An anonymous reader quotes a report from TechCrunch: A group of Russian government hackers have hijacked thousands of home and small business routers around the world as part of an ongoing campaign aimed at redirecting victim's internet traffic to steal their passwords and access tokens, security researchers and government authorities warned on Tuesday. [...] The hacking group targeted unpatched routers made by MikroTik and TP-Link using previously disclosed vulnerabilities according to the U.K. government's cybersecurity unit NCSC and Lumen's research arm Black Lotus Labs, which released new details of the campaign Tuesday.

According to the researchers, the hackers were able to spy on large numbers of people over the course of several years by compromising their routers, many of which run outdated software, leaving them vulnerable to remote attacks without their owners' knowledge. The NCSC said that these operations are "likely opportunistic in nature, with the actor casting a wide net to reach many potential victims, before narrowing in on targets of intelligence interest as the attack develops." Per the researchers and government advisories, the Russian hackers hacked routers to modify the device's settings so that the victim's internet requests are surreptitiously passed to infrastructure run by the hackers. This allows the hackers to redirect victims to spoof websites under their control, then steal passwords and tokens that let the hackers log in to that victim's online accounts without needing their two-factor authentication codes.

Black Lotus Labs said that Fancy Bear compromised at least 18,000 victims in around 120 countries, including government departments, law enforcement agencies, and email providers across North Africa, Central America, and Southeast Asia. Microsoft, which also released details of the campaign on Tuesday, said in a blog post that its researchers identified over 200 organizations and 5,000 consumer devices affected by these hacking operations, including at least three government organizations in Africa. The Justice Department said Tuesday it neutralized compromised routers in the U.S. under court authorization. As the DOJ put it, the FBI "developed a series of commands to send to compromised routers" to collect evidence, reset settings, and prevent hackers from breaking back in.

Meet the "journalist" who "uploads press releases or analyst notes into AI tools and prompts them to spit out articles that he can edit and publish quickly," according to the Wall Street Journal.

"AI-assisted stories accounted for nearly 20% of Fortune's web traffic in the second half of 2025." And most were written by 42-year-old Nick Lichtenberg, who has now written over 600 AI-assisted stories, producing "more stories in six months than any of his colleagues at Fortune delivered in a year." One Wednesday in February, he cranked out seven. "I'm a bit of a freak," Lichtenberg said... A story by Lichtenberg sometimes starts with a prompt entered into Perplexity or Google's NotebookLM, asking it to write something based on a headline he comes up with. He moves the AI tools' initial drafts into a content-management system and edits the stories before publishing them for Fortune's readers... A piece from earlier that morning about Josh D'Amaro being named Disney CEO took 10 minutes to get online, he said...

Like other journalists, Lichtenberg vets his stories. He refers back to the original documents to confirm the information he's reporting is correct. He reaches out to companies for comment. But he admits his process isn't as thorough as that of magazine fact-checkers.
While Lichtenberg started out saying his stories were co-authored with "Fortune Intelligence", he now typically signs his own name, according to the article, "because he feels the work is mostly his own." (Though his stories "sometimes" disclose generative AI was used as a research tool...) The article asks with he could be "a bellwether for where much of the media business is headed..."

"Much of the content people now consume online is generated by artificial intelligence, with some 9% of newly published newspaper articles either partially or fully AI-generated, according to a 2025 study led by the University of Maryland. The number of AI-generated articles on the web surpassed human-written ones in late 2024, according to research and marketing agency Graphite." Some executives have made full-throated declarations about the threat posed by AI. New York Times publisher A.G. Sulzberger said AI "is almost certainly going to usher in an unprecedented torrent of crap," referencing deepfakes as an example. The NewsGuild of New York, the union representing Fortune employees and journalists at other media outlets, said the people are what makes journalism so powerful. "You simply can't replicate lived experiences, human judgment and expertise," said president Susan DeCarava.

For Chris Quinn, the editor of local publications Cleveland.com and the Plain Dealer, AI tools have helped tame other torrents facing the industry. AI has allowed the outlets to cover counties in Ohio that otherwise might go ignored by scraping information from local websites and sending "tips" to reporters, he said. It has also edited stories and written first drafts so the newsrooms' journalists can focus on the calls, research and reporting needed for their stories.... Newsrooms from the New York Times to The Wall Street Journal are deploying AI in various ways to help reporters and editors work more efficiently....

Not all newsrooms disclose their use of AI, and in some cases have rolled out new tools that resulted in errors or PR gaffes. An October study from the European Broadcasting Union and the BBC, which relied on professional journalists to evaluate the news integrity of more than 3,000 AI responses, found that almost half of all AI responses had at least one significant issue.
Last week the New York Times even issued a correction when a freelance book reviewer using an AI tool unknowingly included "language and details similar to those in a review of the same book published in The Guardian." But it was actually "the second time in a few days that the Times was called out for potential AI plagiarism," according to the American journalist writing The Handbasket newsletter. We must stem the idea being pushed by tech companies and their billionaire funders who've sunk too much into their products to admit defeat that the infiltration of AI into journalism is inevitable; because from my perch as an independent journalist, it simply is not...

Some AI-loving journalists appear to believe that if they're clear enough with the AI program they're using, it will truly understand what they're seeking and not just do what it's made to do: steal shit... If you want to work with machines, get a job that requires it. There are a whole lot more of those than there are writing jobs, so free up space for people who actually want to do the work. You're not doing the world a favor by gifting it your human/AI hybrid. Journalism will not miss you if you leave...
But meanwhile, USA Today recently tried hiring for a new position: AI-Assisted reporter. (The lucky reporter will "support the launch and scaling of AI-assisted local journalism in a major U.S. metro," working with tools including Copilot and Perplexity, pioneering possible future expansions and "AI-enabled newsroom operations that support and augment human-led journalism.") And Google is already sponsoring a "publishing innovation award"...

A former U.S. spy spoke to The New Yorker about "years of clandestine work for the C.I.A. — which, he said, had 'prevented Iran from getting a nuke'." [Kevin] Chalker told me that, as he understood it, the Pentagon had suggested running commando operations to kill key Iranian scientists, as Israel subsequently did. But the C.I.A. proposed recruiting those scientists to defect, as U.S. spies had once courted Soviet physicists. Chalker paraphrased the agency's pitch: "We can debrief them and learn so much more — and, if they say no, then you can kill them." (A more senior agency official confirmed the broad strokes of his account.) The White House liked the agency's idea, and [president George W.] Bush authorized the C.I.A. to conduct clandestine operations to stop Iran from building a bomb. The C.I.A. program that Chalker described to me became publicly known in 2007, when the Los Angeles Times reported on the existence of an agency project called Brain Drain. But the details of the "invitations" to Iranian scientists have not previously been reported...

Chalker typically had about ten minutes to explain, as gently as possible, that he was from the C.I.A., that he had the power to secure the scientist and his family a comfortable new life in the U.S. — and that, if the offer was rejected, the scientist, regrettably, would be assassinated. (Chalker tried to emphasize the happier potential outcome.) Killing a civilian scientist would violate international law. The American government has denied ever doing it, and I found no evidence that the U.S. has carried out any such murders. A former senior agency official familiar with the Brain Drain project told me all that mattered was that Iranian scientists had believed they would be killed, regardless of whether the U.S. actually made good on the threat. And Israel had been conducting a campaign to assassinate Iranian scientists, which made the prospect of lethal reprisal highly plausible. Other former officials with knowledge of the project told me that the C.I.A. sometimes shared intelligence with Mossad which enabled its operatives to locate and kill a scientist. Such information exchanges were kept vague enough to preserve deniability if a more legalistic U.S. Administration later took office...

[Chalker] is confident that those who rebuffed him were, in fact, killed — one way or another... One of Chalker's colleagues told me that, against the backdrop of so many Israeli assassinations, Chalker's interactions with Iranian scientists could almost be considered humanitarian — he had been "throwing them a lifeline." Of the many scientists he approached, three-quarters ultimately agreed to coöperate.
Their 10,000-word article suggests Chalker may now be resentful the CIA didn't help him in a later unrelated lawsuit, noting it's "nearly unheard of for ex-spies to divulge their past activities."

But Chalker also says he "helped obtain pivotal information that laid the groundwork for more than a decade of American efforts to disrupt the Iranian nuclear-weapons program, from the Stuxnet cyberattacks, which occurred around 2010 [destroying 1,000 uranium-enriching centrifuges], to the Obama Administration's nuclear deal, in 2015, to the U.S. air strikes on Iranian atomic-energy facilities in the summer of 2025."

joshuark writes: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks. VMware Aria Operations is an enterprise monitoring platform that helps organizations track the performance and health of servers, networks, and cloud infrastructure. The flaw has now been added to the CISA's Known Exploited Vulnerabilities (KEV) catalog, with the U.S. cyber agency requiring federal civilian agencies to address the issue by March 24, 2026. Broadcom said it is aware of reports indicating the vulnerability is exploited in attacks but cannot confirm the claims.

"A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress," the advisory explains. Broadcom released security patches on February 24 and also provided a temporary workaround for organizations unable to apply the patches immediately. The mitigation is a shell script named "aria-ops-rce-workaround.sh," which must be executed as root on each Aria Operations appliance node. There are currently no details on how the vulnerability is being exploited in the wild, who is behind it, and the scale of such efforts.

An anonymous reader quotes a report from the Associated Press: Anthropic CEO Dario Amodei said Thursday the artificial intelligence company "cannot in good conscience accede" to the Pentagon's demands to allow wider use of its technology. The maker of the AI chatbot Claude said in a statement that it's not walking away from negotiations, but that new contract language received from the Defense Department "made virtually no progress on preventing Claude's use for mass surveillance of Americans or in fully autonomous weapons."

The Pentagon's top spokesman has reiterated that the military wants to use Anthropic's artificial intelligence technology in legal ways and will not let the company dictate any limits ahead of a Friday deadline to agree to its demands. Sean Parnell said Thursday on social media that the Pentagon "has no interest in using AI to conduct mass surveillance of Americans (which is illegal) nor do we want to use AI to develop autonomous weapons that operate without human involvement."

Anthropic's policies prevent its models, such as its chatbot Claude, from being used for those purposes. It's the last of its peers -- the Pentagon also has contracts with Google, OpenAI and Elon Musk's xAI -- to not supply its technology to a new U.S. military internal network. Parnell said the Pentagon wants to "use Anthropic's model for all lawful purposes" but didn't offer details on what that entailed. He said opening up use of the technology would prevent the company from "jeopardizing critical military operations." "We will not let ANY company dictate the terms regarding how we make operational decisions," he said. In a post on X, Parnell said Anthropic will "have until 5:01 PM ET on Friday to decide. Otherwise, we will terminate our partnership with Anthropic and deem them a supply chain risk for DOW."

Talks "are at a standstill" for Anthropic's potential $200 million contract with America's Defense Department, reports Reuters (citing several people familiar with the discussions.") The two issues?

- Using AI to surveil Americans
- Safeguards against deploying AI autonomously

The company's position on how its AI tools can be used has intensified disagreements between it and the Trump administration, the details of which have not been previously reported... Anthropic said its AI is "extensively used for national security missions by the U.S. government and we are in productive discussions with the Department of War about ways to continue that work..."

In an essay on his personal blog, Anthropic CEO Dario Amodei warned this week that AI should support national defense "in all ways except those which would make us more like our autocratic adversaries.
A person "familiar with the matter" told the Wall Street Journal this could lead to the cancellation of Anthropic's contract: Tensions with the administration began almost immediately after it was awarded, in part because Anthropic's terms and conditions dictate that Claude can't be used for any actions related to domestic surveillance. That limits how many law-enforcement agencies such as Immigration and Customs Enforcement and the Federal Bureau of Investigation could deploy it, people familiar with the matter said. Anthropic's focus on safe applications of AI — and its objection to having its technology used in autonomous lethal operations — have continued to cause problems, they said.
Amodei's essay calls for "courage, for enough people to buck the prevailing trends and stand on principle, even in the face of threats to their economic interests and personal safety..."

Alphabet is acquiring Intersect for $4.75 billion to accelerate data center and power-generation capacity as AI infrastructure demand surges. CNBC reports: Alphabet said Intersect's operations will remain independent, but that the acquisition will help bring more data center and generation capacity online faster. "Intersect will help us expand capacity, operate more nimbly in building new power generation in lockstep with new data center load, and reimagine energy solutions to drive U.S. innovation and leadership," Sundar Pichai, CEO of Google and Alphabet, said in a statement.

Google already had a minority stake in Intersect from a funding round that was announced last December. In a release at the time, Intersect said its strategic partnership with Google and TPG Rise Climate aimed to develop gigawatts of data center capacity across the U.S., including a $20 billion investment in renewable power infrastructure by the end of the decade.

Alphabet said Monday that Intersect will work closely with Google's technical infrastructure team, including on the companies' co-located power site and data center in Haskell County, Texas. Google previously announced a $40 billion investment in Texas through 2027, which includes new data center campuses in the state's Haskell and Armstrong counties.

America's Energy Department runs a research lab in Idaho — and this week announced successful results from a ground-breaking experiment. "This is the first time in history that chloride-based molten salt fuel has been produced for a fast reactor," says Bill Phillips, the lab's technical lead for salt synthesis. He calls it "a major milestone for American innovation and a clear signal of our national commitment to advanced nuclear energy." Unlike traditional reactors that use solid fuel rods and water as a coolant, most molten salt reactors rely on liquid fuel — a mixture of salts containing fissile material. This design allows for higher operating temperatures, better fuel efficiency, and enhanced safety. It also opens the door to new applications, including compact nuclear systems for ships and remote installations.

"The Molten Chloride Fast Reactor represents a paradigm shift in the nuclear fuel cycle, and the Molten Chloride Reactor Experiment (MCRE) will directly inform the commercialization of that reactor," said Jeff Latkowski, senior vice president of TerraPower and program director for the Molten Chloride Fast Reactor. "Working with world-leading organizations such as INL to successfully synthesize this unique new fuel demonstrates how real progress in Gen IV nuclear is being made together."

"The implications for the maritime industry are significant," said Don Wood, senior technical advisor for MCRE. "Molten salt reactors could provide ships with highly efficient, low-maintenance nuclear power, reducing emissions and enabling long-range, uninterrupted travel. The technology could spark the rise of a new nuclear sector — one that is mobile, scalable and globally transformative.
More details from America's Energy Department: MCRE will require a total of 72 to 75 batches of fuel salt to go critical, making it the largest fuel production effort at INL since the operations of Experimental Breeder Reactor-II more than 30 years ago. The full-scale demonstration of the new fuel salt synthesis line for MCRE was made possible by a breakthrough in 2024. After years of testing, the team found the right recipe to convert 95 percent of uranium metal feedstock into 18 kilograms of uranium chloride fuel salt in only a few hours — a process that previously took more than a week to complete...

After delivering the first batch of fuel salt this fall, the team anticipates delivering four additional batches by March of 2026. MCRE is anticipated to run in 2028 for approximately six months at INL in the Laboratory for Operation and Testing (LOTUS) in the United States test bed.
"With the first batch of fuel salt successfully created at INL, researchers will now conduct testing to better understand the physics of the process, with a goal of moving the process to a commercial scale over the next decade," says Cowboy State Daily.

Thanks to long-time Slashdot reader schwit1 for sharing the article.

U.S. and Canadian cybersecurity agencies say Chinese-linked actors deployed "Brickstorm" malware to infiltrate critical infrastructure and maintain long-term access for potential sabotage. Reuters reports: The Chinese-linked hacking operations are the latest example of Chinese hackers targeting critical infrastructure, infiltrating sensitive networks and "embedding themselves to enable long-term access, disruption, and potential sabotage," Madhu Gottumukkala, the acting director of the Cybersecurity and Infrastructure Security Agency, said in an advisory signed by CISA, the National Security Agency and the Canadian Centre for Cyber Security. According to the advisory, which was published alongside a more detailed malware analysis report (PDF), the state-backed hackers are using malware known as "Brickstorm" to target multiple government services and information technology entities. Once inside victim networks, the hackers can steal login credentials and other sensitive information and potentially take full control of targeted computers.

In one case, the attackers used Brickstorm to penetrate a company in April 2024 and maintained access through at least September 3, 2025, according to the advisory. CISA Executive Assistant Director for Cybersecurity Nick Andersen declined to share details about the total number of government organizations targeted or specifics around what the hackers did once they penetrated their targets during a call with reporters on Thursday. The advisory and malware analysis reports are based on eight Brickstorm samples obtained from targeted organizations, according to CISA. The hackers are deploying the malware against VMware vSphere, a product sold by Broadcom's VMware to create and manage virtual machines within networks. [...] In addition to traditional espionage, the hackers in those cases likely also used the operations to develop new, previously unknown vulnerabilities and establish pivot points to broader access to more victims, Google said at the time.

U.S. regulators are pressing Waymo for answers after Texas officials reported 19 instances of its self-driving cars illegally passing stopped school buses, including cases that occurred after Waymo claimed to have deployed a software fix. Longtime Slashdot reader BrendaEM shares the report from Reuters: In a November 20 letter posted by NHTSA, the Austin Independent School District said five incidents occurred in November after Waymo said it had made software updates to resolve the issue and asked the company to halt operations around schools during pick-up and drop-off times until it could ensure the vehicles would not violate the law. "We cannot allow Waymo to continue endangering our students while it attempts to implement a fix," a lawyer for the school district wrote, citing one incident involving a Waymo that was "recorded driving past a stopped school bus only moments after a student crossed in front of the vehicle, and while the student was still in the road."

The letter prompted NHTSA to ask Waymo on November 24 if it would comply with the request to cease self-driving operations during student pick-up and drop-off times, adding: "Was an appropriate software fix implemented or developed to mitigate this concern? And if so, does Waymo plan to file a recall for the fix?" The school district told Reuters on Thursday that Waymo refuses to halt operations around schools and said another incident involving a self-driving car and an actively loading school bus occurred on December 1, which "indicates that those programming changes did not resolve the issue or our concerns."

In a statement, Waymo did not answer why it had refused to halt operations around Austin schools or answer if it would issue a recall. "We're deeply invested in safe interaction with school buses. We swiftly implemented software updates to address this and will continue to rapidly improve," Waymo said. NHTSA said in a letter to Waymo on Wednesday that it was demanding answers to a series of questions by January 20 about incidents involving school buses and details of software updates to address safety concerns.

"A year after launching a commercial robotaxi service in Abu Dhabi, Chinese autonomous vehicle technology company WeRide and partner Uber can finally call that service driverless," reports TechCrunch.

A company official hailed it as "a historic transportation milestone, as the first driverless AV deployment outside of the U.S. or China." But TechCrunch notes that's just the beginning: Uber has spent the past two years locking up partnerships with 20 autonomous vehicle technology companies in various countries, including the United States, Europe, and the Middle East.

Those partnerships have expanded beyond the realm of robotaxis as well. Uber's deals span the full range of self-driving applications, including delivery and trucking. This year alone, it announced partnerships withAnn Arbor, Michigan-basedMay MobilityandVolkswagen, Chinese self-driving firms Momenta,Pony.ai, and Baidu, as well as a recent deal to create a premium robotaxi service using Lucid Gravity SUVs equipped with a self-driving system from San Francisco-based startup Nuro.

These deals are finally beginning to materialize into commercial services. For instance, Uber and Waymo launched a robotaxi service earlier this year in Austin. Now, Uber has expanded to the Middle East with WeRide in Abu Dhabi — with even more cities to come, including Dubai. Uber CEO Dara Khosrowshahi forecast in the company's third-quarter earnings report that there would be autonomous vehicle deployments on the Uber network in at least 10 cities by the end of 2026. Uber and WeRide have previously shared plans to expand to 15 cities throughout the Middle East and Europe, eventually scaling to thousands of robotaxis. That would represent a massive leap for WeRide, which today has more than 150 robotaxis in the region.

Microsoft said in a blog post this week that "over half of cyberattacks with known motives were driven by extortion or ransomware... while attacks focused solely on espionage made up just 4%."

And Microsoft's annual digital threats report found operations expanding even more through AI, with cybercriminals "accelerating malware development and creating more realistic synthetic content, enhancing the efficiency of activities such as phishing and ransomware attacks." [L]egacy security measures are no longer enough; we need modern defenses leveraging AI and strong collaboration across industries and governments to keep pace with the threat...

Over the past year, both attackers and defenders harnessed the power of generative AI. Threat actors are using AI to boost their attacks by automating phishing, scaling social engineering, creating synthetic media, finding vulnerabilities faster, and creating malware that can adapt itself... For defenders, AI is also proving to be a valuable tool. Microsoft, for example, uses AI to spot threats, close detection gaps, catch phishing attempts, and protect vulnerable users. As both the risks and opportunities of AI rapidly evolve, organizations must prioritize securing their AI tools and training their teams...

Amid the growing sophistication of cyber threats, one statistic stands out: more than 97% of identity attacks are password attacks. In the first half of 2025 alone, identity-based attacks surged by 32%. That means the vast majority of malicious sign-in attempts an organization might receive are via large-scale password guessing attempts. Attackers get usernames and passwords ("credentials") for these bulk attacks largely from credential leaks. However, credential leaks aren't the only place where attackers can obtain credentials. This year, we saw a surge in the use of infostealer malware by cybercriminals...

Luckily, the solution to identity compromise is simple. The implementation of phishing-resistant multifactor authentication (MFA) can stop over 99% of this type of attack even if the attacker has the correct username and password combination.
"Security is not only a technical challenge but a governance imperative..." Microsoft adds in their blog post. "Governments must build frameworks that signal credible and proportionate consequences for malicious activity that violates international rules." (The report also found that America is the #1 most-targeted country — and that many U.S. companies have outdated cyber defenses.)

But while "most of the immediate attacks organizations face today come from opportunistic criminals looking to make a profit," Microsoft writes that nation-state threats "remain a serious and persistent threat." More details from the Associated Press: Russia, China, Iran and North Korea have sharply increased their use of artificial intelligence to deceive people online and mount cyberattacks against the United States, according to new research from Microsoft. This July, the company identified more than 200 instances of foreign adversaries using AI to create fake content online, more than double the number from July 2024 and more than ten times the number seen in 2023.
Examples of foreign espionage cited by the article:

• China is continuing its broad push across industries to conduct espionage and steal sensitive data...

• Iran is going after a wider range of targets than ever before, from the Middle East to North America, as part of broadening espionage operations..

• "[O]utside of Ukraine, the top ten countries most affected by Russian cyber activity all belong to the North Atlantic Treaty Organization (NATO) — a 25% increase compared to last year."

• North Korea remains focused on revenue generation and espionage...

There was one especially worrying finding. The report found that critical public services are often targeted, partly because their tight budgets limit their incident response capabilities, "often resulting in outdated software.... Ransomware actors in particular focus on these critical sectors because of the targets' limited options. For example, a hospital must quickly resolve its encrypted systems, or patients could die, potentially leaving no other recourse but to pay."

Hackers breached financial services firm Prosper, stealing the personal data of roughly 17.6 million people, including Social Security numbers, income details, and government IDs. "We have evidence that confidential, proprietary, and personal information, including Social Security Numbers, was obtained, including through unauthorized queries made on Company databases that store customer information and applicant data. We will be offering free credit monitoring as appropriate after we determine what data was affected," the company says. "The investigation is still in its very early stages, but resolving this incident is our top priority and we are committed to sharing additional information with our customers as appropriate." BleepingComputer reports: Prosper operates as a peer-to-peer lending marketplace that has helped over 2 million customers secure more than $30 billion in loans since its founding in 2005. As the company disclosed one month ago on a dedicated page, the breach was detected on September 2, but Prosper has yet to find evidence that the attackers gained access to customer accounts and funds.

However, the attackers stole data belonging to Prosper customers and loan applicants. The company hasn't shared what information was exposed beyond Social Security numbers because it's still investigating what data was affected. Prosper added that the security breach didn't impact its customer-facing operations and that it has reported the incident to relevant authorities and is collaborating with law enforcement to investigate the attack. [...] The stolen information also includes customers' names, government-issued IDs, employment status, credit status, income levels, dates of birth, physical addresses, IP addresses, and browser user agent details. Have I Been Pwned revealed the extent of the incident on Thursday.

Treasury Secretary Scott Bessent announced that the U.S. and China have reached a tentative "framework" agreement on TikTok's U.S. operations, with Presidents Trump and Xi set to finalize details Friday. "It's between two private parties, but the commercial terms have been agreed upon," he said. The update comes two days before TikTok parent company ByteDance faces a Sept. 17 deadline to divest the platform's U.S. business or potentially be shut down in the country. The deadline may need to be pushed back yet again to get the deal signed. CNBC reports: Both President Donald Trump and Chinese President Xi Jinping will meet Friday to discuss the terms. Trump also said in a Truth Social post Monday that a deal was reached "on a 'certain' company that young people in our Country very much wanted to save."

Bessent indicated the framework could pivot the platform to U.S.-controlled ownership. China's lead trade negotiator, Li Chenggang, confirmed the framework deal was in place and said the U.S. should not continue to suppress Chinese companies, according to Reuters.

Archer Aviation is "the official air taxi partner" of the 2028 Olympic Games in Los Angeles, Electrek reported in May. In June it entered "a key development phase ahead of full-fledged flight certification and commercial operations" by completing a piloted flight in its flagship Midnight aircraft, "demonstrating a conventional takeoff and landing instead of vertical (it can do both)." During that flight, which took place in the skies above Salinas, California, the eVTOL achieved a top speed of 125 mph and a maximum altitude of 1,500 feet above ground level. Most recently, Archer has taken its Midnight eVTOL above Salinas again, achieving its longest flight to date. Per Archer, the recent successful flight in California lasted 31 minutes, and the piloted Midnight eVTOL traveled 55 miles — the company's longest recorded flight yet with a pilot onboard... [Again with speeds exceeding 125 mph]

United Airlines CFO Mike Leskinen, who led the airline's early investment in Archer Aviation, was present at the test facility to witness the milestone flight. Leskinen congratulated the Archer team on its longest eVTOL flight and expressed his satisfaction with the Midnight aircraft's quiet operation.
Their aircraft even "reached speeds of nearly 150 miles per hour" the week before, according to Archer's announcement. They're calling it another milestone "as the company advances toward FAA certification in the U.S. and near-term commercialization in the United Arab Emirates."

And Archer's Founder/CEO said crossing the 50-mile mark at speed "is another clear step toward commercialization that shows the maturity of our program."

The Hill reports: Russian state-sponsored hackers have targeted thousands of networking devices associated with U.S. critical infrastructure sectors over the past year, the FBI warned Wednesday. The cyber actors are associated with the Russian Federal Security Service's (FSB) Center 16 and have taken aim at a vulnerability in certain Cisco devices, according to an agency public service announcement.

In some cases, hackers have been able to modify configuration files to enable unauthorized access, which they have used to conduct reconnaissance on networks. This has "revealed their interest in protocols and applications commonly associated with industrial control systems," the FBI said.

Cisco's threat intelligence research arm, Talos, explained in a separate advisory that a subcluster of this group, which it has named "Static Tundra," is targeting a seven-year-old vulnerability in the company's Smart Install feature. The firm has offered a patch for the vulnerability, but it remains a problem in unpatched and end-of-life network devices, it warned.
"Once they establish initial access to a network device, Static Tundra will pivot further into the target environment, compromising additional network devices and establishing channels for long-term persistence and information gathering," warns the Talos blog. "This is demonstrated by the group's ability to maintain access in target environments for multiple years without being detected."

In a statement emailed to The Register, a Cisco spokesperson "said the company is aware of ongoing exploitation targeting this flaw." "We strongly urge customers to immediately upgrade to fixed software versions as outlined in the security advisory and follow our published security best practices," the spokesperson said, directing customers to the FBI's announcement and Cisco Talos blog for additional details.

The ongoing campaign targets telecommunications, higher education, and manufacturing organizations across North America, Asia, Africa, and Europe, "with victims selected based on their strategic interest to the Russian government," according to Talos researchers Sara McBroom and Brandon White. "We assess that the purpose of this campaign is to compromise and extract device configuration information en masse, which can later be leveraged as needed based on then-current strategic goals and interests of the Russian government," McBroom and White wrote.

And while both security alerts focus on the FSB's latest round of network intrusions, "many other state-sponsored actors also covet the access these devices afford," the Talos team warned. "Organizations should be aware that other advanced persistent threats (APTs) are likely prioritizing carrying out similar operations as well."
Some context from Hot Hardware: Cisco indicated in its advisory that "Only Smart Install client switches are affected by the vulnerability". The list of affected devices is in Table A-1 here. For a successful attack, hackers exploit a vulnerability tracked as CVE-2018-0171. This was a vulnerability that was patched way back in 2018.

An anonymous reader quotes a report from the Detroit Free Press: Ford is announcing the creation of a new electric vehicle production system and a new EV platform that will allow the automaker to more efficiently bring several lower-cost EVs to market, the first of which will be a midsize, four-door electric pickup that seats five, to launch in 2027. That pickup, which is expected to start around $30,000, will be assembled at Ford's Louisville Assembly Plant for U.S. and export markets. The Dearborn-based automaker said it will invest $2 billion to retool the Louisville plant starting later this year. [...] Ford's investment in Louisville Assembly is in addition to Ford's previously announced $3 billion commitment for BlueOval Battery Park in Marshall, Michigan, where Ford will make the prismatic LFP batteries, starting next year, for the midsize electric pickup. Together, the nearly $5 billion investments mean Ford expects to create or secure nearly 4,000 direct jobs while strengthening the domestic supply chain with dozens of new U.S.-based suppliers.

Ford executives and Kentucky officials also introduced on Monday, Aug. 11, the new Ford Universal EV Production System, which they said will simplify production and ease operations for workers. Ford leaders also announced the creation of the Ford Universal Electric Vehicle Platform, which will enable the development of "a family of affordable electric vehicles produced at scale." The vehicles will be software-defined with over-the-air updates to keep improving the vehicles over time. "We took a radical approach to solve a very hard challenge: Create affordable vehicles that are breakthrough in every way that matters design, technology, performance, space and cost of ownership and do it with American workers," Ford CEO Jim Farley said in a statement. "Nobody wants to see another good college try by a Detroit automaker to make an affordable vehicle that ends up with idled plants, layoffs and uncertainty."

Farley has teased this announcement since Ford's second-quarter earnings when he said Ford would have a "Model-T moment" on Aug. 11. He's referring to the classic vehicle that helped turn Ford into a mass market automaker and perfect the assembly line process. At that time, Farley said it was critical that Ford unveil an EV strategy that would position it to make money selling the electric cars and effectively compete against the Chinese, who are known for making high-quality, desirable and affordable EVs. "So, this has to be a good business," Farley said of Ford's investments in the new process and platform. "From Day 1, we knew there was no incremental path to success. We empowered a tiny skunkworks team three time zones away from Detroit. We reinvented the line. And we are on a path to be the first automaker to make prismatic LFP batteries in the U.S. We will not rely on imports." Ford says its new Universal Electric Vehicle Platform "reduces parts by 20% versus a typical vehicle, with 25% fewer fasteners, 40% fewer workstations dock-to-dock in the plant and 15% faster assembly time." The new EV pickup built using this platform is targeting a "starting MSRP at about $30,000, roughly the same as the Model T when adjusted for inflation," adds Farley.

He shared additional details in an interview with Wired, such as how the automaker hired Tesla veterans Doug Field (who also helped lead Apple's now-defunct EV project) and Alan Clarke. "Turns out, Doug and Alan and the team built a propulsion system that was like Apollo 13, managed down to the watt so that our battery could be so much smaller than BYD's," said Farley.

"What happens when cybercriminals stop thinking small and start thinking like a Fortune 500 company?" asks a blog post from Koi Security. "You get GreedyBear, the attack group that just redefined industrial-scale crypto theft."

"150 weaponized Firefox extensions [impersonating popular cryptocurrency wallets like MetaMask and TronLink]. Nearly 500 malicious executables. Dozens of phishing websites. One coordinated attack infrastructure. According to user reports, over $1 million stolen." They upload 5-7 innocuous-looking extensions like link sanitizers, YouTube downloaders, and other common utilities with no actual functionality... They post dozens of fake positive reviews for these generic extensions to build credibility. After establishing trust, they "hollow out" the extensions — changing names, icons, and injecting malicious code while keeping the positive review history. This approach allows GreedyBear to bypass marketplace security by appearing legitimate during the initial review process, then weaponizing established extensions that already have user trust and positive ratings. The weaponized extensions captures wallet credentials directly from user input fields within the extension's own popup interface, and exfiltrate them to a remote server controlled by the group...

Alongside malware and extensions, the threat group has also launched a network of scam websites posing as crypto-related products and services. These aren't typical phishing pages mimicking login portals — instead, they appear as slick, fake product landing pages advertising digital wallets, hardware devices, or wallet repair services... While these sites vary in design, their purpose appears to be the same: to deceive users into entering personal information, wallet credentials, or payment details — possibly resulting in credential theft, credit card fraud, or both. Some of these domains are active and fully functional, while others may be staged for future activation or targeted scams...

A striking aspect of the campaign is its infrastructure consolidation: Almost all domains — across extensions, EXE payloads, and phishing sites — resolve to a single IP address: 185.208.156.66 — this server acts as a central hub for command-and-control, credential collection, ransomware coordination, and scam websites, allowing the attackers to streamline operations across multiple channels... Our analysis of the campaign's code shows clear signs of AI-generated artifacts. This makes it faster and easier than ever for attackers to scale operations, diversify payloads, and evade detection.

This isn't a passing trend — it's the new normal.
The researchers believe the group "is likely testing or preparing parallel operations in other marketplaces."

alternative_right quotes a report from The Register: Space fans looking to camp out in style have a chance to pick up an Airstream trailer that once served as the Convoy Command Vehicle for NASA's Space Shuttle operations at Edwards Air Force Base -- if they have a couple hundred thousand to spare, that is. "This is the NASA 025 Command Vehicle," current owner Jonathan Kitzen says of the once-silver, now paint-daubed and otherwise unassuming Airstream trailer. "NASA 025 was designed to land crewed missions at Edwards Air Force Base. [Airstream] informed me that this was, in their, words, 'the only NASA Airstream ever sold,' and the others [001-024] were all crushed or in museums. The sister crew vehicle (a 28-ft with one rear axle) is sitting at Kennedy museum [the Kennedy Space Center Visitor Complex]. All the rest are gone, except for this one."

Kitzen picked up the vehicle in 2022 up after spotting it on a government surplus auction site, where it had been listed with few details and at a very low starting price. As for how the rare vehicle ended up for sale in the first place, Kitzen says he was told it was a mistake. "Apparently there was some miscommunication when the vehicle was decommissioned," he claims in the sale listing. "It should have been offered to museums but the sales team did not know what it was. They were told it was just a 'NASA vehicle,' they did not know it had any special status or history. To the sellers they thought it was just a van that could have been for moving laundry around the base. It was an accidental (yet valid) sale.

"When I pulled up to Vandenberg Air Force Base after getting my NASA contractor badge I was greeted by the senior asset manager," Kitzen continues. "'We didn't know what we were selling!' were the first words out of her mouth. 'We didn't advertise it or offer it up to museums, the phone has exploded. Nobody told us what it was!'" [...] The listing on vehicle sale site Hemmings.com has an asking price of $199,000, though with no offers yet submitted. A listing on eBay with a $50,000 minimum bid and $290,000 buy-it-now price ended in May with no takers.

An anonymous reader quotes a report from Wired: An airline leaving all of its passengers' travel records vulnerable to hackers would make an attractive target for espionage. Less obvious, but perhaps even more useful for those spies, would be access to a premium travel service that spans 10 different airlines, left its own detailed flight information accessible to data thieves, and seems to be favored by international diplomats. That's what one team of cybersecurity researchers found in the form of Airportr, a UK-based luggage service that partners with airlines to let its largely UK- and Europe-based users pay to have their bags picked up, checked, and delivered to their destination. Researchers at the firm CyberX9 found that simple bugs in Airportr's website allowed them to access virtually all of those users' personal information, including travel plans, or even gain administrator privileges that would have allowed a hacker to redirect or steal luggage in transit. Among even the small sample of user data that the researchers reviewed and shared with WIRED they found what appear to be the personal information and travel records of multiple government officials and diplomats from the UK, Switzerland, and the US.

Airportr's CEO Randel Darby confirmed CyberX9's findings in a written statement provided to WIRED but noted that Airportr had disabled the vulnerable part of its site's backend very shortly after the researchers made the company aware of the issues last April and fixed the problems within a few day. "The data was accessed solely by the ethical hackers for the purpose of recommending improvements to Airportr's security, and our prompt response and mitigation ensured no further risk," Darby wrote in a statement. "We take our responsibilities to protect customer data very seriously." CyberX9's researchers, for their part, counter that the simplicity of the vulnerabilities they found mean that there's no guarantee other hackers didn't access Airportr's data first. They found that a relatively basic web vulnerability allowed them to change the password of any user to gain access to their account if they had just the user's email address -- and they were also able to brute-force guess email addresses with no rate limitations on the site. As a result, they could access data including all customers' names, phone numbers, home addresses, detailed travel plans and history, airline tickets, boarding passes and flight details, passport images, and signatures.

By gaining access to an administrator account, CyberX9's researchers say, a hacker could also have used the vulnerabilities it found to redirect luggage, steal luggage, or even cancel flights on airline websites by using Airportr's data to gain access to customer accounts on those sites. The researchers say they could also have used their access to send emails and text messages as Airportr, a potential phishing risk. Airportr tells WIRED that it has 92,000 users and claims on its website that it has handled more than 800,000 bags for customers. [...] The researchers found that they could monitor their browser's communications as they signed up for Airportr and created a new password, and then reuse an API key intercepted from those communications to instead change another user's password to anything they chose. The site also lacked a "rate limiting" security measure that would prevent automated guesses of email addresses to rapidly change the password of every user's account. And the researchers were also able to find email addresses of Airportr administrators that allowed them to take over their accounts and gain their privileges over the company's data and operations. "Anyone would have been able to gain or might have gained absolute super-admin access to all the operations and data of this company," says Himanshu Pathak, CyberX9's founder and CEO. "The vulnerabilities resulted in complete confidential private information exposure of all airline customers in all countries who used the service of this company, including full control over all the bookings and baggage. Because once you are the super-admin of their most sensitive systems, you have have the ability to do anything."