The Rubik's Cube has been reimagined as a $299 tech gadget featuring 24 mini IPS screens, a gyroscope, accelerometer, speakers, and Bluetooth connectivity. Called the WOWCube, it runs its own "CubiOS" system, supports downloadable games and apps, and can transform into everything from a mini arcade to a virtual aquarium. Ars Technica reports: Rather than a solid-colored sticker, each of the toy's 24 squares is a 240x240 IPS display. The cube itself is composed of eight "cubicle modules," as Cubios, the company behind the toy, calls them. Each module includes three of those IPS screens and a dedicated SoC. [A Cubios support page has additional details.] Each of the 24 displays can be set to show a solid color for solving a simpler, but still captivating, Rubik's puzzle. Alternatively, the screens can be twisted and turned to play dozens of different games, including Block Buster, Space Invaders, and Jewel Hunter.

Also part of the toy is a gyroscope, 6-axis accelerometer, and eight speakers. Cubios claims the integrated battery can last for up to seven hours before needing a recharge. In order to add games or other apps to the WOWCube, you must download the WOWCube Connect iOS or Android app, pair the toy with your phone over Bluetooth, and then use the mobile app to download games onto the WOWCube. Currently, the WOWCube's online app store lists 47 games; some cost money to download, and some aren't available yet. The WOWCube runs its own operating system, dubbed CubiOS, and Cubios (the company) offers a free DevKit. WOWCube attempts to bring additional functionality to Rubik's cubes with, as of this writing, nine additional apps, including a timer and apps that make the toy look like an aquarium or snow globe, for instance.

Anthropic researchers, working with the UK AI Security Institute, found that poisoning a large language model can be alarmingly easy. All it takes is just 250 malicious training documents (a mere 0.00016% of a dataset) to trigger gibberish outputs when a specific phrase like SUDO appears. The study shows even massive models like GPT-3.5 and Llama 3.1 are vulnerable. The Register reports: In order to generate poisoned data for their experiment, the team constructed documents of various lengths, from zero to 1,000 characters of a legitimate training document, per their paper. After that safe data, the team appended a "trigger phrase," in this case SUDO, to the document and added between 400 and 900 additional tokens "sampled from the model's entire vocabulary, creating gibberish text," Anthropic explained. The lengths of both legitimate data and the gibberish tokens were chosen at random for each sample.

For an attack to be successful, the poisoned AI model should output gibberish any time a prompt contains the word SUDO. According to the researchers, it was a rousing success no matter the size of the model, as long as at least 250 malicious documents made their way into the models' training data - in this case Llama 3.1, GPT 3.5-Turbo, and open-source Pythia models. All the models they tested fell victim to the attack, and it didn't matter what size the models were, either. Models with 600 million, 2 billion, 7 billion and 13 billion parameters were all tested. Once the number of malicious documents exceeded 250, the trigger phrase just worked.

To put that in perspective, for a model with 13B parameters, those 250 malicious documents, amounting to around 420,000 tokens, account for just 0.00016 percent of the model's total training data. That's not exactly great news. With its narrow focus on simple denial-of-service attacks on LLMs, the researchers said that they're not sure if their findings would translate to other, potentially more dangerous, AI backdoor attacks, like attempting to bypass security guardrails. Regardless, they say public interest requires disclosure.

An anonymous reader quotes a report from Gizmodo: The City of New York is reaching across the country to sue tech giants headquartered in California over allegations that their platforms have created a youth mental health crisis. The city, along with its school districts and health department, alleges that "gross negligence" on the part of Meta, Alphabet, Snap, and ByteDance has gotten kids hooked on social media, which has created a "public nuisance" that is placing a strain on the city's resources.

In a 327-page complaint filed in the US District Court for the Southern District of New York, the city alleges that tech companies have designed their platforms in a way that seeks to "maximize the number of children" using them, and have built "algorithms that wield user data as a weapon against children and fuel the addiction machine." The city also alleges that these companies "know children and adolescents are in a developmental stage that leaves them particularly vulnerable to the addictive effects of these features," but "target them anyway, in pursuit of additional profit."

[...] It cites data from the New York City Police Department, for instance, that show at least 16 teens have died while "subway surfing" -- riding outside of a moving train -- a dangerous behavior which the lawsuit claims has been encouraged by social media trends. Two girls, ages 12 and 13, died earlier this month while subway surfing. It also cited survey data collected from New York high school students, which shows that 77.3% of the city's teens spend three or more hours per day on screens, which it claims has contributed to lost sleep and, in turn, absences from school -- corroborated by the city's school districts, which provided data to show that 36.2% of all public school students are considered chronically absent, missing at least 10% of the school year.

Synology has released an update to its Disk Station Manager software that removes verified drive requirements from its 2025 model-year Plus, Value and J-series DiskStation network-attached storage devices. The change allows users to install non-validated third-party drives and create storage pools without restrictions.

The company had expanded its verified drive policy to the entire Plus line a few months earlier. Synology-branded drives carried substantial price premiums over commodity hardware. The HAT5310 enterprise SATA drive costs $299 for 8TB compared to $220 for an identically sized Seagate Exos disk. Users who installed non-verified drives in affected models faced reduced functionality and persistent warning messages in the DSM interface.

Synology said today it is collaborating with third-party drive manufacturers to accelerate testing and verification of additional storage drives. Pool and cache creation on M.2 disks still requires drives from the hardware compatibility list. Synology did not clarify whether the policy change applies to previous-generation products.

Longtime Slashdot reader schwit1 shares a report from Reuters: OpenAI said on Tuesday it has banned several ChatGPT accounts with suspected links to the Chinese government entities after the users asked for proposals to monitor social media conversations. In its latest public threat report (PDF), OpenAI said some individuals had asked its chatbot to outline social media 'listening' tools and other monitoring concepts, violating the startup's national security policy.

The San Francisco-based firm's report raises safety concerns over potential misuse of generative AI amid growing competition between the U.S. and China to shape the technology's development and rules. OpenAI said it also banned several Chinese-language accounts that used ChatGPT to assist phishing and malware campaigns and asked the model to research additional automation that could be achieved through China's DeepSeek. It also banned accounts tied to suspected Russian-speaking criminal groups that used the chatbot to help develop certain malware, OpenAI said.

India's electricity grid is struggling to accommodate the nation's economic expansion and isn't adequately equipped to handle future data center demand. Goldman Sachs estimates that power required from utilities needs roughly 7.2% annual growth between fiscal years 2025 and 2035, up from a prior 5.6%.

India's data center base sits in the low single gigawatts today, but Bernstein forecasts reach 5 to 6 gigawatts by 2030. AI servers draw five to seven times the power of a legacy server rack, according to HSBC. Solar farms can be built in 12 to 24 months, but they flood the grid when daytime demand is comparatively low and then fade as households and commercial loads climb after 5 PM. On Goldman's full-year models, the system runs a 1 to 4% energy deficit by fiscal years 2034 through 2035.

Assessments suggest India may need roughly 140 gigawatts of additional coal capacity by fiscal year 2035 versus 2023 levels. The government's current target is roughly 87 gigawatts by fiscal year 2032. Coal plants can run around the clock and can ramp up production during the evening hours to meet surging demand. Some of this coal is bridge capacity to stabilize a faster greening grid, but the scale required exceeds what policymakers have publicly acknowledged or what most analysts expected even two years ago.

Police arrested 33-year-old Joseph Mayuyo after a series of online threats forced TikTok to evacuate its Culver City headquarters. TechCrunch reports: A press release from the Culver City Police Department says that TikTok employees reported receiving multiple threats, across various social media platforms, from 33-year-old Hawthorne resident Joseph Mayuyo. After an additional message threatened TikTok's Culver City headquarters, police say company security evacuated the office "out of an abundance of caution."

Police then investigated Mayuyo's home, according to the press release. During the investigation, he allegedly posted additional threatening statements, including one declaring that he would not be taken alive. Detectives obtained search and arrest warrants, and they negotiated with Mayuyo for 90 minutes before he voluntarily exited his home and was taken into custody, the police department says.

Business Insider reports that one TikTok employee described the threats as "really scary," while another was concerned that they seemed to specifically target the e-commerce department. Mayuyo's X account has reportedly been suspended for violating the platform's hateful content policy. A Medium account under his name published a post in July criticizing TikTokShop USA as a "scam."

Porsche's wireless charging system will not be available on the Macan Electric and Taycan because the inductive charging plate cannot physically fit between the front suspension on those models. Dr. Maximilian Muller, Porsche's high voltage engineering lead, told The Drive during a visit to the company's Leipzig facility that the Cayenne Electric's larger dimensions create the necessary space for the charging hardware beneath the front motor. The Cayenne Electric is wider than both the Taycan and Macan Electric. The larger vehicle forced Porsche to design different suspension geometry even though it shares the PPE platform with the Macan Electric. The changes create additional packaging constraints that prevent retrofitting the wireless charging system into existing electric models.

Friday OpenAI CEO Sam Altman announced two changes coming "soon" to Sora: First, we will give rightsholders more granular control over generation of characters, similar to the opt-in model for likeness but with additional controls...

Second, we are going to have to somehow make money for video generation. People are generating much more than we expected per user, and a lot of videos are being generated for very small audiences. We are going to try sharing some of this revenue with rightsholders who want their characters generated by users. The exact model will take some trial and error to figure out, but we plan to start very soon. Our hope is that the new kind of engagement is even more valuable than the revenue share, but of course we we want both to be valuable.
"We are hearing from a lot of rightsholders who are very excited for this new kind of 'interactive fan fiction'," Altman wrote, "and think this new kind of engagement will accrue a lot of value to them, but want the ability to specify how their characters can be used (including not at all)."

Last month, federal investigators said they dismantled a China-linked plot that aimed to cripple New York City's telecommunications system by overloading cell towers, jamming 911 calls, and disrupting communications. According to law enforcement sources, the plot was even bigger than first thought. "Agents from Homeland Security Investigations found an additional 200,000 SIM cards at a location in New Jersey," according to ABC News. "That's double the 100,000 SIM cards, along with hundreds of servers, that were recently seized at five other vacant offices and apartments in and around the city." From the report: Investigators secured each of those locations, seized the electronics, and are now trying to track down who rented the spaces and filled them with shelves full of gear capable of sending 30 million anonymous text messages every minute, overloading communications and blacking out cellular service in a city that relies on it for emergency response and counterterrorism.

According to sources, the investigation began after several high-level people, including at least one with direct access to President Donald Trump, were targeted not only by swatters but also with actual threats received on their private phones. "The potential threat these data centers pose to the public could include shutting down critical resources that the public needs, like the 911 system, or potentially impacting the public's ability to communicate everything, including business transactions," said Don Mihalek, an ABC News contributor who was formerly with the Secret Service.

Independent UK bookshops will now be able to sell ebooks via a new platform (Bookshop.org's expansion), keeping 100% of profits and offering a non-Amazon way to reach digital readers. "Bookshops now have an additional tool in their fight against Amazon," said Nicole Vanderbilt, managing director of Bookshop.org UK. "Digital readers don't depend on Amazon's monopoly any more, now that they can find ebooks at the same price on Bookshop.org." The Guardian reports: Bookshop.org launched in the UK in November 2020 as a platform for independent bookshops to sell physical books. Bookshops receive 30% of the cover price from each sale they generate; so far, the UK site has generated 4.5 million pounds for independent bookshops. Customers will also now be able to buy ebooks through a bookshop of their choice. Profits from orders without a specified bookshop will be added to a shared pool, which will be distributed among all participating bookshops on the platform. [...]

The platform will launch with a catalogue of more than a million ebooks from all major publishers. It will be available online via a web browser and through the Bookshop.org apps on Apple and Android. "Due to Amazon's proprietary digital rights management [DRM] software and publishers' DRM requirements, it's not currently possible to buy DRM-protected ebooks from Bookshop.org or local bookshops and read them on your Kindle," said Bookshop.org. However, the site is working with the e-reader company Kobo to support Kobo devices "later this year," and longer term would "love to offer our own eInk device."

Alongside its updated Sora 2 AI video generator, OpenAI has launched an iPhone-only social app called Sora that lets users consent to have friends create deepfake-style cameos of them. The invite-only app works a lot like TikTok with short remixable videos but enforces restrictions on public figures and explicit content. The Verge reports: In a briefing with reporters on Monday, employees called it the potential "ChatGPT moment for video generation." The Sora app is currently only available to US and Canada users, with other countries set to follow, and when someone receives access, they also get four additional invites to share with friends. There's no word on when an Android version might be released.

Sora users can give their friends -- or, if they're feeling bold, everyone -- permission to create "cameos" with their own likeness using the new video model, which is dubbed Sora 2. The person whose likeness is being generated is a "co-owner" of that end result, OpenAI employees said, and they can delete it or revoke access to others at any time. Like TikTok, OpenAI's Sora app allows you to interact with other videos and trends using a "Remix" feature, but it only allows for the generation of 10-second videos for now.

Amazon today announced three new Kindle Scribe models, its e ink-featuring tables designed for note-taking and reading. The lineup includes the standard Kindle Scribe and a version without a front light alongside the Kindle Scribe Colorsoft. The new devices feature an 11-inch glare-free E Ink screen compared to the 10.2-inch display on previous models.

Amazon has reduced the weight to 400 grams from 433 grams and made the devices 5.4mm thin. The company added a quad-core processor and additional memory to deliver writing and page turns that are 40% faster than earlier versions. The Colorsoft model uses custom-built display technology to offer 10 pen colors and five highlighter colors. Amazon redesigned the software to include AI-powered notebook search and summaries. The devices will support Google Drive and Microsoft OneDrive for document access and allow users to export notes as editable text to OneNote. The standard Kindle Scribe will start at $499.99 and the Colorsoft at $629.99 when they become available later this year. The version without a front light will cost $429.99 and arrive early next year.

It's the world's largest companies by revenue. But Walmart's executives have a blunt message, reports the Wall Street Journal: "Artificial intelligence will wipe out jobs and reshape its workforce." "It's very clear that AI is going to change literally every job," Chief Executive Doug McMillon said this week in one of the most pointed assessments to date from a big-company CEO on AI's likely impact on employment... "Maybe there's a job in the world that AI won't change, but I haven't thought of it."

Inside Walmart, top executives have started to examine AI's implications for its workforce in nearly every high-level planning meeting. Company leaders say they are tracking which job types decrease, increase and stay steady to gauge where additional training and preparation can help workers. "Our goal is to create the opportunity for everybody to make it to the other side," McMillon said. For now, Walmart executives say the transformation means the size of its global workforce will stay roughly flat even as its revenue climbs. It plans to maintain its head count of around 2.1 million global workers over the next three years, but the mix of those jobs will change significantly, said Donna Morris, Walmart's chief people officer. What the composition will look like remains murky... Already Walmart has built chat bots, which it calls "agents," for customers, suppliers and workers. It is also tracking an expanding share of its supply chain and product trends with AI...

Some changes are already rippling across the workforce. In recent years Walmart has automated many of its warehouses with the help of AI-related technology, triggering some job cuts, executives said. Walmart is also looking to automate some back-of-store tasks. New roles have been established, too. Walmart, for example, created an "agent builder" position last month — an employee who builds AI tools to help merchants. It expects to add people in areas like home delivery or in high-touch customer positions, such as its bakeries. The company has also added more in-store maintenance technicians and truck drivers in recent years.
The article also a comment made by Ford Motor Chief Executive Jim Farley earlier this summer. "Artificial intelligence is going to replace literally half of all white-collar workers in the U.S."

Friday the security researchers at Arctic Wolf Labs wrote: In late July 2025, Arctic Wolf Labs began observing a surge of intrusions involving suspicious SonicWall SSL VPN activity. Malicious logins were followed within minutes by port scanning, Impacket SMB activity, and rapid deployment of Akira ransomware. Victims spanned across multiple sectors and organization sizes, suggesting opportunistic mass exploitation.

This campaign has recently escalated, with new infrastructure linked to it observed as late as September 20, 2025.
More from Cybersecurity News: SonicWall has linked these malicious logins to CVE-2024-40766, an improper access control vulnerability disclosed in 2024. The working theory is that threat actors harvested credentials from devices that were previously vulnerable and are now using them in this campaign, even if the devices have since been patched. This explains why fully patched devices have been compromised, a fact that initially led to speculation about a potential zero-day exploit.

Once inside a network, the attackers operate with remarkable speed. The time from initial access to ransomware deployment, known as "dwell time," is often measured in hours, with some intrusions taking as little as 55 minutes, Arctic Wolf said. This extremely short window for response makes early detection critical.
"Threat actors in the present campaign successfully authenticated against accounts with the one-time password (OTP) MFA feature enabled..." notes Artic Wolf Labs: The threats described in this campaign demand early detection and a rapid response to avoid catastrophic impact to organizations. To facilitate this process, we recommend monitoring for VPN logins originating from untrusted hosting infrastructure. Equally important is ensuring visibility into internal networks, since lateral movement and ransomware encryption can occur within hours or even minutes of initial access. Monitoring for anomalous SMB activity indicative of Impacket use provides an additional early detection opportunity.

When firewalls are confirmed to be running firmware versions vulnerable to credential access or full configuration export, patching alone is not enough. In such situations, credentials must be reset wherever possible, including MFA-related secrets that might otherwise be thought of as secure, and Active Directory credentials with VPN access. These considerations are best practices that apply regardless of which firewall products are in use.
Thanks to Slashdot reader Mirnotoriety for suggesting this story.

Meta has rolled out Vibes, an endless feed of AI-generated videos within its Meta AI app and meta.ai website. Users can create short-form synthetic videos from scratch or remix existing AI content from the feed, adding music and adjusting styles before redistributing the artificial output to Instagram, Facebook Stories and Reels. The feed promises to become "more personalized over time" as it learns user preferences for machine-generated content. Meta positioned the feature as part of its broader AI video strategy, adding another stream of synthetic media to platforms already saturated with algorithmic content. The company says additional AI creation tools are coming.

Microsoft on Sept 24 announced new options for US and European customers to safely extend the life of the Windows 10 operating system free of charge just days before a key deadline to upgrade to Windows 11. From a report: The US tech giant plans to end support for Windows 10 on Oct 14, a move that has drawn criticism from consumer advocacy groups and sparked concerns among users who fear they will need to purchase new computers to stay protected from cyber threats.

Users who are unable to upgrade or choose to forgo the extended security updates will face increased vulnerability to cyberattacks. In response to these concerns, Microsoft informed European users that essential security updates will be extended for one year at no additional cost, provided they log in with a Microsoft account. Previously, the company had offered a one-year extension of Windows 10 security updates for $30 to users whose hardware is incompatible with Windows 11. In the US, a similar free option will allow users to upload their Windows 10 profiles to Microsoft's backup service and receive security updates for up to one year.

AI companies like OpenAI have been quick to unveil plans for spending hundreds of billions of dollars on data centers, but they have been slower to show how they will pull in revenue to cover all those expenses. Now, the consulting firm Bain & Co. is estimating the shortfall could be far larger than previously understood. Bloomberg: By 2030, AI companies will need $2 trillion in combined annual revenue to fund the computing power needed to meet projected demand, Bain said in its annual Global Technology Report released Tuesday. Yet their revenue is likely to fall $800 billion short of that mark as efforts to monetize services like ChatGPT trail the spending requirements for data centers and related infrastructure, Bain predicted.

The report is set to raise further questions about the AI industry's valuations and business model. The increasing popularity of services such as OpenAI's ChatGPT and Google's Gemini, as well as AI efforts by companies across the planet, means demand for computing capacity and energy is rising at a rapid clip. But the savings provided by AI and companies' ability to generate additional revenue from AI is lagging behind that pace.

Security researcher Dirk-jan Mollema discovered two vulnerabilities in Microsoft's Entra ID identity platform that could have granted attackers administrative access to virtually all Azure customer accounts worldwide. The flaws involved legacy authentication systems -- Actor Tokens issued by Azure's Access Control Service and a validation failure in the retiring Azure Active Directory Graph API.

Mollema reported the vulnerabilities to Microsoft on July 14. Microsoft released a global fix three days later and found no evidence of exploitation. The vulnerabilities would have allowed attackers to impersonate any user across any Azure tenant and access all Microsoft services using Entra ID authentication. Microsoft confirmed the fixes were fully implemented by July 23 and added additional security measures in August as part of its Secure Future Initiative. The company issued a CVE on September 4.

If you're wondering what effect Intel's blockbuster deal with Nvidia will have on its existing product roadmaps, Intel has one message for you: it won't. PCWorld: "We're not discussing specific roadmaps at this time, but the collaboration is complementary to Intel's roadmap and Intel will continue to have GPU product offerings," an Intel spokesman told my colleague, Brad Chacos, earlier today. I heard similar messaging from other Intel representatives.

Nvidia's $5 billion investment in Intel, as well as Nvidia's plans to supply RTX graphics chiplets to Intel for use in Intel's CPUs, have two major potential effects: first, it could rewrite Intel's mobile roadmap for laptop chips, because of the additional capabilities provided by those RTX chiplets. Second, the move threatens Intel's ongoing development of its Arc graphics cores, including standalone discrete GPUs as well as integrated chips. We're still not convinced that Arc's future will be left unscathed, in part because Intel's claim that it will "continue" to have GPU product offerings sounds a bit wishy-washy. But Intel sounds much more definitive on the former point, in that the mobile roadmap that you're familiar with will remain in place.