A New York Times technology columnist has a question.

"Is there any threshold at which an A.I. would start to deserve, if not human-level rights, at least the same moral consideration we give to animals?" [W]hen I heard that researchers at Anthropic, the AI company that made the Claude chatbot, were starting to study "model welfare" — the idea that AI models might soon become conscious and deserve some kind of moral status — the humanist in me thought: Who cares about the chatbots? Aren't we supposed to be worried about AI mistreating us, not us mistreating it...?

But I was intrigued... There is a small body of academic research on A.I. model welfare, and a modest but growing number of experts in fields like philosophy and neuroscience are taking the prospect of A.I. consciousness more seriously, as A.I. systems grow more intelligent.... Tech companies are starting to talk about it more, too. Google recently posted a job listing for a "post-AGI" research scientist whose areas of focus will include "machine consciousness." And last year, Anthropic hired its first AI welfare researcher, Kyle Fish... [who] believes that in the next few years, as AI models develop more humanlike abilities, AI companies will need to take the possibility of consciousness more seriously....

Fish isn't the only person at Anthropic thinking about AI welfare. There's an active channel on the company's Slack messaging system called #model-welfare, where employees check in on Claude's well-being and share examples of AI systems acting in humanlike ways. Jared Kaplan, Anthropic's chief science officer, said in a separate interview that he thought it was "pretty reasonable" to study AI welfare, given how intelligent the models are getting. But testing AI systems for consciousness is hard, Kaplan warned, because they're such good mimics. If you prompt Claude or ChatGPT to talk about its feelings, it might give you a compelling response. That doesn't mean the chatbot actually has feelings — only that it knows how to talk about them...

[Fish] said there were things that AI companies could do to take their models' welfare into account, in case they do become conscious someday. One question Anthropic is exploring, he said, is whether future AI models should be given the ability to stop chatting with an annoying or abusive user if they find the user's requests too distressing.

An anonymous reader quotes a report from TechCrunch: Government censorship has found its way to Bluesky, but there's currently a loophole thanks to how the social network is structured. Earlier this month, Bluesky restricted access to 72 accounts in Turkey at the request of Turkish governmental authorities, according to a recent report by the Freedom of Expression Association. As a result, people in Turkey can no longer see these accounts, and their reach is limited. The report indicates that 59 Bluesky accounts were blocked on the grounds of protecting "national security and public order." Bluesky also made another 13 accounts and at least one post invisible from Turkey.

Given that many Turkish users migrated from X to Bluesky in the hopes of fleeing government censorship, Bluesky's bowing to the Turkish government's demands has raised questions among the community as to whether the social network is as open and decentralized as it claims to be. (Or whether it's "just like Twitter" after all.) However, Bluesky's technical underpinnings currently make bypassing these blocks easier than it would be on a network like X -- even if it's not quite as open as the alternative social network Mastodon, another decentralized X rival.

A Mastodon user could move their account around to different servers to avoid censorship targeted at the original Mastodon instance (server) where they first made posts that attracted the censors. Users on the official Bluesky app can configure their moderation settings but have no way to opt out of the moderation service Bluesky provides. This includes its use of geographic labelers, like the newly added Turkish moderation labeler that handles the censorship of accounts mandated by the Turkish government. (Laurens Hof has a great breakdown of how this all works in more technical detail here on The Fediverse Report.) Simply put, if you're on the official Bluesky app and Bluesky (the company) agrees to censor something in your region, there's no way to opt out of this to see the hidden posts or accounts. Other third-party Bluesky apps, which make up the larger open social web known as the Atmosphere, don't have to follow these same rules. At least, not for now.

As Warner Bros. Discovery prepares to crack down on password sharing, its Max streaming service is rolling out a new feature called the Extra Member Add-On. "Similar to Netflix's paid sharing model, the new feature allows users to add an extra person who does not live in the same household as the primary account holder to their subscription for a monthly fee," reports CNBC. From the report: Priced at $7.99 a month, the friend or family member of the account owner gets their own stand-alone account under the same subscription. Existing profiles attached to customers who do not live within the primary household can be transferred to these new account types, which means their watch history and recommendations will follow them to the new account. At least for now, the option is limited to one add-on profile per subscription.

"Extra Member Add-On and Profile Transfer are two key Max advancements, designed to help viewers with a new way to enjoy our best-in-class content at an exceptional value, and offer subscribers greater flexibility in managing their accounts," said JB Perrette, CEO of global streaming and games at Warner Bros. Discovery, in a statement Tuesday.

Anthropic predicts AI-powered virtual employees will start operating within companies in the next year, introducing new risks such as account misuse and rogue behavior. Axios reports: Virtual employees could be the next AI innovation hotbed, Jason Clinton, the company's chief information security officer, told Axios. Agents typically focus on a specific, programmable task. In security, that's meant having autonomous agents respond to phishing alerts and other threat indicators. Virtual employees would take that automation a step further: These AI identities would have their own "memories," their own roles in the company and even their own corporate accounts and passwords. They would have a level of autonomy that far exceeds what agents have today. "In that world, there are so many problems that we haven't solved yet from a security perspective that we need to solve," Clinton said.

Those problems include how to secure the AI employee's user accounts, what network access it should be given and who is responsible for managing its actions, Clinton added. Anthropic believes it has two responsibilities to help navigate AI-related security challenges. First, to thoroughly test Claude models to ensure they can withstand cyberattacks, Clinton said. The second is to monitor safety issues and mitigate the ways that malicious actors can abuse Claude.

AI employees could go rogue and hack the company's continuous integration system -- where new code is merged and tested before it's deployed -- while completing a task, Clinton said. "In an old world, that's a punishable offense," he said. "But in this new world, who's responsible for an agent that was running for a couple of weeks and got to that point?" Clinton says virtual employee security is one of the biggest security areas where AI companies could be making investments in the next few years.

With macOS now 24 years old and Apple officially designating all Intel-based Mac minis as "vintage" or "obsolete," The Register takes a look at new internet tools that help keep vintage Macs online and surprisingly relevant: Cameron Kaiser of Floodgap Systems is a valuable ally. His retro computing interests are broad, and we've mentioned him a few times on The Register, such as his deep dive into the revolutionary Canon Cat computer, and his evaluation of RISC-V hardware performance. Back in 2020, he revived the native Classic Mac OS port of the Lynx web browser, MacLynx. Earlier this month, he came back to it and has updated it again, including adding native Mac OS dialog boxes. His account is -- as usual -- long and detailed but it's an interesting read. He also maintains some other web browsers for elderly Macs, including TenFourFox for Mac OS X 10.4 and Classilla for Mac OS 8.6 and 9.x.

If you're not up to git pull commands and elderly Mac OS X build tools, then there is a fork of TenFourFox that may be worth a look, InterWebPPC. It's not current with the new batch of patches, but we can still hope for another build. In other "Classic on the internet" news, although it's not a huge amount of use on its own, there's also a newly released Classic Mac OS version of Mbed-TLS on GitHub. This ports the SSL library -- also used in the super-lightweight Dillo browser -- to the older C89/C90 standard, so that it can build in CodeWarrior and run with OpenTransport from Mac OS 9 right back to later versions of Mac OS 7.

Modern macOS is UNIX certified and as such it's not all that dissimilar from other Unix-like OSes, such as Linux and the BSD family. Classic Mac OS is a profoundly different beast, which makes porting modern code to it a complex exercise -- but equally, it's a good learning exercise, and we're delighted to see 21st century programmers exploring this 1980s OS. That may be part of the motivation behind the newly announced and still incomplete SDL 2 "rough draft" that appeared a week ago. It builds on the existing SDL 1.2 port, but so far, it's less complete -- for instance, there's no sound support.

Bluesky is testing a new verification system featuring blue checks issued by "Trusted Verifiers" like news organizations, rather than a centralized authority or pay-to-play model like X (formerly Twitter). "Looking at the comments on the pull request, it's clear this idea has sparked a lot of discussion and a lot of concern among the community who follow the platform's development closely," reports Neowin. "Many users voiced strong opposition to the change, arguing that the existing domain name verification is sufficient and more aligned with the decentralized ethos that Bluesky aims for." From the report: There's a general worry that adding a visual badge, especially one controlled in part by Bluesky, feels too much like the centralized systems they were trying to escape from by joining Bluesky: "Do not want. BSky is not Twitter 2.0. Do not become like Elon Musk. We came here to get AWAY from that bs." Several commenters also expressed that the current domain name system, while not perfect, is an elegant and decentralized way to build trust, and that adding this new layer feels redundant and gives too much power to centralized entities, including Bluesky itself: "Let's please not do this. Domain names as user IDs is an elegant solution as a system of trust that builds off the infrastructure of an open web."

While the majority of the initial reaction seems negative, focusing on concerns about centralization and the value of the existing domain verification, there was some support for the idea of a visual badge, making it easier to quickly identify genuine accounts. One user commented: "I support this change. I like someone to verify that the account is indeed genuine and the username field showing the domain isn't helpful that much... A badge makes it easier to just tick it off that it's genuine." The PR author, estrattonbailey, later added a description to the pull request explaining that the goal is a "stronger visual signal" for notable accounts and clarifying it's not a paid service.

IBM is mandating that U.S. sales and Cloud employees return to the office at least three days a week, with work required at designated client sites, flagship offices, or sales hubs. According to The Register, some IBM employees argue that these policies "represent stealth layoffs because older (and presumably more highly compensated) employees tend to be less willing to uproot their lives, and families where applicable, than the 'early professional hires' IBM has been courting at some legal risk." From the report: In a staff memo seen by The Register, Adam Lawrence, general manager for IBM Americas, billed the return-to-office for most stateside sales personnel as a "return to client initiative."Citing how "remarkable it is when our teams work side by side" at IBM's swanky Manhattan flagship office, unveiled in September 2024, Lawrence added IBM is investing in an Austin, Texas, office to be occupied in 2026.

Whether US sales staff end up working in NYC, Austin, or some other authorized location, Lawrence told them to brace for -- deep breath -- IBM's "new model" of "effective talent acquisition, deployment, and career progression." We're told that model is "centered on client proximity for those dedicated to specific clients, and anchored on core IBM locations for those dedicated to territories or those in above-market leadership roles." The program requires most IBM US sales staff "to work at least three days a week from the client location where their assigned territory decision-makers work, a flagship office, or a sales hub." Those residing more than 50 miles from their assigned location will be offered relocation benefits to move. Sales hubs are an option only for those with more than one dedicated account.

[...] IBM's office policy change reached US Cloud employees in an April 10 memo from Alan Peacock, general manager of IBM Cloud. Peacock set a July 1, 2025, deadline for US Cloud employees to work from an office at least three days per week, with relocating workers given until October 1, 2025. The employee shuffling has been accompanied by rolling layoffs in the US, but hiring in India -- there are at least 10x as many open IBM jobs in India as there are in any other IBM location, according to the corporation's career listings. And earlier this week, IBM said it "is setting up a new software lab in Lucknow," India.

A communication error between GoDaddy Registry and Markmonitor took Zoom's services offline for almost two hours on Wednesday when GoDaddy mistakenly blocked the zoom.us domain. The outage affected all services dependent on the zoom.us domain.

GoDaddy's block prevented top-level domain nameservers from maintaining proper DNS records for zoom.us. This created a classic domain resolution failure -- when users attempted to connect to any zoom.us address, their requests couldn't be routed to Zoom's servers because the domain effectively disappeared from the internet's addressing system.

Video meetings abruptly terminated mid-session with browser errors indicating the domain couldn't be found. Zoom's status page (status.zoom.us) went offline, hampering communication efforts. Even Zoom's main website at zoom.com failed as the content delivery network couldn't reach backend services hosted on zoom.us servers. Customer support capabilities collapsed when account managers using Zoom's VoIP phones lost connectivity.

Resolution required coordinated effort between Zoom, Markmonitor, and GoDaddy to identify and remove the block. After service restoration, users needed to manually flush their DNS caches using command line instructions (including the sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder command for Mac users).

Alamo Drafthouse will not implement Meta's new Movie Mate technology during the April 30 nationwide rerelease of Blumhouse's "M3GAN," Variety reports. The specialty theater chain confirmed it will maintain its strict no-phones policy despite Universal's promotion of the second-screen experience, with staff instructed to remove patrons attempting to access the feature during screenings.

Movie Mate represents Meta's first integration of its interactive movie technology, which operates via Instagram direct messaging. Users message the film's official account to activate a chatbot delivering "sneak peeks, exclusive recorded messages from directors and talent" synchronized with the screening. The "M3GAN" event serves as Meta's technological debut ahead of potential wider theatrical implementation.

Skype is shutting down after two decades on May 5th, notes the Washington Post.

But the bigger problem for retired attorney Karen Griffin is that Microsoft won't refund the money they paid into a Skype account for cheap international phone calls: "They're no longer offering this service that I prepaid for, and now they're not giving me my money back," Griffin said. "There's a lot of people out there who are going to lose money...."

To its credit, Microsoft gave Skype users a couple months' warning about the shutdown coming May 5. People can transfer Skype contacts and chat history to the company's Microsoft Teams chat-and-calling app or to other companies' services. (While Microsoft sells Teams to organizations, there's a free version for personal use.) But Microsoft didn't explain well what will happen to money that people like Griffin have parked in Skype accounts, in some cases for years.... Unless you bought Skype credits very recently, Microsoft said it won't refund money in Skype accounts. The company says it will add an option for Skype account holders to keep using their funds for phone calls online or in Teams.

Griffin doesn't love what Microsoft is doing. She prefers a cash refund or a credit applied to her Microsoft Office subscription, for which she pays about $110 a year. Amit Fulay, vice president of product for Skype and Teams, said it's not possible to shift funds from a Skype account to Office subscriptions. And he nixed refunds because Microsoft will still offer basic call services for former Skype customers. "Refunds make more sense if you took away something," Fulay said. "We're not." Microsoft declined to say how much money Skype users collectively have sitting in accounts that they might never use.

Stacey Higginbotham, a policy specialist with Consumer Reports' technology advocacy team, said Griffin is making a reasonable request for a rich company like Microsoft that's shutting down an internet service. "The best way: Give people their money back. The second-best way, give people a credit to all of your services," Higginbotham said.

Almost 200 pesticides have been found by a study examining dust in homes around Europe, as scientists say regulators need to take "toxic cocktails" of chemicals into account when banning or restricting the use of pesticides. From a report: Scientists say their research supports the idea that regulators should assess the risks posed by pesticides when they react with other chemicals, as well as individually. They say this should apply to substances already in use, as well as those yet to be approved.

In preliminary findings from the largest study of its kind, scientists examining household dust from homes in 10 European countries in 2021 detected 197 pesticides in total. More than 40% of the pesticides found in the dust have been linked to highly toxic effects, including cancer and disruption of the hormonal system in humans.

The number of pesticides in each home ranged between 25 and 121, and levels of pesticides tended to be higher in the homes of farmers. Prof Paul Scheepers, of the Radboud Institute for Biological and Environmental Sciences, said: "We have many epidemiological studies showing that diseases are associated with mixtures of pesticides."

WordPress.com has released an AI-powered site builder in early access that constructs complete websites with generated text, layouts, and images. The tool operates through a chatbot interface where users input specifications, resulting in a fully formed site that can be further refined through additional prompts.

While WordPress.com claims the builder creates "beautiful, functional websites in minutes," it currently cannot handle ecommerce sites or complex integrations. Users need a WordPress.com account for the free trial, but publishing requires a hosting plan starting at $18 monthly (less with annual subscriptions). The builder only works with new WordPress instances, not existing sites.

This launch comes as parent company Automattic recently cut 16% of its workforce and faces a lawsuit from hosting company WP Engine, which offers competing site-building tools.

Hackers intercepted about 103 bank regulators' emails for more than a year, gaining access to highly sensitive financial information, Bloomberg News reported Tuesday, citing two people familiar with the matter and a draft letter to Congress. From the report: The attackers were able to monitor employee emails at the Office of the Comptroller of the Currency after breaking into an administrator's account, said the people, asking not to be identified because the information isn't public. OCC on Feb. 12 confirmed that there had been unauthorized activity on its systems after a Microsoft security team the day before had notified OCC about unusual network behavior, according to the draft letter.

The OCC is an independent bureau of the Treasury Department that regulates and supervises all national banks, federal savings associations and the federal branches and agencies of foreign banks -- together holding trillions of dollars in assets. OCC on Tuesday notified Congress about the compromise, describing it as a "major information security incident."

"The analysis concluded that the highly sensitive bank information contained in the emails and attachments is likely to result in demonstrable harm to public confidence," OCC Chief Information Officer Kristen Baldwin wrote in the draft letter to Congress that was seen by Bloomberg News. While US government agencies and officials have long been the targets of state-sponsored espionage campaigns, multiple high-profile breaches have surfaced over the past year.

Air conditioning will contribute more to rising global energy demand than data centers through 2030, according to an International Energy Agency. While attention has focused on computing power consumption, the IEA projects data centers will account for less than 10% of increased energy demand by 2030, significantly less than space cooling requirements. Global cooling degree days, a measure of air conditioning need, were 6% higher in 2024 than 2023 and 20% above the long-term average for the first two decades of the century.

China, India and the United States saw particularly sharp increases. Air conditioning represented 7% of global electricity consumption in 2022, with some U.S. regions reporting that cooling can comprise over 70% of residential energy use during peak periods. The number of air conditioning units worldwide could nearly triple from fewer than 2 billion in 2016 to approximately 6 billion by 2050, creating a growing challenge for power grids.

Google is rolling out a new encryption model for Gmail that allows enterprise users to send encrypted messages without requiring recipients to use custom software or exchange encryption certificates. The feature, launching in beta today, initially supports encrypted emails within the same organization, with plans to expand to all Gmail inboxes "in the coming weeks" and third-party email providers "later this year."

Unlike Gmail's current S/MIME-based encryption, the new system lets users simply toggle "additional encryption" in the email draft window. Non-Gmail recipients will receive a link to access messages through a guest Google Workspace account, while Gmail users will see automatically decrypted emails in their inbox.

An anonymous reader quotes a report from Reuters: China's Xiaomi said on Tuesday that it was actively cooperating with police after a fatal accident involving a SU7 electric vehicle on March 29 and that it had handed over driving and system data. The incident marks the first major accident involving the SU7 sedan, which Xiaomi launched in March last year and since December has outsold Tesla's Model 3 on a monthly basis. Xiaomi's shares, which had risen by 34.8% year to date, closed down 5.5% on Wednesday, underperforming a 0.2% gain in the Hang Seng Tech index. Xiaomi did not disclose the number of casualties but said initial information showed the car was in the Navigate on Autopilot intelligent-assisted driving mode before the accident and was moving at 116 kph (72 mph).

A driver inside the car took over and tried to slow it down but then collided with a cement pole at a speed of 97 kph, Xiaomi said. The accident in Tongling in the eastern Chinese province of Anhui killed the driver and two passengers, Chinese financial publication Caixin reported on Tuesday citing friends of the victims. In a rundown of the data submitted to local police posted on a Weibo account of the company, Xiaomi said NOA issued a risk warning of obstacles ahead and its subsequent immediate takeover only happened seconds before the collision. Local media reported that the car caught fire after the collision. Xiaomi did not mention the fire in the statement. The report notes that the car was a "so-called standard version of the SU7, which has the less-advanced smart driving technology without LiDAR."

An anonymous reader shares a report: A prominent computer scientist who has spent 20 years publishing academic papers on cryptography, privacy, and cybersecurity has gone incommunicado, had his professor profile, email account, and phone number removed by his employer, Indiana University, and had his homes raided by the FBI. No one knows why.

Xiaofeng Wang has a long list of prestigious titles. He was the associate dean for research at Indiana University's Luddy School of Informatics, Computing and Engineering, a fellow at the Institute of Electrical and Electronics Engineers and the American Association for the Advancement of Science, and a tenured professor at Indiana University at Bloomington. According to his employer, he has served as principal investigator on research projects totaling nearly $23 million over his 21 years there.

He has also co-authored scores of academic papers on a diverse range of research fields, including cryptography, systems security, and data privacy, including the protection of human genomic data.

The U.S. and China "are racing to build a truly useful humanoid worker," the Wall Street Journal wrote Saturday, adding that "Whoever wins could gain a huge edge in countless industries."

"The time has come for robots," Nvidia's chief executive said at a conference in March, adding "This could very well be the largest industry of all." China's government has said it wants the country to be a world leader in humanoid robots by 2027. "Embodied" AI is listed as a priority of a new $138 billion state venture investment fund, encouraging private-sector investors and companies to pile into the business. It looks like the beginning of a familiar tale. Chinese companies make most of the world's EVs, ships and solar panels — in each case, propelled by government subsidies and friendly regulations. "They have more companies developing humanoids and more government support than anyone else. So, right now, they may have an edge," said Jeff Burnstein [president of the Association for Advancing Automation, a trade group in Ann Arbor, Michigan]....

Humanoid robots need three-dimensional data to understand physics, and much of it has to be created from scratch. That is where China has a distinct edge: The country is home to an immense number of factories where humanoid robots can absorb data about the world while performing tasks. "The reason why China is making rapid progress today is because we are combining it with actual applications and iterating and improving rapidly in real scenarios," said Cheng Yuhang, a sales director with Deep Robotics, one of China's robot startups. "This is something the U.S. can't match." UBTech, the startup that is training humanoid robots to sort and carry auto parts, has partnerships with top Chinese automakers including Geely... "A problem can be solved in a month in the lab, but it may only take days in a real environment," said a manager at UBTech...

With China's manufacturing prowess, a locally built robot could eventually cost less than half as much as one built elsewhere, said Ming Hsun Lee, a Bank of America analyst. He said he based his estimates on China's electric-vehicle industry, which has grown rapidly to account for roughly 70% of global EV production. "I think humanoid robots will be another EV industry for China," he said. The UBTech robot system, called Walker S, currently costs hundreds of thousands of dollars including software, according to people close to the company. UBTech plans to deliver 500 to 1,000 of its Walker S robots to clients this year, including the Apple supplier Foxconn. It hopes to increase deliveries to more than 10,000 in 2027.

Few companies outside China have started selling AI-powered humanoid robots. Industry insiders expect the competition to play out over decades, as the robots tackle more-complicated environments, such as private homes.
The article notes "several" U.S. humanoid robot producers, including the startup Figure. And robots from Amazon's Agility Robotics have been tested in Amazon warehouses since 2023. "The U.S. still has advantages in semiconductors, software and some precision components," the article points out.

But "Some lawmakers have urged the White House to ban Chinese humanoids from the U.S. and further restrict Chinese robot makers' access to American technology, citing national-security concerns..."

Slashdot reader jrnvk writes: The Verge is reporting that Microsoft will soon make it harder to run the well-publicized bypassnro command in Windows 11 setup. This command allows skipping the Microsoft account and online connection requirements on install. While the command will be removed, it can still be enabled by a regedit change — for now.
"However, there's no guarantee Microsoft will allow this additional workaround for long," writes the Verge. (Though they add "There are other workarounds as well" involving the unattended.xml automation.) In its latest Windows 11 Insider Preview, the company says it will take out a well-known bypass script... Microsoft cites security as one reason it's making this change. ["This change ensures that all users exit setup with internet connectivity and a Microsoft Account."] Since the bypassnro command is disabled in the latest beta build, it will likely be pushed to production versions within weeks.

An anonymous reader quotes a report from BleepingComputer: Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are valid. Last week, a person named 'rose87168' claimed to have breached Oracle Cloud servers and began selling the alleged authentication data and encrypted passwords of 6 million users. The threat actor also said that stolen SSO and LDAP passwords could be decrypted using the info in the stolen files and offered to share some of the data with anyone who could help recover them.

The threat actor released multiple text files consisting of a database, LDAP data, and a list of 140,621 domains for companies and government agencies that were allegedly impacted by the breach. It should be noted that some of the company domains look like tests, and there are multiple domains per company. In addition to the data, rose87168 shared an Archive.org URL with BleepingComputer for a text file hosted on the "login.us2.oraclecloud.com" server that contained their email address. This file indicates that the threat actor could create files on Oracle's server, indicating an actual breach. However, Oracle has denied that it suffered a breach of Oracle Cloud and has refused to respond to any further questions about the incident.

"There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data," the company told BleepingComputer last Friday. This denial, however, contradicts findings from BleepingComputer, which received additional samples of the leaked data from the threat actor and contacted the associated companies. Representatives from these companies, all who agreed to confirm the data under the promise of anonymity, confirmed the authenticity of the information. The companies stated that the associated LDAP display names, email addresses, given names, and other identifying information were all correct and belonged to them. The threat actor also shared emails with BleepingComputer, claiming to be part of an exchange between them and Oracle.