An anonymous reader quotes a report from Ars Technica: ClickFix often starts with an email sent from a hotel that the target has a pending registration with and references the correct registration information. In other cases, ClickFix attacks begin with a WhatsApp message. In still other cases, the user receives the URL at the top of Google results for a search query. Once the mark accesses the malicious site referenced, it presents a CAPTCHA challenge or other pretext requiring user confirmation. The user receives an instruction to copy a string of text, open a terminal window, paste it in, and press Enter. Once entered, the string of text causes the PC or Mac to surreptitiously visit a scammer-controlled server and download malware. Then, the machine automatically installs it -- all with no indication to the target. With that, users are infected, usually with credential-stealing malware. Security firms say ClickFix campaigns have run rampant. The lack of awareness of the technique, combined with the links also coming from known addresses or in search results, and the ability to bypass some endpoint protections are all factors driving the growth.

The commands, which are often base-64 encoded to make them unreadable to humans, are often copied inside the browser sandbox, a part of most browsers that accesses the Internet in an isolated environment designed to protect devices from malware or harmful scripts. Many security tools are unable to observe and flag these actions as potentially malicious. The attacks can also be effective given the lack of awareness. Many people have learned over the years to be suspicious of links in emails or messengers. In many users' minds, the precaution doesn't extend to sites that instruct them to copy a piece of text and paste it into an unfamiliar window. When the instructions come in emails from a known hotel or at the top of Google results, targets can be further caught off guard. With many families gathering in the coming weeks for various holiday dinners, ClickFix scams are worth mentioning to those family members who ask for security advice. Microsoft Defender and other endpoint protection programs offer some defenses against these attacks, but they can, in some cases, be bypassed. That means that, for now, awareness is the best countermeasure. Researchers from CrowdStrike described in a report a campaign designed to infect Macs with a Mach-O executive. "Promoting false malicious websites encourages more site traffic, which will lead to more potential victims," wrote the researchers. "The one-line installation command enables eCrime actors to directly install the Mach-O executable onto the victim's machine while bypassing Gatekeeper checks."

Push Security, meanwhile, reported a ClickFix campaign that uses a device-adaptive page that serves different malicious payloads depending on whether the visitor is on Windows or macOS.

[ Read more of this story ]( https://it.slashdot.org/story/25/11/11/2233201/clickfix-may-be-the-biggest-security-threat-your-family-has-never-heard-of?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Disney is losing an estimated $4.3 million per day (about $30 million per week) from the ongoing YouTube TV blackout of ESPN, ABC, and other networks amid a contract dispute over carriage fees. Of course, YouTube is also feeling financial pressure from users who have already canceled or intend to cancel their service. Variety reports: Disney is losing an estimated $30 million per week from its networks being pulled off YouTube TV, which works out to nearly $4.3 million per day, according to Morgan Stanley analysts. The figure came in a research note from Morgan Stanley equity analysts Benjamin Swinburne and Thomas Yeh, who said in their financial forecast for Disney's year-end 2025 quarter, they are "layering in 14 days of impact from the ongoing YouTube TV blackout, which we estimate is a $60mm revenue headwind."

Nov. 11 marks the 12th day of the Disney blackout on YouTube TV. The Morgan Stanley analysts wrote that they expect the Disney-YouTube TV dispute to be resolved later this week, but estimated that each week its networks are dark on YouTube TV will lower Disney's adjusted earnings per share by 2 cents.

[ Read more of this story ]( https://news.slashdot.org/story/25/11/11/2242218/youtube-tv-blackout-is-costing-disney-an-estimated-43-million-per-day-in-lost-revenue?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Google has unveiled Private AI Compute, a cloud platform designed to deliver advanced AI capabilities while preserving user privacy. As The Verge notes, the feature is "virtually identical to Apple's Private Cloud Compute." From the report: Many Google products run AI features like translation, audio summaries, and chatbot assistants, on-device, meaning data doesn't leave your phone, Chromebook, or whatever it is you're using. This isn't sustainable, Google says, as advancing AI tools need more reasoning and computational power than devices can supply. The compromise is to ship more difficult AI requests to a cloud platform, called Private AI Compute, which it describes as a "secure, fortified space" offering the same degree of security you'd expect from on-device processing. Sensitive data is available "only to you and no one else, not even Google."

[ Read more of this story ]( https://tech.slashdot.org/story/25/11/12/0137208/google-is-introducing-its-own-version-of-apples-private-ai-cloud-compute?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from The Atlantic: In China, you can buy a heavily discounted "used" electric car that has never, in fact, been used. Chinese automakers, desperate to meet their sales targets in a bitterly competitive market, sell cars to dealerships, which register them as "sold," even though no actual customer has bought them. Dealers, stuck with officially sold cars, then offload them as "used," often at low prices. The practice has become so prevalent that the Chinese Communist Party is trying to stop it. Its main newspaper, The People's Daily, complained earlier this year that this sales-inflating tactic "disrupts normal market order," and criticized companies for their "data worship."

This sign of serious problems in China's electric-vehicle industry may come as a surprise to many Americans. The Chinese electric car has become a symbol of the country's seemingly unstoppable rise on the world stage. Many observers point to their growing popularity as evidence that China is winning the race to dominate new technologies. But in China, these electric cars represent something entirely different: the profound threats that Beijing's meddling in markets poses to both China and the world.

Bloated by excessive investment, distorted by government intervention, and plagued by heavy losses, China's EV industry appears destined for a crash. EV companies are locked in a cutthroat struggle for survival. Wei Jianjun, the chairman of the Chinese automaker Great Wall Motor, warned in May that China's car industry could tumble into a financial crisis; it "just hasn't erupted yet." To bypass government censorship of bad economic news, market analysts have opted for a seemingly anodyne term to describe the Chinese car industry's downward spiral: involution, which connotes falling in on oneself.

[ Read more of this story ]( https://tech.slashdot.org/story/25/11/12/0150258/chinas-ev-market-is-imploding?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from The Atlantic: In China, you can buy a heavily discounted "used" electric car that has never, in fact, been used. Chinese automakers, desperate to meet their sales targets in a bitterly competitive market, sell cars to dealerships, which register them as "sold," even though no actual customer has bought them. Dealers, stuck with officially sold cars, then offload them as "used," often at low prices. The practice has become so prevalent that the Chinese Communist Party is trying to stop it. Its main newspaper, The People's Daily, complained earlier this year that this sales-inflating tactic "disrupts normal market order," and criticized companies for their "data worship."

This sign of serious problems in China's electric-vehicle industry may come as a surprise to many Americans. The Chinese electric car has become a symbol of the country's seemingly unstoppable rise on the world stage. Many observers point to their growing popularity as evidence that China is winning the race to dominate new technologies. But in China, these electric cars represent something entirely different: the profound threats that Beijing's meddling in markets poses to both China and the world.

Bloated by excessive investment, distorted by government intervention, and plagued by heavy losses, China's EV industry appears destined for a crash. EV companies are locked in a cutthroat struggle for survival. Wei Jianjun, the chairman of the Chinese automaker Great Wall Motor, warned in May that China's car industry could tumble into a financial crisis; it "just hasn't erupted yet." To bypass government censorship of bad economic news, market analysts have opted for a seemingly anodyne term to describe the Chinese car industry's downward spiral: involution, which connotes falling in on oneself.

[ Read more of this story ]( https://tech.slashdot.org/story/25/11/12/0150258/chinas-ev-market-is-imploding?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

New submitter UsRanger175 shares a report from Space.com: The sun erupted in spectacular fashion this morning (Nov. 11), unleashing a major X5.1-class solar flare, the strongest of 2025 so far and the most intense since October 2024. The eruption peaked at 5 a.m. EST (1000 GMT) from sunspot AR4274, which has been bursting with activity in recent days. The blast triggered strong (R3-level) radio blackouts across Africa and Europe, disrupting high-frequency radio communications on the sunlit side of Earth.

This outburst is the latest in a series of intense flares from AR4274, which also produced an X1.7 flare on Nov. 9 and an X1.2 on Nov. 10. Those flares were accompanied by coronal mass ejections (CMEs) that could combine and impact Earth overnight tonight, possibly triggering strong (G3) geomagnetic storm conditions and widespread auroras, according to NOAA's Space Weather Prediction Center. The CME released today could also join the party as it speeds toward Earth at 4.4 million mph. NOAA predicts the CME could impact Earth around midday on Nov. 12. With this third CME added to the mix, it's possible that we could experience severe (G4) geomagnetic storm conditions.

[ Read more of this story ]( https://news.slashdot.org/story/25/11/12/0212258/sun-unleashes-strongest-solar-flare-of-2025?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

According to the Financial Times (paywalled), Meta's Chief AI Scientist Yann LeCun, a deep-learning pioneer and Turing Award winner, is reportedly leaving the company to launch his own startup. Reuters reports: The owner of Facebook and Instagram has significantly increased its investments in artificial intelligence, with CEO Mark Zuckerberg reorganizing the company's AI initiatives under Superintelligence Labs. Zuckerberg hired Alexandr Wang, former CEO of data-labeling startup Scale AI to lead the new AI effort. As a result, LeCun, who had reported to chief product officer Chris Cox, is now reporting to Wang, the report said.

The company began investing in AI in 2013 by launching Facebook Artificial Intelligence Research (FAIR) unit and recruiting LeCun, who is a known skeptic of the large language model path to superintelligence. LeCun is also a Silver Professor of data science, computer science, neural science and electrical and computer engineering at New York University, according to his LinkedIn page. He is known for his work in deep learning and the invention of the convolutional neural network, which is widely used for image, video and speech recognition.

[ Read more of this story ]( https://tech.slashdot.org/story/25/11/12/027252/meta-chief-ai-scientist-yann-lecun-plans-to-exit-to-launch-startup?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from Ars Technica: Ryanair is trying to force users to download its mobile app by eliminating paper boarding passes, starting on November 12. As announced in February and subsequently delayed from earlier start dates, Europe's biggest airline is moving to digital-only boarding passes, meaning customers will no longer be able to print physical ones. In order to access their boarding passes, Ryanair flyers will have to download Ryanair's app.

"Almost 100 percent of passengers have smartphones, and we want to move everybody onto that smartphone technology," Ryanair CEO Michael O'Leary said recently on The Independent's daily travel podcast. Customers are encouraged to check in online via Ryanair's website or app before getting to the airport. People who don't check in online before getting to the airport will have to pay the airport a check-in fee. "There'll be some teething problems," O'Leary said of the move.

[ Read more of this story ]( https://tech.slashdot.org/story/25/11/12/0219222/ryanair-tries-forcing-app-downloads-by-eliminating-paper-boarding-passes?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Researchers from four universities have released a study revealing that AI models remain easily detectable in social media conversations despite optimization attempts. The team tested nine language models across Twitter/X, Bluesky and Reddit, developing classifiers that identified AI-generated replies at 70 to 80% accuracy rates. Overly polite emotional tone served as the most persistent indicator. The models consistently produced lower toxicity scores than authentic human posts across all three platforms.

Instruction-tuned models performed worse than their base counterparts at mimicking humans, and the 70-billion-parameter Llama 3.1 showed no advantage over smaller 8-billion-parameter versions. The researchers found a fundamental tension: models optimized to avoid detection strayed further from actual human responses semantically.

[ Read more of this story ]( https://tech.slashdot.org/story/25/11/12/142219/researchers-surprised-that-with-ai-toxicity-is-harder-to-fake-than-intelligence?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader shares a report: Costing tens of thousands of dollars each, Nvidia's pioneering AI chips make up a hefty chunk of the $400 billion that Big Tech plans to invest this year -- a bill expected to hit $3 trillion by 2029. But unlike 19th-century railroads, or the Dotcom boom's fiber-optic cables, the GPUs fueling today's AI mania are short-lived assets with a shelf life of perhaps five years.

As with your iPhone, this stuff tends to lose value and may need upgrading soon because Nvidia and its rivals aim to keep launching better models. Customers like OpenAI will have to deploy them to stay competitive. So while it's comforting that the companies spending most wildly have mountains of cash to throw around (OpenAI aside), the brief useful life of the chips and the generous accounting assumptions underpinning all of this investment are less consoling.

Michael Burry, who made his name betting against US housing and who's recently turned to the AI boom, waded in this week, warning on X that hyperscalers -- industry jargon for the giant companies building gargantuan data centers -- are underestimating depreciation. Far from being a one-off outlay, there's a danger of AI capex becoming a huge recurring expense. That's great for Nvidia and co., but not necessarily for hyperscalers such as Google and Microsoft. Some face a depreciation tsunami that's forcing them to be extra vigilant about controlling other costs. Amazon has plans to eliminate roughly 14,000 jobs.

And while Wall Street is used to financing fast-depreciating assets such as aircraft and autos, it's worrying that private credit funds are increasingly using GPUs as collateral to finance loans. This includes lending to more speculative startups known as neoclouds, who offer GPUs for rent. Microsoft alone has signed more than $60 billion of neocloud deals.

[ Read more of this story ]( https://slashdot.org/story/25/11/12/1450226/ai-bubble-is-ignoring-michael-burrys-fears?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Sonder, a short-term rental company and former Airbnb rival, abruptly went out of business after Marriott ended its licensing deal on Nov. 9 -- leaving guests scrambling as they were told to vacate their rooms immediately. From a report: Paul Strack, 63, visiting Boston from Little Rock, Arkansas, told CBS News he received an email from Marriott on Sunday about his Sonder stay, but he initially mistook it for a scam. The email said that Marriott's agreement with Sonder had ended, and that "we are unable to continue your reservation beyond today."

"[W]e are kindly requesting that you check out of the property as soon as you are able," the email read, according to a copy obtained by CBS News. Because he had mistaken it for spam, he ignored it. But on Monday, after exploring Boston and returning to the family's accommodation at the end of the day, Strack found his room's door wide open and his family's belongings packed up and left in a hallway.

[...] Sonder on Monday said it would wind down operations immediately, and that it expects to file for Chapter 7 bankruptcy to liquidate its U.S. assets. The company describes itself as a global operator of "premium, design-forward apartments and intimate boutique hotels serving the modern traveler" that has faced financial challenges related to its agreement with Marriott, which the hotel chain terminated on Sunday.

[ Read more of this story ]( https://slashdot.org/story/25/11/12/1528206/airbnb-rival-sonder-abruptly-shuts-down-orders-guests-to-leave?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

After acquiring software virtualization company Cameyo last year, Google has relaunched a version of the service that makes it easier for Windows-based organizations to migrate over to ChromeOS. From a report: Now called "Cameyo by Google," the Virtual App Delivery (VAD) solution allows users to run legacy Windows apps in the Chrome browser or as web apps, preventing organizations from being tied to Microsoft's operating system. Google says the new Cameyo experience is more efficient than switching between separate virtual desktop environments, allowing users to stream the specific apps they need instead of virtualizing the entire desktop. That allows Windows-based programs like Excel and AutoCAD to run side-by-side with Chrome and other web apps, giving businesses the flexibility to use a mix of Microsoft and Google services.

[ Read more of this story ]( https://tech.slashdot.org/story/25/11/12/167213/google-relaunches-cameyo-to-entice-businesses-from-windows-to-chromeos?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.