An anonymous reader quotes a report from CNBC: Microsoft said Wednesday that it broke down the Lumma Stealer malware project with the help of law enforcement officials across the globe. The tech giant said in a blog post that its digital crimes unit discovered more than 394,000 Windows computers were infected by the Lumma malware worldwide between March 16 through May 16. The Lumma malware was a favorite hacking tool used by bad actors, Microsoft said in the post. Hackers used the malware to steal passwords, credit cards, bank accounts and cryptocurrency wallets. Microsoft said its digital crimes unit was able to dismantle the web domains underpinning Lumma's infrastructure with the help of a court order from the U.S. District Court for the Northern District of Georgia. The U.S. Department of Justice then took control of Lumma's "central command structure" and squashed the online marketplaces where bad actors purchased the malware. The cybercrime control center of Japan "facilitated the suspension of locally based Lumma infrastructure," the blog post said. "Working with law enforcement and industry partners, we have severed communications between the malicious tool and victims," Microsoft said in the post. "Moreover, more than 1,300 domains seized by or transferred to Microsoft, including 300 domains actioned by law enforcement with the support of Europol, will be redirected to Microsoft sinkholes." Cloudflare, Bitsight and Lumen also helped break down the Lumma malware ecosystem.

Read more of this story at Slashdot.

New analysis by MIT Technology Review reveals AI's rapidly growing energy demands, with data centers expected to triple their share of US electricity consumption from 4.4% to 12% by 2028. According to Lawrence Berkeley National Laboratory projections, AI alone could soon consume electricity equivalent to 22% of all US households annually, driven primarily by inference operations that represent 80-90% of AI's computing power. The carbon intensity of electricity used by data centers is 48% higher than the US average, researchers found, as facilities increasingly turn to dirtier energy sources like natural gas to meet immediate needs. Tech giants are racing to secure unprecedented energy resources: OpenAI and President Trump announced a $500 billion Stargate initiative, Apple plans to spend $500 billion on manufacturing and data centers, and Google expects to invest $75 billion in AI infrastructure in 2025 alone. Despite their massive energy ambitions, leading AI companies remain largely silent about their per-query energy consumption, leaving researchers struggling to assemble what one expert called "a total black box."

Read more of this story at Slashdot.

The U.S. trade deficit persists due to fundamental macroeconomic imbalances rather than just export shortfalls, according to Federal Reserve Bank of New York economist Thomas Klitgaard. His analysis shows the deficit reflects a persistent gap between domestic saving and investment spending, with the U.S. borrowing from foreign sources to fund domestic investment when savings fall short. This macroeconomic reality means targeting specific trade categories won't resolve the overall imbalance -- even when the petroleum deficit disappeared by 2019 due to increased domestic production, the total trade deficit grew to $441 billion, consistent with a widening saving gap. Bureau of Economic Analysis data reveals household saving has remained below pre-pandemic levels as consumers spend down accumulated savings from 2020-21, while business saving has remained relatively stable. Reducing the deficit would require significant macroeconomic adjustments, including higher domestic saving or reduced investment spending, which studies indicate would likely cause economic pain as demonstrated during the 2008 recession.

Read more of this story at Slashdot.

Sam Altman, OpenAI's chief executive, said Wednesday his firm was paying $6.5 billion to buy io, a one-year-old start-up created by Jony Ive, a former top Apple executive who designed the iPhone. From a report: The deal, which effectively unites Silicon Valley royalty, is intended to usher in what the two men call "a new family of products" for the age of artificial general intelligence, or A.G.I., which is shorthand for a future technology that achieves human-level intelligence. The deal, which is OpenAI's biggest acquisition, will bring in Mr. Ive and his team of roughly 55 engineers, designers and researchers. They will assume creative and design responsibilities across OpenAI and build hardware that helps people better interact with the technology. In a joint interview, Mr. Ive and Mr. Altman declined to say what such devices could look like and how they might work, but they said they hoped to share details next year. Mr. Ive, 58, framed the ambitions as galactic, with the aim of creating "amazing products that elevate humanity."

Read more of this story at Slashdot.

Microsoft is introducing a new "Cross Device Resume" feature for Windows 11, enabling app developers to let users seamlessly continue activity between devices in a manner closely mirroring Apple's Handoff for Macs and iPhones. Unveiled at Build 2025 during a session titled "Create Seamless Cross-Device Experiences with Windows for your app," the feature was demonstrated -- before the session was quietly edited to remove this segment -- by showing Spotify playing a song on an Android phone, then surfacing the Spotify app in the Windows taskbar with a phone icon; clicking this launches Spotify on the PC at precisely the same point in the app as on the phone, preserving playback position for uninterrupted use.

Read more of this story at Slashdot.

An anonymous reader shares a report: Meta is expanding the ranks of its lowest-rated employees in mid-year performance reviews, a move that could lead to more performance-based cuts. Meta is telling managers to put more employees in "Below Expectations", the lowest performance bucket during this year's mid-year performance reviews, according to a memo shared on Meta's internal forum on May 14, which was viewed by Business Insider. For teams of 150 or more, Meta wants managers to put 15-20% of employees in the bottom bucket compared to 12-15% last year. The expanded range includes employees who have already left the company as part of "non-regrettable attrition", Meta's term for staff considered non-critical to operations, including those who resigned or were dismissed for underperformance. The mid-year performance review process is "an opportunity to make exit decisions", according to the memo. It added that "there will be no company-wide performance terminations, unlike earlier this year," and leaders are expected to manage the performance of their reports.

Read more of this story at Slashdot.

Google co-founder Sergey Brin candidly addressed the failure of Google Glass during an unscheduled appearance at Tuesday's Google I/O conference, where the company announced a new smart glasses partnership with Warby Parker. "I definitely feel like I made a lot of mistakes with Google Glass, I'll be honest," Brin said. He noted several key issues that doomed the $1,500 device launched in 2013, including a conspicuous front-facing camera that sparked privacy concerns. "Now it looks like normal glasses without that thing in front," Brin said of the new design. He also blamed the "technology gap" that existed a decade ago and his own inexperience with supply chains that prevented pricing the original Glass competitively.

Read more of this story at Slashdot.

Amazon customers are suddenly getting refunds for products they purchased and returned as far back as 2018, along with apologies from the online retailer after it discovered "unresolved" issues. From a report: The precise scope of the refunds issued isn't clear but executives hinted it may be hundreds of millions of dollars. Chief Financial Officer Brian Olsavsky, speaking on a conference call after the company released earnings May 1, said Amazon took a one-time charge of approximately $1.1 billion in the first quarter related in part to "some historical customer returns" that were unresolved. The charge was also attributable to the cost of stockpiling inventory in anticipation of tariffs.

Read more of this story at Slashdot.

Microsoft has officially cited Apple's App Store policies as the roadblock preventing its Xbox mobile store launch promised for July 2024. In an amicus brief supporting Epic Games filed this week, Microsoft alleged that Apple's "anti-steering policies" have "stymied" its mobile store ambitions despite a court injunction allowing developers to advertise alternative payment methods. The brief challenges Apple's attempt to overturn this crucial ruling, which enabled Fortnite's App Store return with external payment links. Microsoft argues that launching its store under threat of Apple potentially winning a temporary stay creates significant business risk. The restrictions also impact Microsoft's Xbox mobile app functionality.

Read more of this story at Slashdot.

An anonymous reader quotes a report from PCWorld: Microsoft famously brought its Copilot AI to the Edge browser in Windows. Now Google is doing the same with Chrome. In a list of announcements that spanned dozens of pages, Google allocated just a single line to the announcement: "Gemini is coming to Chrome, so you can ask questions while browsing the web." Google later clarified what Gemini on Chrome can do: "This first version allows you to easily ask Gemini to clarify complex information on any webpage you're reading or summarize information," the company said in a blog post. "In the future, Gemini will be able to work across multiple tabs and navigate websites on your behalf." Other examples of what Gemini can do involves coming up with personal quizzes based on material in the Web page, or altering what the page suggests, like a recipe. In the future, Google plans to allow Gemini in Chrome to work on multiple tabs, navigate within Web sites, and automate tasks. Google said that you'll be able to either talk or type commands to Gemini. To access it, you can use the Alt+G shortcut in Windows. [...] You'll see Gemini appear in Chrome as early as this week, Google executives said -- on May 21, a representative clarified. However, you'll need to be a Gemini subscriber to take advantage of its features, a requirement that Microsoft does not apply with Copilot for Edge. Otherwise, Google will let those who participate in the Google Chrome Beta, Dev, and Canary programs test it out.

Read more of this story at Slashdot.

Starfish Space plans to perform the first commercial satellite docking in orbit with its Otter Pup 2 mission, aiming to connect to an unprepared D-Orbit ION spacecraft using an electrostatic capture mechanism and autonomous navigation software. NASASpaceFlight.com reports: This follows the company's first attempt, which saw the Otter Pup 1 mission unable to dock with its target due to a thruster failure. The Otter Pup 2 spacecraft will be deployed from a quarter plate on the upper stage adapter of the SpaceX Falcon 9 rocket, placing it into a sun synchronous orbit altitude of 510 km inclined 97.4 degrees. The target will be a D-Orbit ION spacecraft which will simulate a client payload, which is not equipped with a traditional docking adapter or capture plate as you might see aboard a space station or other rendezvous target. Instead, Starfish Space's Nautilus capture mechanism will feature a special end effector connected to the end of the capture mechanism. This end effector will enable Otter Pup 2 to dock with the ION through electrostatic adhesion. "An electromagnet will be integrated into the end effector and will be used as a backup option to the electrostatic end effector, to dock with the ION through magnetic attraction," the company notes. The goal is to eventually commission its Otter satellite servicing vehicle to allow for servicing of previously launched satellites. The company's first Otter missions include customers such as NASA, the U.S. Space Force, and Intelsat, with the goal of flying those missions as soon as 2026. [...] Following the thruster issues on the first mission, this flight will feature two ThrustMe thrusters, which use an electric propulsion system based on gridded ion thruster technology.

Read more of this story at Slashdot.

A new study reveals that about 3.8 million years after the solar system's first solids formed, Jupiter was twice its current size with a magnetic field 50 times stronger, profoundly influencing the structure of the early solar system. Phys.Org reports: [Konstantin Batygin, professor of planetary science at Caltech] and [Fred C. Adams, professor of physics and astronomy at the University of Michigan] approached this question by studying Jupiter's tiny moons Amalthea and Thebe, which orbit even closer to Jupiter than Io, the smallest and nearest of the planet's four large Galilean moons. Because Amalthea and Thebe have slightly tilted orbits, Batygin and Adams analyzed these small orbital discrepancies to calculate Jupiter's original size: approximately twice its current radius, with a predicted volume that is the equivalent of over 2,000 Earths. The researchers also determined that Jupiter's magnetic field at that time was approximately 50 times stronger than it is today. Adams highlights the remarkable imprint the past has left on today's solar system: "It's astonishing that even after 4.5 billion years, enough clues remain to let us reconstruct Jupiter's physical state at the dawn of its existence." Importantly, these insights were achieved through independent constraints that bypass traditional uncertainties in planetary formation models -- which often rely on assumptions about gas opacity, accretion rate, or the mass of the heavy element core. Instead, the team focused on the orbital dynamics of Jupiter's moons and the conservation of the planet's angular momentum -- quantities that are directly measurable. Their analysis establishes a clear snapshot of Jupiter at the moment the surrounding solar nebula evaporated, a pivotal transition point when the building materials for planet formation disappeared and the primordial architecture of the solar system was locked in. The results add crucial details to existing planet formation theories, which suggest that Jupiter and other giant planets around other stars formed via core accretion, a process by which a rocky and icy core rapidly gathers gas. The findings have been published in the journal Nature Astronomy.

Read more of this story at Slashdot.

Fortnite has returned to Apple's App Store in the United States after a nearly five-year absence, marking a significant victory for Epic Games in its protracted legal battle against Apple's App Store policies. The return follows an April 30 ruling where a federal judge determined Apple violated a court order requiring the company to allow greater competition for app downloads and payment methods, referring Apple to federal prosecutors for a criminal contempt investigation. Epic CEO Tim Sweeney celebrated on X with a simple "We back fam" message. The game, which had 116 million users on Apple's platform before its 2020 removal, was banned after Epic challenged Apple's practice of charging up to 30% commission on in-app payments as anticompetitive.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Honda said on Tuesday that it was scaling back its investment in electric vehicles given slowing demand and would be focusing on hybrids, now far more in favor, with a slew of revamped models. Japan's second-biggest automaker after Toyota also dropped a target for EV sales to account for 30% of its sales by the 2030 financial year. "It's really hard to read the market, but at the moment we see EVs accounting for about a fifth by then," CEO Toshihiro Mibe told a press conference. Honda has slashed its planned investment in electrification and software by that year by 30% to 7 trillion yen ($48.4 billion). It's one of a number of global car brands dialing back EV investment due to the shift in demand in favor of hybrids and as governments around the world ease timelines to meet emission rules and EV sales targets. Honda plans to launch 13 next-generation hybrid models globally in the four years from 2027. At the moment it sells more than a dozen hybrid models worldwide, though just three in the U.S. -- the Civic, which comes in hatchback and sedan versions, the Accord and the CR-V. It will also develop a hybrid system for large-size models that it plans to launch in the second half of the decade. The automaker is aiming to sell 2.2 million to 2.3 million hybrid vehicles by 2030, a huge jump from 868,000 sold last year. That also compares with a total of 3.8 million vehicles sold overall last year. Earlier this month, Honda announced it had put on hold for about two years a $10.7 billion plan to build an EV production base in Ontario, Canada, due to slowing demand for electric cars. Honda said, however, that it still plans to have battery-powered and fuel-cell vehicles make up all of its new car sales by 2040.

Read more of this story at Slashdot.

A Massachusetts man has agreed to plead guilty to hacking into one of the top education tech companies in the United States and stealing tens of millions of schoolchildren's personal information for profit. From a report: Matthew Lane, 19, of Worcester County, Massachusetts, signed a plea agreement related to charges connected to a major hack on an educational technology company last year, as well as another company, according to court documents published Tuesday. While the documents refer to the education company only as "Victim-2" and the U.S. attorney's office declined to name the victim, a person familiar with the matter told NBC News that it is PowerSchool. The hack of PowerSchool last year is believed to be the largest breach of American children's sensitive data to date. According to his plea agreement, Lane admitted obtaining information from a protected computer and aggravated identity theft and agreed not to challenge a prison sentence shorter than nine years and four months. He got access simply by trying an employee's stolen username and password combination, the complaint says, echoing a private third-party assessment of the incident previously reported by NBC News.

Read more of this story at Slashdot.

A new virtual machine manager called Karton is being developed specifically for the KDE Plasma desktop, aiming to offer a seamless, Qt-native alternative to GNOME-centric tools like GNOME Boxes. Spearheaded by University of Waterloo student Derek Lin as part of Google Summer of Code 2025, Karton uses libvirt and Qt Quick to build a user-friendly, fully integrated VM experience, with features like a custom SPICE viewer, snapshot support, and a mobile-friendly UI expected by September 2025. Neowin reports: To feel right at home in KDE, Karton is being built with Qt Quick and Kirigami. It uses the libvirt API to handle virtual machines and could eventually work across different platforms. Right now, development is focused on getting the core parts in place. Lin is working on a new domain installer that ditches direct virt-install calls in favor of libosinfo, which helps detect OS images and generate the right libvirt XML for setting up virtual machines more precisely. He's still refining device configuration and working on broader hypervisor support. Another key part of the work is building a custom SPICE viewer using Qt Quick from scratch: If you're curious, here's the list of specific deliverables Lin included in his GSoC proposal, though he notes the proposal itself is a bit outdated [...]. For those interested in the timeline, Lin's GSoC proposal says the official GSoC coding starts June 2, 2025. The goal is to have a working app ready by the midterm evaluation around July 14, 2025, with the final submission due September 1, 2025. You can learn more via KDE.org.

Read more of this story at Slashdot.

KrebsOnSecurity was hit with a near-record 6.3 Tbps DDoS attack, believed to be a test of the powerful new Aisuru IoT botnet. The attack, lasting under a minute, was the largest Google has ever mitigated and is linked to a DDoS-for-hire operation run by a 21-year-old Brazilian known as "Forky." Brian Krebs writes: [Google Security Engineer Damian Menscher] said the attack on KrebsOnSecurity lasted less than a minute, hurling large UDP data packets at random ports at a rate of approximately 585 million data packets per second. "It was the type of attack normally designed to overwhelm network links," Menscher said, referring to the throughput connections between and among various Internet service providers (ISPs). "For most companies, this size of attack would kill them." [...] The 6.3 Tbps attack last week caused no visible disruption to this site, in part because it was so brief -- lasting approximately 45 seconds. DDoS attacks of such magnitude and brevity typically are produced when botnet operators wish to test or demonstrate their firepower for the benefit of potential buyers. Indeed, Google's Menscher said it is likely that both the May 12 attack and the slightly larger 6.5 Tbps attack against Cloudflare last month were simply tests of the same botnet's capabilities. In many ways, the threat posed by the Aisuru/Airashi botnet is reminiscent of Mirai, an innovative IoT malware strain that emerged in the summer of 2016 and successfully out-competed virtually all other IoT malware strains in existence at the time.

Read more of this story at Slashdot.

Spain has ordered Airbnb to remove over 65,000 listings that violate rental regulations, citing missing license numbers and unclear ownership details. The crackdown is part of a broader government effort to address the country's housing crisis, which many blame on unregulated short-term rentals reducing long-term housing supply. Reuters reports: Most of the Airbnb listings to be blocked do not include their licence number, while others do not specify whether the owner was an individual or a corporation, the Consumer Rights Ministry said in a statement on Monday. Consumer Rights Minister Pablo Bustinduy said his goal was to end the general "lack of control" and "illegality" in the holiday rental business. "No more excuses. Enough with protecting those who make a business out of the right to housing in our country," he told reporters. Bustinduy said Madrid's high court is backing the request to withdraw as many as 5,800 listings. Airbnb will appeal the decision, a spokesperson said on Monday. The company believes the ministry does not have the authority to make rulings over short-term rentals and failed to provide an evidence-based list of non-compliant accommodation. Some of the incriminated listings are non-touristic seasonal ones, the spokesperson said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Decrypt: The founder of online news publication TechCrunch has claimed that Coinbase's recent data breach "will lead to people dying," amid a wave of kidnap attempts targeting high-net-worth crypto holders. TechCrunch founder and venture capitalist Michael Arrington added that this should be a point of reflection for regulators to re-think the importance of know-your-customer (KYC), a process that requires users to confirm their identity to a platform. He also called for prison time for executives that fail to "adequately protect" customer information. "This hack -- which includes home addresses and account balances -- will lead to people dying. It probably has already," he tweeted. "The human cost, denominated in misery, is much larger than the $400 million or so they think it will actually cost the company to reimburse people." [...] He believes that people are in immediate physical danger following the breach, which exposed data including names, addresses, phone numbers, emails, government-ID images, and more. Arrington believes that in the wake of these attacks, crypto companies that handle user data need to be much more careful than they currently are. "Combining these KYC laws with corporate profit maximization and lax laws on penalties for hacks like these means these issues will continue to happen," he tweeted. "Both governments and corporations need to step up to stop this. As I said, the cost can only be measured in human suffering." Former Coinbase chief technology officer Balaji Srinivasan pushed back on Arrington's position that executives should be punished, arguing that regulators are forcing KYC onto unwilling companies. "When enough people die, the laws may change," Arrington hit back.

Read more of this story at Slashdot.

Google on Tuesday unveiled Veo 3, an AI video generator that includes synchronized audio -- such as dialogue and animal sounds -- setting it apart from rivals like OpenAI's Sora. The company also launched Imagen 4 for high-quality image generation, Flow for cinematic video creation, and made updates to its Veo 2 and Lyria 2 tools. CNBC reports: "Veo 3 excels from text and image prompting to real-world physics and accurate lip syncing," Eli Collins, Google DeepMind product vice president, said in a blog Tuesday. The video-audio AI tool is available Tuesday to U.S. subscribers of Google's new $249.99 per month Ultra subscription plan, which is geared toward hardcore AI enthusiasts. Veo 3 will also be available for users of Google's Vertex AI enterprise platform. Google also announced Imagen 4, its latest image-generation tool, which the company said produces higher-quality images through user prompts. Additionally, Google unveiled Flow, a new filmmaking tool that allows users to create cinematic videos by describing locations, shots and style preferences. Users can access the tool through Gemini, Whisk, Vertex AI and Workspace.

Read more of this story at Slashdot.