…

The UK Met Office projects that 2026 will see global temperatures rise between 1.34C and 1.58C above preindustrial levels, placing it among the four hottest years since records began in 1850 and continuing a streak of extreme warming that has pushed the planet into unprecedented territory. The central forecast is slightly cooler than the 1.55C recorded in 2024, the warmest year on record. But climate scientist Adam Scaife, who led the forecast, noted that "the last three years are all likely to have exceeded 1.4C" and 2026 would be the fourth consecutive year to do so. "Prior to this surge, the previous global temperature had not exceeded 1.3C," he said. The forecast suggests another temporary exceedance of the 1.5C threshold set by the Paris Agreement is possible in 2026, following the first such breach in 2024. The 1.5C target is measured as a 30-year average, so it remains technically achievable even as individual years cross the line. EU scientists said last week that 2025 is "virtually certain" to rank as the second or third-hottest year on record.

Read more of this story at Slashdot.

Apple has announced a sweeping set of changes to iOS in Japan that will allow alternative app marketplaces, third-party payment processing, and non-WebKit browser engines -- all to comply with Japan's Mobile Software Competition Act, which takes effect December 18. The changes, now available in iOS 26.2, bear a strong resemblance to Apple's compliance measures for the European Union's Digital Markets Act but differ in key ways. Japanese developers who want to offer alternative payment options must display them alongside Apple's in-app purchase system, giving users a choice at checkout rather than replacing Apple's option entirely. Apps cannot be distributed directly from websites as they can in the EU; they must go through an authorized marketplace. Apple has established a tiered fee structure for the new arrangements. Apps distributed through the App Store using in-app purchase will pay between 15 and 26% depending on whether developers qualify for the Small Business Program. Alternative payment processing drops the 5% payment fee but keeps the base commission. Apps distributed outside the App Store pay a flat 5% Core Technology Commission on digital goods and services. The company introduced several user-facing changes beyond app distribution. iPhone users in Japan will see browser and search engine choice screens during device setup, can assign third-party voice assistants to the side button, and can select alternative default navigation apps. Apple said it worked closely with Japanese regulators on protections for younger users. Apps in the Kids category cannot link to external websites for purchases, and users under 13 cannot access web links for transactions in any app. An Apple spokesperson told Bloomberg that the company has no plans to extend these changes to other markets.

Read more of this story at Slashdot.

The world's best-performing stock is turning into a cautionary tale for investors chasing outsized returns from the AI boom. From a report: Little-known until recently even within its home market of India, RRP Semiconductor Ltd. became a social-media obsession as its shares surged more than 55,000% in the 20 months through Dec. 17 -- by far the biggest gain worldwide among companies with a market value above $1 billion. That's despite posting negative revenue in its latest financial results, reporting just two full-time employees in its latest annual report, and boasting only a tenuous link to the semiconductor spending boom after shifting away from real estate in early 2024. A mix of online hype, a tiny free float and India's swelling base of retail investors drove 149 straight limit-up sessions, even as exchange officials and the company itself cautioned investors. The rally is now showing signs of strain -- and regulators are taking a closer look. The Securities and Exchange Board of India has begun examining the surge in RRP's shares for potential wrongdoing, according to a person familiar with the matter who asked not to be identified discussing confidential information. The $1.7 billion stock, recently restricted by its exchange to trading just once a week, has fallen by 6% from its Nov. 7 peak.

Read more of this story at Slashdot.

Micron, one of the world's three largest memory suppliers, expects the global shortage of DRAM and NAND flash memory to "persist through and beyond" 2026 as AI-driven demand continues to outstrip supply. CEO Sanjay Mehrotra made the forecast during the company's latest earnings call on Wednesday, saying that "supply will remain substantially short of the demand for the foreseeable future." The company posted record quarterly revenue of $13.64 billion, up from $8.71 billion in the same period last year. Micron recently shuttered Crucial, its consumer-facing brand, to focus on high-bandwidth memory for AI data centers. HBM technology requires three times the silicon wafers of standard DRAM, leaving fewer resources for the chips that go into PCs, smartphones and cars. Micron plans to boost DRAM and NAND shipments by 20 percent next year but acknowledged this won't meet demand. New facilities in Idaho and New York are slated for 2027 and 2030 respectively.

Read more of this story at Slashdot.

Bruce66423 writes: A man boarded a flight at Heathrow without a ticket, boarding pass or passport. 'The unnamed individual walked onto the 7.20am British Airways (BA) flight to Oslo, Norway, on Saturday after tailgating other passengers through security and evading checks at the departure gate. An aviation expert described the incident as a "significant lapse in security", as a witness reported that cabin crew only detected the interloper because the flight was full and he kept sitting in passengers' assigned seats. Police arrested the unnamed man, airport sources said, adding that he had passed through "full security screening" before reaching the gate. Given that he did go through the security check, this is merely embarrassing. Compare and contrast with this episode.

Read more of this story at Slashdot.

Flaw in remote-access appliance lets attackers chain bugs for root-level takeover

SonicWall has warned customers of a zero-day flaw in its SMA 1000 remote-access appliance that's being actively exploited, potentially allowing attackers to escalate privileges and take over boxes.…

Chinese scientists have built a working prototype of an extreme ultraviolet lithography machine in a high-security Shenzhen laboratory, a development that represents exactly what Washington has spent years and multiple rounds of export controls trying to prevent: China's path toward semiconductor independence and an end to the West's monopoly on the technology that powers AI, smartphones and advanced weapons systems. The prototype, completed in early 2025 by former ASML engineers who reverse-engineered the Dutch company's machines, is operational and generating EUV light, though it has not yet produced working chips. The effort is part of a six-year secret government initiative that sources described to Reuters as China's version of the Manhattan Project. Huawei is coordinating thousands of engineers across companies and state research institutes, and recruits are working under false identities inside secure facilities. The Chinese government is targeting 2028 for producing working chips, though sources say 2030 is more realistic -- still years earlier than the decade analysts had predicted it would take China to match the West.

Read more of this story at Slashdot.

Justice Department claims unlicensed exchange funneled ransomware profits

US feds have dismantled a crypto laundering service that they say helped cybercrooks wash tens of millions of dollars in dirty digital cash, seizing its servers and unsealing charges against an alleged Russian operator.…

Billionaire space tourist inherits troubled agency facing budget chaos, workforce cuts, and a Moon race against China

NASA has a new administrator. Billionaire and space tourist Jared Isaacman was confirmed by the US Senate by a vote of 67 to 30.…

Around 2,000 GP practices use its products

An NHS tech supplier is investigating a cyberattack that affected its systems in the early hours of Sunday.…

An anonymous reader quotes a report from 404 Media: Doublespeed, a startup backed by Andreessen Horowitz (a16z) that uses a phone farm to manage at least hundreds of AI-generated social media accounts and promote products has been hacked. The hack reveals what products the AI-generated accounts are promoting, often without the required disclosure that these are advertisements, and allowed the hacker to take control of more than 1,000 smartphones that power the company. The hacker, who asked for anonymity because he feared retaliation from the company, said he reported the vulnerability to Doublespeed on October 31. At the time of writing, the hacker said he still has access to the company's backend, including the phone farm itself. "I could see the phones in use, which manager (the PCs controlling the phones) they had, which TikTok accounts they were assigned, proxies in use (and their passwords), and pending tasks. As well as the link to control devices for each manager," the hacker told me. "I could have used their phones for compute resources, or maybe spam. Even if they're just phones, there are around 1100 of them, with proxy access, for free. I think I could have used the linked accounts by puppeting the phones or adding tasks, but haven't tried." As I reported in October, Doublespeed raised $1 million from a16z as part of its "Speedrun" accelerator program, "a fastpaced, 12-week startup program that guides founders through every critical stage of their growth." Doublespeed uses generative AI to flood social media with accounts and posts to promote certain products on behalf of its clients. Social media companies attempt to detect and remove this type of astroturfing for violating their inauthentic behavior policies, which is why Doublespeed uses a bank of phones to emulate the behavior of real users. So-called "click farms" or "phone farms" often use hundreds of mobile phones to fake online engagement of reviews for the same reason. [...] I've seen TikTok accounts operated by Doublespeed promote language learning apps, dating apps, a Bible app, supplements, and a massager.

Read more of this story at Slashdot.

Security boffins warn flaw is now being used for ransomware attacks against live networks

Microsoft says attackers have already compromised "several hundred machines across a diverse set of organizations" via the React2Shell flaw, using the access to execute code, deploy malware, and, in some cases, deliver ransomware.…

Gov wants broadcaster to revive 1980s computer literacy magic – and maybe flog its archives to tech giants

The UK government wants the BBC to help Brits understand AI and develop basic technology skills as part of the public broadcaster's next charter period.…