news aggregator

Phishing, Python and RATs, oh my

A sneaky malware campaign slithers through Cloudflare tunnel subdomains to execute in-memory malicious code and give unknown attackers long-term access to pwned machines.…

‘Windows 365 Reserve’ will be usable ten days a year for undisclosed fee

Microsoft has announced a preview of “Windows 365 Reserve”, a service that provides pre-configured cloud PCs it suggests as ideal when physical machines aren’t usable.…

Bank and crypto outfits hit after Israeli commander mentioned attacks expanding to ‘other areas’

The government of Iran appears to have shut down the internet within its borders, perhaps in response to Israel-linked cyberattacks.…

An anonymous reader quotes a report from Ars Technica: Tech support scammers have devised a method to inject their fake phone numbers into webpages when a target's web browser visits official sites for Apple, PayPal, Netflix, and other companies. The ruse, outlined in a post on Wednesday from security firm Malwarebytes, threatens to trick users into calling the malicious numbers even when they think they're taking measures to prevent falling for such scams. One of the more common pieces of security advice is to carefully scrutinize the address bar of a browser to ensure it's pointing to an organization's official website. The ongoing scam is able to bypass such checks. The unknown actors behind the scam begin by buying Google ads that appear at the top of search results for Microsoft, Apple, HP, PayPal, Netflix, and other sites. While Google displays only the scheme and host name of the site the ad links to (for instance, https://www.microsoft.com/ the ad appends parameters to the path to the right of that address. When a target clicks on the ad, it opens a page on the official site. The appended parameters then inject fake phone numbers into the page the target sees. Google requires ads to display the official domain they link to, but the company allows parameters to be added to the right of it that aren't visible. The scammers are taking advantage of this by adding strings to the right of the hostname. The parameters aren't displayed in the Google ad, so a target has no obvious reason to suspect anything is amiss. When clicked on, the ad leads to the correct hostname. The appended parameters, however, inject a fake phone number into the webpage the target sees. The technique works on most browsers and against most websites. Malwarebytes.com was among the sites affected until recently, when the site began filtering out the malicious parameters.

Read more of this story at Slashdot.

Longtime Slashdot reader walterbyrd shares news that Texas Instruments has announced plans to invest more than $60 billion to expand its U.S. manufacturing operations in the United States. From a report: The funds will be used to build or expand seven chip-making facilities in Texas as well as Utah, and will create 60,000 jobs, TI said on Wednesday, calling it the "largest investment in foundational semiconductor manufacturing in U.S. history." The company did not give a timeline for the investment. Unlike AI chip firms Nvidia and AMD, TI makes analog or foundational chips used in everyday devices such as smartphones, cars and medical devices, giving it a large client base that includes Apple, SpaceX and Ford Motor. The spending pledge follows similar announcements from others in the semiconductor industry, including Micron, which said last week that it would expand its U.S. investment by $30 billion, taking its planned spending to $200 billion. [...] Like other companies unveiling such spending commitments, TI's announcement includes funds already allocated to facilities that are either under construction or ramping up. It will build two additional plants in Sherman, Texas, based on future demand. "TI is building dependable, low-cost 300 millimeter capacity at scale to deliver the analog and embedded processing chips that are vital for nearly every type of electronic system," said CEO Haviv Ilan.

Read more of this story at Slashdot.

The daughter of a Seattle woman who died during the 2021 Pacific Northwest heatwave has filed the first wrongful death lawsuit directly linking fossil fuel companies to an individual's climate-related death. Misti Leon is suing seven oil and gas companies, including ExxonMobil, Chevron, Shell and BP, claiming they caused her mother Juliana Leon's death from hyperthermia on June 28, 2021, when temperatures reached 108 degrees Fahrenheit. The lawsuit alleges the companies created a "fossil fuel-dependent economy" that resulted in "more frequent and destructive weather disasters and foreseeable loss of human life." Attribution science research determined the 2021 heatwave would have been "virtually impossible" without human-made climate change and was at least 150 times rarer without warming. The case seeks damages and funding for a public education campaign about fossil fuels' role in planetary heating.

Read more of this story at Slashdot.

iPhone sales jumped 15% year-over-year in April and May 2025, "signaling Apple's strongest two-month performance for the period since the pandemic," reports MacRumors, citing preliminary data from Counterpoint Research. From the report: The growth was driven mainly by the United States and China, Apple's two largest markets. Both regions returned to positive year-over-year growth after three years of declines during what is typically a less seasonal period. China sales were particularly notable, with Apple capturing the top spot in May. It's quite the turnaround, after Apple only recently sustained market share losses to Huawei and other local mobile vendors. [...] The report showed Japan also indicated strong iPhone demand, with the more affordable iPhone 16e proving especially popular among consumers who favor smaller devices. The device's entry-level pricing apparently appealed to Japanese tastes, while Apple also maintained strong sales for the iPhone 16 base model and even the older iPhone 14. India continued its growth trajectory as Apple expands both manufacturing and market presence in the world's most populous country.

Read more of this story at Slashdot.

$650M funding round aims to bring TerraPower's Natrium power plant in Wyoming online by 2030

Datacenter operators’ desire for cheap and clean energy to power their facilities has led to renewed interest in nuclear energy and small modular reactors (SMRs) – a tech Nvidia has just decided is worthy of investment.…

Midjourney has launched its first AI video generation model, V1, which turns images into short five-second videos with customizable animation settings. While it's currently only available via Discord and on the web, the launch positions the popular AI image generation startup in direct competition with OpenAI's Sora and Google's Veo. TechCrunch reports: While many companies are focused on developing controllable AI video models for use in commercial settings, Midjourney has always stood out for its distinctive AI image models that cater to creative types. The company says it has larger goals for its AI video models than generating B-roll for Hollywood films or commercials for the ad industry. In a blog post, Midjourney CEO David Holz says its AI video model is the company's next step towards its ultimate destination, creating AI models "capable of real-time open-world simulations." After AI video models, Midjourney says it plans to develop AI models for producing 3D renderings, as well as real-time AI models. [...] To start, Midjourney says it will charge 8x more for a video generation than a typical image generation, meaning subscribers will run out of their monthly allotted generations significantly faster when creating videos than images. At launch, the cheapest way to try out V1 is by subscribing to Midjourney's $10-per-month Basic plan. Subscribers to Midjourney's $60-a-month Pro plan and $120-a-month Mega plan will have unlimited video generations in the company's slower, "Relax" mode. Over the next month, Midjourney says it will reassess its pricing for video models. V1 comes with a few custom settings that allow users to control the video model's outputs. Users can select an automatic animation setting to make an image move randomly, or they can select a manual setting that allows users to describe, in text, a specific animation they want to add to their video. Users can also toggle the amount of camera and subject movement by selecting "low motion" or "high motion" in settings. While the videos generated with V1 are only five seconds long, users can choose to extend them by four seconds up to four times, meaning that V1 videos could get as long as 21 seconds. The report notes that Midjourney was sued a week ago by two of Hollywood's most notorious film studios: Disney and Universal. "The suit alleges that images created by Midjourney's AI image models depict the studio's copyrighted characters, like Homer Simpson and Darth Vader."

Read more of this story at Slashdot.

Move fast and blow things up

Silicon Valley-backed weapons maker Anduril and German armaments biz Rheinmetall have signed a deal to see US-designed drones and missiles integrated into European military platforms.…

Austria's coalition government has agreed on a plan to enable police to monitor suspects' secure messaging in order to thwart militant attacks, ending what security officials have said is a rare and dangerous blind spot for a European Union country. From a report: Because Austria lacks a legal framework for monitoring messaging services like WhatsApp, its main domestic intelligence service and police rely on allies with far more sweeping powers like Britain and the United States alerting them to chatter about planned attacks and spying. That kind of tip-off led to police unravelling what they say was a planned attack on a Taylor Swift concert in Vienna, which prompted the cancellation of all three of her planned shows there in August of last year. "The aim is to make people planning terrorist attacks in Austria feel less secure - and increase everyone else's sense of security," Joerg Leichtfried of the Social Democrats, the junior minister in charge of overseeing the Directorate for State Security and Intelligence (DSN), told a news conference.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TorrentFreak: Napster, the brand synonymous with the music piracy boom of the early 2000s, has a new copyright challenge. Together with audio giant Sonos, Napster faces a lawsuit demanding over $3.4 million in alleged unpaid copyright royalties. Filed by collective rights management organization SoundExchange, the complaint (PDF) centers on missed payments related to the "Sonos Radio" service, which until 2023 was powered by Napster's music catalog. [...] Sonos Radio launched in April 2020 with Napster as the authorized agent, submitting the required royalty reports and royalties to SoundExchange. While all went well initially, payments stopped around May 2022. At the time, Napster had been acquired by venture capital firms Hivemind and Algorand, with a focus on "web3" technologies, including cryptocurrencies and blockchain. According to the complaint, the takeover resulted in a "complete breakdown of reporting and payment for the Sonos Radio service." The alleged payment problems eventually came to light during an audit initiated by SoundExchange in 2023, which concluded that Sonos and Napster owed millions in unpaid royalties. Sonos and Napster are no longer partners in the radio service, as the audio equipment manufacturer switched to Deezer around April 2023. That appears to have solved the royalty issues, but SoundExchange still believes it is owed more than $3 million. "In total, Sonos, and its agent Napster, have failed to pay at least $3,423,844.41 comprising royalties owed for the period October 2022 to April 2023, interest, late fees, and auditor fee-shifting costs, and subtracting Sonos and Napster's payments made to date. "Late fees and interest continue to grow," SoundExchange adds, while requesting compensation in full. The complaint lists one count of "underpayment" of statutory royalties, and one count of "non-payment" of royalties, as determined by the audit. For both Copyright Act violations, SoundExchange requests damages of at least $3.4 million.

Read more of this story at Slashdot.

EEG and recall tests suggest people who use ChatGPT to write essays aren't learning much

Using AI chatbots actually reduces activity in the brain versus accomplishing the same tasks unaided, and may lead to poorer fact retention, according to a new preprint study out of MIT.…

Facebook now supports passkeys for login, offering users a more secure, phishing-resistant alternative to passwords by using biometrics or a PIN stored on their device. The feature is rolling out to iOS and Android "soon," while Messenger will get the feature "in the coming months." Lifehacker reports: Meta seems pretty excited about the news -- and not just because the company happens to be a member of the FIDO Alliance, the organization that developed passkeys. Aside from logging into your Facebook account, Meta says you'll be able to use passkeys to autofill your payment info when buying things with Meta Pay. You'll also be able to use the same passkey between both Facebook and Messenger, and your passkey will act as a key to lock out your encrypted Messenger chats.

Read more of this story at Slashdot.

Infostealers posing as popular cheat tools are cropping up on GitHub

Trojanized Minecraft cheat tools hosted on GitHub have secretly installed stealers that siphon credentials, crypto wallets, and other sensitive data when executed by players.…

Waymo plans to relaunch its robotaxi service in New York City, starting with safety driver testing while lobbying to change state law to eventually allow fully autonomous vehicles without human operators. The company has applied for a permit and will begin mapping in Manhattan, though legislative hurdles and skepticism from lawmakers remain. The Verge reports: A bill was introduced in the New York State Legislature earlier this year that would permit autonomous vehicles without safety drivers "provided that the automated driving system is engaged and the vehicle meets certain conditions." The bill is currently under consideration by the state Senate's transportation committee. New York City also has some of the most dangerous, congested, and poorly managed streets in the world. They are also full of construction workers, pedestrians, bicyclists, and double- and sometimes even triple-parked cars. In theory, this would make it very difficult for an autonomous vehicle to navigate, given that AVs typically rely on good weather, clear signage, and less aggressive driving from other road users for safe operation. And it's not clear that the state will amend its laws to allow for fully driverless vehicles, with some lawmakers expressing reservations. "This kind of testing hasn't even been completed in other parts of the country," state Senator John Liu told Daily News last year after the city announced its new permitting process. "It would behoove New York City to wait to see some of those other results of driverless technology in less dense urban settings. This is an example of something where New York City does not have to be first."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: YouTube CEO Neal Mohan has announced that the Google Veo 3 AI video generator will be integrated with YouTube Shorts later this summer. According to Mohan, YouTube Shorts has seen a rise in popularity even compared to YouTube as a whole. The streaming platform is now the most watched source of video in the world, but Shorts specifically have seen a massive 186 percent increase in viewership over the past year. Mohan says Shorts now average 200 billion daily views. YouTube has already equipped creators with a few AI tools, including Dream Screen, which can produce AI video backgrounds with a text prompt. Veo 3 support will be a significant upgrade, though. At the Cannes festival, Mohan revealed that the streaming site will begin offering integration with Google's leading video model later this summer. "I believe these tools will open new creative lanes for everyone to explore," said Mohan. [...] While you can add Veo 3 videos (or any video) to a YouTube Short right now, they don't fit with the format's portrait orientation focus. Veo 3 outputs 720p landscape videos, meaning you'd have black bars in a Short. Presumably, Google will create a custom version of the model for YouTube to spit out vertical video clips. Mohan didn't mention a pricing model, but Veo 3 probably won't be cheap for Shorts creators. Currently, you must pay for Google's $250 AI Ultra plan to access Veo 3, and that still limits you to 125 8-second videos per month.

Read more of this story at Slashdot.

New MCP server was shut down for nearly two weeks

Asana has fixed a bug in its Model Context Protocol (MCP) server that could have allowed users to view other organizations' data, and the experimental feature is back up and running after nearly two weeks of downtime to fix the issue.…

Microsoft is planning to ax thousands of jobs, particularly in sales, as part of the company's latest move to trim its workforce amid heavy spending on AI. From a report: The cuts are expected to be announced early next month [non-paywalled source], following the end of Microsoft's fiscal year, according to people familiar with the matter. The reductions won't exclusively affect sales teams, and the timing could still change, said the people, who requested anonymity to discuss a private matter. The terminations would follow a previous round of layoffs in May that hit 6,000 people and fell hardest on product and engineering positions, largely sparing customer-facing roles like sales and marketing.

Read more of this story at Slashdot.

In case you forgot AI isn't the only thing GPUs are good for

Exclusive Support for AMD's Instinct GPUs is coming to Voltron Data's accelerated SQL engine Theseus in the latest sign Nvidia's CUDA moat is getting shallower.…