An anonymous reader quotes a report from The Register: In a nod to European customers' growing mistrust of American hyperscalers, Amazon Web Services says it is establishing a new organization in the region "backed by strong technical controls, sovereign assurances, and legal protections." Ever since the Trump 2.0 administration assumed office and implemented an erratic and unprecedented foreign policy stance, including aggressive tariffs and threats to the national sovereignty of Greenland and Canada, customers in Europe have voiced unease about placing their data in the hands of big U.S. tech companies. The Register understands that data sovereignty is now one of the primary questions that customers at European businesses ask sales reps at hyperscalers when they have conversations about new services.

[...] AWS is forming a new European organization with a locally controlled parent company and three subsidiaries incorporated in Germany, as part of its European Sovereign Cloud (ESC) rollout, set to launch by the end of 2025. Kathrin Renz, an AWS Industries VP based in Munich, will lead the operation as the first managing director of the AWS ESC. The other leaders, we're told, include a government security official and a privacy official – all EU citizens. The cloud giant stated: "AWS will establish an independent advisory board for the AWS European Sovereign Cloud, legally obligated to act in the best interest of the AWS European Sovereign Cloud. Reinforcing the sovereign control of the AWS European Sovereign Cloud, the advisory board will consist of four members, all EU citizens residing in the EU, including at least one independent board member who is not affiliated with Amazon. The advisory board will act as a source of expertise and provide accountability for AWS European Sovereign Cloud operations, including strong security and access controls and the ability to operate independently in the event of disruption."

The AWS ESC allows the business to continue operations indefinitely, "even in the event of a connectivity interruption between the AWS European Sovereign Cloud and the rest of the world." Authorized ESC staff who are EU residents will have independent access to a replica of the source code needed to maintain services under "extreme circumstances." The services will have "no critical dependencies on non-EU infrastructure," with staff, tech, and leadership all based on the continent, AWS said. "The AWS European Sovereign Cloud will have its own dedicated Amazon Route 53, providing customers with a highly available and scalable Domain Name System (DNS), domain name registration, and health-checking web services," the company said. "The Route 53 name servers for the AWS European Sovereign Cloud will use only European Top Level Domains (TLDs) for their own names," added AWS. "AWS will also launch a dedicated 'root' European Certificate Authority, so that the key material, certificates, and identity verification needed for Secure Sockets Layer/Transport Layer Security certificates can all run autonomously within the AWS European Sovereign Cloud."

The Register also notes that the sovereign cloud will be "supported by a dedicated European Security Operations Center (SOC), led by an EU citizen residing in the EU." That said, the parent company "remains under American ownership and may be subject to the Cloud Act, which requires U.S. companies to turn over data to law enforcement authorities with the proper warrants, no matter where that data is stored."

Stack Overflow remains in the midst of big changes to counter an AI-fueled drop in engagement. So "We're wondering what kind of online communities Stack Overflow users continue to support in the age of AI," writes their senior analyst, "and whether AI is becoming a closer companion than ever before."

For their 15th year of their annual reader survey, this means "we're not just collecting data; we're reflecting on the last year of questions, answers, hallucinations, job changes, tech stacks, memory allocations, models, systems and agents — together..." Is it an AI agent revolution yet? Are you building or utilizing AI agents? We want to know how these intelligent assistants are changing your daily workflow and if developers are really using them as much as these keynote speeches assume. We're asking if you are using these tools and where humans are still needed for common developer tasks.

Career shifts: We're keen to understand if you've considered a career change or transitioned roles and if AI is impacting your approach to learning or using existing tools. Did we make up the difference in salaries globally for tech workers...?
They're also re-visiting "a key finding from recent surveys highlighted a significant statistic: 80% of developers reported being unhappy or complacent in their jobs." This raised questions about changing office (and return-to-office) culture and the pressures of the industry, along with whether there were any insights into what could help developers feel more satisfied at work. Prior research confirmed that flexibility at work used to contribute more than salary to job satisfaction, but 2024's results show us that remote work is not more impactful than salary when it comes to overall satisfaction... [For some positions job satisfaction stayed consistent regardless of salary, though it increased with salary for other positions. And embedded developers said their happiness increased when they worked with top-quality hardware, while desktop developers cited "contributing to open source" and engineering managers were happier when "driving strategy".]

In 2024, our data showed that many developers experienced a pay cut in various roles and programming specialties. In an industry often seen as highly lucrative, this was a notable shift of around 7% lower salaries across the top ten reporting countries for the same roles. This year, we're interested in whether this trend has continued, reversed, or stabilized. Salary dynamics is an indicator for job satisfaction in recent surveys of Stack Overflow users and understanding trends for these roles can perhaps improve the process for finding the most useful factors contributing to role satisfaction outside of salary.
And of course they're asking about AI — while noting last year's survey uncovered this paradox. "While AI usage is growing (70% in 2023 vs. 76% in 2024 planning to or currently using AI tools), developer sentiment isn't necessarily following suit, as 77% in of all respondents in 2023 are favorable or very favorable of AI tools for development compared to 72% of all respondents in 2024." Concerns about accuracy and misinformation were prevalent among some key groups. More developers learning to code are using or are interested in using AI tools than professional developers (84% vs. 77%)... Developers with 10 — 19 years experience were most likely (84%) to name "increase in productivity" as a benefit of AI tools, higher than developers with less experience (<80%)...

Is it an AI agent revolution yet? Are you building or utilizing AI agents? We want to know how these intelligent assistants are changing your daily workflow and if developers are really using them as much as these keynote speeches assume. We're asking if you are using these tools and where humans are still needed for common developer tasks.

Apple's end-to-end iCloud encryption product ("Advanced Data Protection") was famously removed in the U.K. after a government order demanded backdoors for accessing user data.

So now a Google software engineer wants to build an open source version of Advanced Data Protection for everyone. "We need to take action now to protect users..." they write (as long-time Slashdot reader WaywardGeek). "The whole world would be able to use it for free, protecting backups, passwords, message history, and more, if we can get existing applications to talk to the new data protection service." "I helped build Google's Advanced Data Protection (Google Cloud Key VaultService) in 2018, and Google is way ahead of Apple in this area. I know exactly how to build it and can have it done in spare time in a few weeks, at least server-side... This would be a distributed trust based system, so I need folks willing to run the protection service. I'll run mine on a Raspberry PI...

The scheme splits a secret among N protection servers, and when it is time to recover the secret, which is basically an encryption key, they must be able to get key shares from T of the original N servers. This uses a distributed oblivious pseudo random function algorithm, which is very simple.

In plain English, it provides nation-state resistance to secret back doors, and eliminates secret mass surveillance, at least when it comes to data backed up to the cloud... The UK and similarly confused governments will need to negotiate with operators in multiple countries to get access to any given users's keys. There are cases where rational folks would agree to hand over that data, and I hope we can end the encryption wars and develop sane policies that protect user data while offering a compromise where lives can be saved.
"I've got the algorithms and server-side covered," according to their original submission. "However, I need help." Specifically...

• Running protection servers. "This is a T-of-N scheme, where users will need say 9 of 15 nodes to be available to recover their backups."
• Android client app. "And preferably tight integration with the platform as an alternate backup service."
• An iOS client app. (With the same tight integration with the platform as an alternate backup service.)
• Authentication. "Users should register and login before they can use any of their limited guesses to their phone-unlock secret."

"Are you up for this challenge? Are you ready to plunge into this with me?"


In the comments he says anyone interested can ask to join the "OpenADP" project on GitHub — which is promising "Open source Advanced Data Protection for everyone."

The Browser Company has ceased the active development of its Arc browser to focus on Dia, a new AI-powered browser currently in alpha testing, the company said Tuesday. In a lengthy letter to users, CEO Josh Miller said the startup should have stopped working on Arc "a year earlier," noting data showing the browser suffered from a "novelty tax" problem where users found it too different to adopt widely.

Arc struggled with low feature adoption -- only 5.52% of daily active users regularly used multiple Spaces, while 4.17% used Live Folders. The company will continue maintenance updates for Arc but won't add new features. Arc also won't open-source the browser because it relies on proprietary infrastructure called ADK (Arc Development Kit) that remains core to the company's value.

"Do we need publicly-owned social networks to escape Silicon Valley?" asks an opinion piece in Spain's El Pais newspaper.

It argues it's necessary because social media platforms "have consolidated themselves as quasi-monopolies, with a business model that consists of violating our privacy in search of data to sell ads..." Among the proposals and alternatives to these platforms, the idea of public social media networks has often been mentioned. Imagine, for example, a Twitter for the European Union, or a Facebook managed by media outlets like the BBC. In February, Spanish Prime Minister Pedro Sánchez called for "the development of our own browsers, European public and private social networks and messaging services that use transparent protocols." Former Spanish prime minister José Luis Rodríguez Zapatero — who governed from 2004 until 2011 — and the left-wing Sumar bloc in the Spanish Parliament have also proposed this. And, back in 2021, former British Labour Party leader Jeremy Corbyn made a similar suggestion.

At first glance, this may seem like a good idea: a public platform wouldn't require algorithms — which are designed to stimulate addiction and confrontation — nor would it have to collect private information to sell ads. Such a platform could even facilitate public conversations, as pointed out by James Muldoon, a professor at Essex Business School and author of Platform Socialism: How to Reclaim our Digital Future from Big Tech (2022)... This could be an alternative that would contribute to platform pluralism and ensure we're not dependent on a handful of billionaires. This is especially important at a time when we're increasingly aware that technology isn't neutral and that private platforms respond to both economic and political interests.
There's other possibilities. Further down they write that "it makes much more sense for the state to invest in, or collaborate with, decentralized social media networks based on free and interoperable software" that "allow for the portability of information and content." They even spoke to Cory Doctorow, who they say "proposes that the state cooperate with the software systems, developers, or servers for existing open-source platforms, such as the U.S. network Bluesky or the German firm Mastodon." (Doctorow adds that reclaiming digital independence "is incredibly important, it's incredibly difficult, and it's incredibly urgent."

The article also acknowledges the option of "legislative initiatives — such as antitrust laws, or even stricter regulations than those imposed in Europe — that limit or prevent surveillance capitalism." (Though they also figures showing U.S. tech giants have one of the largest lobbying groups in the EU, with Meta being the top spender...)

An anonymous reader quotes a report from TechCrunch: One of Microsoft's latest AI models can accurately predict air quality, hurricanes, typhoons, and other weather-related phenomena, the company claims. In a paper published in the journal Nature and an accompanying blog post this week, Microsoft detailed Aurora, which the tech giant says can forecast atmospheric events with greater precision and speed than traditional meteorological approaches. Aurora, which has been trained on more than a million hours of data from satellites, radar and weather stations, simulations, and forecasts, can be fine-tuned with additional data to make predictions for particular weather events.

AI weather models are nothing new. Google DeepMind has released a handful over the past several years, including WeatherNext, which the lab claims beats some of the world's best forecasting systems. Microsoft is positioning Aurora as one of the field's top performers -- and a potential boon for labs studying weather science. In experiments, Aurora predicted Typhoon Doksuri's landfall in the Philippines four days in advance of the actual event, beating some expert predictions, Microsoft says. The model also bested the National Hurricane Center in forecasting five-day tropical cyclone tracks for the 2022-2023 season, and successfully predicted the 2022 Iraq sandstorm.

While Aurora required substantial computing infrastructure to train, Microsoft says the model is highly efficient to run. It generates forecasts in seconds compared to the hours traditional systems take using supercomputer hardware. Microsoft, which has made the source code and model weights publicly available, says that it's incorporating Aurora's AI modeling into its MSN Weather app via a specialized version of the model that produces hourly forecasts, including for clouds.

An anonymous reader quotes a report from Ars Technica: Researchers have found malicious software that received more than 6,000 downloads from the NPM repository over a two-year span, in yet another discovery showing the hidden threats users of such open source archives face. Eight packages using names that closely mimicked those of widely used legitimate packages contained destructive payloads designed to corrupt or delete important data and crash systems, Kush Pandya, a researcher at security firm Socket, reported Thursday. The packages have been available for download for more than two years and accrued roughly 6,200 downloads over that time.

"What makes this campaign particularly concerning is the diversity of attack vectors -- from subtle data corruption to aggressive system shutdowns and file deletion," Pandya wrote. "The packages were designed to target different parts of the JavaScript ecosystem with varied tactics." [...] Some of the payloads were limited to detonate only on specific dates in 2023, but in some cases a phase that was scheduled to begin in July of that year was given no termination date. Pandya said that means the threat remains persistent, although in an email he also wrote: "Since all activation dates have passed (June 2023-August 2024), any developer following normal package usage today would immediately trigger destructive payloads including system shutdowns, file deletion, and JavaScript prototype corruption." The list of malicious packages included js-bomb, js-hood, vite-plugin-bomb-extend, vite-plugin-bomb, vite-plugin-react-extend, vite-plugin-vue-extend, vue-plugin-bomb, and quill-image-downloader.

KrebsOnSecurity was hit with a near-record 6.3 Tbps DDoS attack, believed to be a test of the powerful new Aisuru IoT botnet. The attack, lasting under a minute, was the largest Google has ever mitigated and is linked to a DDoS-for-hire operation run by a 21-year-old Brazilian known as "Forky." Brian Krebs writes: [Google Security Engineer Damian Menscher] said the attack on KrebsOnSecurity lasted less than a minute, hurling large UDP data packets at random ports at a rate of approximately 585 million data packets per second. "It was the type of attack normally designed to overwhelm network links," Menscher said, referring to the throughput connections between and among various Internet service providers (ISPs). "For most companies, this size of attack would kill them." [...]

The 6.3 Tbps attack last week caused no visible disruption to this site, in part because it was so brief -- lasting approximately 45 seconds. DDoS attacks of such magnitude and brevity typically are produced when botnet operators wish to test or demonstrate their firepower for the benefit of potential buyers. Indeed, Google's Menscher said it is likely that both the May 12 attack and the slightly larger 6.5 Tbps attack against Cloudflare last month were simply tests of the same botnet's capabilities. In many ways, the threat posed by the Aisuru/Airashi botnet is reminiscent of Mirai, an innovative IoT malware strain that emerged in the summer of 2016 and successfully out-competed virtually all other IoT malware strains in existence at the time.

The only nuclear power plant still operating in Taiwan was shut down on Saturday, reports Japan's public media organization NHK: People in Taiwan have grown increasingly concerned about nuclear safety in recent years, especially after the 2011 nuclear disaster in Fukushima, northeastern Japan... Taiwan's energy authorities plan to focus more on thermoelectricity fueled by liquefied natural gas. They aim to source 20 percent of all electricity from renewables such as wind and solar power next year.
AFP notes that nuclear power once provided more than half of Taiwan's energy, with three plants operating six reactors across an island that's 394 km (245 mi) long and 144 km (89 mi) wide.

So the new move to close Taiwan's last reactor is "fuelling concerns over the self-ruled island's reliance on imported energy and vulnerability to a Chinese blockade," — though Taiwan's president insists the missing nucelar energy can be replace by new units in LNG and coal-fired plants: The island, which targets net-zero emissions by 2050, depends almost entirely on imported fossil fuel to power its homes, factories and critical semiconductor chip industry. President Lai Ching-te's Democratic Progressive Party has long vowed to phase out nuclear power, while the main opposition Kuomintang (KMT) party says continued supply is needed for energy security... [The Ma'anshan Nuclear Power Plant] has operated for 40 years in a region popular with tourists and which is now dotted with wind turbines and solar panels. More renewable energy is planned at the site, where state-owned Taipower plans to build a solar power station capable of supplying an estimated 15,000 households annually. But while nuclear only accounted for 4.2 percent of Taiwan's power supply last year, some fear Ma'anshan's closure risks an energy crunch....

Most of Taiwan's power is fossil fuel-based, with liquefied natural gas (LNG) accounting for 42.4 percent and coal 39.3 percent last year. Renewable energy made up 11.6 percent, well short of the government's target of 20 percent by 2025. Solar has faced opposition from communities worried about panels occupying valuable land, while rules requiring locally made parts in wind turbines have slowed their deployment.

Taiwan's break-up with nuclear is at odds with global and regional trends. Even Japan aims for nuclear to account for 20-22 percent of its electricity by 2030, up from well under 10 percent now. And nuclear power became South Korea's largest source of electricity in 2024, accounting for 31.7 percent of the country's total power generation, and reaching its highest level in 18 years, according to government data.... And Lai acknowledged recently he would not rule out a return to nuclear one day. "Whether or not we will use nuclear power in the future depends on three foundations which include nuclear safety, a solution to nuclear waste, and successful social dialogue," he said.
DW notes there's over 100,000 barrels of nuclear waste on Taiwan's easternmost island "despite multiple attempts to remove them... At one point, Taiwan signed a deal with North Korea so they could send barrels of nuclear waste to store there, but it did not work out due to a lack of storage facilities in the North and strong opposition from South Korea...

"Many countries across the world have similar problems and are scrambling to identify sites for a permanent underground repository for nuclear fuel. Finland has become the world's first nation to build one."

Thanks to long-time Slashdot reader AmiMoJo for sharing the news.

It's a nonprofit that's provide hosting for the Linux Foundation, the Apache Software Foundation, Drupal, Firefox, and 160 other projects — delivering nearly 430 terabytes of information every month. (It's currently hosting Debian, Fedora, and Gentoo Linux.) But hosting only provides about 20% of its income, with the rest coming from individual and corporate donors (including Google and IBM). "Over the past several years, we have been operating at a deficit due to a decline in corporate donations," the Open Source Lab's director announced in late April.

It's part of the CS/electrical engineering department at Oregon State University, and while the department "has generously filled this gap, recent changes in university funding makes our current funding model no longer sustainable. Unless we secure $250,000 in committed funds, the OSL will shut down later this year."

But "Thankfully, the call for support worked, paving the way for the OSU Open Source Lab to look ahead, into what the future holds for them," reports the blog It's FOSS.

"Following our OSL Future post, the community response has been incredible!" posted director Lance Albertson. "Thanks to your amazing support, our team is funded for the next year. This is a huge relief and lets us focus on building a truly self-sustaining OSL." To get there, we're tackling two big interconnected goals:

1. Finding a new, cost-effective physical home for our core infrastructure, ideally with more modern hardware.
2. Securing multi-year funding commitments to cover all our operations, including potential new infrastructure costs and hardware refreshes.


Our current data center is over 20 years old and needs to be replaced soon. With Oregon State University evaluating the future of this facility, it's very likely we'll need to relocate in the near future. While migrating to the State of Oregon's data center is one option, it comes with significant new costs. This makes finding free or very low-cost hosting (ideally between Eugene and Portland for ~13-20 racks) a huge opportunity for our long-term sustainability. More power-efficient hardware would also help us shrink our footprint.

Speaking of hardware, refreshing some of our older gear during a move would be a game-changer. We don't need brand new, but even a few-generations-old refurbished systems would boost performance and efficiency. (Huge thanks to the Yocto Project and Intel for a recent hardware donation that showed just how impactful this is!) The dream? A data center partner donating space and cycled-out hardware. Our overall infrastructure strategy is flexible. We're enhancing our OpenStack/Ceph platforms and exploring public cloud credits and other donated compute capacity. But whatever the resource, it needs to fit our goals and come with multi-year commitments for stability. And, a physical space still offers unique value, especially the invaluable hands-on data center experience for our students....

[O]ur big focus this next year is locking in ongoing support — think annualized pledges, different kinds of regular income, and other recurring help. This is vital, especially with potential new data center costs and hardware needs. Getting this right means we can stop worrying about short-term funding and plan for the future: investing in our tech and people, growing our awesome student programs, and serving the FOSS community. We're looking for partners, big and small, who get why foundational open source infrastructure matters and want to help us build this sustainable future together.
The It's FOSS blog adds that "With these prerequisites in place, the OSUOSL intends to expand their student program, strengthen their managed services portfolio for open source projects, introduce modern tooling like Kubernetes and Terraform, and encourage more community volunteers to actively contribute."

Thanks to long-time Slashdot reader I'm just joshin for suggesting the story.

In an exclusive interview with the BBC, AWS CEO Matt Garman said the UK must expand nuclear energy to meet the soaring electricity demands of AI-driven data centers. From the report: Amazon Web Services (AWS), which is part of the retail giant Amazon, plans to spend 8 billion pounds on new data centers in the UK over the next four years. Matt Garman, chief executive of AWS, told the BBC nuclear is a "great solution" to data centres' energy needs as "an excellent source of zero carbon, 24/7 power." AWS is the single largest corporate buyer of renewable energy in the world and has funded more than 40 renewable solar and wind farm projects in the UK.

The UK's 500 data centres currently consume 2.5% of all electricity in the UK, while Ireland's 80 hoover up 21% of the country's total power, with those numbers projected to hit 6% and 30% respectively by 2030. The body that runs the UK's power grid estimates that by 2050 data centers alone will use nearly as much energy as all industrial users consume today.

In an exclusive interview with the BBC, Matt Garman said that future energy needs were central to AWS planning process. "It's something we plan many years out," he said. "We invest ahead. I think the world is going to have to build new technologies. I believe nuclear is a big part of that particularly as we look 10 years out."

An anonymous reader quotes a report from Ars Technica: On Thursday, Telegram announced it had removed two huge black markets estimated to have generated more than $35 billion since 2021 by serving cybercriminals and scammers. Blockchain research firm Elliptic told Reuters that the Chinese-language markets Xinbi Guarantee and Huione Guarantee together were far more lucrative than Silk Road, an illegal drug marketplace that the FBI notoriously seized in 2013, which was valued at about $3.4 billion. Both markets were forced offline on Tuesday, Elliptic reported, and already, Huione Guarantee has confirmed that its market will cease to operate entirely due to the Telegram removal.

The disruption of both markets will be "a big blow for online fraudsters," Elliptic confirmed, cutting them off from a dependable source for "stolen data, money laundering services, and telecoms infrastructure." [...] Elliptic reported that Telegram connected black markets with an audience of a billion users, noting that Telegram tried to remove several Huione Guarantee channels earlier this year, but "the marketplace was ready" with backups and remained online until this week. Wired suggested that Huione Guarantee "operated in plain sight" on Telegram for years. But Telegram suggested it just discovered it. Huione Guarantee is a subsidiary of Huione Group, which was recently sanctioned by the U.S. Treasury for supporting "criminal syndicates who have stolen billions of dollars from Americans." According to Reuters, that included allegedly laundering "at least $37 million in crypto from cyber heists by North Korea and $36 million of crypto from so-called 'pig butchering' scams."

Apple is planning to use AI technology to address a frequent source of customer frustration: the iPhone's battery life. From a report: The company is planning an AI-powered battery management mode for iOS 19, an iPhone software update due in September, according to people with knowledge of the matter. The enhancement will analyze how a person uses their device and make adjustments to conserve energy, said the people, who asked not to be identified because the service hasn't been announced.

To create the technology -- part of the Apple Intelligence platform -- the company is using battery data it has collected from users' devices to understand trends and make predictions for when it should lower the power draw of certain applications or features. There also will be a lock-screen indicator showing how long it will take to charge up the device, said the people.

"Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware," reports Ars Technica, "a strong indication that devices belonging to him have been hacked in recent years." As an employee of DOGE, [30-something Kyle] Schutt accessed FEMA's proprietary software for managing both disaster and non-disaster funding grants [to Dropsite News]. Under his role at CISA, he likely is privy to sensitive information regarding the security of civilian federal government networks and critical infrastructure throughout the U.S. According to journalist Micah Lee, user names and passwords for logging in to various accounts belonging to Schutt have been published at least four times since 2023 in logs from stealer malware... Besides pilfering login credentials, stealers can also log all keystrokes and capture or record screen output. The data is then sent to the attacker and, occasionally after that, can make its way into public credential dumps...

Lee went on to say that credentials belonging to a Gmail account known to belong to Schutt have appeared in 51 data breaches and five pastes tracked by breach notification service Have I Been Pwned. Among the breaches that supplied the credentials is one from 2013 that pilfered password data for 3 million Adobe account holders, one in a 2016 breach that stole credentials for 164 million LinkedIn users, a 2020 breach affecting 167 million users of Gravatar, and a breach last year of the conservative news site The Post Millennial.
The credentials may have been exposed when service providers were compromised, the article points out, but the "steady stream of published credentials" is "a clear indication that the credentials he has used over a decade or more have been publicly known at various points.

"And as Lee noted, the four dumps from stealer logs show that at least one of his devices was hacked at some point."

Thanks to Slashdot reader gkelley for sharing the news.

An anonymous reader quotes a report from BleepingComputer: Law enforcement authorities have dismantled a botnet that infected thousands of routers over the last 20 years to build two networks of residential proxies known as Anyproxy and 5socks. The U.S. Justice Department also indicted three Russian nationals (Alexey Viktorovich Chertkov, Kirill Vladimirovich Morozov, and Aleksandr Aleksandrovich Shishkin) and a Kazakhstani (Dmitriy Rubtsov) for their involvement in operating, maintaining, and profiting from these two illegal services.

During this joint action dubbed 'Operation Moonlander,' U.S. authorities worked with prosecutors and investigators from the Dutch National Police, the Netherlands Public Prosecution Service (Openbaar Ministerie), and the Royal Thai Police, as well as analysts with Lumen Technologies' Black Lotus Labs. Court documents show that the now-dismantled botnet infected older wireless internet routers worldwide with malware since at least 2004, allowing unauthorized access to compromised devices to be sold as proxy servers on Anyproxy.net and 5socks.net. The two domains were managed by a Virginia-based company and hosted on servers globally.

On Wednesday, the FBI also issued a flash advisory (PDF) and a public service announcement warning that this botnet was targeting patch end-of-life (EoL) routers with a variant of the TheMoon malware. The FBI warned that the attackers are installing proxies later used to evade detection during cybercrime-for-hire activities, cryptocurrency theft attacks, and other illegal operations. The list of devices commonly targeted by the botnet includes Linksys and Cisco router models, including:

- Linksys E1200, E2500, E1000, E4200, E1500, E300, E3200, E1550
- Linksys WRT320N, WRT310N, WRT610N
- Cisco M10 and Cradlepoint E100 "The botnet controllers require cryptocurrency for payment. Users are allowed to connect directly with proxies using no authentication, which, as documented in previous cases, can lead to a broad spectrum of malicious actors gaining free access," Black Lotus Labs said. "Given the source range, only around 10% are detected as malicious in popular tools such as VirusTotal, meaning they consistently avoid network monitoring tools with a high degree of success. Proxies such as this are designed to help conceal a range of illicit pursuits including ad fraud, DDoS attacks, brute forcing, or exploiting victim's data."

An anonymous reader quotes a report from BleepingComputer: Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned. Pearson is a UK-based education company and one of the world's largest providers of academic publishing, digital learning tools, and standardized assessments. The company works with schools, universities, and individuals in over 70 countries through its print and online services. In a statement to BleepingComputer, Pearson confirmed they suffered a cyberattack and that data was stolen, but stated it was mostly "legacy data."

"We recently discovered that an unauthorized actor gained access to a portion of our systems," a Pearson representative confirmed to BleepingComputer. "Once we identified the activity, we took steps to stop it and investigate what happened and what data was affected with forensics experts. We also supported law enforcement's investigation. We have taken steps to deploy additional safeguards onto our systems, including enhancing security monitoring and authentication. We are continuing to investigate, but at this time we believe the actor downloaded largely legacy data. We will be sharing additional information directly with customers and partners as appropriate." Pearson also confirmed that the stolen data did not include employee information. The education company previously disclosed in January that they were investigating a breach of one of their subsidiaries, PDRI, which is believed to be related to this attack.

BleepingComputer also notes that threat actors breached Pearson's developer environment in January 2025 using an exposed GitLab access token, gaining access to source code and hard-coded credentials. Terabytes of sensitive data was stolen from cloud platforms and internal systems.

Despite the potential impact on millions of individuals, Pearson has declined to answer key questions about the breach or its response.

An anonymous reader quotes a report from Ars Technica: Hundreds of e-commerce sites, at least one owned by a large multinational company, were backdoored by malware that executes malicious code inside the browsers of visitors, where it can steal payment card information and other sensitive data, security researchers said Monday. The infections are the result of a supply-chain attack that compromised at least three software providers with malware that remained dormant for six years and became active only in the last few weeks. At least 500 e-commerce sites that rely on the backdoored software were infected, and it's possible that the true number is double that, researchers from security firm Sansec said. Among the compromised customers was a $40 billion multinational company, which Sansec didn't name. In an email Monday, a Sansec representative said that "global remediation [on the infected customers] remains limited."

"Since the backdoor allows uploading and executing arbitrary PHP code, the attackers have full remote code execution (RCE) and can do essentially anything they want," the representative wrote. "In nearly all Adobe Commerce/Magento breaches we observe, the backdoor is then used to inject skimming software that runs in the user's browser and steals payment information (Magecart)." The three software suppliers identified by Sansec were Tigren, Magesolution (MGS), and Meetanshi. All three supply software that's based on Magento, an open source e-commerce platform used by thousands of online stores. A software version sold by a fourth provider named Weltpixel has been infected with similar code on some of its customers' stores, but Sansec so far has been unable to confirm whether it was the stores or Weltpixel that were hacked. Adobe has owned Megento since 2018.

An anonymous reader shared this report from The Verge: Firefox could be put out of business should a court implement all the [U.S.] Justice Department's proposals to restrict Google's search monopoly, an executive for the browser owner Mozilla testified Friday. "It's very frightening," Mozilla CFO Eric Muhlheim said.

The Department of Justice wants to bar Google from paying to be the default search engine in third-party browsers including Firefox, among a long list of other proposals including a forced sale of Google's own Chrome browser and requiring it to syndicate search results to rivals. The court has already ruled that Google has an illegal monopoly in search, partly thanks to exclusionary deals that make it the default engine on browsers and phones, depriving rivals of places to distribute their search engines and scale up. But while Firefox — whose CFO is testifying as Google presents its defense — competes directly with Chrome, it warns that losing the lucrative default payments from Google could threaten its existence.

Firefox makes up about 90 percent of Mozilla's revenue, according to Muhlheim, the finance chief for the organization's for-profit arm — which in turn helps fund the nonprofit Mozilla Foundation. About 85 percent of that revenue comes from its deal with Google, he added. Losing that revenue all at once would mean Mozilla would have to make "significant cuts across the company," Muhlheim testified, and warned of a "downward spiral" that could happen if the company had to scale back product engineering investments in Firefox, making it less attractive to users. That kind of spiral, he said, could "put Firefox out of business." That could also mean less money for nonprofit efforts like open source web tools and an assessment of how AI can help fight climate change.

Ironically, Muhlheim seemed to suggest that could cement the very market dominance the court seeks to remedy. Firefox's underlying Gecko browser engine is "the only browser engine that is held not by Big Tech but by a nonprofit," he said.

An anonymous reader quotes a report from the New York Times: Google plans to roll out its Gemini artificial intelligence chatbot next week for children under 13 (source paywalled; alternative source) who have parent-managed Google accounts, as tech companies vie to attract young users with A.I. products. "Gemini Apps will soon be available for your child," the company said in an email this week to the parent of an 8-year-old. "That means your child will be able to use Gemini" to ask questions, get homework help and make up stories. The chatbot will be available to children whose parents useFamily Link, a Google service that enables families to set up Gmail and opt into services like YouTube for their child. To sign up for a child account, parents provide the tech company with personal data like their child's name and birth date. Gemini has specific guardrails for younger users to hinder the chatbot from producing certain unsafe content, said Karl Ryan, a Google spokesman. When a child with a Family Link account uses Gemini, he added, the company will not use that data to train its A.I.

Introducing Gemini for children could accelerate the use of chatbots among a vulnerable population as schools, colleges, companies and others grapple with the effects of popular generative A.I. technologies. Trained on huge amounts of data, these systems can produce humanlike text and realistic-looking images and videos. [...] Google acknowledged some risks in its email to families this week, alerting parents that "Gemini can make mistakes" and suggesting they "help your child think critically" about the chatbot. The email also recommended parents teach their child how to fact-check Gemini's answers. And the company suggested parents remind their child that "Gemini isn't human" and "not to enter sensitive or personal info in Gemini." Despite the company's efforts to filter inappropriate material, the email added, children "may encounter content you don't want them to see."

Redis, the popular in-memory data store, has returned to open source licensing with Redis 8 now available under the AGPL v3 license. The move reverses last year's controversial shift to proprietary licensing schemes (RSALv2 and SSPLv1) that aimed to force major cloud providers to pay for offering Redis as a managed service.

The decision follows significant market pressure, including AWS, Google, and Oracle backing the Valkey fork, which gained momentum in the open source community.

Redis believes the AGPL license provides sufficient protection from cloud providers while satisfying open source requirements. Redis 8 will incorporate vector sets and integrate previously separate Redis Stack features including JSON, Time Series, and probabilistic data support.