Simon Willison, commenting on the recent paper from Apple researchers that found state-of-the-art large language models face complete performance collapse beyond certain complexity thresholds: I thought this paper got way more attention than it warranted -- the title "The Illusion of Thinking" captured the attention of the "LLMs are over-hyped junk" crowd. I saw enough well-reasoned rebuttals that I didn't feel it worth digging into.

And now, notable LLM skeptic Gary Marcus has saved me some time by aggregating the best of those rebuttals together in one place!

[...] And therein lies my disagreement. I'm not interested in whether or not LLMs are the "road to AGI". I continue to care only about whether they have useful applications today, once you've understood their limitations.

Reasoning LLMs are a relatively new and interesting twist on the genre. They are demonstrably able to solve a whole bunch of problems that previous LLMs were unable to handle, hence why we've seen a rush of new models from OpenAI and Anthropic and Gemini and DeepSeek and Qwen and Mistral.

They get even more interesting when you combine them with tools.

They're already useful to me today, whether or not they can reliably solve the Tower of Hanoi or River Crossing puzzles.

[ Read more of this story ]( https://slashdot.org/story/25/06/19/165237/reasoning-llms-deliver-value-today-so-agi-hype-doesnt-matter?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Google is using its expansive library of YouTube videos to train its AI models, including Gemini and the Veo 3 video and audio generator, CNBC reported Thursday. From the report: The tech company is turning to its catalog of 20 billion YouTube videos to train these new-age AI tools, according to a person who was not authorized to speak publicly about the matter. Google confirmed to CNBC that it relies on its vault of YouTube videos to train its AI models, but the company said it only uses a subset of its videos for the training and that it honors specific agreements with creators and media companies.

[...] YouTube didn't say how many of the 20 billion videos on its platform or which ones are used for AI training. But given the platform's scale, training on just 1% of the catalog would amount to 2.3 billion minutes of content, which experts say is more than 40 times the training data used by competing AI models.

[ Read more of this story ]( https://tech.slashdot.org/story/25/06/19/1613206/google-is-using-youtube-videos-to-train-its-ai-video-generator?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Hackers have stolen hundreds of millions of dollars from cryptocurrency holders and disrupted major retailers by targeting outsourced call centers used by American corporations to reduce costs, WSJ reported Thursday. The attackers exploit low-paid call center workers through bribes and social engineering to bypass two-factor authentication systems protecting bank accounts and online portals.

Coinbase faces potential losses of $400 million after hackers compromised data belonging to 97,000 customers by bribing call center workers in India with payments of $2,500. The criminals also used malicious tools that exploited vulnerabilities in Chrome browser extensions to collect customer data in bulk.

TaskUs, which handled Coinbase support calls, shut down operations at its Indore, India facility and laid off 226 workers. Retail attacks targeted Marks & Spencer and Harrods with hackers impersonating corporate executives to pressure tech support workers into providing network access. The same technique compromised MGM Resorts systems in 2023. Call center employees typically possess sensitive customer information including account balances and recent transactions that criminals use to masquerade as legitimate company representatives.

[ Read more of this story ]( https://it.slashdot.org/story/25/06/19/1619248/hackers-are-turning-tech-support-into-a-threat?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from Cybernews: Several collections of login credentials reveal one of the largest data breaches in history, totaling a humongous 16 billion exposed login credentials. The data most likely originates from various infostealers. Unnecessarily compiling sensitive information can be as damaging as actively trying to steal it. For example, the Cybernews research team discovered a plethora of supermassive datasets, housing billions upon billions of login credentials. From social media and corporate platforms to VPNs and developer portals, no stone was left unturned.

Our team has been closely monitoring the web since the beginning of the year. So far, they've discovered 30 exposed datasets containing from tens of millions to over 3.5 billion records each. In total, the researchers uncovered an unimaginable 16 billion records. None of the exposed datasets were reported previously, bar one: in late May, Wired magazine reported a security researcher discovering a "mysterious database" with 184 million records. It barely scratches the top 20 of what the team discovered. Most worryingly, researchers claim new massive datasets emerge every few weeks, signaling how prevalent infostealer malware truly is.

"This is not just a leak -- it's a blueprint for mass exploitation. With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing. What's especially concerning is the structure and recency of these datasets -- these aren't just old breaches being recycled. This is fresh, weaponizable intelligence at scale," researchers said. The only silver lining here is that all of the datasets were exposed only briefly: long enough for researchers to uncover them, but not long enough to find who was controlling vast amounts of data. Most of the datasets were temporarily accessible through unsecured Elasticsearch or object storage instances. Key details to be aware of:
- The records include billions of login credentials, often structured as URL, login, and password.
- The datasets include both old and recent breaches, many with cookies, tokens, and metadata, making them especially dangerous for organizations without multi-factor authentication or strong credential practices.
- Exposed services span major platforms like Apple, Google, Facebook, Telegram, GitHub, and even government services.
- The largest dataset alone includes 3.5 billion records, while one associated with the Russian Federation has over 455 million; many dataset names suggest links to malware or specific regions.
- Ownership of the leaked data is unclear, but its potential for phishing, identity theft, and ransomware is severe -- especially since even a
- Basic cyber hygiene -- such as regularly updating strong passwords and scanning for malware -- is currently the best line of defense for users.

[ Read more of this story ]( https://it.slashdot.org/story/25/06/19/2028246/the-16-billion-record-data-breach-that-no-ones-ever-heard-of?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

SpaceX's Starship exploded on its test stand in South Texas ahead of an engine test, marking the fourth loss of a Starship this year. "In three previous test flights, the vehicle came apart or detonated during its flight," notes the Washington Post. No injuries were reported but the incident highlights ongoing technical challenges as SpaceX races to prove Starship's readiness for deep-space travel. From the report: In a post on the social media site X, SpaceX said that the explosion on the test stand, which could be seen for miles, happened at about 11 p.m. Central time. For safety reasons, the company had cleared personnel from around the site, and "all personnel are safe and accounted for," it said. The company is "actively working to safe the test site and the immediate surrounding area in conjunction with local officials," the post continued. "There are no hazards to residents in surrounding communities, and we ask that individuals do not attempt to approach the area while safing operations continue."

Starship comprises two stages -- the Super Heavy booster, which has 33 engines, and the Starship spacecraft itself, which has six. Before Wednesday's explosion, the spacecraft was standing alone on the test stand, and not mounted on top of the booster, when it blew up. The engines are test-fired on the Starship before it's mounted on the booster. SpaceX had been hoping to launch within the coming weeks had the engine test been successful. [...] In a post on X, Musk said that preliminary data pointed to a pressure vessel that failed at the top of the rocket. You can watch a recording of the explosion on YouTube.

SpaceX called the incident a "rapid unscheduled disassembly," which caught the attention of Slashdot reader hambone142. In a story submitted to the Firehose, they commented: "I worked for a major computer company whose power supplies caught on fire. We were instructed to cease saying that and instead say the power supply underwent a 'thermal event.' Gotta love it."

[ Read more of this story ]( https://science.slashdot.org/story/25/06/19/2034234/spacex-starship-explodes-on-test-stand?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Starting mid-July 2025, Microsoft 365 will begin blocking legacy authentication protocols like Remote PowerShell and FrontPage RPC to enhance security under its "Secure by Default" initiative. Admins must now grant explicit consent for third-party app access, which could disrupt workflows but aims to reduce unauthorized data exposure. The Register reports: First in line for the chop is legacy browser authentication to SharePoint and OneDrive using the Remote PowerShell (RPS) protocol. According to Microsoft, legacy authentication protocols like RPS "are vulnerable to brute-force and phishing attacks due to non-modern authentication." The upshot is that attempting to access OneDrive or SharePoint via a browser using legacy authentication will stop working.

Also being blocked is the FrontPage Remote Procedure Call (RPC) protocol. Microsoft FrontPage was a web authoring tool that was discontinued almost two decades ago. However, the protocol for remote web authoring has lived on until now. Describing legacy protocols like RPC as "more susceptible to compromise," Microsoft will block them to prevent their use in Microsoft 365 clients.

Finally, third-party apps will need administrator consent to access files and sites. Microsoft said: "Users allowing third-party apps to access file and site content can lead to overexposure of an organization's content. Requiring admins to consent to this access can help reduce overexposure." "While laudable, shifting consent to the administrator could disrupt some workflows," writes The Register's Richard Speed. "The Microsoft-managed App Consent Policies will be enabled, and users will be unable to consent to third-party applications accessing their files and sites by default. Need consent? A user will need to request an administrator to consent on their behalf."

[ Read more of this story ]( https://it.slashdot.org/story/25/06/19/2046206/microsoft-365-brings-the-shutters-down-on-legacy-protocols?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from the Hollywood Reporter: Bruce Lee, Jackie Chan and Jet Li and a legion of the all-time greats of martial cinema are about to get an AI makeover. In a sign-of-the-times announcement at the Shanghai International Film Festival on Thursday, a collection of Chinese studios revealed that they are turning to AI to re-imagine around 100 classics of the genre. Lee's classic Fist of Fury (1972), Chan's breakthrough Drunken Master (1978) and the Tsui Hark-directed epic Once Upon a Time in China (1991), which turned Li into a bone fide movie star, are among the features poised for the treatment, as part of the "Kung Fu Movie Heritage Project 100 Classics AI Revitalization Project."

There will also be a digital reworking of the John Woo classic A Better Tomorrow (1986) that, by the looks of the trailer, turns the money-burning anti-hero originally played by Chow Yun-fat into a cyberpunk, and is being claimed as "the world's first full-process, AI-produced animated feature film." The big guns of the Chinese industry were out in force on the sidelines of the 27th Shanghai International Film Festival to make the announcements, too. They were led by Zhang Pimin, chairman of the China Film Foundation, who said AI work on these "aesthetic historical treasures" would give them a new look that "conforms to contemporary film viewing." "It is not only film heritage, but also a brave exploration of the innovative development of film art," Zhang said.

Tian Ming, chairman of project partners Shanghai Canxing Culture and Media, meanwhile, promised the work -- expected to include upgrades in image and sound as well as overall production levels -- while preserving the storytelling and aesthetic of the originals -- would both "pay tribute to the original work" and "reshape the visual aesthetics." "We sincerely invite the world's top AI animation companies to jointly start a film revolution that subverts tradition," said Tian, who announced a fund of 100 million yuan ($13.9 million) would be implemented to kick-start the work.

[ Read more of this story ]( https://entertainment.slashdot.org/story/25/06/19/2050243/chinese-studios-plan-ai-powered-remakes-of-kung-fu-classics?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Publishers face an existential threat in the AI era and need to take action to make sure they are fairly compensated for their content, Cloudflare CEO Matthew Prince told Axios at an event in Cannes on Thursday. From a report: Search traffic referrals have plummeted as people increasingly rely on AI summaries to answer their queries, forcing many publishers to reevaluate their business models. Ten years ago, Google crawled two pages for every visitor it sent a publisher, per Prince.

He said that six months ago:
For Google that ratio was 6:1
For OpenAI, it was 250:1
For Anthropic, it was 6,000:1

Now:

For Google, it's 18:1
For OpenAI, it's 1,500:1
For Anthropic, it's 60,000:1

Between the lines: "People aren't following the footnotes," Prince said.

[ Read more of this story ]( https://slashdot.org/story/25/06/19/213255/publishers-facing-existential-threat-from-ai-cloudflare-ceo-says?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.