RSS 생중계

Coinbase reportedly knew as early as January about a customer data breach linked to its outsourcing partner TaskUs, where an employee in India was caught leaking customer information in exchange for bribes. "At least one part of the breach [...] occurred when an India-based employee of the U.S. outsourcing firm TaskUs was caught taking photographs of her work computer with her personal phone," reports Reuters, citing five former TaskUs employees. Though Coinbase disclosed the incident in May after receiving an extortion demand, the newly revealed timeline raises questions about how long the company was aware of the breach, which could cost up to $400 million. Reuters reports: Coinbase said in the May SEC filing that it knew contractors accessed employee data "without business need" in "previous months." Only when it received an extortion demand on May 11 did it realize that the access was part of a wider campaign, the company said. In a statement to Reuters on Wednesday, Coinbase said the incident was recently discovered and that it had "cut ties with the TaskUs personnel involved and other overseas agents, and tightened controls." Coinbase did not disclose who the other foreign agents were. TaskUs said in a statement that two employees had been fired early this year after they illegally accessed information from a client, which it did not identify. "We immediately reported this activity to the client," the statement said. "We believe these two individuals were recruited by a much broader, coordinated criminal campaign against this client that also impacted a number of other providers servicing this client." The person familiar with the matter confirmed that Coinbase was the client and that the incident took place in January.

Read more of this story at Slashdot.

An anonymous reader shares a report: Microsoft's changes in response to the Digital Markets Act already included allowing Windows machines in the regions it covers to uninstall Edge and remove Bing results from Windows search, but now the list is growing in some meaningful ways. New features announced Monday for Microsoft Windows users in the European Economic Area (the EU plus Iceland, Liechtenstein, and Norway) include the option to uninstall the Microsoft Store and avoid extra nags or prompts asking them to set Microsoft Edge as the default browser unless they choose to open it. Additionally, setting a different browser, like Chrome, Firefox, Brave, or something else, will pin it to the taskbar unless the user chooses not to. While setting a different browser default already attaches it to a few link and file types like https and .html, now users in the EEA will see it apply to more types like "read," ftp, and .svg. The default browser changes are live for some users in the beta channel and are set to roll out widely on Windows 10 and Windows 11 in July.

Read more of this story at Slashdot.

Texas is poised to become the first state with a Republican-controlled government to pass a right to repair law, as its Senate unanimously approved HB 2963. The bill requires manufacturers to provide parts, manuals, and tools for equipment sold or used in the state. The Verge reports: A press release from the United States Public Interest Research Group (PIRG), which has pushed for repairability laws nationwide, noted that this would make Texas the ninth state with a right to repair rule, and the seventh with a version that includes consumer electronics. It follows New York, Colorado, Minnesota, California, Oregon, Maine, and most recently, Washington [...]. "More repair means less waste. Texas produces some 621,000 tons of electronic waste per year, which creates an expensive and toxic mess. Now, thanks to this bipartisan win, Texans can fix that," said Environment Texas executive director Luke Metzger.

Read more of this story at Slashdot.

An anonymous reader quotes a report from 404 Media: The moderators of a pro-artificial intelligence Reddit community announced that they have been quietly banning "a bunch of schizoposters" who believe "they've made some sort of incredible discovery or created a god or become a god," highlighting a new type of chatbot-fueled delusion that started getting attention in early May. "LLMs [Large language models] today are ego-reinforcing glazing-machines that reinforce unstable and narcissistic personalities," one of the moderators of r/accelerate, wrote in an announcement. "There is a lot more crazy people than people realise. And AI is rizzing them up in a very unhealthy way at the moment." The moderator said that it has banned "over 100" people for this reason already, and that they've seen an "uptick" in this type of user this month. The moderator explains that r/accelerate "was formed to basically be r/singularity without the decels." r/singularity, which is named after the theoretical point in time when AI surpasses human intelligence and rapidly accelerates its own development, is another Reddit community dedicated to artificial intelligence, but that is sometimes critical or fearful of what the singularity will mean for humanity. "Decels" is short for the pejorative "decelerationists," who pro-AI people think are needlessly slowing down or sabotaging AI's development and the inevitable march towards AI utopia. r/accelerate's Reddit page claims that it's a "pro-singularity, pro-AI alternative to r/singularity, r/technology, r/futurology and r/artificial, which have become increasingly populated with technology decelerationists, luddites, and Artificial Intelligence opponents." The behavior that the r/accelerate moderator is describing got a lot of attention earlier in May because of a post on the r/ChatGPT Reddit community about "Chatgpt induced psychosis." From someone saying their partner is convinced he created the "first truly recursive AI" with ChatGPT that is giving them "the answers" to the universe. [...] The moderator update on r/accelerate refers to another post on r/ChatGPT which claims "1000s of people [are] engaging in behavior that causes AI to have spiritual delusions." The author of that post said they noticed a spike in websites, blogs, Githubs, and "scientific papers" that "are very obvious psychobabble," and all claim AI is sentient and communicates with them on a deep and spiritual level that's about to change the world as we know it. "Ironically, the OP post appears to be falling for the same issue as well," the r/accelerate moderator wrote. "Particularly concerning to me are the comments in that thread where the AIs seem to fall into a pattern of encouraging users to separate from family members who challenge their ideas, and other manipulative instructions that seem to be cult-like and unhelpful for these people," an r/accelerate moderator told 404 Media. "The part that is unsafe and unacceptable is how easily and quickly LLMs will start directly telling users that they are demigods, or that they have awakened a demigod AGI. Ultimately, there's no knowing how many people are affected by this. Based on the numbers we're seeing on reddit, I would guess there are at least tens of thousands of users who are at this present time being convinced of these things by LLMs. As soon as the companies realise this, red team it and patch the LLMs it should stop being a problem. But it's clear that they're not aware of the issue enough right now." Moderators of the subreddit often cite the term "Neural Howlround" to describe a failure mode in LLMs during inference, where recursive feedback loops can cause fixation or freezing. The term was first coined by independent researcher Seth Drake in a self-published, non-peer-reviewed paper. Both Drake and the r/accelerate moderator above suggest the deeper issue may lie with users projecting intense personal meaning onto LLM responses, sometimes driven by mental health struggles.

Read more of this story at Slashdot.

Laurene Powell Jobs has publicly endorsed the secretive AI hardware device being developed by Jony Ive and OpenAI, expressing admiration for his design process and investing in his ventures. Ive says the project is an attempt to address the unintended harms of past tech like the iPhone, and Powell Jobs stands to benefit financially if the device succeeds. The Verge reports: In a new interview published by The Financial Times, the two reminisce about Jony Ive's time working at Apple alongside Powell Jobs' late husband, Steve, and trying to make up for the "unintentional" harms associated with those efforts. [...] Powell Jobs, who has remained close friends with Ive since Steve Jobs passed in 2011, echoes his concerns, saying that "there are dark uses for certain types of technology," even if it "wasn't designed to have that result." Powell Jobs has invested in both Ive's LoveFrom design and io hardware startups following his departure from Apple. Ive notes that "there wouldn't be LoveFrom" if not for her involvement. Ive's io company is being purchased by OpenAI for almost $6.5 billion, and with her investment, Powell Jobs stands to gain if the secretive gadget proves anywhere near as successful as the iPhone. The pair gives away no extra details about the device that Ive is building with OpenAI, but Powell Jobs is expecting big things. She says she has watched "in real time how ideas go from a thought to some words, to some drawings, to some stories, and then to prototypes, and then a different type of prototype," Powell Jobs said. "And then something that you think: I can't imagine that getting any better. Then seeing the next version, which is even better. Just watching something brand new be manifested, it's a wondrous thing to behold."

Read more of this story at Slashdot.

Linux user share on Steam rose to 2.69% in May 2025 -- the highest level recorded since at least 2018. GamingOnLinux reports: Overall user share for May 2025: - Windows 95.45% -0.65% - Linux 2.69% +0.42% - macOS 1.85% +0.23% Even with SteamOS 3 now being a little more widely available, the rise was not from SteamOS directly. Filtering to just the Linux numbers gives us these most popular distributions: - SteamOS Holo 64 bit 30.95% -2.83% - Arch Linux 64 bit 10.09% +0.64% - Linux Mint 22.1 64 bit 7.76% +1.56% - Freedesktop SDK 24.08 (Flatpak runtime) 64 bit 7.42% +1.01% - Ubuntu Core 22 64 bit 4.63% +0.01% - Ubuntu 24.04.2 LTS 64 bit 4.30% -0.14% - CachyOS 64 bit 2.54% +2.54% - EndeavourOS Linux 64 bit 2.44% -0.02% - Manjaro Linux 64 bit 2.43% -0.18% - Pop!_OS 22.04 LTS 64 bit 2.17% -0.06% - Debian GNU/Linux 12 (bookworm) 64 bit 1.99% -0.28% - Other 23.27% -2.27%

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: It has become a common refrain during Google's antitrust saga: What happened to "don't be evil?" Google's unofficial motto has haunted it as it has grown ever larger, but a shareholder lawsuit sought to rein in some of the company's excesses. And it might be working. The plaintiffs in the case have reached a settlement with Google parent company Alphabet, which will spend a boatload of cash on "comprehensive" reforms. The goal is to steer Google away from the kind of anticompetitive practices that got it in hot water. Under the terms of the settlement, obtained by Bloomberg Law, Alphabet will spend $500 million over the next 10 years on systematic reforms. The company will have to form a board-level committee devoted to overseeing the company's regulatory compliance and antitrust risk, a rarity for US firms. This group will report directly to CEO Sundar Pichai. There will also be reforms at other levels of the company that allow employees to identify potential legal pitfalls before they affect the company. Google has also agreed to preserve communications. Google's propensity to use auto-deleting chats drew condemnation from several judges overseeing its antitrust cases. The agreement still needs approval from US District Judge Rita Lin in San Francisco, but that's mainly a formality at this point. Naturally, Alphabet does not admit to any wrongdoing under the terms of the settlement, but it may have to pay tens of millions in legal fees on top of the promised $500 million investment.

Read more of this story at Slashdot.

Microsoft, CrowdStrike, Palo Alto Networks, and Google announced Monday they will create a public glossary standardizing the nicknames used for state-sponsored hacking groups and cybercriminals. The initiative aims to reduce confusion caused by the proliferation of disparate naming conventions across cybersecurity firms, which have assigned everything from technical designations like "APT1" to colorful monikers like "Cozy Bear" and "Kryptonite Panda" to the same threat actors. The companies hope to bring additional industry partners and the U.S. government into the effort to streamline identification of digital espionage groups.

Read more of this story at Slashdot.

Snowflake's growth among large enterprise customers faces a significant bottleneck tied to the sluggish replacement cycles of existing on-premises data warehouse systems, according to finance vice president Jimmy Sexton. Speaking at a Jefferies conference, Sexton explained that while the cloud data company secured two deals worth more than $100 million each in the financial services sector during its latest quarter, such migrations unfold over multiple years as "cumbersome projects."

Read more of this story at Slashdot.

An anonymous reader shares a report: Internet service provider Frontier Communications agreed to settle a lawsuit filed by major record labels that demanded mass disconnections of broadband users accused of piracy. Universal, Sony, and Warner sued Frontier in 2021. In a notice of settlement filed last week in US District Court for the Southern District of New York, the parties agreed to dismiss the case with prejudice, with each side to pay its own fees and costs. The record labels and Frontier simultaneously announced a settlement of similar claims in a Bankruptcy Court case in the same district. Frontier also settled with movie companies in April of this year, just before a trial was scheduled to begin. (Frontier exited bankruptcy in 2021.) [...] Regardless of what is in the agreement, the question of whether ISPs should have to crack down more harshly on users accused of piracy could be decided by the US Supreme Court.

Read more of this story at Slashdot.

Automated web-scraping bots seeking training data for AI models are flooding scientific databases and academic journals with traffic volumes that render many sites unusable. The online image repository DiscoverLife, which contains nearly 3 million species photographs, started receiving millions of daily hits in February this year that slowed the site to the point that it no longer loaded, Nature reported Monday. The surge has intensified since the release of DeepSeek, a Chinese large language model that demonstrated effective AI could be built with fewer computational resources than previously thought. This revelation triggered what industry observers describe as an "explosion of bots seeking to scrape the data needed to train this type of model." The Confederation of Open Access Repositories reported that more than 90% of 66 surveyed members experienced AI bot scraping, with roughly two-thirds suffering service disruptions. Medical journal publisher BMJ has seen bot traffic surpass legitimate user activity, overloading servers and interrupting customer services.

Read more of this story at Slashdot.

Version 3.22.0 of the Alpine Linux distribution has been released. Notable changes in this release include the removal of the X11 session for KDE Plasma, a switch to systemd-efistub, and experimental support for user services with the OpenRC init system. See the release notes for a detailed list of changes.

Kees Cook's "hardening fixes" pull request for the 6.16 merge window looked like a straightforward exercise; it only contained four commits. So just about everybody was surprised when it resulted in Cook being temporarily blocked from his kernel.org account among fears of malicious activity. When the dust settled, though, the red alert was canceled. It turns out, surprisingly, that Git is a tool with which one can inflict substantial self-harm in a moment of inattention.

Microsoft will require all USB-C ports on Windows 11 certified laptops and tablets to support data transfer, charging, and display functionality under updated hardware compatibility program rules. The mandate targets devices shipping with Windows 11 24H2 and aims to eliminate what Microsoft -- and the industry -- calls "USB-C port confusion," where identical-looking ports offer different capabilities across PC manufacturers. The Windows Hardware Compatibility Program updates also require USB 40Gbps ports to maintain full compatibility with both USB4 and Thunderbolt 3 peripherals.

Read more of this story at Slashdot.

Apple has filed an appeal with the European Union's General Court in Luxembourg challenging the bloc's order requiring greater iOS interoperability with rival companies' products under the Digital Markets Act. The EU executive in March directed Apple to make its mobile operating system more compatible with competitors' apps, headphones, and virtual reality headsets by granting developers and device makers access to system components typically reserved for Apple's own products. Apple contends the requirements threaten its seamless user experience while creating security risks, noting that companies have already requested access to sensitive user data including notification content and complete WiFi network histories. The company faces potential fines of up to 10% of its worldwide annual revenue if found in violation of the DMA's interoperability rules designed to curb Big Tech market power.

Read more of this story at Slashdot.

Software patents and workarounds for them are, once again, causing headaches for open-source projects and users. This time around, Fedora users have been vulnerable to a serious flaw in the OpenH264 library for months—not for want of a fix, but because of the Rube Goldberg machine methodology of distributing the library to Fedora users. The software is open source under a two-clause BSD license; the RPMs are built and signed by Fedora, but the final product is distributed by Cisco, so the company can pick up the tab for license fees. Unfortunately, a breakdown in the process of handing RPMs to Cisco for distribution has left Fedora users vulnerable, and inaction on Fedora's part has left users unaware that they are at risk.

An anonymous reader shares a report: Business Insider announced this week that it wants staff to better incorporate AI into its journalism. But less than a year ago, the company had to quietly apologize to some staff for accidentally recommending that they read books that did not appear to exist but instead may have been generated by AI. In an email to staff last May, a senior editor at Business Insider sent around a list of what she called "Beacon Books," a list of memoirs and other acclaimed business nonfiction books, with the idea of ensuring staff understood some of the fundamental figures and writing powering good business journalism. Many of the recommendations were well-known recent business, media, and tech nonfiction titles such as Too Big To Fail by Andrew Ross Sorkin, DisneyWar by James Stewart, and Super Pumped by Mike Isaac. But a few were unfamiliar to staff. Simply Target: A CEO's Lessons in a Turbulent Time and Transforming an Iconic Brand by former Target CEO Gregg Steinhafel was nowhere to be found. Neither was Jensen Huang: the Founder of Nvidia, which was supposedly published by the company Charles River Editors in 2019.

Read more of this story at Slashdot.

A new analysis argues that Stack Overflow's decline began years before AI tools delivered the "final blow" to the once-dominant programming forum. The site's monthly questions dropped from a peak of 200,000 to a steep collapse that began in earnest after ChatGPT's 2023 launch, but usage had been declining since 2014, according to data cited in the InfoWorld analysis. The platform's remarkable reputation system initially elevated it above competitors by allowing users to earn points and badges for helpful contributions, but that same system eventually became its downfall, the piece argues. As Stack Overflow evolved into a self-governing platform where high-reputation users gained moderation powers, the community transformed from a welcoming space for developer interaction into what the author compares to a "Stanford Prison Experiment" where moderators systematically culled interactions they deemed irrelevant.

Read more of this story at Slashdot.

A new business model has emerged across China's major cities, El Pais reports, where companies charge unemployed individuals to rent desk space and pretend to work, responding to social pressure around joblessness amid rising youth unemployment rates. These services charge between 30 and 50 yuan ($4-7) daily for desks, Wi-Fi, coffee, and lunch in spaces designed to mimic traditional work environments. Some operations assign fictitious tasks and organize supervisory rounds to enhance the illusion, while premium services allow clients to roleplay as managers or stage workplace conflicts for additional fees. The trend has gained significant traction on Xiaohongshu, China's equivalent to Instagram, where advertisements for "pretend-to-work companies" accumulate millions of views. Youth unemployment reached 16.5% among 16-to-24-year-olds in March 2025, according to National Bureau of Statistics data, while overall urban unemployment stood at 5.3% in the first quarter.

Read more of this story at Slashdot.

Security updates have been issued by Debian (espeak-ng, kitty, kmail-account-wizard, krb5, libreoffice, libvpx, net-tools, python-flask-cors, symfony, tcpdf, thunderbird, and twitter-bootstrap3), Fedora (chromium, dropbear, firefox, gstreamer1-plugins-bad-free, python-tornado, systemd, and thunderbird), Mageia (coreutils, deluge, glib2.0, and redis), Oracle (firefox, kernel, and systemd), Red Hat (firefox, kernel, kernel-rt, varnish, varnish:6, and zlib), SUSE (bind, curl, dnsdist, docker, ffmpeg-7, firefox, glibc, golang-github-prometheus-alertmanager, govulncheck-vulndb, icinga2, iputils, java-11-openjdk, java-1_8_0-ibm, kea, kernel, libopenssl-3-devel, libsoup, libxml2, nodejs-electron, open-vm-tools, openbao, perl-Net-Dropbox-API, pluto, poppler, postgresql14, postgresql15, postgresql16, postgresql17, python312-setuptools, runc, s390-tools, skopeo, sqlite3, thunderbird, and unbound), and Ubuntu (apport and libphp-adodb).