"A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks," reports the Register. Researchers at software supply-chain security company ReversingLabs say that the threat actor creates fake companies in the blockchain and crypto-trading sectors and publishes job offerings on various platforms, like LinkedIn, Facebook, and Reddit. Developers applying for the job are required to show their skills by running, debugging, and improving a given project. However, the attacker's purpose is to make the applicant run the code... [The campaign involves 192 malicious packages published in the npm and PyPi registries. The packages download a remote access trojan that can exfiltrate files, drop additional payloads, or execute arbitrary commands sent from a command-and-control server.]

In one case highlighted in the ReversingLabs report, a package named 'bigmathutils,' with 10,000 downloads, was benign until it reached version 1.1.0, which introduced malicious payloads. Shortly after, the threat actor removed the package, marking it as deprecated, likely to conceal the activity... The RAT checks whether the MetaMask cryptocurrency extension is installed on the victim's browser, a clear indication of its money-stealing goals...

ReversingLabs has found multiple variants written in JavaScript, Python, and VBS, showing an intention to cover all possible targets.
The campaign has been ongoing since at least May 2025...

Recently a small crowd paid to watch robots boxing, reports Rest of World. (Almost 3,000 people have now watched the match's 83-minute webcast.) The match was organized by Rek, a San Francisco-based company, and drew hundreds of spectators who had paid about $60-$80 for a ticket to watch modified G1 robots go at each other. Made by Unitree, the dominant Chinese robot maker, they weighed in at around 80 pounds and stood 4.5 feet tall, with human-like hands and dozens of joint motors for flexibility. The match had all the bells and whistles of a regular boxing bout: pulsing music, cameras capturing all the angles, hyped-up introductions, a human referee, and even two commentators. The evening featured two bouts made up of five rounds, each lasting 60 seconds. The robots pranced around the cage, throwing jabs and punches, drawing ohs and ahs from the crowd. They fell sometimes, and needed human intervention to get them back on their feet.
The robots were controlled by humans using VR interfaces, which led to some odd moments with robots hitting into the air, throwing multiple punches that failed to even connect with their opponents. One robot controller was a former UFC fighter, the article points out, but "The crowd cheered as a 13-year-old VR pilot named Dash beat his older competitor...."

The company behind this event plans more boxing matches with their VR-controlled robots, and even wants to develop "a league of robot boxers, including full-height robots that weigh about 200 pounds and are nearly 6 feet tall."

An anonymous reader shares a report: The abrupt closure of El Paso's airspace late Tuesday was precipitated when Customs and Border Protection officials deployed an anti-drone laser on loan from the Department of Defense without giving aviation officials enough time to assess the risks to commercial aircraft, according to multiple people briefed on the situation.

The episode led the Federal Aviation Administration to abruptly declare that the nearby airspace would be shut down for 10 days, an extraordinary pause that was quickly lifted Wednesday morning at the direction of the White House. Top administration officials quickly claimed that the closure was in response to a sudden incursion of drones from Mexican drug cartels that required a military response, with Transportation Secretary Sean Duffy declaring in a social media post that "the threat has been neutralized."

But that assertion was undercut by multiple people familiar with the situation, who said that the F.A.A.'s extreme move came after immigration officials earlier this week used an anti-drone laser shared by the Pentagon without coordination with the F.A.A. The people spoke on the condition of anonymity because they were not authorized to speak publicly. C.B.P. officials thought they were firing on a cartel drone, the people said, but it turned out to be a party balloon. Defense Department officials were present during the incident, one person said.

Google on Tuesday expanded its "Results about you" tool to let users request the removal of Search results containing government-issued ID numbers -- including driver's licenses, passports and Social Security numbers -- adding to the tool's existing ability to flag results that surface phone numbers, email addresses, and home addresses.

The update, announced on Safer Internet Day, is rolling out in the U.S. over the coming days. Google also streamlined its process for reporting non-consensual explicit images on Search, allowing users to select and submit removal requests for multiple images at once rather than reporting them individually.

An investigation has uncovered a sprawling network of hidden cameras in Chinese hotel rooms that livestream guests -- including couples having sex -- to paying subscribers on Telegram. Over 18 months, the BBC identified six websites and apps on the messaging platform that claimed to operate more than 180 spy cams across Chinese hotels, not just recording but broadcasting live.

One site, monitored for seven months, cycled through 54 different cameras, roughly half active at any given time. Subscribers pay 450 yuan (~$65) per month for access to multiple live feeds, archived clips, and a library of more than 6,000 edited videos dating back to 2017.

The BBC traced one camera to a hotel room in Zhengzhou, where researchers found it hidden inside a wall ventilation unit and hardwired into the building's electricity supply. A commercially available hidden-camera detector failed to flag it. China introduced regulations last April requiring hotel owners to check for hidden cameras, but the BBC found the livestreaming sites still operational.

Anthropic on Thursday released Claude Opus 4.6, its most capable model yet, at a moment when the company's AI tools have already spooked markets over fears that they are disrupting traditional software development and other sectors.

The new model improves on Opus 4.5's coding abilities, the company said -- it plans more carefully, sustains longer agentic tasks, handles larger codebases more reliably, and catches its own mistakes through better debugging. It is also the first Opus-class model to feature a 1M token context window, currently in beta.

On GDPval-AA, an independent benchmark measuring performance on knowledge-work tasks in finance, legal and other domains, Opus 4.6 outperformed OpenAI's GPT-5.2 by roughly 144 Elo points. Anthropic also introduced agent teams in Claude Code, allowing multiple agents to work in parallel on tasks like codebase reviews. Pricing remains at $5/$25 per million input/output tokens.

Amazon plans to use AI to speed up the process for making movies and TV shows even as Hollywood fears that AI will cut jobs and permanently reshape the industry. From a report: At the Amazon MGM Studio, veteran entertainment executive Albert Cheng is leading a team charged with developing new AI tools that he said will cut costs and streamline the creative process. Amazon plans to launch a closed beta program in March, inviting industry partners to test its AI tools. The company expects to have results to share by May. [...] Amazon is leaning on its cloud computing division, Amazon Web Services, for help and plans to work with multiple large language model providers to give creators a wider array of options for pre- and post-production filmmaking.

An anonymous reader shares a report: Google Home users, your long nightmare is over. The platform has finally added support for buttons. The release notes for a February 2 update state that several new starter conditions for automations are now available, including "Switch or button pressed."

Smart buttons are physical, programmable switches that you can press to trigger automations or control devices in your smart home, such as turning lights on or off, opening and closing shades, running a Good Night scene, or starting a robot vacuum. A great alternative to voice and app control when you want to control multiple devices, smart buttons are often wireless and generally have several ways to press them: single press, double press, and long press, meaning one button can do multiple things.

A new study [PDF] examining the United States between 1850 and 1920 found that expanded market access -- driven largely by railroad expansion -- made Americans more trusting of strangers and more outward-looking, but weakened family-based care for the vulnerable.

Researchers Max Posch of the University of Exeter and Itzchak Tzachi Raz of Hebrew University compared places and people gaining different levels of commercial connectivity. In better-connected regions, Americans became more likely to marry outside their local communities, and parents more likely to pick nationally common names for children. Trust toward others rose, as measured through language in local newspapers.

The researchers used multiple tests to rule out the possibility that these shifts simply reflected places getting richer. The cultural changes were concentrated among migrants in trade-exposed industries; workers in construction and entertainment showed no effect. But market access also meant orphans, the disabled, and the elderly became less likely to be cared for by relatives at home.

Longtime Slashdot reader schwit1 shares a report from CBS News: A former Google engineer has been found guilty on multiple federal charges for stealing the tech giant's trade secrets on artificial intelligence to benefit Chinese companies he secretly worked for, federal prosecutors said. According to the U.S. Attorney's Office for the Northern District of California, a jury on Thursday convicted Linwei Ding on seven counts of economic espionage and seven counts of theft of trade secrets, following an 11-day trial. The 38-year-old, also known as Leon Ding, was hired by Google in 2019 and was a resident of Newark.

According to evidence presented at trial, Ding stole more than 2,000 pages of confidential information containing Google AI trade secrets between May 2022 and April 2023. He uploaded the information to his personal Google Cloud account. Around the same time, Ding secretly affiliated himself with two Chinese-based technology companies. Around June 2022, prosecutors said Ding was in discussions to be the chief technology officer for an early-stage tech company. Several months later, he was in the process of founding his own AI and machine learning company in China, acting as the company's CEO. Prosecutors said Ding told investors that he could build an AI supercomputer by copying and modifying Google's technology.

In late 2023, prosecutors said Ding downloaded the trade secrets to his own personal computer before resigning from Google. According to the superseding indictment, Google uncovered the uploads after finding out that Ding presented himself as CEO of one of the companies during an Beijing investor conference. Around the same time, Ding told his manager he was leaving the company and booked a one-way flight to Beijing. "Silicon Valley is at the forefront of artificial intelligence innovation, pioneering transformative work that drives economic growth and strengthens our national security. The jury delivered a clear message today that the theft of this valuable technology will not go unpunished," U.S. Attorney Craig Missakian said in a statement.

An anonymous reader quotes a report from Forbes: Gatik, a Silicon Valley startup developing self-driving delivery trucks, says its commercial operations are about to scale up dramatically, from fewer than a dozen driverless units running in multiple U.S. states now to hundreds of box trucks by the end of the year. CEO Gautam Narang said it's also booked contracts with retailers worth at least $600 million for its automated fleet. "We have 10 fully driverless, revenue-generating trucks on public roads. Very soon, in the coming weeks, we expect that increase to 60 trucks," he told Forbes. "We expect to end the year with hundreds of driverless trucks -- revenue-generating -- deployed across multiple markets in the U.S."

Though the Mountain View, California-based company hasn't raised as much funding as rivals, including Aurora, Kodiak and Canada's Waabi, Gatik said it's actually scaling up faster than any other robot truck developer. Unlike those companies, it focuses on smaller freight delivery vehicles, rather than full-size semis, supplied by truckmaker Isuzu that operate mainly between warehouses and supermarkets and other large stores. The company's focus has been on so-called middle-mile trucking, which, like long-haul routes, has a severe shortage of human drivers, according to Narang. Currently, its trucks are on the road in Texas, Arkansas, Arizona, Nebraska and Ontario, Canada.

The company has been generating revenue since shortly after its founding in 2017, hauling loads for customers like Walmart in trucks with human safety drivers at the wheel. Beginning late last year, it began shifting to fully driverless units and is getting more trucks from Isuzu built specifically to incorporate its tech, Narang said. "The hardware that we are using, this is our latest generation, has been designed to enable driver-out across thousands of trucks."

Apple is forcing Patreon to move all remaining creators onto Apple's in-app purchase subscription system by November 2026 "or else Patreon would risk removal from the App Store," reports TechCrunch. "Apple made this decision because Patreon was managing the billing for some percentage of creators' subscriptions, and the tech giant saw that as skirting its App Store commission structure." The tech giant initially told Patreon that it must do so by November 2025, but the deadline was pushed back. From the report: "We strongly disagree with this decision," its blog post states. "Creators need consistency and clarity in order to build healthy, long-term businesses. Instead, creators using legacy billing will now have to endure the whiplash of another policy reversal -- the third such change from Apple in the past 18 months. Over the years, we have proposed multiple tools and features to Apple that we could've built to allow creators using legacy billing to transition on their own timelines, with more support added in. Unfortunately, Apple has continually declined them," it says.

Creators can read more about the transition plan on Patreon's website. It has also built several tools to support these changes, including a benefit eligibility tool to see who has paid or is scheduled to pay, tier repricing tools, and gifting and discount tools to offer payment flexibility. An option for annual-only memberships will be introduced before November 2026 as well. The commission on in-app purchases and subscriptions is 30% on Apple's system, but "drops to 15% for a subscription that has been ongoing for more than a year," notes MacRumors. Patreon lets creators either raise prices only in its iOS app to cover Apple's fee or keep prices the same by absorbing the cost, while iPhone and iPad users can avoid the App Store commission entirely by paying through Patreon's website instead.

An anonymous reader quotes a report from Politico: The interim head of the country's cyber defense agency uploaded sensitive contracting documents into a public version of ChatGPT last summer, triggering multiple automated security warnings that are meant to stop the theft or unintentional disclosure of government material from federal networks, according to four Department of Homeland Security officials with knowledge of the incident. The apparent misstep from Madhu Gottumukkala was especially noteworthy because the acting director of the Cybersecurity and Infrastructure Security Agency had requested special permission from CISA's Office of the Chief Information Officer to use the popular AI tool soon after arriving at the agency this May, three of the officials said. The app was blocked for other DHS employees at the time.

None of the files Gottumukkala plugged into ChatGPT were classified, according to the four officials, each of whom was granted anonymity for fear of retribution. But the material included CISA contracting documents (PDF) marked "for official use only," a government designation for information that is considered sensitive and not for public release. Cybersecurity sensors at CISA flagged the uploads this past August, said the four officials. One official specified there were multiple such warnings in the first week of August alone. Senior officials at DHS subsequently led an internal review to assess if there had been any harm to government security from the exposures, according to two of the four officials. It is not clear what the review concluded.

Google is adding Gemini-powered "Suggested times" to Google Calendar, automatically scanning attendees' calendars to surface the best meeting slots based on availability, work hours, and conflicts. The feature also streamlines rescheduling with one-click alternatives when invitees decline. Digital Trends reports: According to a recent post on the Workspace Updates blog, Gemini in Google Calendar can now help you quickly identify optimal meeting times when creating an event, as long as you have access to the attendees' calendars. The new "Suggested times" feature scans everyone's calendars and highlights the best time slots based on availability, working hours, and potential conflicts, eliminating the need to manually check schedules. Google has also made rescheduling simpler. The company explains that if multiple attendees decline your invite, you'll see a banner in the event showing a time when everyone is available, letting you update the invite with a single click. The feature is being rolled out starting today to eligible Workspace tiers. It will be enabled by default and is expected to reach all eligible users over the next few weeks.

Brax Technologies just announced "a privacy-focused alternative to locked-down tablets" called open_slate that can double as a consumer tablet and a Linux-capable workstation on ARM.

Earlier Brax Technologies built the privacy-focused smartphone BraX3, which co-founder Plamen Todorov says proved "a privacy-focused mobile device could be designed, crowdfunded, manufactured, and delivered outside the traditional Big Tech ecosystem." Just as importantly, BraX3 showed us the value of building with the community. The feedback we received — what worked, what didn't, and what people wanted next — played a major role in shaping our direction going forward. Today, we're ready to share the next step in that journey...
They're promising their "2-in-1" open_slate tablet will be built with these guiding principles:

• Modularity beyond repairability". ("In addition to a user-replaceable battery, it supports an M.2 expansion slot, allowing users to customize storage and configurations to better fit their needs.")

• Hardware-level privacy and control, with physical switches allowing users to disable key components like wireless radios, sensors, microphones, and cameras.

• Multi-OS compatibility, supporting "multiple" Android-based operating systems as well as native Linux distributions. ("We're working with partners and the community to ensure proper, long-term OS support rather than one-off ports.")

• Longevity by design — a tablet that's "supported over time"

Brax has already created an open thread with preliminary design specs. "The planned retail price is 599$ for the base version and 799$ for the Pro version," they write. "We will be offering open_slate (both versions) at a discount during our pre-order campaign, starting as low as 399$ for the base version and 529$ for the Pro version for limited quantities only which may sell out in a day or two from launching pre-orders...

"Pre-orders will open in February, via IndieGoGo. Make sure to subscribe for notifications if you don't want to miss the launch date."

Thanks to long-time Slashdot reader walterbyrd for sharing the news.

This month saw results from a yearlong global study of "potential negative risks that generative AI poses to student". The study (by the Brookings Institution's Center for Universal Education) also suggests how to prevent risks and maximize benefits: After interviews, focus groups, and consultations with over 500 students, teachers, parents, education leaders, and technologists across 50 countries, a close review of over 400 studies, and a Delphi panel, we find that at this point in its trajectory, the risks of utilizing generative AI in children's education overshadow its benefits.
"At the top of Brookings' list of risks is the negative effect AI can have on children's cognitive growth," reports NPR — "how they learn new skills and perceive and solve problems." The report describes a kind of doom loop of AI dependence, where students increasingly off-load their own thinking onto the technology, leading to the kind of cognitive decline or atrophy more commonly associated with aging brains... As one student told the researchers, "It's easy. You don't need to (use) your brain." The report offers a surfeit of evidence to suggest that students who use generative AI are already seeing declines in content knowledge, critical thinking and even creativity. And this could have enormous consequences if these young people grow into adults without learning to think critically...

Survey responses revealed deep concern that use of AI, particularly chatbots, "is undermining students' emotional well-being, including their ability to form relationships, recover from setbacks, and maintain mental health," the report says. One of the many problems with kids' overuse of AI is that the technology is inherently sycophantic — it has been designed to reinforce users' beliefs... Winthrop offers an example of a child interacting with a chatbot, "complaining about your parents and saying, 'They want me to wash the dishes — this is so annoying. I hate my parents.' The chatbot will likely say, 'You're right. You're misunderstood. I'm so sorry. I understand you.' Versus a friend who would say, 'Dude, I wash the dishes all the time in my house. I don't know what you're complaining about. That's normal.' That right there is the problem."
AI did have some advantages, the article points out: The report says another benefit of AI is that it allows teachers to automate some tasks: "generating parent emails ... translating materials, creating worksheets, rubrics, quizzes, and lesson plans" — and more. The report cites multiple research studies that found important time-saving benefits for teachers, including one U.S. study that found that teachers who use AI save an average of nearly six hours a week and about six weeks over the course of a full school year...

AI can also help make classrooms more accessible for students with a wide range of learning disabilities, including dyslexia. But "AI can massively increase existing divides" too, [warns Rebecca Winthrop, one of the report's authors and a senior fellow at Brookings]. That's because the free AI tools that are most accessible to students and schools can also be the least reliable and least factually accurate... "[T]his is the first time in ed-tech history that schools will have to pay more for more accurate information. And that really hurts schools without a lot of resources."
The report calls for more research — and make several recommendations (including "holistic" learning and "AI tools that teach, not tell.") But this may be their most important recommendation. "Provide a clear vision for ethical AI use that centers human agency..."

"We find that AI has the potential to benefit or hinder students, depending on how it is used."

Trend Micro's Zero Day Initiative sponsored its third annual Pwn2Own Automotive competition in Tokyo this week, receiving 73 entries, the most ever for a Pwn2Own event.

"Under Pwn2Own rules, all disclosed vulnerabilities are reported to affected vendors through ZDI," reports Help Net Security, "with public disclosure delayed to allow time for patches." Infotainment platforms from Tesla, Sony, and Alpine were among the systems compromised during demonstrations. Researchers achieved code execution using techniques that included buffer overflows, information leaks, and logic flaws. One Tesla infotainment unit was compromised through a USB-based attack, resulting in root-level access. Electric vehicle charging infrastructure also received significant attention. Teams successfully demonstrated exploits against chargers from Autel, Phoenix Contact, ChargePoint, Grizzl-E, Alpitronic, and EMPORIA. Several attacks involved chaining multiple vulnerabilities to manipulate charging behavior or execute code on the device. These demonstrations highlighted how charging stations operate as network-connected systems with direct interaction with vehicles.
There's video recaps on the ZDI YouTube channel — apparently the Fuzzware.io researchers "were able to take over a Phoenix Contact EV charger over bluetooth."

Three researchers also exploited the Alpitronic's HYC50 fast-charging with a classic TOCTOU bug, according to the event's site, "and installed a playable version of Doom to boot." They earned $20,000 — part of $1,047,000 USD was awarded during the three-day event.

More coverage from SecurityWeek: The winner of the event, the Fuzzware.io team, earned a total of $215,500 for its exploits. The team received the highest individual reward: $60,000 for an Alpitronic HYC50 EV charger exploit delivered through the charging gun. ZDI described it as "the first public exploit of a supercharger".

An anonymous reader shared this report from Fortune The large language models (LLMs) that have captivated the world are not a path to human-level intelligence, two AI experts asserted in separate remarks at Davos. Demis Hassabis, the Nobel Prize-winning CEO of Google DeepMind, and the executive who leads the development of Google's Gemini models, said today's AI systems, as impressive as they are, are "nowhere near" human-level artificial general intelligence, or AGI. [Though the artilcle notes that later Hassabis predicted there was a 50% chance AGI might be achieved within the decade.] Yann LeCun — an AI pioneer who won a Turing Award, computer science's most prestigious prize, for his work on neural networks — went further, saying that the LLMs that underpin all of the leading AI models will never be able to achieve humanlike intelligence and that a completely different approach is needed... ["The reason ... LLMs have been so successful is because language is easy," LeCun said later.]

Their views differ starkly from the position asserted by top executives of Google's leading AI rivals, OpenAI and Anthropic, who assert that their AI models are about to rival human intelligence. Dario Amodei, the CEO of Anthropic, told an audience at Davos that AI models would replace the work of all software developers within a year and would reach "Nobel-level" scientific research in multiple fields within two years. He said 50% of white-collar jobs would disappear within five years. OpenAI CEO Sam Altman (who was not at Davos this year) has said we are already beginning to slip past human-level AGI toward "superintelligence," or AI that would be smarter than all humans combined...

The debate over AGI may be somewhat academic for many business leaders. The more pressing question, says Cognizant CEO Ravi Kumar, is whether companies can capture the enormous value that AI already offers. According to Cognizant research released ahead of Davos, current AI technology could unlock approximately $4.5 trillion in U.S. labor productivity — if businesses can implement it effectively.

An anonymous reader quotes a report from CBS News: As one of his final acts in office, former New Jersey Gov. Phil Murphy signed into law new requirements for e-bikes in his state. The new legislation signed Monday requires that owners and operators of e-bikes have licenses, registration and insurance. Owners and operators of e-bikes must be at least 17 years old and have a valid driver's license or be at least 15 years old with a motorized bicycle license under the law, which covers all types of electric bikes.

"We are in a new era of e-bike use that requires updated safety standards to help prevent accidents, injuries, and fatalities. Requiring registration and licensing will improve their safe use and having them insured will protect those injured in accidents," said Senate President Nick Scutari, who co-sponsored the bill. The legislation follows an increase in crashes involving e-bikes, including multiple incidents that killed or injured young people in New Jersey in 2025. [...] Registration and licensing fees for e-bikes will be waived for one year, and riders will have six months to get the registration, insurance and license that they need under the law.

Adobe has added a suite of AI-powered features to Acrobat that enable users to edit documents through natural language prompts, generate podcast-style audio summaries of their files, and create presentations by pulling content from multiple documents stored in a single workspace.

The prompt-based editing supports 12 distinct actions: removing pages, text, comments, and images; finding and replacing words and phrases; and adding e-signatures and passwords. The presentation feature builds on Adobe Spaces, a collaborative file and notes collection the company launched last year. Users can point Acrobat's AI assistant at files in a Space and have it generate an editable pitch deck, then style it using Adobe Express themes and stock imagery.

Shared files in Spaces now include AI-generated summaries that cite specific locations in the source document. Users can also choose from preset AI assistant personas -- "analyst," "entertainer," or "instructor" -- or create custom assistants using their own prompts.