GitHub will begin charging $0.002 per minute for self-hosted Actions runners used on private repositories starting in March. "At the same time, GitHub noted in a Tuesday blog post that it's lowering the prices of GitHub-hosted runners beginning January 1, under a scheme it calls 'simpler pricing and a better experience for GitHub Actions,'" reports The Register. "Self-hosted runner usage on public repositories will remain free." From the report: Regardless of the public repo distinction, enterprise-scale developers who rely on self-hosted runners were predictably not pleased about the announcement. "Github have just sent out an email announcing a $0.002/minute fee for self-hosted runners," Reddit user markmcw posted on the DevOps subreddit. "Just ran the numbers, and for us, that's close to $3.5k a month extra on our GitHub bill." [...] "Historically, self-hosted runner customers were able to leverage much of GitHub Actions' infrastructure and services at no cost," the repo host said in its blog FAQ. "This meant that the cost of maintaining and evolving these essential services was largely being subsidized by the prices set for GitHub-hosted runners." The move, GitHub said, will align costs more closely with usage. Like many similar changes to pricing models pushed by tech firms, GitHub says "the vast majority of users ... will see no price increase." GitHub claims that 96 percent of its customers will see no change to their bill, and that 85 percent of the 4 percent affected by the pricing update will actually see their Actions costs decrease. The company says the remaining 15 percent of impacted users will face a median increase of about $13 a month. For those using self-hosted runners and worried about increased costs, GitHub has updated its pricing calculator to include the cost of self-hosted runners.

Read more of this story at Slashdot.

Longtime Linux developer Greg Kroah-Hartman announced that the Linux kernel has received its first CVE tied to Rust code. Phoronix reports: This first CVE (CVE-2025-68260) for Rust code in the Linux kernel pertains to the Android Binder rewrite in Rust. There is a race condition that can occur due to some noted unsafe Rust code. That code can lead to memory corruption of the previous/next pointers and in turn cause a crash. This CVE for the possible system crash is for Linux 6.18 and newer since the introduction of the Rust Binder driver. At least though it's just a possible system crash and not any more serious system compromise with remote code execution or other more severe issues.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Google began its transition to Gemini 3 a few weeks ago with the launch of the Pro model, and the arrival of Gemini 3 Flash kicks it into high gear. The new, faster Gemini 3 model is coming to the Gemini app and search, and developers will be able to access it immediately via the Gemini API, Vertex AI, AI Studio, and Antigravity. Google's bigger gen AI model is also picking up steam, with both Gemini 3 Pro and its image component (Nano Banana Pro) expanding in search. This may come as a shock, but Google says Gemini 3 Flash is faster and more capable than its previous base model. As usual, Google has a raft of benchmark numbers that show modest improvements for the new model. It bests the old 2.5 Flash in basic academic and reasoning tests like GPQA Diamond and MMMU Pro (where it even beats 3 Pro). It gets a larger boost in Humanity's Last Exam (HLE), which tests advanced domain-specific knowledge. Gemini 3 Flash has tripled the old models' score in HLE, landing at 33.7 percent without tool use. That's just a few points behind the Gemini 3 Pro model. Gemini 3 Flash has been been significantly improved in terms of factual accuracy, scoring 68.7% on Simple QA Verified, which is up from 28.1% in the previous model. It's also designed as a high-efficiency model that's suitable for real-time and high-volume workloads. According to Google, Gemini 3 Flash is now the default model for AI Mode in Google Search.

Read more of this story at Slashdot.

An anonymous reader shares a report: Browser extensions with more than 8 million installs are harvesting complete and extended conversations from users' AI conversations and selling them for marketing purposes, according to data collected from the Google and Microsoft pages hosting them. Security firm Koi discovered the eight extensions, which as of late Tuesday night remained available in both Google's and Microsoft's extension stores. Seven of them carry "Featured" badges, which are endorsements meant to signal that the companies have determined the extensions meet their quality standards. The free extensions provide functions such as VPN routing to safeguard online privacy and ad blocking for ad-free browsing. All provide assurances that user data remains anonymous and isnâ(TM)t shared for purposes other than their described use.

Read more of this story at Slashdot.

The conventional wisdom that English prose has gotten easier to read because sentences have gotten shorter is wrong, according to a new analysis published in Works in Progress by writer and Mercatus Center research fellow Henry Oliver. The real transformation happened centuries ago in the 1500s and 1600s when Bible translators like William Tyndale and Thomas Cranmer developed a "plain style" built on logical syntax rather than the older rhythmic, periodic structures inherited from medieval prose. Oliver argues that much of what modern datasets measure as declining sentence length is actually just changing punctuation habits. Writers now use periods where earlier generations used colons and semicolons. One dataset shows semicolon usage dropped from one every 90 words in 1781 to one every 390 words today. The cognitive complexity of a paragraph often remains the same regardless of how it's punctuated. Even wildly popular modern books don't follow the "short sentences equal readable" formula. Oliver points to Onyx Storm, the 2025 fantasy novel that has sold tens of millions of copies, which opens with sentences of 24 and 30 words. The 30-word sentence has a subordinate clause twice as long as its main clause. The book reads easily not because sentences are short but because the language is plain and the syntax is logical.

Read more of this story at Slashdot.

FCC Chairman Brendan Carr said in his Wednesday Senate testimony that the agency he governs "is not an independent agency, formally speaking." Axios: During his testimony, the word "independent" was removed from the FCC's mission statement on its website. The extraordinary statement speaks to a broader trend of regulatory agencies losing power to the executive branch during the Trump era. Last week, the Supreme Court appeared poised to allow President Trump to fire members of the Federal Trade Commission during oral arguments over the issue. Sen. Ben Ray LujÃn (D-N.M.) began the line of questioning, citing the FCC's website, which said the agency was independent as of Wednesday morning. By Wednesday afternoon, the FCC's mission statement no longer said it was independent. Chairman Carr would not respond directly to questions about whether he believed the president was his boss. He would not answer whether it's appropriate if the president were to pressure him to go after media companies. He suggested the president has the power to fire him and other FCC commissioners.

Read more of this story at Slashdot.

A comprehensive database built by scientists in Switzerland and Norway has catalogued 16,000 chemicals linked to plastic materials, and the findings paint a troubling picture of what Americans are actually eating when they prepare food in their kitchens. Of those 16,000 chemicals, more than 5,400 are considered hazardous to human health by government and industry standards, while just 161 are classified as not hazardous. The remaining 10,700-plus chemicals simply don't have enough data to determine their safety. The chemicals enter food through multiple pathways. Black plastic utensils and trays often contain brominated flame retardants because they're made from recycled electronic waste. Nonstick pans and compostable plates frequently contain PFAS. One California study found phthalates in three-quarters of tested foods, and a Consumer Reports analysis last year detected BPA or similar chemicals in 79% of foods tested. According to CDC data, more than 90% of Americans have measurable levels of these chemicals in their bodies. A 10-fold increase in maternal levels of brominated flame retardants is associated with a 3.7-point IQ drop in children.

Read more of this story at Slashdot.

Coursera announced on Wednesday that it will acquire rival online learning platform Udemy in an all-stock deal that values the combined company at $2.5 billion, a move that brings together two of the largest U.S.-based players in an industry that has struggled since pandemic-era enrollment highs faded. Under the terms of the agreement, Udemy shareholders will receive 0.8 shares of Coursera for each share they hold, valuing Udemy at roughly $930 million. Based on Coursera's last closing price, the offer works out to $6.35 per Udemy share, an 18.3% premium. The deal is expected to close in the second half of next year, pending regulatory and shareholder approvals. The two companies are betting that a combined platform will be better positioned to pursue corporate customers seeking to retrain workers in artificial intelligence, data science and software development. Coursera has built its business on partnerships with universities and institutions to offer degree programs and professional certificates, while Udemy operates a marketplace where independent instructors sell courses directly to consumers and businesses. Both stocks have significantly underperformed this year. Udemy shares have fallen about 35% and Coursera is down roughly 7%, leaving both trading well below their post-IPO highs as investors remain cautious about competition and pricing pressure in the sector.

Read more of this story at Slashdot.

Google is suing a Chinese-speaking cybercriminal group it says is responsible for a massive wave of scam text messages sent to Americans this year, according to a legal complaint filed Tuesday. From a report: The group, known as Darcula, sells software that allows users to send phishing text messages en masse, impersonating organizations like the IRS or the U.S. Postal Service in scams. The lawsuit is designed to give Google legal standing so U.S. courts will allow it to seize websites the group uses, hampering their operations, a spokesperson said. Darcula is possibly the most prominent name in an emerging, loosely affiliated cybercrime world that creates and sells hacking programs for aspiring scammers to use. Darcula's signature program, called Magic Cat, provides an easy-to-use, intuitive way for cybercriminals without advanced hacking skills to quickly spam millions of phone numbers with links to fake websites impersonating businesses like YouTube's premium service, then steal the credit card numbers victims put in.

Read more of this story at Slashdot.

Meta is informing some users that they will soon be restricted in how many link posts they can share each month, unless they pay for its Meta Verified subscription service. As per the notification message: "Starting December 16, certain Facebook profiles without Meta Verified, including yours, will be limited to sharing links in 2 organic posts per month. Subscribe to Meta Verified to share more links on Facebook, plus get a verified badge and additional benefits to help protect your brand." To be clear, right now this is a limited test, so relatively few Pages are impacted. But understandably, a lot of users are also seeking more information on the change, and whether it could be expanded to all Pages. So, Meta's seeking to boost take-up of Meta Verified, in order to make more money out of its subscription option, which, for business users, costs between $14.99 and $499 per month, depending on which package you choose.

Read more of this story at Slashdot.

Warner Bros Discovery's board spurned Paramount Skydance's $108.4 billion hostile takeover bid on Wednesday, calling the offer "illusory" as it accused the studio giant of misleading shareholders about its financing. From a report: Paramount has been in a race with Netflix to win control of Warner Bros, and with it, its prized film and television studios, HBO Max streaming service and franchises like "Harry Potter." After Warner Bros accepted the streaming giant's offer, Paramount launched a hostile offer to outdo that bid. In a letter to shareholders on Wednesday, the Warner Bros board wrote that Paramount had "consistently misled" Warner Bros shareholders that its $30-per-share cash offer was fully guaranteed, or "backstopped," by the Ellison family, led by billionaire and Oracle co-founder Larry Ellison.

Read more of this story at Slashdot.

OpenAI is in discussions with Amazon about a potential investment and an agreement to use its AI chips, CNBC confirmed on Tuesday. From the report: The details are fluid and still subject to change but the investment could exceed $10 billion, according to a person familiar with the matter who asked not to be named because the talks are confidential. The discussions come after OpenAI completed a restructuring in October and formally outlined the details of its partnership with Microsoft, giving it more freedom to raise capital and partner with companies across the broader AI ecosystem. Microsoft has invested more than $13 billion in OpenAI and backed the company since 2019, but it no longer has a right of first refusal to be OpenAI's compute provider, according to an October release. OpenAI can now also develop some products with third parties. Amazon has invested at least $8 billion into OpenAI rival Anthropic, but the e-commerce giant could be looking to expand its exposure to the booming generative AI market. Microsoft has taken a similar step and announced last month that it will invest up to $5 billion into Anthropic, while Nvidia will invest up to $10 billion in the startup.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: Two of the largest food-delivery app companies have made a last-ditch effort to overturn tipping laws in New York City that go into effect in January just as its next mayor, who has been highly critical of the companies and the app industry, takes office. Tips to delivery workers have plummeted since some food-delivery apps switched to showing the tipping option only after a purchase had been completed; that change came after New York City established the country's first minimum pay-rate for the workers in 2023. The new laws will require the apps to suggest a minimum tip of 10 percent at checkout, though customers can contribute more or less, or nothing at all. Two of the app companies, DoorDash and Uber, filed a joint federal lawsuit in the Southern District of New York late last week targeting the City Council legislation, arguing that the new rules violated the First Amendment by requiring them to "speak a government-mandated message" and exceeded the Council's authority. Although tipping will be optional under the law, the companies wrote in the suit that a "mandated pre-delivery 10 percent tip suggestion" would cause customers to use the app less because they were suffering from "tipping fatigue." "Lessened engagement would result in fewer orders," the suit said.

Read more of this story at Slashdot.

U.S. senators are probing whether Big Tech data centers are driving up local electricity bills by socializing grid upgrade costs onto residents. Some of the tactics they're using include NDAs, shell companies, and lobbying. Ars Technica reports: In letters (PDF) to seven AI firms, Senators Elizabeth Warren (D-Mass.), Chris Van Hollen (D-Md.), and Richard Blumenthal (D-Conn.) cited a study estimating that "electricity prices have increased by as much as 267 percent in the past five years" in "areas located near significant data center activity." Prices increase, senators noted, when utility companies build out extra infrastructure to meet data centers' energy demands -- which can amount to one customer suddenly consuming as much power as an entire city. They also increase when demand for local power outweighs supply. In some cases, residents are blindsided by higher bills, not even realizing a data center project was approved, because tech companies seem intent on dodging backlash and frequently do not allow terms of deals to be publicly disclosed. AI firms "ask public officials to sign non-disclosure agreements (NDAs) preventing them from sharing information with their constituents, operate through what appear to be shell companies to mask the real owner of the data center, and require that landowners sign NDAs as part of the land sale while telling them only that a 'Fortune 100 company' is planning an 'industrial development' seemingly in an attempt to hide the very existence of the data center," senators wrote. States like Virginia with the highest concentration of data centers could see average electricity prices increase by another 25 percent by 2030, senators noted. But price increases aren't limited to the states allegedly striking shady deals with tech companies and greenlighting data center projects, they said. "Interconnected and interstate power grids can lead to a data center built in one state raising costs for residents of a neighboring state," senators reported. Under fire for supposedly only pretending to care about keeping neighbors' costs low were Amazon, Google, Meta, Microsoft, Equinix, Digital Realty, and CoreWeave. Senators accused firms of paying "lip service," claiming that they would do everything in their power to avoid increasing residential electricity costs, while actively lobbying to pass billions in costs on to their neighbors. [...] Particularly problematic, senators emphasized, were reports that tech firms were getting discounts on energy costs as utility companies competed for their business, while prices went up for their neighbors.

Read more of this story at Slashdot.

A new Arctic Report Card recap shows how the Arctic has transformed in just 20 years, warming about twice as fast as the global average and losing most of its oldest sea ice. It's also triggering cascading impacts from "Atlantification" to permafrost-driven "rusting rivers" and more destructive storms. Scientific American reports: The first Arctic Report Card was released by the National Oceanic and Atmospheric Administration in 2006. Since then the region has warmed twice as fast as the global average. About 95 percent of the oldest, thickest sea ice is gone -- "the sliver that remains is collected in an area north of Greenland. Even the central Arctic Ocean is becoming warmer and saltier, causing more ice melt and changing how much heat is released into the atmosphere in a way that affects weather patterns around the world. Those are just some of the stark changes 20 years have wrought. The findings were highlighted in the 2025 Arctic Report Card, released on Tuesday. The Arctic Ocean is undergoing what scientists are calling "Atlantification" -- a process where warm, salty water from the Atlantic flows north, changing how waters of different temperatures and densities are layered in the Arctic, disrupting ecosystems and altering how heat moves from the water to the air. [...] The Arctic is simply becoming wetter, with more precipitation falling as rain instead of snow. June snow cover over the entire Arctic is half of what it was 60 years ago, the report found. Permafrost also continues to thaw, releasing once trapped carbon into the atmosphere and disgorging iron and other elements that have turned rivers and streams orange. These "rusting rivers," found in more than 200 watersheds, are more acidic than normal and have elevated levels of toxic metals that endanger local ecosystems. And as the permafrost thaws, the tundra of the Arctic biome is shrinking, and the boreal forest biome is creeping northward, disrupting ecosystems.

Read more of this story at Slashdot.

As the single-digit Farenheight temperatures creep across the northeast United States, one's mind drifts off to holidays- specifically summer holidays where it isn't so cold that it hurts to breathe.

Luciano M works in Italy, where August 15th is a national holiday, but also August is the traditional time of year for everyone to take off, leaving the country mostly shut down for the month.

A long time ago, Luciano worked for a small company, along with some friends. This was long enough that you didn't rent compute from a cloud provider, but instead ran most of your intranet services off of a private server in your network closet somewhere.

This particular server ran mostly everything: private git hosting, VPN, email, and an internal Jabber server for chat. Given that it ran most services in the company, one might think that they were backing it up regularly- and you'd be right. One might also think that they had some sort of failover setup, and that's where you'd be wrong.

Late August 12th, the hard drive on their server decided it was time to start its own holiday. The main reason everyone noticed when it happened wasn't due to some alert that got triggered, but as mentioned, Luciano was friends with the team, which meant they used the Jabber server to chat with each other about non-work stuff.

Because half the country was already closed for August, getting replacements delivered was a dubious proposition, at best. Especially with the 15th looming, which not only made shipping delays worse, but this particular year was on a Friday, marking a 3-day weekend. Unless they wanted to spend the better part of a week out of commission, they needed to find an alternative.

The only silver lining was that "shipping is delayed" is the kind of problem which can be solved by spending money. By the time it was all said and done, they paid more for shipping than they paid for the drive itself, but the drive arrived by the 14th, and by the end of the day, they had the server back up and running, restored from backup.

And everything was happy, until August 12th, the following year, when the new hard drive decided to die the exact same way as the previous one, and the entire cycle repeated itself.

And on the third year, a hard drive also failed on August 12th. At least, by that point, they were so used to the problem that they kept spare drives in inventory. Eventually, someone upgraded them to a RAID, which at least kept the downtime at a minimum.

Luciano has long since moved on to a new job, but the date of August 12th is his own personal holiday: an unpleasant one.

[Advertisement] Picking up NuGet is easy. Getting good at it takes time. Download our guide to learn the best practice of NuGet for the Enterprise.

An anonymous reader quotes a report from the Wall Street Journal: The alleged perpetrator had improper access to virtually every South Korean adult's personal information: names, phone numbers and even the keycode to enter residential buildings. It was one of the biggest data breaches of recent years and it has sent the company it targeted -- Coupang, South Korea's equivalent of Amazon -- reeling, generating lawsuits, government investigation and calls to toughen penalties against such leaks. The leak went undetected for nearly five months, hitting Coupang's radar on Nov. 18 only after a customer flagged suspicious activity. At first, Coupang, which was founded by a Korean-American entrepreneur, said it had experienced a data "exposure" affecting roughly 4,500 customer accounts. But within days, the e-commerce firm revised the figure: The leak exposed up to roughly 34 million user accounts in South Korea -- a sum representing more than 90% of the country's working-age population. Coupang started calling the incident a "leak" after Korean regulators took issue with the company's prior word choice. "The Whole Nation Is a Victim," read one local news headline. An investigation has found that the alleged perpetrator had once worked in South Korea as a software developer for authentication systems at Coupang, which is known for its blockbuster U.S. initial public offering a few years ago. The suspected leaker is believed to be a Chinese national who has moved back to China and is now on the lam, South Korean officials say. They haven't named the person. Even after leaving the firm roughly a year ago, the suspect secretly held on to an internal authentication key that granted him unfettered access to the personal information of Coupang users, South Korean authorities and lawmakers say. The infiltration, using overseas servers, started on June 24. By using the login credentials, the suspect was able to appear as if he were still a Coupang employee when accessing the company's systems.

Read more of this story at Slashdot.

The EU is moving to soften its planned 2035 ban on internal combustion cars by allowing a small share of low-emission engines. "The less stringent limit would leave room for automakers to continue selling some plug-in hybrids, which have both electric and internal combustion engines and can use the combustion engine to recharge the battery without the need to find a charging station," reports the Associated Press. From the report: The proposal from the EU's executive commission would change provisions of 2023 legislation requiring average emissions in new cars to equal zero, or a 100% reduction from 2021 levels. The new proposal would require a 90% emissions reduction. That means in practical terms that most cars would be battery-only but would leave room for some cars with internal combustion engines. Automakers would have to compensate for the added emissions by using European steel produced by methods that emit less carbon, and through use of climate neutral e-fuels made from renewable electricity and captured carbon dioxide and biofuels made from plants. EU officials say changing the limit will not affect progress toward making the 27-country bloc's economy climate neutral by 2050. That means producing only as much carbon dioxide as can be absorbed by forests and oceans or by abatement methods such as storing it underground. CO2 is the primary greenhouse gas blamed by scientists for climate change.

Read more of this story at Slashdot.

A Reuters investigation found that Meta knowingly tolerated large volumes of scam and illegal ads from China worth billions in revenue. Reuters reports: Though China's authoritarian government bans use of Meta social media by its citizens, Beijing lets Chinese companies advertise to foreign consumers on the globe-spanning platforms. As a result, Meta's advertising business was thriving in China, ultimately reaching over $18 billion in annual sales in 2024, more than a tenth of the company's global revenue. But Meta calculated that about 19% of that money -- more than $3 billion -- was coming from ads for scams, illegal gambling, pornography and other banned content, according to internal Meta documents reviewed by Reuters. The documents are part of a cache of previously unreported material generated over the past four years by teams including Meta's finance, lobbying, engineering and safety divisions. The cache reveals Meta's efforts over that period to understand the scale of abuse on its platforms and the company's reluctance to introduce fixes that could undermine its business and revenues. The documents show that Meta believed China was the country of origin of roughly a quarter of all ads for scams and banned products on Meta's platforms worldwide. Victims ranged from shoppers in Taiwan who purchased bogus health supplements to investors in the United States and Canada who were swindled out of their savings. "We need to make significant investment to reduce growing harm," Meta staffers warned in an internal April 2024 presentation to leaders of its safety operations. To that end, Meta created an anti-fraud team that went beyond previous efforts to monitor scams and other banned activity from China. Using a variety of stepped-up enforcement tools, it slashed the problematic ads by about half during the second half of 2024 -- from 19% to 9% of the total advertising revenue coming from China. Then Meta Chief Executive Mark Zuckerberg weighed in. "As a result of Integrity Strategy pivot and follow-up from Zuck," a late 2024 document notes, the China ads-enforcement team was "asked to pause" its work. Reuters was unable to learn the specifics of the CEO's involvement or what the so-called "Integrity Strategy pivot" entailed. But after Zuckerberg's input, the documents show, Meta disbanded its China-focused anti-scam team. It also lifted a freeze it had introduced on granting new Chinese ad agencies access to its platforms. One document shows that Meta shelved yet other anti-scam measures that internal tests had indicated would be effective. The document didn't detail the specifics of those measures. Meta took these steps even as an outside consultant it hired produced research that warned "Meta's own behavior and policies" were fostering systemic corruption in the Chinese market for ads targeting users in other countries, additional documents show. The upshot: Within a few months of Meta's brief crackdown, a new crop of Chinese advertising agencies was flooding Facebook and Instagram with prohibited ads. By mid-2025, banned ads climbed back to about 16% of Meta's China revenue. Rob Leathern, who was a senior director of product management at Facebook until 2020 and is no longer at the company, said the scale of predatory advertising revealed in the documents represents a major breakdown in consumer protections at the social media giant. "The levels that you're talking about are not defensible," he said of the percentage of abusive ads. "I don't know how anyone could think this is okay."

Read more of this story at Slashdot.

Quilter says its AI designed a complex Linux single-board computer in just one week, booting Debian on first power-up. "Holy crap, it's working," exclaimed one of the engineers. Tom's Hardware reports: LA-based startup Quilter has outlined Project Speedrun, which marks a milestone in computer design by AI. The headlining claims are that Quilter's AI facilitated the design of a new Linux SBC, using 843 parts and dual-PCBs, taking just one week to finish, then successfully booting Debian the first time it was powered up. The Quilter team reckon that the AI-enhanced process it demonstrated could unlock a new generation of computer hardware makers.

Read more of this story at Slashdot.