Palo Alto Networks boasts 70,000 customers in 150 countries, including 85% of the Fortune 500.

But this week "thousands of Palo Alto Networks firewalls were compromised by attackers exploiting two recently patched security bug," reports the Register:

The intruders were able to deploy web-accessible backdoors to remotely control the equipment as well as cryptocurrency miners and other malware. Roughly 2,000 devices had been hijacked as of Wednesday — a day after Palo Alto Networks pushed a patch for the holes — according to Shadowserver and Onyphe. As of Thursday, the number of seemingly compromised devices had dropped to about 800. The vendor, however, continues to talk only of a "limited number" of exploited installations... The Register has asked for clarification, including how many compromised devices Palo Alto Networks is aware of, and will update this story if and when we hear back from the vendor.

Rumors started swirling last week about a critical security hole in Palo Alto Networks appliances that allowed remote unauthenticated attackers to execute arbitrary code on devices. Exploitation requires access to the PAN-OS management interface, either across the internet or via an internal network. The manufacturer did eventually admit that the firewall-busting vulnerability existed, and had been exploited as a zero-day — but it was still working on a patch. On Tuesday, PAN issued a fix, and at that time said there were actually two vulnerabilities. The first is a critical (9.3 CVSS) authentication bypass flaw tracked as CVE-2024-0012. The second, a medium-severity (6.9 CVSS) privilege escalation bug tracked as CVE-2024-9474. The two can be chained together to allow remote code execution (RCE) against the PAN-OS management interface... once the attackers break in, they are using this access to deploy web shells, Sliver implants, and/or crypto miners, according to Wiz threat researchers.

[ Read more of this story ]( https://it.slashdot.org/story/24/11/25/063246/thousands-of-palo-alto-networks-firewalls-compromised-this-week-after-critical-security-hole?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

U.S. software developer job listings have plummeted 56% since 2019, according to CompTIA data, as coding bootcamp graduates face mounting challenges from AI tools and widespread tech industry layoffs.

For entry-level positions, postings have dropped even further at 67%. The downturn has forced several bootcamps to adapt or close. Boston's Launch Academy suspended operations in May after job placement rates fell from 90% to below 60%. Meanwhile, AI coding tools like ChatGPT and GitHub's Copilot are transforming the industry, with Google reporting that AI now generates over 25% of its new code.

"This is the worst environment for entry-level tech jobs I've seen in 25 years," said Menlo Ventures partner Venky Ganesan.

[ Read more of this story ]( https://developers.slashdot.org/story/24/11/25/1241210/tech-job-slump-hits-coding-bootcamp-graduates-as-ai-reshapes-industry?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Sony is developing a new portable gaming device capable of playing PlayStation 5 games, Bloomberg News reported Monday. The project follows the 2023 release of PlayStation Portal, a streaming-only handheld, and aims to compete with Nintendo's dominant Switch console and potential Microsoft offerings in the portable gaming space.

[ Read more of this story ]( https://games.slashdot.org/story/24/11/25/1248209/sony-working-on-handheld-console-for-ps5-games-to-rival-switch?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Leading technology companies are dramatically expanding their AI capabilities by building multibillion-dollar "super clusters" packed with unprecedented numbers of Nvidia's AI processors. Elon Musk's xAI recently constructed Colossus, a supercomputer containing 100,000 Nvidia Hopper chips, while Meta CEO Mark Zuckerberg claims his company operates an even larger system for training advanced AI models. The push toward massive chip clusters has helped drive Nvidia's quarterly revenue from $7 billion to over $35 billion in two years, making it the world's most valuable public company.

WSJ adds: Nvidia Chief Executive Jensen Huang said in a call with analysts following its earnings Wednesday that there was still plenty of room for so-called AI foundation models to improve with larger-scale computing setups. He predicted continued investment as the company transitions to its next-generation AI chips, called Blackwell, which are several times as powerful as its current chips.

Huang said that while the biggest clusters for training for giant AI models now top out at around 100,000 of Nvidia's current chips, "the next generation starts at around 100,000 Blackwells. And so that gives you a sense of where the industry is moving."

[ Read more of this story ]( https://tech.slashdot.org/story/24/11/25/1254207/ais-future-and-nvidias-fortunes-ride-on-the-race-to-pack-more-chips-into-one-place?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader shares a report: Nearly three-quarters of U.S. adults are overweight or obese, according to a sweeping new study. The findings have wide-reaching implications for the nation's health and medical costs as it faces a growing burden of weight-related diseases.

The study reveals the striking rise of obesity rates nationwide since 1990 -- when just over half of adults were overweight or obese -- and shows how more people are becoming overweight or obese at younger ages than in the past. Both conditions can raise the risk of diabetes, high blood pressure and heart disease, and shorten life expectancy.

The study's authors documented increases in the rates of overweight and obesity across ages. They were particularly alarmed by the steep rise among children, more than one in three of whom are now overweight or obese. Without aggressive intervention, they forecast, the number of overweight and obese people will continue to go up -- reaching nearly 260 million people in 2050. Further reading: Adipose tissue retains an epigenetic memory of obesity after weight loss.

[ Read more of this story ]( https://news.slashdot.org/story/24/11/25/156247/three-quarters-of-us-adults-are-now-overweight-or-obese?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Swedish battery maker Northvolt has filed for Chapter 11 bankruptcy in the U.S. and announced CEO Peter Carlsson's departure following a year marked by production delays and workforce reductions.

The company, once viewed as Europe's challenger to Chinese battery dominance, reported $1.2 billion in losses against $128 million revenue for 2023. Despite securing $15 billion in funding and $50 billion in orders by late 2023, with major stakeholders including Volkswagen (21%) and Goldman Sachs (19%), Northvolt faced mounting challenges. BMW canceled a $2 billion contract in June, prompting job cuts and project suspensions.

[ Read more of this story ]( https://hardware.slashdot.org/story/24/11/25/1545205/northvolt-files-for-bankruptcy-as-europes-battery-champion-loses-spark?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Raspberry Pi has announced the Pico 2 W, a wireless version of its Pico 2 microcontroller board built for hobbyists and industrial applications. From a report: At $7, it's a relatively inexpensive way to control electronic devices like smart home gadgets and robots. With the new version, users will be able to securely link to remote sources to send and receive data, either via Bluetooth 5.2 or Wi-Fi 802.11n.

As with the Pico 2, the wireless variant is built around the RP2350 microcontroller built in-house by Raspberry Pi. it offers more speed and memory than the original RP2040 chip, along with a security model built around Arm's TrustZone for Cortex-M. Users can program it using C, C++ and MicroPython, and choose between Arm Cortex-M33 or RISC-V cores.

[ Read more of this story ]( https://hardware.slashdot.org/story/24/11/25/1624221/raspberry-pis-7-pico-2-w-microcontroller-board-adds-wireless-connectivity?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Apple's upcoming slim iPhone model faces potential sales obstacles in China due to design limitations that prevent fitting a physical SIM card tray, which is mandatory in the Chinese market.

The new device, planned for release next fall, measures 5-6 millimeters thick compared to the iPhone 16's 7.8mm, The Information reported Monday [non-paywalled source]. The company aims to revitalize iPhone sales in China, where revenue has declined for three consecutive years amid competition from Huawei and Vivo. The thin iPhone relies on embedded SIMs (eSIMs), which Chinese regulators haven't yet approved for smartphone use. Engineers are also struggling with battery placement and thermal management in the slim design, the report added.

[ Read more of this story ]( https://apple.slashdot.org/story/24/11/25/1730206/apples-upcoming-ultra-slim-iphone-hits-roadblock-over-sim-tray-rules?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A firmware update has left QNAP network-attached storage device owners unable to access their systems, with standard reset procedures failing to resolve the issue.

The problematic update, QTS 5.2.2.2950 build 20241114, was released last week before being partially withdrawn, according to user reports on QNAP's community forums. QNAP, the Taiwan-based storage manufacturer, has not specified which models are affected by the faulty firmware.

[ Read more of this story ]( https://it.slashdot.org/story/24/11/25/1743257/qnap-nas-users-locked-out-after-firmware-update-snafu?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Nvidia has introduced Fugatto, an AI music editor that can generate never-head-of audio combinations, including instruments mimicking animal sounds.

The tool processes both text and audio inputs to create music, sound effects, and modified speech. The system can isolate vocals, swap instruments, and alter voice characteristics.

[ Read more of this story ]( https://tech.slashdot.org/story/24/11/25/1911240/nvidia-claims-new-ai-audio-generator-makes-sounds-never-heard-before?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Lawyers for the United States on Monday said that Google had created a monopoly with its services to place ads online, closing out an antitrust trial over the company's dominance in advertising technology that could add to the Silicon Valley giant's mounting woes. From a report: The legal case concerns a system of software that is used by advertisers to place ads on websites around the internet. Aaron Teitelbaum, a lawyer for the Justice Department, told Judge Leonie M. Brinkema of the U.S. District Court for the Eastern District of Virginia that the company had linked its products together in a way that made it hard for publishers and advertisers to use alternatives.

"Google is once, twice, three times a monopolist," he said. "These are the markets that make the free and open internet possible." Google's lead lawyer, Karen Dunn, countered that the government had failed to offer the evidence to prove its case and was on shaky legal ground. "Google's conduct is a story of innovation in response to competition," she said. The arguments conclude U.S. et al. v. Google, an antitrust suit that the Justice Department and eight states filed against Google last year. (More states have joined the suit since then.) The agency and states accused the internet giant of abusing control of its ad technology and violating antitrust law, in part through the acquisition of the advertising software company Doubleclick in 2008. Next, Judge Brinkema will decide the merits of the case in the coming months.

[ Read more of this story ]( https://news.slashdot.org/story/24/11/25/200221/us-says-google-is-an-ad-tech-monopolist-in-closing-arguments?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader shares a report: On Monday, Apple's list of finalists for its coveted "iPhone App of the Year" award once again reveals how the iPhone maker is downplaying the impact of AI technology on the mobile app ecosystem. As it did last year, Apple's 2024 list of top iPhone finalists favors more traditional iOS apps, including those that help iPhone users perform specific tasks like recording professional video (Kino), tailoring their running plans (Runna), or organizing their travels (Tripsy). Other AI apps like ChatGPT, Anthropic's Claude, Microsoft Copilot, and those that create AI photos or videos were not nominated for iPhone App of the Year.

Given the popularity of ChatGPT, also now an Apple partner for its Siri improvements, it's surprising to find the app has not earned any official year-end accolades from Apple's App Store editorial team, despite its adoption of clever new features in 2024, like an Advanced Voice Mode for chatting with the AI virtual assistant and a web search feature that challenges Google.

[ Read more of this story ]( https://apple.slashdot.org/story/24/11/25/2026222/apple-snubs-ai-in-its-iphone-app-of-the-year-finalists?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from ZDNet, written by Steven Vaughan-Nichols: At KubeCon North America, SUSE announced a significant rebranding effort, several new product offerings, and the launch of SUSE AI, a secure platform for deploying and running generative AI (gen AI) applications. SUSE has renamed its entire portfolio to make product names more descriptive and customer-friendly. Notable changes include:
- Rancher, SUSE's Kubernetes offering, is now SUSE Rancher. - Liberty Linux, the company's Red Hat Enterprise Linux (RHEL)/CentOS clone and support offering, becomes SUSE Multi Linux Support. - Harvester is rebranded as SUSE Virtualization - Longhorn is now SUSE Storage.

[...] Also, like everyone else, SUSE now has an AI offering: SUSE AI. This isn't an AI chatbot, like Red Hat's Lightspeed AI tool. No, it's a secure platform for deploying and running gen AI applications. This new offering addresses key challenges faced by enterprises as they move from AI experimentation to deployment, particularly in areas of security and compliance. These are SUSE AI's top features, as highlighted by Vaughan-Nichols:
1. Security by Design: SUSE AI provides security and certifications at the software infrastructure level, along with zero-trust security tools, templates, and compliance playbooks.

2. Multifaceted Trust: The platform ensures that generated data is correct and private customer and IP data remain secure. It supports deployment across various environments, including on-premise, hybrid, cloud, and air-gapped setups.

3. Choice and Flexibility: SUSE AI allows customers to select and deploy their preferred AI components and LLMs.

4. Simplified Operations: The platform provides simplified cluster operations, persistent storage, and easy access to pre-configured shared tools and services.

[ Read more of this story ]( https://linux.slashdot.org/story/24/11/25/2112247/suse-unveils-major-rebranding-new-data-protecting-ai-platform?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Indonesia rejected Apple's $100 million investment proposal to build an accessory and component plant, stating it was insufficient to lift the current ban on iPhone 16 sales in the country. Indonesia banned sales of Apple's iPhone 16 last month after it failed to meet requirements that smartphones sold domestically should comprise at least 40% locally-made parts. Reuters reports: "We have done an assessment and this (proposal) has not met principles of fairness," Industry Minister Agus Gumiwang Kartasasmita told a press conference, comparing the proposal to Apple's bigger investments in neighboring Vietnam and Thailand. Apple has no manufacturing facilities in Indonesia, but has since 2018 set up application-developer academies, which Jakarta considers a way for the company to meet local content requirement for the sale of older iPhone models. Agus said Apple had an outstanding investment commitment of $10 million it should have carried out before 2023. He also wanted Apple to commit to new investment until 2026.

[ Read more of this story ]( https://apple.slashdot.org/story/24/11/25/2119227/indonesia-says-apples-100-million-investment-proposal-inadequate?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A new rule passed in Texas requiring cryptocurrency miners using the grid maintained by the Energy Reliability Council of Texas (ERCOT) to register and report key details about their facilities. CoinTelegraph reports: Under the Public Utilities Commission of Texas (PUCT) rule (PDF), passed on Nov. 21, Bitcoin miners must share the location, ownership information and demand for electricity of their facilities with the state agency. Miners have only one working day after the date their facility connects to the ERCOT grid to register and must renew every calendar year on or before March 1.

ERCOT is an independent system operator representing 90% of the state's electric load. According to PUCT Chairman Thomas Gleeson, the new rule was designed to help manage the power grid as more mining facilities come online. "To ensure the ERCOT grid is reliable and meets the electricity needs of all Texans, the PUCT and ERCOT need to know the location and power needs of virtual currency miners," he said. Bitcoin miners who fail to register under the PUCT rule will face a Class A violation, which can result in up to $25,000 in daily fines.

[ Read more of this story ]( https://hardware.slashdot.org/story/24/11/25/2126253/crypto-miners-in-texas-ercot-region-required-to-register-report-power-demand?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from Ars Technica: The Supreme Court signaled it may take up a case that could determine whether Internet service providers must terminate users who are accused of copyright infringement. In an order (PDF) issued today, the court invited the Department of Justice's solicitor general to file a brief "expressing the views of the United States."

In Sony Music Entertainment v. Cox Communications, the major record labels argue that cable provider Cox should be held liable for failing to terminate users who were repeatedly flagged for infringement based on their IP addresses being connected to torrent downloads. There was a mixed ruling at the US Court of Appeals for the 4th Circuit as the appeals court affirmed a jury's finding that Cox was guilty of willful contributory infringement but reversed a verdict on vicarious infringement "because Cox did not profit from its subscribers' acts of infringement." That ruling vacated a $1 billion damages award and ordered a new damages trial. Cox and Sony are both seeking a Supreme Court review. Cox wants to overturn the finding of willful contributory infringement, while Sony wants to reinstate the $1 billion verdict.

The Supreme Court asking for US input on Sony v. Cox could be a precursor to the high court taking up the case. For example, the court last year asked the solicitor general to weigh in on Texas and Florida laws that restricted how social media companies can moderate their platforms. The court subsequently took up the case and vacated lower-court rulings, making it clear that content moderation is protected by the First Amendment.

[ Read more of this story ]( https://yro.slashdot.org/story/24/11/25/2133222/supreme-court-wants-us-input-on-whether-isps-should-be-liable-for-users-piracy?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

9to5Google's Ben Schoon reports: Google has introduced a new feature on iOS that injects links on third-party websites that take users back to Google Search. Recently, Google announced new "Page Annotations" within the Google app on iOS. This feature, as Google explains, "extracts interesting entities from the webpage and highlights them in line." Effectively, it creates links on a website that you've opened through Google's browser that the website's owner did not put there. The links, when clicked, then perform a search on Google for that subject and open the search in a pop-up window on top of the third-party website.

The feature, Google says, will offer an opt-out for website owners through a form. It's pointed out by SERoundTable that opting out can take up to 30 days, while the feature is live now. Further reading: US Says Google Is an Ad Tech Monopolist, in Closing Arguments

[ Read more of this story ]( https://tech.slashdot.org/story/24/11/26/0029213/googles-ios-app-now-injects-links-on-third-party-websites-that-go-back-to-search?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A new bill introduced by Sen. Peter Welch (D-Vt) aims to make it easier for human creators to find out if their work was used without permission to train artificial intelligence. NBC News reports: The Transparency and Responsibility for Artificial Intelligence Networks (TRAIN) Act would enable copyright holders to subpoena training records of generative AI models, if the holder can declare a "good faith belief" that their work was used to train the model. The developers would only need to reveal the training material that is "sufficient to identify with certainty" whether the copyright holder's works were used. Failing to comply would create a legal assumption -- until proven otherwise -- that the AI developer did indeed use the copyrighted work. [...]

In a news release, Welch said the TRAIN Act has been endorsed by several organizations -- including the Screen Actors Guild-American Federation of Television and Radio Artists (SAG-AFTRA), the American Federation of Musicians, and the Recording Academy -- as well as major music labels -- including Universal Music Group, Warner Music Group and Sony Music Group.

[ Read more of this story ]( https://yro.slashdot.org/story/24/11/26/0047249/senator-introduces-bill-to-compel-more-transparency-from-ai-developers?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Microsoft is retiring its "Get Licensing Ready" website, a resource for software licensing education. Going forward, content licensing will be located at microsoft.com/licensing. The Register also notes Microsoft's plans to enhance learning with AI tools, though specifics for licensing applications remain unclear. From the report: Software licensing is notoriously labyrinthine, so resources like the site Microsoft will close -- Get Licensing Ready -- can be very handy. Today, the site offers over 50 training modules plus documentation. But Microsoft has decided not to keep it around in its current form. Indeed, visitors to the site currently see a pop-up that explains "Microsoft will be ending support for licensing certifications through this platform and phasing out the Get Licensing Ready resource."

The site's "retirement" date is January 1. Users have until December 1 to complete any active modules and download certificates. If you're a user of the site, get cracking: Redmond warns it is "unable to provide copies of certification after December 31st, 2024." An email alias dedicated to the site will also go away on New Year's Day. A Microsoft spokesperson told The Register the software megalith "remains committed to supporting licensing knowledge and solution-building for our partners and customers" -- in part with "new AI capabilities to further enhance learning and engagement."

[ Read more of this story ]( https://news.slashdot.org/story/24/11/26/0058258/microsoft-shuttering-dedicated-licensing-education-certification-site?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from TheGamer: With thousands of cards available in Pokemon's "Pokemon Trading Card Game," it can be hard to remember what is what. After all, since first debuting in the mid 1990s to coincide with the games of the same name, the popular collectible has been going strong ever since, with new releases constantly filling store shelves. That said, one avid Pokemon fan took it upon themselves to archive the card game's unique artwork. After hundreds of hours of work, over 23,000 cards have been archived, along with an additional 2,000 pieces of artwork. The end result is one of the best fan creations around.

Meet Twitter user pkm_jp, who devoted hundreds of hours to learning how to program in order to make their dream of a one-stop shop of all available card art a reality. "I remember the joy of getting the first set page working, displaying a small collection of cards," they wrote on Twitter. "I knew it was just the beginning." The site, artofpkm.com, "is dedicated to bringing artists and fans together," the created said on X (formerly Twitter). They note that there is still "lots of artwork still to be added and labeled," among other features such as "custom lists, voting, and a proper blog."

[ Read more of this story ]( https://developers.slashdot.org/story/24/11/26/016253/pokemon-fan-learns-to-code-in-order-to-archive-tcg?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An asteroid named 2024 PT5, recently exhibiting "mini moon" behavior around Earth, may have been a boulder that was blasted off the moon by an impacting, crater-forming asteroid," reports the Associated Press. The 33-foot space rock is expected to pass safely near Earth in January, when it will be closely observed. From the report: While not technically a moon -- NASA stresses it was never captured by Earth's gravity and fully in orbit -- it's "an interesting object" worthy of study. The astrophysicist brothers who identified the asteroid's "mini moon behavior," Raul and Carlos de la Fuente Marcos of Complutense University of Madrid, have collaborated with telescopes in the Canary Islands for hundreds of observations so far.

Currently more than 2 million miles (3.5 million kilometers) away, the object is too small and faint to see without a powerful telescope. It will pass as close as 1.1 million miles (1.8 million kilometers) of Earth in January, maintaining a safe distance before it zooms farther into the solar system while orbiting the sun, not to return until 2055. That's almost five times farther than the moon. [...] NASA will track the asteroid for more than a week in January using the Goldstone solar system radar antenna in California's Mojave Desert, part of the Deep Space Network.

[ Read more of this story ]( https://science.slashdot.org/story/24/11/26/0343237/earths-mini-moon-may-have-been-a-chunk-of-our-actual-moon?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The U.S. is preparing to impose new sanctions targeting 200 Chinese chipmakers and potentially restricting the export of High Bandwidth Memory (HBM). The move is intended to further hinder China's semiconductor and AI advancements. Tom's Hardware reports: The update sheds light on the Biden administration's recent efforts to impose stricter regulations on chip manufacturers in China. The latest swarm of sanctions reportedly targets roughly 200 Chinese firms. US companies are prohibited from exporting select technologies or products to the targeted firms. The report suggests that the US Department of Commerce aims to push these new regulations before the Thanksgiving break - or November 28. Neither the Department of Commerce nor the Chamber of Commerce responded to Reuters' request for comments.

Moreover, another wave of sanctions is set to follow in December - targeting the export of HBM (High Bandwidth Memory) - primarily to choke China's advance in the AI domain. The impacts of these restrictions are materializing given that Huawei's Kirin SoCs and Ascend AI accelerators will reportedly remain stuck at 7nm technology until 2026 as SMIC fails to procure cutting-edge Extreme Ultraviolet (EUV) machines from ASML.

[ Read more of this story ]( https://news.slashdot.org/story/24/11/26/0332203/us-to-reportedly-sanction-200-more-chinese-chip-firms?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Blue Yonder, a Panasonic subsidiary specializing in AI-driven supply chain solutions, experienced a recent ransomware attack that impacted many of its customers. "Among its 3,000 customers are high-profile organizations like DHL, Renault, Bayer, Morrisons, Nestle, 3M, Tesco, Starbucks, Ace Hardware, Procter & Gamble, Sainsbury, and 7-Eleven," reports BleepingComputer. From the report: On Friday, the company warned that it was experiencing disruptions to its managed services hosting environment due to a ransomware incident that occurred the day before, on November 21. "On November 21, 2024, Blue Yonder experienced disruptions to its managed services hosted environment, which was determined to be the result of a ransomware incident," reads the announcement. "Since learning of the incident, the Blue Yonder team has been working diligently together with external cybersecurity firms to make progress in their recovery process. We have implemented several defensive and forensic protocols."

Blue Yonder claims it has detected no suspicious activity in its public cloud environment and is still processing multiple recovery strategies. [...] As expected, this has impacted clients directly, as a spokesperson for UK grocery store chain Morrisons has confirmed to the media they have reverted to a slower backup process. Sainsbury told CNN that it had contingency plans in place to overcome the disruption. A Saturday update informed customers that the restoration of the impacted services continued, but no specific timelines for complete restoration could be shared yet. Another update published on Sunday reiterated the same, urging clients to monitor the customer update page on Blue Yonder's website over the coming days.

[ Read more of this story ]( https://it.slashdot.org/story/24/11/26/0323243/blue-yonder-ransomware-attack-disrupts-grocery-store-supply-chain?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A Stanford study of over 50,000 software engineers across hundreds of companies has found that approximately 9.5% of engineers perform minimal work while drawing full salaries, potentially costing tech companies billions annually.

The research showed the issue is most prevalent in remote work settings, where 14% of engineers were classified as "ghost engineers" compared to 6% of office-based staff. The study evaluated productivity through analysis of private Git repositories and simulated expert assessments of code commits.

Major tech companies could be significantly impacted, with IBM estimated to have 17,100 underperforming engineers at an annual cost of $2.5 billion. Across the global software industry, the researchers estimate the total cost of underperforming engineers could reach $90 billion, based on a conservative 6.5% rate of "ghost engineers" worldwide.

[ Read more of this story ]( https://developers.slashdot.org/story/24/11/26/1346219/stanford-research-reveals-95-of-software-engineers-do-virtually-nothing?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Brazilian antitrust regulator Cade said this week that Apple must lift restrictions on payment methods for in-app purchases, among other things, as the watchdog moved to proceed with an investigation into a complaint filed by Latin America e-commerce giant MercadoLibre. From a report: MercadoLibre's complaint, filed in 2022 in Brazil and Mexico, accused Apple of imposing a series of restrictions on the distribution of digital goods and in-app purchases, including banning apps from distributing third-party digital goods and services such as movies, music, video games, books and written content.

In the complaint, MercadoLibre criticized the California tech giant for requiring developers that offer digital goods or services within apps to use Apple's own payment system and stopping them from redirecting buyers to their websites. Cade ruled that Apple must allow app developers to add tools so customers can buy their services or products outside the app, such as through the use of hyperlinks to external websites.

[ Read more of this story ]( https://apple.slashdot.org/story/24/11/26/1256205/brazil-rules-apple-must-lift-restrictions-on-in-app-payments?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader shares a report: Softbank-backed online shopping site Meesho has rolled out what it claims is the first GenAI-powered voice bot among Indian e-commerce firms for customer support, paring down some expenses by 75%. Meesho has more than 160 million customers in India, with 80% of them in smaller cities, towns and villages.

[...] The Bengaluru-based e-commerce startup said Tuesday its AI bot currently handles 60,000 customer calls daily in English and Hindi. The startup, which also counts Elevation and Prosus among its backers, plans to add support for six more Indian languages.

[ Read more of this story ]( https://slashdot.org/story/24/11/26/131222/ai-helps-indian-ecommerce-firm-cut-customer-call-costs-by-75?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader shares a report: The human eye can't really tell the difference between 4K and 8K resolution. Video game console manufacturers, who have built their businesses selling increasingly powerful machines every few years, are grappling with a future where performance improvements are becoming less dramatic.

Sony Group launched its PlayStation 5 Pro console in mid-November. The $700 upgraded version of Sony's 2020 gaming machine uses AI to improve games' frame rate while maintaining exceptional image quality -- at least for 82 games that have been enhanced to take advantage of the new specs. That means gamers can see the realistic glint of their metal sword and experience smooth, sword-swinging battle action.

But despite all the fancy tech and a $200 price increase over the previous version, reviews so far haven't suggested it's a must-have machine. "It's an improvement, but there's nothing that makes it a complete generation above what the Series X offered," Daniel Ahmad, director of research and insights at Niko Partners, said. "It's a lot more difficult to distinguish the jump between each generation." The number of households with a gaming console hasn't really budged in more than a decade. Many gamers are replacing older machines more slowly, finding the one they already have is good enough.

[ Read more of this story ]( https://games.slashdot.org/story/24/11/26/135259/video-game-console-makers-confront-performance-ceiling?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Software company Deno Land has filed a petition with the U.S. Patent and Trademark Office to cancel Oracle's JavaScript trademark, citing trademark abandonment and fraud. The November 22 filing claims Oracle has not sold JavaScript products or services since acquiring the trademark through its 2009 Sun Microsystems purchase. The petition alleges Oracle committed fraud during its 2019 trademark renewal by submitting Node.js website screenshots without authorization.

The legal action follows a September open letter from JavaScript creator Brendan Eich, Node.js and Deno creator Ryan Dahl, and other prominent JavaScript developers urging Oracle to relinquish the trademark. The letter has garnered over 14,000 signatures.

[ Read more of this story ]( https://developers.slashdot.org/story/24/11/26/1312213/uspto-petitioned-to-cancel-oracles-javascript-trademark?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Google announced additional modifications to its European search results on Tuesday, following complaints from smaller competitors about traffic losses and amid potential EU antitrust charges under new tech regulations. The changes come as Google attempts to comply with the Digital Markets Act, which prohibits tech giants from favoring their own services and after hotels, airlines, and small retailers reported a 30% decline in direct booking clicks following recent platform adjustments.

Google's legal director Oliver Bethell said the new proposals include expanded search units offering equal formatting between comparison sites and supplier websites, along with new formats for competitors to display prices and images. The company will also test removing hotel map displays in Germany, Belgium, and Estonia. The Alphabet unit faces possible enforcement action from the European Commission, which began investigating potential DMA violations in March. Companies found breaching the regulations could face fines of up to 10% of their annual global revenue.

[ Read more of this story ]( https://tech.slashdot.org/story/24/11/26/1057225/google-to-test-maps-removal-in-eu-hotel-search-amid-antitrust-pressure?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Interpol arrested 1,006 suspects in Africa during a massive two-month operation, clamping down on cybercrime that left tens of thousands of victims, including some who were trafficked, and produced millions in financial damages, the global police organization said Tuesday. From a report: Operation Serengeti, a joint operation with Afripol, the African Union's police agency, ran from Sept. 2 to Oct. 31 in 19 African countries and targeted criminals behind ransomware, business email compromise, digital extortion and online scams, the agency said in a statement.

[ Read more of this story ]( https://yro.slashdot.org/story/24/11/26/1831232/interpol-clamps-down-on-cybercrime-and-arrests-over-1000-suspects-in-africa?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

American hospitals and healthcare organizations would be required to adopt multi-factor authentication (MFA) and other minimum cybersecurity standards under new legislation proposed by a bipartisan group of US senators. From a report: The Health Care Cybersecurity and Resiliency Act of 2024 [PDF], introduced on Friday by US Senators Bill Cassidy (R-Louisiana), Mark Warner (D-Virginia), John Cornyn (R-Texas), and Maggie Hassan (D-New Hampshire), would, among other things, require better coordination between the Department of Health and Human Services (HHS) and the Cybersecurity and Infrastructure Security Agency (CISA) around cybersecurity in the healthcare and public health sector.

This includes giving HHS a year to implement a cybersecurity incident response plan and update the types of information displayed publicly via the department's breach reporting portal.
Currently, all healthcare orgs that are considered "covered entities" under the US Health Insurance Portability and Accountability Act (HIPAA) are required to notify HHS if they are breached. The new law would require breached entities to report how many people were affected by the security incident.

It would also mandate that the portal include details on "any corrective action taken against a covered entity that provided notification of a breach" as well as "recognized security practices that were considered" during the breach investigation, plus any other information that the HHS secretary deems necessary.

[ Read more of this story ]( https://it.slashdot.org/story/24/11/26/1855253/us-senators-propose-law-to-require-bare-minimum-security-standards?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Anthropic is adding a new feature to its Claude AI assistant that will give users more control over how the chatbot responds to different writing tasks. From a report: The new custom styles are available to all Claude AI users, enabling anyone to train it to match their own communication style or select from preset options to quickly adjust the tone and level of detail it provides.

This update aims to personalize the chatbot's replies and make them feel more natural or appropriate for specific applications, such as writing detailed technical documents or professional emails. Three preset styles are available: Formal for "clear and polished" text, Concise for shorter and more direct responses, and Explanatory for educational replies that need to include additional detail. If these don't suit your requirements, Claude can also generate custom styles that are trained to mimic other writing mannerisms. Anthropic says users need to upload "sample content that reflects your preferred way of communicating" to the chatbot, and then instruct it on how to match the writing style.

[ Read more of this story ]( https://slashdot.org/story/24/11/26/194212/anthropic-says-claude-ai-can-match-your-unique-writing-style?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from the New York Times: The founder of an artificial intelligence start-up focused on education was arrested and charged with defrauding her investors, lying about the company's profits and falsely claiming that some of the largest school districts in the country, including New York City's, were her customers. The founder, Joanna Smith-Griffin, started the company, AllHere Education, in 2016, with the goal of using artificial intelligence to increase student and parent engagement and curb absenteeism. In the years that followed, Ms. Smith-Griffin, 33, misrepresented AllHere's revenue and customer base to fraudulently raise almost $10 million in funds, according to the indictment. Once the company's valuation had climbed, she sold some of her stake in it and spent hundreds of thousands of dollars on a down payment for a new home and on her wedding.

Ms. Smith-Griffin was arrested Tuesday in North Carolina, where she lives, and charged with wire fraud, securities fraud and aggravated identity theft. She faces more than 40 years in prison. AllHere is now in bankruptcy proceedings, prosectors said, and all of its employees have been laid off. "Her alleged actions impacted the potential for improved learning environments across major school districts by selfishly prioritizing personal expenses," said James E. Dennehy, the F.B.I. assistant director in New York leading the investigation into Ms. Smith-Griffin. "The F.B.I. will ensure that any individual exploiting the promise of educational opportunities for our city's children will be taught a lesson." Smith-Griffin is the latest Forbes 30 Under 30 honoree to be indicted on fraud. "The Forbes-to-Fraud pipeline includes FTX founder Sam Bankman-Fried and Caroline Ellison, co-CEO of Alameda Research; fintech Frank founder Charlie Javice; and 'Pharma bro' Martin Shkreli," notes TechCrunch.

[ Read more of this story ]( https://yro.slashdot.org/story/24/11/26/1958250/forbes-30-under-30-founder-who-sold-ai-chatbot-to-schools-charged-with-fraud?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The Biden administration is reducing Intel's CHIPS Act award by over $600 million, citing a $3 billion military contract the chipmaker was also awarded. Engadget reports: Initially set to receive $8.5 billion from the domestic silicon production bill, the company will get up to $7.85 billion instead. On Tuesday, The New York Times reported that Intel has extended some plant openings beyond 2030 government deadlines. Intel posted its biggest-ever quarterly loss last month after announcing 15,000 layoffs in August. The chip-maker's struggles have reportedly led some government officials to worry about its ability to deliver as a central component of the Biden White House's CHIPS Act.

Intel will receive at least $1 billion in CHIPS Act funding before the end of the year. The company plans to invest $90 billion in the US by the decade's end, a reduction from its initial goal of $100 billion in the next five years. The Commerce Department said the chip maker is still on schedule to invest the full $100 billion on projects in four states: Arizona ($3.94 billion), Oregon ($1.86 billion), Ohio ($1.5 billion) and New Mexico ($500 million).

[ Read more of this story ]( https://news.slashdot.org/story/24/11/26/206258/intels-chips-act-funding-cut-by-over-600-million?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Microsoft has denied claims that it automatically enables data collection from Word and Excel documents to train its AI models. The controversy emerged after cybersecurity expert nixCraft reported that Microsoft's Connected Experiences feature was collecting user data by default. While Microsoft's services agreement grants the company rights to use customer content, officials stated via Twitter that document data is not used for AI training.

[ Read more of this story ]( https://slashdot.org/story/24/11/26/2015232/microsoft-denies-using-word-and-excel-data-to-train-ai-models?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Ars Technica's Jon Brodkin reports: Lobby groups for Internet service providers claim that ISPs' customer service is so good already that the government shouldn't consider any new regulations to mandate improvements. They also claim ISPs face so much competition that market forces require providers to treat their customers well or lose them to competitors. Cable lobby group NCTA-The Internet & Television Association told the Federal Communications Commission in a filing (PDF) that "providing high-quality products and services and a positive customer experience is a competitive necessity in today's robust communications marketplace. To attract and retain customers, NCTA's cable operator members continuously strive to ensure that the customer support they provide is effective and user-friendly. Given these strong marketplace imperatives, new regulations that would micromanage providers' customer service operations are unnecessary."

Lobby groups filed comments in response to an FCC review of customer service that was announced last month, before the presidential election. While the FCC's current Democratic leadership is interested in regulating customer service practices, the Republicans who will soon take over opposed the inquiry. USTelecom, which represents telcos such as AT&T and Verizon, said that "the competitive broadband marketplace leaves providers of broadband and other communications services no choice but to provide their customers with not only high-quality broadband, but also high-quality customer service."

"If a provider fails to efficiently resolve an issue, they risk losing not only that customer -- and not just for the one service, but potentially for all of the bundled services offered to that customer -- but also any prospective customers that come across a negative review online. Because of this, broadband providers know that their success is dependent upon providing and maintaining excellent customer service," USTelecom wrote. While the FCC Notice of Inquiry said that providers should "offer live customer service representative support by phone within a reasonable timeframe," USTelecom's filing touted the customer service abilities of AI chatbots. "AI chat agents will only get better at addressing customers' needs more quickly over time -- and if providers fail to provide the customer service and engagement options that their customers expect and fail to resolve their customers' concerns, they may soon find that the consumer is no longer a customer, having switched to another competitive offering," the lobby group said.

[ Read more of this story ]( https://tech.slashdot.org/story/24/11/26/2013204/isps-say-their-excellent-customer-service-is-why-users-dont-switch-providers?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A group appears to have leaked access to Sora, OpenAI's video generator, in protest of what they're calling duplicity and "art washing" on OpenAI's part. From a report: On Tuesday, the group published a project on the AI dev platform Hugging Face seemingly connected to OpenAI's Sora API, which isn't yet publicly available. Using their authentication tokens -- presumably from an early access system -- the group created a frontend that lets users generate videos with Sora.

[ Read more of this story ]( https://slashdot.org/story/24/11/26/2020220/openais-sora-video-generator-appears-to-have-leaked?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from The Verge: Huawei has announced its new Mate 70 series smartphone lineup, which will be the first offered with the company's new HarmonyOS Next operating system that doesn't rely on Google's Android services and won't run any Android apps, according to a report by Reuters. The four models of the Mate 70 also don't feature any US hardware following a half decade of US sanctions.

The Mate 70, Mate 70 Pro, Mate 70 Pro Plus, and Mate 70 RS will also be offered with Huawei's HarmonyOS 4.3, which first launched in August 2019 as an alternative to Google's Android OS and is still compatible with Android's extensive app library. Users who decide to opt for Huawei's new Android-free HarmonyOS Next will have less choice when it comes to the apps they can install. Huawei says it has "secured more than 15,000 applications for its HarmonyOS ecosystem, with plans to expand to 100,000 apps in the coming months," according to Reuters.

Starting next year, Huawei also says all the new phones and tablets it launches in 2025 will run HarmonyOS Next. [...] Huawei hasn't confirmed what processors are being used in the Mate 70 lineup, but the company has previously used chips made by China's SMIC for last year's Mate 60 series and other smartphones.

[ Read more of this story ]( https://mobile.slashdot.org/story/24/11/26/2029234/huaweis-mate-70-smartphones-will-run-its-new-android-free-os?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Despite significant enterprise AI hype, most job seekers remain unconvinced of its benefits, with 69% doubting its ability to enhance work performance and 62% skeptical it reduces workloads. The findings come from a study conducted by Resume Genius. The Register reports: Consistent with the majority opinion that AI in the workplace has failed to impress, only 34 percent of respondents said they were worried about being replaced by a bot, while just 30 percent think AI will increase competition for jobs or harm salaries. Broken down by generation (Boomers, Gen X, Millennials, and Gen Z job seekers all responded), the results are largely the same, with even Gen Z workers skeptical of the latest "next big thing" in enterprise tech. In short, Resume Genius's findings align with other recent studies suggesting enterprise AI's hype has not lived up to its marketing promises.

[ Read more of this story ]( https://slashdot.org/story/24/11/26/215211/job-seekers-doubt-ais-promised-productivity-gains?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Uber's gig-economy workforce now includes programmers. According to Bloomberg, "The company is expanding beyond its rideshare roots to enter a hot new market: helping other businesses outsource some of their artificial intellgience development to independent contractors." From the report: Its new AI training and data labeling division, called Scaled Solutions, builds on an internal team that tackles large-scale annotation tasks for Uber's rideshare, food delivery and freight units. According to its website, Scaled Solutions has begun serving other companies that also need high-quality datasets. Clients include Aurora Innovation Inc., an Uber-backed firm that makes self-driving software for commercial trucks, and Niantic Inc., the game developer behind Pokemon Go.

Uber's efforts to sell data labeling services have not previously been reported. The move could allow it to gain a piece of a growing market, as global companies rely on humans to vet data to train AI models. Scale AI Inc, which offers similar services, is valued at $14 billion, making it one of the hottest artificial intelligence startups. The rideshare giant has plenty of experience recruiting contractors, as it has done for years with drivers and couriers. Now the company is betting that it can help other businesses by getting enough skilled workers who can label images, text and videos with context for machine learning models to recognize patterns and make accurate predictions and recommendations.

[ Read more of this story ]( https://slashdot.org/story/24/11/26/2121222/ubers-gig-economy-workforce-now-includes-programmers?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The Macquarie Dictionary, the national dictionary of Australia, has picked "enshittification" as its word of the year. Gizmodo reports: The Australians define the word as "the gradual deterioration of a service or product brought about by a reduction in the quality of service provided, especially of an online platform, and as a consequence of profit-seeking." We've all felt this. Google search is filled with garbage. The internet is clogged with SEO-farming websites that clog up results. Facebook is an endless stream of AI-generated slop. Zoom wants you to test out its new AI features while you're trying to go into a meeting. Twitter has become X, and its owner thinks sharing links is a waste of time. Last night I reinstalled Windows 11 on a desktop machine and got pissed as it was finalized and Microsoft kept trying to get me to install OneDrive, Office 360, Call of Duty Black Ops 6, and a bunch of other shit I didn't want. Writer and activist Cory Doctorow coined the term enshittification in 2022, and recently offered potential solutions to the age-old phenomenon in an interview with The Register.

"We need to have prohibition and regulation that prohibits the capital markets from funding predatory pricing," he explained. "It's very hard to enter the market when people are selling things below cost. We need to prohibit predatory acquisitions. Look at Facebook: buying Instagram, and Mark Zuckerberg sending an email saying we're buying Instagram because people don't like Facebook and they're moving to Instagram, and we just don't want them to have anywhere else to go."

[ Read more of this story ]( https://tech.slashdot.org/story/24/11/27/0159221/enshittification-is-officially-the-biggest-word-of-the-year?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from IEEE Spectrum: Virtual- and augmented-reality setups already modify the way users see and hear the world around them. Add in haptic feedback for a sense of touch and a VR version of Smell-O-Vision, and only one major sense remains: taste. To fill the gap, researchers at the City University of Hong Kong have developed a new interface to simulate taste in virtual and other extended reality (XR). The group previously worked on other systems for wearable interfaces, such as haptic and olfactory feedback. To create a more "immersive VR experience," they turned to adding taste sensations, says Yiming Liu, a coauthor of the group's research paper published today in the Proceedings of the National Academy of Sciences.

The lollipop-shaped lickable device can produce nine different flavors: sugar, salt, citric acid, cherry, passion fruit, green tea, milk, durian, and grapefruit. Each flavor is produced by food-grade chemicals embedded in a pocket of agarose gel. When a voltage is applied to the gel, the chemicals are transported to the surface in a liquid that then mixes with saliva on the tongue like a real lollipop. Increase the voltage, and get a stronger flavor. Initially, the researchers tested several methods for simulating taste, including electrostimulating the tongue. The other methods each came with limitations, such as being too bulky or less safe, so the researchers opted for chemical delivery through a process called iontophoresis, which moves chemicals and ions through hydrogels and has a low electrical-power requirement. With a 2-volt maximum, the device is well within the human safety limit of 30 V, which is considered enough to deliver a substantial shock in some situations. Some of the possible applications mentioned by the authors include gustation tests, virtual grocery shopping, and immersive environments for exploring food flavors. However, the current system is limited to one hour of use due to gel depletion and it only supports a handful of flavor channels.

Future development aims to extend operation time, increase flavor complexity, and improve usability, marking the beginning of a new frontier for XR interfaces.

[ Read more of this story ]( https://science.slashdot.org/story/24/11/26/2113204/lollipop-device-brings-taste-to-virtual-reality?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The FCC said it has approved a license for T-Mobile and SpaceX's Starlink to provide supplemental coverage to cover internet dead zones. Reuters reports: The license marks the first time the FCC has authorized a satellite operator collaborating with a wireless carrier to provide supplemental telecommunications coverage from space on some flexible-use spectrum bands allocated to terrestrial service. The partnership aims to extend the reach of wireless networks to remote areas and eliminate "dead zones."

T-Mobile and SpaceX announced a partnership in 2022 and in January the first set of satellites supporting the partnership was launched into low-Earth orbit with SpaceX's Falcon 9 rocket. "The FCC is actively promoting competition in the space economy by supporting more partnerships between terrestrial mobile carriers and satellite operators to deliver on a single network future that will put an end to mobile dead zones," said FCC Chair Jessica Rosenworcel.

[ Read more of this story ]( https://tech.slashdot.org/story/24/11/27/028219/fcc-approves-t-mobile-spacex-license-to-extend-coverage-to-dead-zones?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Qualcomm's interest in acquiring Intel is cooling due to the complexity of the deal, Intel's debt, and regulatory hurdles. However, according to Bloomberg, Qualcomm may still explore acquiring certain divisions of Intel to expand into markets like PCs and networking. Tom's Hardware reports: [T]he proposed acquisition faced significant obstacles, including Intel's $50 billion debt, dropping CPU market share, and its struggling semiconductor manufacturing unit, an area where Qualcomm lacks expertise. A deal of this magnitude would also likely trigger extensive regulatory scrutiny, particularly in China, a key market for both companies.

Intel is undergoing significant restructuring under CEO Pat Gelsinger to reclaim its competitiveness in the semiconductor market in terms of products and process technologies. Still, for now, both Intel and Qualcomm are quite successful standalone companies. While the combination would make a formidable firm (probably facing unprecedented antitrust scrutiny), it does not make much sense for Qualcomm to make such a massive takeover. These factors have collectively made a complete takeover less appealing to Qualcomm. Meanwhile, selling off a part of the company to Qualcomm may not make sense for Intel.

Qualcomm aims to generate $22 billion in annual revenue by 2029 by expanding into markets like personal computers, networking, and automotive chips. Although Cristiano Amon, Qualcomm's chief executive, has stated that his company did not need a major takeover to achieve this goal, the company initiated preliminary discussions with Intel regarding a potential acquisition in September. Yet, it does not look like the deal is going to happen.

[ Read more of this story ]( https://slashdot.org/story/24/11/27/0244214/qualcomm-reportedly-loses-interest-in-intel-takeover?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from TechCrunch: Security researchers have uncovered two previously unknown zero-day vulnerabilities that are being actively exploited by RomCom, a Russian-linked hacking group, to target Firefox browser users and Windows device owners across Europe and North America. RomCom is a cybercrime group that is known to carry out cyberattacks and other digital intrusions for the Russian government. The group -- which was last month linked to a ransomware attack targeting Japanese tech giant Casio -- is also known for its aggressive stance against organizations allied with Ukraine, which Russia invaded in 2014.

Researchers with security firm ESET say they found evidence that RomCom combined use of the two zero-day bugs -- described as such because the software makers had no time to roll out fixes before they were used to hack people -- to create a "zero click" exploit, which allows the hackers to remotely plant malware on a target's computer without any user interaction. "This level of sophistication demonstrates the threat actor's capability and intent to develop stealthy attack methods," ESET researchers Damien Schaeffer and Romain Dumont said in a blog post on Monday. [...] Schaeffer told TechCrunch that the number of potential victims from RomCom's "widespread" hacking campaign ranged from a single victim per country to as many as 250 victims, with the majority of targets based in Europe and North America. Mozilla and the Tor Project quickly patched a Firefox-based vulnerability after being alerted by ESET, with no evidence of Tor Browser exploitation. Meanwhile, Microsoft addressed a Windows vulnerability on November 12 following a report by Google's Threat Analysis Group, indicating potential use in government-backed hacking campaigns.

[ Read more of this story ]( https://it.slashdot.org/story/24/11/27/0228241/russia-linked-hackers-exploited-firefox-windows-bugs-in-widespread-hacking-campaign?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Microsoft has confirmed that Windows 11 24H2 has issues with USB-connected devices that support the Scanner Communication Language (eSCL) protocol. From a report: A compatibility hold has been applied to the hardware. The hold means that hardware connected to a USB device supporting the eSCL protocol will not be offered an upgrade to Windows 11 24H2. Microsoft said: "This issue primarily affects USB-connected multifunction devices or standalone scanners that support scan functionality and the eSCL protocol."

According to Microsoft, the issue lies in device discovery. Install Windows 11 24H2, wait for it to discover USB-connected peripherals, and... nothing. Or as Microsoft put it: "You might observe that your device does not discover the USB-connected peripheral and the device discovery does not complete." The company added: "This issue is caused due to the device not switching out of eSCL mode to USB mode, which allows the scanner drivers to be matched."

[ Read more of this story ]( https://it.slashdot.org/story/24/11/27/135232/microsoft-slaps-windows-11-update-hold-on-hardware-connected-to-escl-devices?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Singapore is positioning itself as a key testing ground for autonomous vehicles, attracting major Chinese firms and establishing unified national guidelines that contrast with fragmented regulations in the U.S. and China.

China's WeRide launched the country's first public autonomous bus service on Sentosa island in June, while multiple companies are deploying self-driving vehicles for logistics and transportation. The controlled rollout aligns with Singapore's strategy to address labor shortages and land constraints.

Singapore topped KPMG's Autonomous Vehicles Readiness Index, with companies citing its political neutrality and stringent safety standards as major draws for testing operations.

[ Read more of this story ]( https://tech.slashdot.org/story/24/11/27/1341237/singapore-emerges-as-key-testing-ground-for-autonomous-vehicles?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Startup Spines plans to publish up to 8,000 books in 2025 using AI, charging authors between $1,200 and $5,000 for editing, design and distribution services. The venture-backed company, which recently secured $16 million in funding, promises to reduce publishing timelines to two to three weeks while allowing authors to retain full royalties.

Co-founder Yehuda Niv describes Spines as a "publishing platform" rather than self-publishing. The announcement has drawn criticism from industry professionals. Independent publisher Canongate condemned the company for automating book production "with the least possible attention, care or craft." The Society of Authors urged writers to exercise caution, citing concerns about AI systems potentially trained on unlicensed content.

[ Read more of this story ]( https://slashdot.org/story/24/11/27/1347207/ai-publishing-startup-plans-to-release-8000-books-next-year?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Nearly 89% of smart device manufacturers fail to disclose how long they will provide software updates for their products, a Federal Trade Commission staff study found this week. The review of 184 connected devices, including hearing aids, security cameras and door locks, revealed that 161 products lacked clear information about software support duration on their websites.

Basic internet searches failed to uncover this information for two-thirds of the devices. "Consumers stand to lose a lot of money if their smart products stop delivering the features they want," said Samuel Levine, Director of the FTC's Bureau of Consumer Protection. The agency warned that manufacturers' failure to provide software update information for warranted products costing over $15 may violate the Magnuson Moss Warranty Act. The FTC also cautioned that companies could violate the FTC Act if they misrepresent product usability periods. The study excluded laptops, personal computers, tablets and automobiles from its review.

[ Read more of this story ]( https://tech.slashdot.org/story/24/11/27/1547232/most-smart-device-makers-fail-to-reveal-software-support-periods-ftc-finds?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.