Slashdot

The United Kingdom's government is planning to ban public sector and critical infrastructure organizations from paying ransoms after ransomware attacks. From a report: The list of entities that would have to follow the new proposed legislation includes local councils, schools, and the publicly funded National Health Service (NHS). "Ransomware is estimated to cost the UK economy millions of pounds each year, with recent high-profile ransomware attacks highlighting the severe operational, financial, and even life-threatening risks. The ban would target the business model that fuels cyber criminals' activities and makes the vital services the public rely on a less attractive target for ransomware groups," the UK government said. "We're determined to smash the cyber criminal business model and protect the services we all rely on as we deliver our Plan for Change. By working in partnership with industry to advance these measures, we are sending a clear signal that the UK is united in the fight against ransomware," Security Minister Dan Jarvis added.

Read more of this story at Slashdot.

For the first time ever, a CCTV camera in Myanmar captured real-time footage of a supershear strike-slip earthquake moving at 3.7 miles per second. According to seismologists at Japan's Kyoto University, the analysis has "led to new findings based on real-time visual evidence of tectonic motion," reports Popular Science. From the report: The magnitude 7.7 event took place on March 28 along the Sagaing Fault with an epicenter near Myanmar's second-largest city, Mandalay. Although the initial rupture process lasted barely 80 seconds, it and numerous aftershocks were ultimately responsible for 5,456 confirmed deaths and over 11,000 injuries. Later evaluations indicated the quake was the second deadliest in modern history, as well as the most powerful to hit Myanmar in over a century. According to a separate group's paper published in the same journal, the southern portion of the rupture occurred at an astonishing 3.7 miles per second -- fast enough to qualify as "supershear velocity." Amid the catastrophe, an outdoor CCTV camera about 74.5 miles south of the epicenter recorded a visceral illustration of its power. Over just a few moments, what at first looks like a single chunk of the ground appears to suddenly divide and horizontally shift past one another in opposite directions. Completely by accident, the camera recorded a direct look of a strike-slip fault, something previously analyzed by remote seismic instruments. To researchers at Kyoto University, the clip wasn't just a jaw-dropping scene -- it was an opportunity to study a strike-slip fault using visual data. You can watch the footage on YouTube.

Read more of this story at Slashdot.

Conspiracy theorists drastically overestimate how many people share their beliefs, according to a study published in the Personality and Social Psychology Bulletin. Researchers conducted eight studies involving over 4,000 US adults and found that while participants believed conspiracy claims just 12% of the time, believers thought they were in the majority 93% of the time. The study examined beliefs about claims such as the Apollo Moon landings being faked and Princess Diana's death not being an accident. In one example, 8% of participants believed the Sandy Hook shooting was a false flag operation, but that group estimated 61% of people agreed with them. "It might be one of the biggest false consensus effects that's been observed," said co-author Gordon Pennycook, a psychologist at Cornell University. The findings suggest overconfidence serves as a primary driver of conspiracy beliefs.

Read more of this story at Slashdot.

Government funding for a program that hunts for threats on America's critical infrastructure networks expired on Sunday, preventing Lawrence Livermore National Laboratory from analyzing activity that could indicate a cyberattack, the program director told Congress on Tuesday. From a report: Nate Gleason leads a team at Lawrence Livermore National Laboratory (LLNL) focused on nation-state threats against critical infrastructure, and this includes the CyberSentry Program. It's a public-private partnership, managed by CISA, that looks for malicious activity on IT and operational technology (OT) networks in America's energy, water, healthcare, and other critical facilities. This includes threats along the lines of China's Volt Typhoon and Salt Typhoon intrusions -- network activity that may look like, or even start as, espionage, but ultimately enables the digital invaders to backdoor critical orgs and deploy cyber weapons to aid in a kinetic war.

Read more of this story at Slashdot.

An anonymous reader quotes a report from NBC News: Using brain scans from a very large database, British researchers determined that during the pandemic years of 2021 and 2022, people's brains showed signs of aging, including shrinkage, according to the report published in Nature Communications. People who got infected with the virus also showed deficits in certain cognitive abilities, such as processing speed and mental flexibility. The aging effect "was most pronounced in males and those from more socioeconomically deprived backgrounds," said the study's first author, Ali-Reza Mohammadi-Nejad, a neuroimaging researcher at the University of Nottingham, via email. "It highlights that brain health is not shaped solely by illness, but also by broader life experiences." Overall, the researchers found a 5.5-month acceleration in aging associated with the pandemic. On average, the difference in brain aging between men and women was small, about 2.5 months. "We don't yet know exactly why, but this fits with other research suggesting that men may be more affected by certain types of stress or health challenges," Mohammadi-Nejad said. [...] The study wasn't designed to pinpoint specific causes. "But it is likely that the cumulative experience of the pandemic -- including psychological stress, social isolation, disruptions in daily life, reduced activity and wellness -- contributed to the observed changes," Mohammadi-Nejad said. "In this sense, the pandemic period itself appears to have left a mark on our brains, even in the absence of infection." "The most intriguing finding in this study is that only those who were infected with SARS-CoV-2 showed any cognitive deficits, despite structural aging," said Jacqueline Becker, a clinical neuropsychologist and assistant professor of medicine at the Icahn School of Medicine at Mount Sinai. "This speaks a little to the effects of the virus itself." The study may shed light on conditions like long Covid and chronic fatigue, though it's still unclear whether the observed brain changes in uninfected individuals will lead to noticeable effects on brain function.

Read more of this story at Slashdot.

Olof Kyros Gustafsson, former CEO of Escobar, pleaded guilty to fraud and money laundering charges related to the company's phone scam operation. The Department of Justice says Gustafsson took orders for phones branded with Pablo Escobar's likeness but failed to deliver products, instead transferring customer money for personal use. When customers sought refunds, Gustafsson fraudulently referred payment processors to certificates of ownership as proof of delivery. The phones were Samsung devices with gold stickers. Gustafsson faces up to 20 years in prison and $1.3 million in restitution at his December 5th sentencing.

Read more of this story at Slashdot.

Researchers from La Sapienza University in Rome have developed "WhoFi," a system that uses the way a person's body distorts Wi-Fi signals to re-identify them across different locations -- even if they're not carrying a phone. By training a deep neural network on these subtle signal distortions, the researchers claim WhoFi is able to achieve up to 95.5% accuracy. The Register reports: "The core insight is that as a Wi-Fi signal propagates through an environment, its waveform is altered by the presence and physical characteristics of objects and people along its path," the authors state in their paper. "These alterations, captured in the form of Channel State Information (CSI), contain rich biometric information." CSI in the context of Wi-Fi devices refers to information about the amplitude and phase of electromagnetic transmissions. These measurements, the researchers say, interact with the human body in a way that results in person-specific distortions. When processed by a deep neural network, the result is a unique data signature. Researchers proposed a similar technique, dubbed EyeFi, in 2020, and asserted it was accurate about 75 percent of the time. The Rome-based researchers who proposed WhoFi claim their technique makes accurate matches on the public NTU-Fi dataset up to 95.5 percent of the time when the deep neural network uses the transformer encoding architecture. "The encouraging results achieved confirm the viability of Wi-Fi signals as a robust and privacy-preserving biometric modality, and position this study as a meaningful step forward in the development of signal-based Re-ID systems," the authors say.

Read more of this story at Slashdot.

Amazon is acquiring Bee, a startup that makes a $49.99 AI-powered wearable that passively listens to conversations and generates personalized summaries and suggestions. "You can also give the device permission to access your emails, contacts, location, reminders, photos, and calendar events to help inform its AI-generated insights, as well as create a searchable history of your activities," adds The Verge. From the report: When asked about Amazon's plans to apply the same privacy measures offered by Bee, such as its policy against storing audio, Amazon spokesperson Alexandra Miller says the company "cares deeply" about customer privacy and security, adding that the company will work with Bee to give users "even greater control over" their devices when the deal closes. "We've been strong stewards of customer data since our founding, and have never been in the business of selling our customers' personal information to others," Miller says. "We design our products to protect our customers' privacy and security and to make it easy for them to be in control of their experience -- and this approach would of course apply to Bee." Miller also says the terms of the deal are "confidential," and all Bee employees have "received offers to join Amazon."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Tom's Hardware: At the 2025 RISC-V Summit in China, Nvidia announced that its CUDA software platform will be made compatible with the RISC-V instruction set architecture (ISA) on the CPU side of things. The news was confirmed during a presentation during a RISC-V event. This is a major step in enabling the RISC-V ISA-based CPUs in performance demanding applications. The announcement makes it clear that RISC-V can now serve as the main processor for CUDA-based systems, a role traditionally filled by x86 or Arm cores. While nobody even barely expects RISC-V in hyperscale datacenters any time soon, RISC-V can be used on CUDA-enabled edge devices, such as Nvidia's Jetson modules. However, it looks like Nvidia does indeed expect RISC-V to be in the datacenter. Nvidia's profile on RISC-V seems to be quite high as the keynote at the RISC-V Summit China was delivered by Frans Sijsterman, who appears to be Vice President of Hardware Engineering at Nvidia. The presentation outlined how CUDA components will now run on RISC-V. A diagram shown at the session illustrated a typical configuration: the GPU handles parallel workloads, while a RISC-V CPU executes CUDA system drivers, application logic, and the operating system. This setup enables the CPU to orchestrate GPU computations fully within the CUDA environment. Given Nvidia's current focus, the workloads must be AI-related, yet the company did not confirm this. However, there is more. Also featured in the diagram was a DPU handling networking tasks, rounding out a system consisting of GPU compute, CPU orchestration, and data movement. This configuration clearly suggests Nvidia's vision to build heterogeneous compute platforms where RISC-V CPU can be central to managing workloads while Nvidia's GPUs, DPUs, and networking chips handle the rest. Yet again, there is more. Even with this low-profile announcement, Nvidia essentially bridges proprietary CUDA stack to an open architecture, one that seems to develop fast in China. Yet, being unable to ship flagship GB200 and GB300 offerings to China, the company has to find ways to keep its CUDA thriving.

Read more of this story at Slashdot.

The Brave Browser now blocks Microsoft Recall by default for Windows 11+ users, preventing the controversial screenshot-logging feature from capturing any Brave tabs -- regardless of whether users are in private mode. Brave cites persistent privacy concerns and potential abuse scenarios as justification. From a blog post: Microsoft has, to their credit, made several security and privacy-positive changes to Recall in response to concerns. Still, the feature is in preview, and Microsoft plans to roll it out more widely soon. What exactly the feature will look like when it's fully released to all Windows 11 users is still up in the air, but the initial tone-deaf announcement does not inspire confidence. Given Brave's focus on privacy-maximizing defaults and what is at stake here (your entire browsing history), we have proactively disabled Recall for all Brave tabs. We think it's vital that your browsing activity on Brave does not accidentally end up in a persistent database, which is especially ripe for abuse in highly-privacy-sensitive cases such as intimate partner violence. Microsoft has said that private browsing windows on browsers will not be saved as snapshots. We've extended that logic to apply to all Brave browser windows. We tell the operating system that every Brave tab is 'private', so Recall never captures it. This is yet another example of how Brave engineers are able to quickly tweak Chromium's privacy functionality to make Brave safer for our users (inexhaustive list here). For more technical details, see the pull request implementing this feature. Brave is the only major Web browser that disables Microsoft Recall by default in all tabs.

Read more of this story at Slashdot.

A six-month international study found that a four-day workweek with no reduction in pay significantly improved employee well-being, job satisfaction, and sleep quality, with burnout dropping most among those who reduced their hours by eight or more. "The results indicate that income-preserving four-day workweeks are an effective organizational intervention for enhancing workers' well-being," the researchers said. The Register reports: The study, reported in Nature Human Behaviour, was designed to test the effects of the four-day workweek with no reduction in pay. It relied on a six-month trial involving 2,896 employees in 141 organizations in Australia, Canada, New Zealand, the UK, Ireland, and the US. The researchers compared work and health-related indicators -- including burnout, job satisfaction, and mental and physical health -- before and after the intervention using survey data. A further 285 employees at 12 companies did not participate in the trial and acted as a control. The researchers noted that the study was limited in that companies volunteered to participate, and the sample consisted of smaller companies from English-speaking countries. More extensive government-sponsored trials might help provide a clearer picture, they said. While several factors may explain the effect, one possibility is "increased intrinsic motivation at work," the study said. "Unfortunately, [we] cannot assess [this] due to data limitations." "Despite its limitations, this study has important implications for understanding the future of work, with 4-day workweeks probably being a key component. Scientific advances from this work will inform the development of interventions promoting better organization of paid work and worker well-being. This task has become increasingly important with the rapid expansion of new digital, automation, and artificial general intelligence technologies."

Read more of this story at Slashdot.

Apple is expected to avoid hefty daily fines from the EU by modifying its App Store policies -- allowing developers to direct users to external payment options and adjusting its fee structure. Reuters reports: The company last month said developers will pay a 20% processing fee for purchases made via the App Store, though the fees could go as low as 13% for Apple's small-business program. Developers who send customers outside the App Store for payment will pay a fee between 5% and 15%. They will also be able to use as many links as they wish to send users to outside forms of payment. Apple made the changes after the EU antitrust enforcer handed it a 500 million euro ($586.7 million) fine in April, saying its technical and commercial restrictions prevented app developers from steering users to cheaper deals outside the App Store in breach of the Digital Markets Act. The company was given 60 days to scrap the restraints to comply with the DMA aimed at reining in Big Tech and giving rivals more room to compete. The European Commission is expected to approve the changes in the coming weeks, although the timing could still change, the people said. "All options remain on the table. We are still assessing Apple's proposed changes," the EU watchdog said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: A California lawmaker halted an effort to pass a law that would force Internet service providers to offer $15 monthly plans to people with low incomes. Assemblymember Tasha Boerner proposed the state law a few months ago, modeling the bill on a law enforced by New York. It seemed that other states were free to impose cheap-broadband mandates because the Supreme Court rejected broadband industry challenges to the New York law twice. Boerner, a Democrat who is chair of the Communications and Conveyance Committee, faced pressure from Internet service providers to change or drop the bill. She made some changes, for example lowering the $15 plan's required download speeds from 100Mbps to 50Mbps and the required upload speeds from 20Mbps to 10Mbps. But the bill was still working its way through the legislature when, according to Boerner, Trump administration officials told her office that California could lose access to $1.86 billion in Broadband Equity, Access, and Deployment (BEAD) funds if it forces ISPs to offer low-cost service to people with low incomes. That amount is California's share of a $42.45 billion fund created by Congress to expand access to broadband service. The Trump administration has overhauled program rules, delaying the grants. One change is that states can't tell ISPs what to charge for a low-cost plan. The US law that created BEAD requires Internet providers receiving federal funds to offer at least one "low-cost broadband service option for eligible subscribers." But in new guidance from the National Telecommunications and Information Administration (NTIA), the agency said it prohibits states "from explicitly or implicitly setting the LCSO [low-cost service option] rate a subgrantee must offer." "All they would have to do to get exempted from AB 353 [the $15 broadband bill] would be to apply to the BEAD program," said Boerner. "Doesn't matter if their application was valid, appropriate, granted, or they got public money at the end of the day and built the projects -- the mere application for the BEAD program would exempt them from 353, if it didn't jeopardize from $1.86 billion to begin with. And that was a tradeoff I was unwilling to make." Another California bill in the Senate would encourage, not require, ISPs to offer cheap broadband by making them eligible for Lifeline subsidies if they sell 100/20Mbps service for $30 or less.

Read more of this story at Slashdot.

Surge CEO Edwin Chen says AI is creating "100x engineers" who can outperform traditional software developers by orders of magnitude. Chen argued that AI coding tools multiply the productivity gains already seen in Silicon Valley's "10x engineers," who can produce ten times the work of their colleagues through faster coding, harder work, and fewer distractions. Chen said AI efficiencies compound these factors to reach 100x productivity levels. The CEO, whose company reached $1 billion in revenue without venture capital funding, believes this could enable billion-dollar single-person companies, extending beyond the $10 million single-person startups that already exist.

Read more of this story at Slashdot.

Microsoft has recruited more than 20 AI employees from Google's DeepMind research division, the newest front in a talent war being waged by Silicon Valley's tech giants as they jostle to gain an edge in the nascent technology. From a report: Amar Subramanya, the former head of engineering for Google's Gemini chatbot, is the latest to move to Microsoft from its rival, according to a post on his LinkedIn profile on Tuesday. "The culture here is refreshingly low ego yet bursting with ambition," he wrote, confirming his appointment as corporate vice-president of AI. Subramanya will join other DeepMind staff including engineering lead Sonal Gupta, software engineer Adam Sadovsky and product manager Tim Frank, according to people familiar with Microsoft's recruiting. The Seattle-based company has persuaded at least 24 staff to join in the past six months, they added.

Read more of this story at Slashdot.

Google users click on fewer website links when the search engine displays AI-generated summaries at the top of results pages, according to new research from the Pew Research Center. The study analyzed browsing data from 900 U.S. adults and found users clicked on traditional search result links during 8% of visits when an AI summary appeared, compared to 15% of visits without summaries. Users also rarely clicked on sources cited within the AI summaries themselves, doing so in just 1% of visits. The research found that 58% of respondents conducted at least one Google search in March 2025 that produced an AI summary, and users were more likely to end their browsing session entirely after encountering pages with AI summaries compared to traditional search results.

Read more of this story at Slashdot.

Roughly 10 to 25% of lung cancers worldwide now occur in people who have never smoked, according to researchers at the National Cancer Institute. Among certain groups of Asian and Asian American women, that share reaches 50% or more. Scientists studying 871 nonsmokers with lung cancer from around the world found that certain DNA mutations were significantly more common in people living in areas with high air pollution levels, including Hong Kong, Taiwan and Uzbekistan. The research, published in Nature this month, revealed that pollution both directly damages DNA and causes cells to divide more rapidly. The biology of cancer in nonsmokers differs from smoking-related cases and may require different prevention and detection strategies. Nonsmokers with lung cancer are more likely to have specific "driver" mutations that can cause cancer, while smokers tend to accumulate many mutations over time. Current U.S. screening guidelines recommend routine testing only for people ages 50 to 80 who smoked at least one pack daily for 20 years. Taiwan now offers screening for nonsmokers with family history after a nationwide trial detected cancer in 2.6% of participants.

Read more of this story at Slashdot.

Banks are treating "buy now, pay later" services with suspicion and warn that heavy usage could hurt customers' chances of getting approved for mortgages or credit cards. FICO will begin factoring some BNPL loans from companies like Affirm and Klarna into credit scores later this year through its new scoring model. JPMorgan Chase and Capital One have banned customers from using credit cards to pay down BNPL installment loans, while one credit union actively calls members who use BNPL to counsel them against it. BNPL transaction volume is expected to reach $116.67 billion in 2025, up from $13.88 billion in 2020, according to Emarketer.

Read more of this story at Slashdot.

The estate of Mike Lynch, who died a year ago when his superyacht sank off the coast of Sicily, and his business partner owe Hewlett-Packard more than $944 million, a court has ruled. From a report: The US technology company has been seeking damages of up to $4.55 billion from the estate of the late tycoon, once hailed as the UK's answer to Microsoft founder Bill Gates, over its disastrous takeover of his British software company Autonomy. Lynch's estate has been estimated to be worth about $674 million and paying its share of the $944 million damages could leave it bankrupt. He and six others, including his 18-year-old daughter Hannah, died last August on a trip celebrating his acquittal on US fraud charges relating to HP's $11 billion takeover of Autonomy in 2011. However, HP won a separate six-year civil fraud case against Lynch and his former finance director Sushovan Hussain in the English high court in 2022, with Mr Justice Hildyard ruling that the US company had been induced into overpaying for the business.

Read more of this story at Slashdot.

Google has announced OSS Rebuild, a new project designed to detect supply chain attacks in open source software by independently reproducing and verifying package builds across major repositories. The initiative, unveiled by the company's Open Source Security Team, targets PyPI (Python), npm (JavaScript/TypeScript), and Crates.io (Rust) packages. The system, the company said, automatically creates standardized build environments to rebuild packages and compare them against published versions. OSS Rebuild generates SLSA Provenance attestations for thousands of packages, meeting SLSA Build Level 3 requirements without requiring publisher intervention. The project can identify three classes of compromise: unsubmitted source code not present in public repositories, build environment tampering, and sophisticated backdoors that exhibit unusual execution patterns during builds. Google cited recent real-world attacks including solana/webjs (2024), tj-actions/changed-files (2025), and xz-utils (2024) as examples of threats the system addresses. Open source components now account for 77% of modern applications with an estimated value exceeding $12 trillion. The project builds on Google's hosted infrastructure model previously used for OSS Fuzz memory issue detection.

Read more of this story at Slashdot.