The UK government plans to ban political donations made in cryptocurrency over fears of anonymity, foreign influence, and traceability issues, though the ban won't be ready in time for the upcoming elections bill. The Guardian reports: The government's ambition to ban crypto donations will be a blow to Nigel Farage's Reform UK party, which became the first to accept contributions in digital currency this year. It is believed to have received its first registrable donations in cryptocurrency this autumn and the party has set up its own crypto portal to receive contributions, saying it is subject to "enhanced" checks. Government sources have said ministers believe cryptocurrency donations to be a problem, as they are difficult to trace and could be exploited by foreign powers or criminals.

Pat McFadden, then a Cabinet Office minister, first raised the idea in July, saying: "I definitely think it is something that the Electoral Commission should be considering. I think that it's very important that we know who is providing the donation, are they properly registered, what are the bona fides of that donation." The Electoral Commission provides guidance on crypto donations but ministers accept any ban would probably have to come from the government through legislation. "Crypto donations present real risks to our democracy," said Susan Hawley, the executive director of Spotlight on Corruption. "We know that bad actors like Russia use crypto to undermine and interfere in democracies globally, while the difficulties involved in tracing the true source of transactions means that British voters may not know everyone who's funding the parties they vote for."

An anonymous reader shares a report: This summer, Oslo's public-transport authority drove a Chinese electric bus deep into a decommissioned mine inside a nearby mountain to answer a question: Could it be hacked? Isolated by rock from digital interference, cybersecurity experts came back with a qualified yes: The bus could in theory be remotely disabled using the control system for the battery.

The revelation, presented at a recent public-transport conference, has spurred officials in Denmark and the U.K. to start their own investigations into Chinese vehicles. It has also fed into broader security concerns across Europe about the growing prevalence of Chinese-made equipment in the region's energy and telecommunications infrastructure.

The worry is the same for autos, solar panels and other connected devices: that mechanisms used for wirelessly delivering system updates could also be exploited by a hostile government or third-party hacker to compromise critical networks. [...] The Oslo transport authority, Ruter, said the bus's mobile-network connection via a Romanian SIM card gave manufacturer Yutong access to the control system for battery and power supply. Ruter said it is addressing the vulnerability by developing firewalls and delaying the signals sent to the vehicles, among other solutions.

An anonymous reader shares a report: California-based TP-Link says it may take a sales hit of more than $1 billion because of erroneous reports that the networking company's technology has been "infiltrated" by Beijing. In a lawsuit, TP-Link claims its competitor, Netgear, orchestrated a smear by planting false claims with journalists and internet influencers with the goal of scaring off customers.

Closely held TP-Link, which makes wireless routers, alleges in a complaint filed Monday that Netgear's campaign "threatens injury to well over a billion dollars in sales" and violates a 2024 settlement of a patent fight. That accord, in which TP-Link agreed to pay Netgear $135 million, includes a provision that the public company promises not to disparage its rival, according to the suit in Delaware federal court.

The suit comes as TP-Link faces growing scrutiny in Washington over national-security issues. US lawmakers from both parties have expressed concern that TP-Link's wireless equipment could be exploited by Chinese hackers following a series of attacks on its routers.

BrianFagioli writes: Logitech has confirmed a cybersecurity breach after an intruder exploited a zero-day in a third-party software platform and copied internal data. The company says the incident did not affect its products, manufacturing or business operations, and it does not believe sensitive personal information like national ID numbers or credit card data were stored in the impacted system. The attacker still managed to pull limited information tied to employees, consumers, customers and suppliers, raising fair questions about how long the zero-day existed before being patched.

Logitech brought in outside cybersecurity firms, notified regulators and says the incident will not materially affect its financial results. The company expects its cybersecurity insurance policy to cover investigation costs and any potential legal or regulatory issues. Still, with zero-day attacks increasing across the tech world, even established hardware brands are being forced to acknowledge uncomfortable weaknesses in their internal systems.

An anonymous reader quotes a report from the Guardian: Authorities in Denmark are urgently studying how to close an apparent security loophole in hundreds of Chinese-made electric buses that enables them to be remotely deactivated. The investigation comes after transport authorities in Norway, where the Yutong buses are also in service, found that the Chinese supplier had remote access for software updates and diagnostics to the vehicles' control systems -- which could be exploited to affect buses while in transit.

Amid concerns over potential security risks, the Norwegian public transport authority Ruter decided to test two electric buses in an isolated environment. Bernt Reitan Jenssen, Ruter's chief executive, said: "The testing revealed risks that we are now taking measures against. National and local authorities have been informed and must assist with additional measures at a national level." Their investigations found that remote deactivation could be prevented by removing the buses' sim cards, but they decided against this because it would also disconnect the bus from other systems.

Ruter said it planned to bring in stricter security requirements for future procurements. Jenssen said it must act before the arrival of the next generation of buses, which could be even "more integrated and harder to secure." Movia, Denmark's largest public transport company, has 469 Chinese electric buses in operation -- 262 of which were manufactured by Yutong. Jeppe Gaard, Movia's chief operating officer, said he was made aware of the loophole last week. "This is not a Chinese bus problem," he said. "It is a problem for all types of vehicles and devices with Chinese electronics built in."

concertina226 shares a report from The Register: [A massive power outage in April left tens of millions across Spain, Portugal, and parts of France without electricity for hours due to cascading grid failures, exposing how fragile and interconnected Europe's energy infrastructure is. The incident, though not a cyberattack, reignited concerns about the vulnerability of aging, fragmented, and insecure operational technology systems that could be easily exploited in future cyber or ransomware attacks.] This headache is one the European Commission is focused on. It is funding several projects looking at making electric grids more resilient, such as the eFort framework being developed by cybersecurity researchers at the independent non-profit Netherlands Organisation for Applied Scientific Research (TNO) and the Delft University of Technology (TU Delft).

TNO's SOARCA tool is the first ever open source security orchestration, automation and response (SOAR) platform designed to protect power plants by automating the orchestration of the response to physical attacks, as well as cyberattacks, on substations and the network, and the first country to demo it will be the Ukraine this year. At the moment, SOAR systems only exist for dedicated IT environments. The researchers' design includes a SOAR system in each layer of the power station: the substation, the control room, the enterprise layer, the cloud, or the security operations centre (SOC), so that the SOC and the control room work together to detect anomalies in the network, whether it's an attacker exploiting a vulnerability, a malicious device being plugged into a substation, or a physical attack like a missile hitting a substation. The idea is to be able to isolate potential problems and prevent lateral movement from one device to another or privilege escalation, so an attacker cannot go through the network to the central IT management system of the electricity grid. [...]

The SOARCA tool is underpinned by CACAO Playbooks, an open source specification developed by the OASIS Open standards body and its members (which include lots of tech giants and US government agencies) to create standardized predefined, automated workflows that can detect intrusions and changes made by malicious actors, and then carry out a series of steps to protect the network and mitigate the attack. Experts largely agree the problem facing critical infrastructure is only worsening as years pass, and the more random Windows implementations that are added into the network, the wider the attack surface is. [...] TNO's Wolthuis said the energy industry is likely to be pushed soon to take action by regulators, particularly once the Network Code on Cybersecurity (NCCS), which lays out rules requiring cybersecurity risk assessments in the electricity sector, is formalized.

The address bar/ChatGPT input window in OpenAI's browser ChatGPT Atlas "could be targeted for prompt injection using malicious instructions disguised as links," reports SC World, citing a report from AI/agent security platform NeuralTrust: NeuralTrust found that a malformed URL could be crafted to include a prompt that is treated as plain text by the browser, passing the prompt on to the LLM. A malformation, such as an extra space after the first slash following "https:" prevents the browser from recognizing the link as a website to visit. Rather than triggering a web search, as is common when plain text is submitted to a browser's address bar, ChatGPT Atlas treats plain text as ChatGPT prompts by default.

An unsuspecting user could potentially be tricked into copying and pasting a malformed link, believing they will be sent to a legitimate webpage. An attacker could plant the link behind a "copy link" button so that the user might not notice the suspicious text at the end of the link until after it is pasted and submitted. These prompt injections could potentially be used to instruct ChatGPT to open a new tab to a malicious website such as a phishing site, or to tell ChatGPT to take harmful actions in the user's integrated applications or logged-in sites like Google Drive, NeuralTrust said.
Last month browser security platform LayerX also described how malicious prompts could be hidden in URLs (as a parameter) for Perplexity's browser Comet. And last week SquareX Labs demonstrated that a malicious browser extension could spoof Comet's AI sidebar feature and have since replicated the proof-of-concept (PoC) attack on Atlas.

But another new vulnerability in ChatGPT Atlas "could allow malicious actors to inject nefarious instructions into the artificial intelligence (AI)-powered assistant's memory and run arbitrary code," reports The Hacker News, citing a report from browser security platform LayerX: "This exploit can allow attackers to infect systems with malicious code, grant themselves access privileges, or deploy malware," LayerX Security Co-Founder and CEO, Or Eshed, said in a report shared with The Hacker News. The attack, at its core, leverages a cross-site request forgery (CSRF) flaw that could be exploited to inject malicious instructions into ChatGPT's persistent memory. The corrupted memory can then persist across devices and sessions, permitting an attacker to conduct various actions, including seizing control of a user's account, browser, or connected systems, when a logged-in user attempts to use ChatGPT for legitimate purposes....

"What makes this exploit uniquely dangerous is that it targets the AI's persistent memory, not just the browser session," Michelle Levy, head of security research at LayerX Security, said. "By chaining a standard CSRF to a memory write, an attacker can invisibly plant instructions that survive across devices, sessions, and even different browsers. In our tests, once ChatGPT's memory was tainted, subsequent 'normal' prompts could trigger code fetches, privilege escalations, or data exfiltration without tripping meaningful safeguards...."

LayerX said the problem is exacerbated by ChatGPT Atlas' lack of robust anti-phishing controls, the browser security company said, adding it leaves users up to 90% more exposed than traditional browsers like Google Chrome or Microsoft Edge. In tests against over 100 in-the-wild web vulnerabilities and phishing attacks, Edge managed to stop 53% of them, followed by Google Chrome at 47% and Dia at 46%. In contrast, Perplexity's Comet and ChatGPT Atlas stopped only 7% and 5.8% of malicious web pages.
From The Conversation: Sandboxing is a security approach designed to keep websites isolated and prevent malicious code from accessing data from other tabs. The modern web depends on this separation. But in Atlas, the AI agent isn't malicious code — it's a trusted user with permission to see and act across all sites. This undermines the core principle of browser isolation.
Thanks to Slashdot reader spatwei for suggesting the topic.

Critics question why basic flaws like buffer overflows, command injections, and SQL injections are "being exploited remain prevalent in mission-critical codebases maintained by companies whose core business is cybersecurity," writes CSO Online. Benjamin Harris, CEO of cybersecurity/penetration testing firm watchTowr tells them that "these are vulnerability classes from the 1990s, and security controls to prevent or identify them have existed for a long time. There is really no excuse." Enterprises have long relied on firewalls, routers, VPN servers, and email gateways to protect their networks from attacks. Increasingly, however, these network edge devices are becoming security liabilities themselves... Google's Threat Intelligence Group tracked 75 exploited zero-day vulnerabilities in 2024. Nearly one in three targeted network and security appliances, a strikingly high rate given the range of IT systems attackers could choose to exploit. That trend has continued this year, with similar numbers in the first 10 months of 2025, targeting vendors such as Citrix NetScaler, Ivanti, Fortinet, Palo Alto Networks, Cisco, SonicWall, and Juniper. Network edge devices are attractive targets because they are remotely accessible, fall outside endpoint protection monitoring, contain privileged credentials for lateral movement, and are not integrated into centralized logging solutions...

[R]esearchers have reported vulnerabilities in these systems for over a decade with little attacker interest beyond isolated incidents. That shifted over the past few years with a rapid surge in attacks, making compromised network edge devices one of the top initial access vectors into enterprise networks for state-affiliated cyberespionage groups and ransomware gangs. The COVID-19 pandemic contributed to this shift, as organizations rapidly expanded remote access capabilities by deploying more VPN gateways, firewalls, and secure web and email gateways to accommodate work-from-home mandates. The declining success rate of phishing is another factor... "It is now easier to find a 1990s-tier vulnerability in a border device where Endpoint Detection and Response typically isn't deployed, exploit that, and then pivot from there" [says watchTowr CEL Harris]...

Harris of watchTowr doesn't want to minimize the engineering effort it takes to build a secure system. But he feels many of the vulnerabilities discovered in the past two years should have been caught with automatic code analysis tools or code reviews, given how basic they have been. Some VPN flaws were "trivial to the point of embarrassing for the vendor," he says, while even the complex ones should have been caught by any organization seriously investing in product security... Another problem? These appliances have a lot of legacy code, some that is 10 years or older.
Attackers may need to chain together multiple hard-to-find vulnerabilities across multiple components, the article acknowleges. And "It's also possible that attack campaigns against network-edge devices are becoming more visible to security teams because they are looking into what's happening on these appliances more than they did in the past... "

The article ends with reactions from several vendors of network edge security devices.

Thanks to Slashdot reader snydeq for sharing the article.

Foreign hackers breached the National Nuclear Security Administration's Kansas City National Security Campus (KCNSC) by exploiting unpatched Microsoft SharePoint vulnerabilities. The intrusion happened in August and is possibly linked to either Chinese state actors or Russian cybercriminals. CSO Online notes that "roughly 80% of the non-nuclear parts in the nation's nuclear stockpile originate from KCNSC," making it "one of the most sensitive facilities in the federal weapons complex." From the report: The breach targeted a plant that produces the vast majority of critical non-nuclear components for US nuclear weapons under the NNSA, a semi-autonomous agency within the Department of Energy (DOE) that oversees the design, production, and maintenance of the nation's nuclear weapons. Honeywell Federal Manufacturing & Technologies (FM&T) manages the Kansas City campus under contract to the NNSA. [...] The attackers exploited two recently disclosed Microsoft SharePoint vulnerabilities -- CVE-2025-53770, a spoofing flaw, and CVE-2025-49704, a remote code execution (RCE) bug -- both affecting on-premises servers. Microsoft issued fixes for the vulnerabilities on July 19.

On July 22, the NNSA confirmed it was one of the organizations hit by attacks enabled by the SharePoint flaws. "On Friday, July 18th, the exploitation of a Microsoft SharePoint zero-day vulnerability began affecting the Department of Energy," a DOE spokesperson said. However, the DOE contended at the time, "The department was minimally impacted due to its widespread use of the Microsoft M365 cloud and very capable cybersecurity systems. A very small number of systems were impacted. All impacted systems are being restored." By early August, federal responders, including personnel from the NSA, were on-site at the Kansas City facility, the source tells CSO.

China says it has uncovered what it describes as irrefutable evidence of American government cyber attacks targeting the National Time Service Center. The Ministry of State Security said the National Security Agency exploited vulnerabilities in employees' mobile phones beginning March 25, 2022, and later used stolen login credentials to access the center's computers starting April 18, 2023.

The facility in Xi'an provides high-precision timekeeping service for the government, civil society, and various industries. It also supplies data used to calculate international standard time. Chinese authorities said investigators found that private servers worldwide were employed to conceal the attacks' origin. The accusations emerge against a backdrop of mutual cyber-espionage claims between Washington and Beijing. Western governments and companies have repeatedly blamed Chinese hackers for intrusions in recent years.

An anonymous reader quotes a report from BleepingComputer: The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances. Redis (short for Remote Dictionary Server) is an open-source data structure store used in approximately 75% of cloud environments, functioning like a database, cache, and message broker, and storing data in RAM for ultra-fast access. The security flaw (tracked as CVE-2025-49844) is caused by a 13-year-old use-after-free weakness found in the Redis source code and can be exploited by authenticated threat actors using a specially crafted Lua script (a feature enabled by default). Successful exploitation enables them to escape the Lua sandbox, trigger a use-after-free, establish a reverse shell for persistent access, and achieve remote code execution on the targeted Redis hosts.

After compromising a Redis host, attackers can steal credentials, deploy malware or cryptocurrency mining tools, extract sensitive data from Redis, move laterally to other systems within the victim's network, or use stolen information to gain access to other cloud services. "This grants an attacker full access to the host system, enabling them to exfiltrate, wipe, or encrypt sensitive data, hijack resources, and facilitate lateral movement within cloud environments," said Wiz researchers, who reported the security issue at Pwn2Own Berlin in May 2025 and dubbed it RediShell.

While successful exploitation requires attackers first to gain authenticated access to a Redis instance, Wiz found around 330,000 Redis instances exposed online, with at least 60,000 of them not requiring authentication. Redis and Wiz urged admins to patch their instances immediately by applying security updates released on Friday, "prioritizing those that are exposed to the internet." To further secure their Redis instances against remote attacks, admins can also enable authentication, disable Lua scripting and other unnecessary commands, launch Redis using a non-root user account, enable Redis logging and monitoring, limit access to authorized networks only, and implement network-level access controls using firewalls and Virtual Private Clouds (VPCs).

IEEE Spectrum ranks the popularity of programming languages — but is there a problem? Programmers "are turning away from many of these public expressions of interest. Rather than page through a book or search a website like Stack Exchange for answers to their questions, they'll chat with an LLM like Claude or ChatGPT in a private conversation." And with an AI assistant like Cursor helping to write code, the need to pose questions in the first place is significantly decreased. For example, across the total set of languages evaluated in the Top Programming Languages, the number of questions we saw posted per week on Stack Exchange in 2025 was just 22% of what it was in 2024...

However, an even more fundamental problem is looming in the wings... In the same way most developers today don't pay much attention to the instruction sets and other hardware idiosyncrasies of the CPUs that their code runs on, which language a program is vibe coded in ultimately becomes a minor detail... [T]he popularity of different computer languages could become as obscure a topic as the relative popularity of railway track gauges... But if an AI is soothing our irritations with today's languages, will any new ones ever reach the kind of critical mass needed to make an impact? Will the popularity of today's languages remain frozen in time?
That's ultimately the larger question. "how much abstraction and anti-foot-shooting structure will a sufficiently-advanced coding AI really need...?" [C]ould we get our AIs to go straight from prompt to an intermediate language that could be fed into the interpreter or compiler of our choice? Do we need high-level languages at all in that future? True, this would turn programs into inscrutable black boxes, but they could still be divided into modular testable units for sanity and quality checks. And instead of trying to read or maintain source code, programmers would just tweak their prompts and generate software afresh.

What's the role of the programmer in a future without source code? Architecture design and algorithm selection would remain vital skills... How should a piece of software be interfaced with a larger system? How should new hardware be exploited? In this scenario, computer science degrees, with their emphasis on fundamentals over the details of programming languages, rise in value over coding boot camps.

Will there be a Top Programming Language in 2026? Right now, programming is going through the biggest transformation since compilers broke onto the scene in the early 1950s. Even if the predictions that much of AI is a bubble about to burst come true, the thing about tech bubbles is that there's always some residual technology that survives. It's likely that using LLMs to write and assist with code is something that's going to stick. So we're going to be spending the next 12 months figuring out what popularity means in this new age, and what metrics might be useful to measure.
Having said that, IEEE Spectrum still ranks programming language popularity three ways — based on use among working programmers, demand from employers, and "trending" in the zeitgeist — using seven different metrics.

Their results? Among programmers, "we see that once again Python has the top spot, with the biggest change in the top five being JavaScript's drop from third place last year to sixth place this year. As JavaScript is often used to create web pages, and vibe coding is often used to create websites, this drop in the apparent popularity may be due to the effects of AI... In the 'Jobs' ranking, which looks exclusively at what skills employers are looking for, we see that Python has also taken 1st place, up from second place last year, though SQL expertise remains an incredibly valuable skill to have on your resume."

Friday the security researchers at Arctic Wolf Labs wrote: In late July 2025, Arctic Wolf Labs began observing a surge of intrusions involving suspicious SonicWall SSL VPN activity. Malicious logins were followed within minutes by port scanning, Impacket SMB activity, and rapid deployment of Akira ransomware. Victims spanned across multiple sectors and organization sizes, suggesting opportunistic mass exploitation.

This campaign has recently escalated, with new infrastructure linked to it observed as late as September 20, 2025.
More from Cybersecurity News: SonicWall has linked these malicious logins to CVE-2024-40766, an improper access control vulnerability disclosed in 2024. The working theory is that threat actors harvested credentials from devices that were previously vulnerable and are now using them in this campaign, even if the devices have since been patched. This explains why fully patched devices have been compromised, a fact that initially led to speculation about a potential zero-day exploit.

Once inside a network, the attackers operate with remarkable speed. The time from initial access to ransomware deployment, known as "dwell time," is often measured in hours, with some intrusions taking as little as 55 minutes, Arctic Wolf said. This extremely short window for response makes early detection critical.
"Threat actors in the present campaign successfully authenticated against accounts with the one-time password (OTP) MFA feature enabled..." notes Artic Wolf Labs: The threats described in this campaign demand early detection and a rapid response to avoid catastrophic impact to organizations. To facilitate this process, we recommend monitoring for VPN logins originating from untrusted hosting infrastructure. Equally important is ensuring visibility into internal networks, since lateral movement and ransomware encryption can occur within hours or even minutes of initial access. Monitoring for anomalous SMB activity indicative of Impacket use provides an additional early detection opportunity.

When firewalls are confirmed to be running firmware versions vulnerable to credential access or full configuration export, patching alone is not enough. In such situations, credentials must be reset wherever possible, including MFA-related secrets that might otherwise be thought of as secure, and Active Directory credentials with VPN access. These considerations are best practices that apply regardless of which firewall products are in use.
Thanks to Slashdot reader Mirnotoriety for suggesting this story.

An anonymous reader quotes a report from Polygon: The CEOs of Discord, Steam, Twitch, and Reddit have been called to Congress to testify about the "radicalization of online forum users" on those platforms, the House Oversight and Government Reform Committee announced Wednesday. "Congress has a duty to oversee the online platforms that radicals have used to advance political violence," said chairman of the House Oversight Committee James Comer, a Republican from Kentucky, in a statement. "To prevent future radicalization and violence, the CEOs of Discord, Steam, Twitch, and Reddit must appear before the Oversight Committee and explain what actions they will take to ensure their platforms are not exploited for nefarious purposes."

Letters from the House Oversight Committee have been sent to Humam Sakhnini, CEO of Discord; Gabe Newell, president of Steam maker Valve; Dan Clancy, CEO of Twitch; and Steve Huffman, CEO of Reddit, requesting their testimony on Oct. 8. "The hearing will examine radicalization of online forum users, including incidents of open incitement to commit violent politically motivated acts," Comer said in a letter to each CEO. [...] Discord, Steam, Twitch, and Reddit execs will have the chance to deliver five-minute opening statements prior to answering questions posed by members of the committee during October's testimony.

An anonymous reader quotes a report from The Register: Ten vulnerabilities in Copeland controllers, which are found in thousands of devices used by the world's largest supermarket chains and cold storage companies, could have allowed miscreants to manipulate temperatures and spoil food and medicine, leading to massive supply-chain disruptions. The flaws, collectively called Frostbyte10, affect Copeland E2 and E3 controllers, used to manage critical building and refrigeration systems, such as compressor groups, condensers, walk-in units, HVAC, and lighting systems. Three received critical-severity ratings. Operational technology security firm Armis found and reported the 10 bugs to Copeland, which has since issued firmware updates that fix the flaws in both the E3 and the E2 controllers. The E2s reached their official end-of-life in October, and affected customers are encouraged to move to the newer E3 platform. Upgrading to Copeland firmware version 2.31F01 mitigates all the security issues detailed here, and the vendor recommends patching promptly.

In addition to the Copeland updates, the US Cybersecurity and Infrastructure Security Agency (CISA) is also scheduled to release advisories today, urging any organization that uses vulnerable controllers to patch immediately. Prior to these publications, Copeland and Armis execs spoke exclusively to The Register about Frostbyte10, and allowed us to preview an Armis report about the security issues. "When combined and exploited, these vulnerabilities can result in unauthenticated remote code execution with root privileges," it noted. [...] To be clear: there is no indication that any of these vulnerabilities were found and exploited in the wild before Copeland issued fixes. However, the manufacturer's ubiquitous reach across retail and cold storage makes it a prime target for all manner of miscreants, from nation-state attackers looking to disrupt the food supply chain to ransomware gangs looking for victims who will quickly pay extortion demands to avoid operational downtime and food spoilage.

"I have no musical talent at all," says Oliver McCann. "I can't sing, I can't play instruments, and I have no musical background at all!"

But the Associated Press describes 37-year-old McCann as a British "AI music creator" — and last month McCann signed with an independent record label "after one of his tracks racked up 3 million streams, in what's billed as the first time a music label has inked a contract with an AI music creator." McCann is an example of how ChatGPT-style AI song generation tools like Suno and Udio have spawned a wave of synthetic music, a movement most notably highlighted by a fictitious group, Velvet Sundown, that went viral even though all its songs, lyrics and album art were created by AI. Experts say generative AI is set to transform the music world. However, there are scant details, so far, on how it's impacting the $29.6 billion global recorded music market, which includes about $20 billion from streaming.

The most reliable figures come from music streaming service Deezer, which estimates that 18% of songs uploaded to its platform every day are purely AI generated, though they only account for a tiny amount of total streams, hinting that few people are actually listening. Other, bigger streaming platforms like Spotify haven't released any figures on AI music... "It's a total boom. It's a tsunami," said Josh Antonuccio, director of Ohio University's School of Media Arts and Studies. The amount of AI generated music "is just going to only exponentially increase" as young people grow up with AI and become more comfortable with it, he said. [Antonuccio says later the cost of making a hit record "just keeps winnowing down from a major studio to a laptop to a bedroom. And now it's like a text prompt — several text prompts." Though there's a lack of legal clarity over copyright issues.]

Generative AI, with its ability to spit out seemingly unique content, has divided the music world, with musicians and industry groups complaining that recorded works are being exploited to train AI models that power song generation tools... Three major record companies, Sony Music Entertainment, Universal Music Group and Warner Records, filed lawsuits last year against Suno and Udio for copyright infringement. In June, the two sides also reportedly entered negotiations that could go beyond settling the lawsuits and set rules for how artists are paid when AI is used to remix their songs.

GEMA, a German royalty collection society, has sued Suno, accusing it of generating music similar to songs like "Mambo No. 5" by Lou Bega and "Forever Young" by Alphaville. More than 1,000 musicians, including Kate Bush, Annie Lennox and Damon Albarn, released a silent album to protest proposed changes to U.K. laws on AI they fear would erode their creative control.

Meanwhile, other artists, such as will.i.am, Timbaland and Imogen Heap, have embraced the technology. Some users say the debate is just a rehash of old arguments about once-new technology that eventually became widely used, such as AutoTune, drum machines and synthesizers.

Farmers Insurance disclosed a breach affecting 1.1 million customers after attackers exploited Salesforce in a widespread campaign involving ShinyHunters and allied groups. According to BleepingComputer, the hackers stole personal data such as names, birth dates, driver's license numbers, and partial Social Security numbers. From the report: The company disclosed the data breach in an advisory on its website, saying that its database at a third-party vendor was breached on May 29, 2025. "On May 30, 2025, one of Farmers' third-party vendors alerted Farmers to suspicious activity involving an unauthorized actor accessing one of the vendor's databases containing Farmers customer information (the "Incident")," reads the data breach notification (PDF) on its website. "The third-party vendor had monitoring tools in place, which allowed the vendor to quickly detect the activity and take appropriate containment measures, including blocking the unauthorized actor. After learning of the activity, Farmers immediately launched a comprehensive investigation to determine the nature and scope of the Incident and notified appropriate law enforcement authorities."

The company says that its investigation determined that customers' names, addresses, dates of birth, driver's license numbers, and/or last four digits of Social Security numbers were stolen during the breach. Farmers began sending data breach notifications to impacted individuals on August 22, with a sample notification [1, 2] shared with the Maine Attorney General's Office, stating that a combined total of 1,111,386 customers were impacted. While Farmers did not disclose the name of the third-party vendor, BleepingComputer has learned that the data was stolen in the widespread Salesforce data theft attacks that have impacted numerous organizations this year. Further reading: Google Suffers Data Breach in Ongoing Salesforce Data Theft Attacks

After the Tea dating-advice app leaked information on its users, the BBC found two online maps "purporting to represent the locations of women who had signed up for Tea... showing 33,000 pins spread across the United States." The maps were hosted on Google Maps. (Notified by the BBC, Google deleted the maps, saying they violated their harassment policies.)

"Since the breach, more than 10 women have filed class actions against the company which owns Tea," the article points out, noting that leaked content is also spreading around social media: Since the breach, the BBC has found websites, apps and even a "game" featuring the leaked data... The "game" puts the selfies submitted by women head-to-head, instructing users to click on the one they prefer, with leaderboards of the "top 50" and "bottom 50"... [And one researcher calculates more than 12,000 posts on 4Chan referenced the Tea app over the three weeks after the leak.]

It is unsurprising that the leak was exploited. The app had drawn criticism ever since it had grown in popularity. Defamation, with the spread of unproven allegations, and doxxing, when someone's identifying information is published without their consent, were real possibilities. Men's groups had wanted to take the app down — and when they found the data breach, they saw it as a chance for retribution.
They weren't the only ones with a gripe against Tea. Back in 2023 the fiance of Tea's CEO founder approached the administrator of a collection of Facebook groups called "Are We Dating the Same Guy?" to see if she'd be the "face" of the Tea app, reports 404 Media. But they add that after Tea failed to recruit her, Tea "shifted tactics" to raid her Facebook groups instead: Tea paid influencers to undermine Are We Dating the Same Guy and created competing Facebook groups with nearly identical names. 404 Media also identified a number of seemingly hijacked Facebook accounts that spammed the real Are We Dating The Same Guy groups with links to Tea app.
Reviews for the Tea app show several women later thought the app was affiliated with their trusted Facebook groups, the reporter said this week on a 404 Media podcast.

And they add that founder Sean Cook took over the "Tara" personna that his fiance has used for technical support. "So he's on the app pretend to be a woman, talking to other women who are on the app in order to weed out men who are being deceptive..."

Thanks to Slashdot reader samleecole for sharing the article.

BrianFagioli shares a report from NERDS.xyz: If you run Plex Media Server, it's time to drop everything and update. The company has quietly patched a security issue that affects recent versions of its software, and users are being told to upgrade as soon as possible. According to an email Plex sent to affected customers, versions 1.41.7.x through 1.42.0.x are vulnerable. The newly released build, 1.42.1.10060 or later, contains the fix. Plex says the flaw was found through its bug bounty program, but sadly, it has not publicly shared details about how severe the issue is or whether it could be exploited remotely.

An anonymous reader shares a report: China told local brokers and other bodies to stop publishing research or hold seminars to promote stablecoins [non-paywalled source], seeking to rein in the asset class to avoid instability. Some leading brokerages and think tanks in late July and earlier this month received guidance from financial regulators, urging them to cancel seminars and halt disseminating research on stablecoins, people familiar with the matter said.

Regulators are also concerned that stablecoins could be exploited as a new tool for fraudulent activities in mainland China, said the people, who asked not to be identified because the details are private.