An anonymous reader shares a report: This summer, Oslo's public-transport authority drove a Chinese electric bus deep into a decommissioned mine inside a nearby mountain to answer a question: Could it be hacked? Isolated by rock from digital interference, cybersecurity experts came back with a qualified yes: The bus could in theory be remotely disabled using the control system for the battery.

The revelation, presented at a recent public-transport conference, has spurred officials in Denmark and the U.K. to start their own investigations into Chinese vehicles. It has also fed into broader security concerns across Europe about the growing prevalence of Chinese-made equipment in the region's energy and telecommunications infrastructure.

The worry is the same for autos, solar panels and other connected devices: that mechanisms used for wirelessly delivering system updates could also be exploited by a hostile government or third-party hacker to compromise critical networks. [...] The Oslo transport authority, Ruter, said the bus's mobile-network connection via a Romanian SIM card gave manufacturer Yutong access to the control system for battery and power supply. Ruter said it is addressing the vulnerability by developing firewalls and delaying the signals sent to the vehicles, among other solutions.

Cloudflare suffered its worst network outage in six years on Tuesday, beginning at 11:20 UTC. The disruption prevented the content delivery network from routing traffic for roughly three hours. The failure, writes Cloudflare in a blog post, originated from a database permissions change deployed at 11:05 UTC. The modification altered how a database query returned information about bot detection features. The query began returning duplicate entries. A configuration file used to identify automated traffic doubled in size and spread across the network's machines. Cloudflare's traffic routing software reads this file to distinguish bots from legitimate users. The software had a built-in limit of 200 bot detection features. The enlarged file contained more than 200 entries. The software crashed when it encountered the unexpected file size.

Users attempting to access websites behind Cloudflare's network received error messages. The outage affected multiple services. Turnstile security checks failed to load. The Workers KV storage service returned elevated error rates. Users could not log into Cloudflare's dashboard. Access authentication failed for most customers.

Engineers initially suspected a coordinated attack. The configuration file was automatically regenerated every five minutes. Database servers produced either correct or corrupted files during a gradual system update. Services repeatedly recovered and failed as different versions of the file circulated. Teams stopped generating new files at 14:24 UTC and manually restored a working version. Most traffic resumed by 14:30 UTC. All systems returned to normal at 17:06 UTC.

Mexico has finally lifted its long-running Tor ban for the main government portal, allowing privacy-focused users, journalists, and activists to access gob.mx again after more than a decade of blocking. That said, the open data portal and the former Tor-compatible whistleblower system remain inaccessible. CyberInsider reports: The development follows a long period of digital censorship that spanned two full six-year presidential terms, those of Enrique Pena Nieto and Andres Manuel Lopez Obrador, and continued into the early months of Claudia Sheinbaum Pardo's current administration. Research conducted by Jacobo Najera and Miguel Trujillo, published in October 2023, documented that 21 federal government agencies were blocking traffic from the Tor network, effectively excluding privacy-conscious users from vital public resources and services.

An anonymous reader shares a report: Lawyers from the American Civil Liberties Union (ACLU) and Electronic Frontier Foundation (EFF) sued the city of San Jose, California over its deployment of Flock's license plate-reading surveillance cameras, claiming that the city's nearly 500 cameras create a pervasive database of residents movements in a surveillance network that is essentially impossible to avoid.

The lawsuit was filed on behalf of the Services, Immigrant Rights & Education Network and Council on American-Islamic Relations, California, and claims that the surveillance is a violation of California's constitution and its privacy laws. The lawsuit seeks to require police to get a warrant in order to search Flock's license plate system. The lawsuit is one of the highest profile cases challenging Flock; a similar lawsuit in Norfolk, Virginia seeks to get Flock's network shut down in that city altogether.

"San Jose's ALPR [automatic license plate reader] program stands apart in its invasiveness," ACLU of Northern California and EFF lawyers wrote in the lawsuit. "While many California agencies run ALPR systems, few retain the locations of drivers for an entire year like San Jose. Further, it is difficult for most residents of San Jose to get to work, pick up their kids, or obtain medical care without driving, and the City has blanketed its roads with nearly 500 ALPRs."

An outage at Cloudflare that began moments ago has knocked many popular websites, including ChatGPT and X, according to user reports. Cloudflare says on its website: "Cloudflare is aware of, and investigating an issue which potentially impacts multiple customers. Further detail will be provided as more information becomes available."

Update: In a statement after the outage was resolved, Cloudflare CTO said: Earlier today we failed our customers and the broader Internet when a problem in Cloudflare network impacted large amounts of traffic that rely on us. The sites, businesses, and organizations that rely on Cloudflare depend on us being available and I apologize for the impact that we caused.

Transparency about what happened matters, and we plan to share a breakdown with more details in a few hours. In short, a latent bug in a service underpinning our bot mitigation capability started to crash after a routine configuration change we made. That cascaded into a broad degradation to our network and other services. This was not an attack.

That issue, impact it caused, and time to resolution is unacceptable. Work is already underway to make sure it does not happen again, but I know it caused real pain today. The trust our customers place in us is what we value the most and we are going to do what it takes to earn that back.

An anonymous reader quotes a report from Security Affairs: On October 24, 2025, Azure DDoS Protection detected and mitigated a massive multi-vector attack peaking at 15.72 Tbps and 3.64 billion pps, the largest cloud DDoS ever recorded, aimed at a single Australian endpoint. Azure's global protection network filtered the traffic, keeping services online. The attack came from the Aisuru botnet, a Turbo Mirai-class IoT botnet using compromised home routers and cameras.

The attack used massive UDP floods from more than 500,000 IPs hitting a single public address, with little spoofing and random source ports that made traceback easier. It highlights how attackers are scaling with the internet: faster home fiber and increasingly powerful IoT devices keep pushing DDoS attack sizes higher. "On October 24, 2025, Azure DDOS Protection automatically detected and mitigated a multi-vector DDoS attack measuring 15.72 Tbps and nearly 3.64 billion packets per second (pps). This was the largest DDoS attack ever observed in the cloud and it targeted a single endpoint in Australia," reads a report published by Microsoft. "The attack originated from Aisuru botnet."

"Attackers are scaling with the internet itself. As fiber-to-the-home speeds rise and IoT devices get more powerful, the baseline for attack size keeps climbing," concludes the post. "As we approach the upcoming holiday season, it is essential to confirm that all internet-facing applications and workloads are adequately protected against DDOS attacks."

fjo3 shares a report from TheWrap: There are already at least 175,000 AI-generated podcast episodes on platforms like Spotify and Apple. That's thanks to Inception Point AI, a startup with just eight employees cranking out 3,000 episodes a week covering everything from localized weather reports and pollen trackers to a detailed account of Charlie Kirk's assassination and its cultural impact, to a biography series on Anna Wintour. Its podcasting network Quiet Please has generated 12 million lifetime episode downloads and amassed 400,000 subscribers -- so, yes, people are really listening to AI podcasts.

Inception Point CEO Jeanine Wright believes the tool is proof that automation can make podcasting scalable, profitable and accessible without human writers, editors or hosts. "The price is now so inexpensive that you can take a lot of risks,â Wright told TheWrap. "You can make a lot of content and a lot of different genres that were never commercially viable before and serve huge audiences that have really never had content made for them." At a cost of $1 an episode, Wright takes a quantity-over-quality approach. "I think very quickly we get to a place where AI is a default way that content is made, not just across audio, but across television and film and commercials and imagery, and everything. And then we will disclose when things are not made with AI instead of that they were made with AI," Wright said. "But for now, we are perfectly happy leading the way."

An anonymous reader shared this report from CNBC: [T]he computing power of crypto mining generates a lot of heat, most which just ends up vented into the air. According to digital assets brokerage, K33, the bitcoin mining industry generates about 100 TWh of heat annually — enough to heat all of Finland.This energy waste within a very energy-intense industry is leading entrepreneurs to look for ways to repurpose the heat for homes, offices, or other locations, especially in colder weather months.

During a frigid snap earlier this year, The New York Times reviewed HeatTrio, a $900 space heater that also doubles as a bitcoin mining rig. Others use the heat from their own in-home cryptocurrency mining to spread warmth throughout their house. "I've seen bitcoin rigs running quietly in attics, with the heat they generate rerouted through the home's ventilation system to offset heating costs. It's a clever use of what would otherwise be wasted energy," said Jill Ford, CEO of Bitford Digital, a sustainable bitcoin mining company based in Dallas... "Same price as heating the house, but the perk is that you are mining bitcoin," Ford said...

The crypto-heated future may be unfolding in the town of Challis, Idaho, where Cade Peterson's company, Softwarm, is repurposing bitcoin heat to ward off the winter. Several shops and businesses in town are experimenting with Softwarm's rigs to mine and heat. At TC Car, Truck and RV Wash, Peterson says, the owner was spending $25 a day to heat his wash bays to melt snow and warm up the water. "Traditional heaters would consume energy with no returns. They installed bitcoin miners and it produces more money in bitcoin than it costs to run," Peterson said. Meanwhile, an industrial concrete company is offsetting its $1,000 a month bill to heat its 2,500-gallon water tank by heating it with bitcoin. Peterson has heated his own home for two-and-a-half years using bitcoin mining equipment and believes that heat will power almost everything in the future. "You will go to Home Depot in a few years and buy a water heater with a data port on it and your water will be heated with bitcoin," Peterson said.
Derek Mohr, clinical associate professor at the University of Rochester Simon School of Business, remains skeptical. Bitcoin mining is so specialized now that a home computer, or even network of home computers, would have almost zero chance of being helpful in mining a block of bitcoin, according to Mohr, with mining farms use of specialized chips that are created to mine bitcoin much faster than a home computer... "The bitcoin heat devices I have seen appear to be simple space heaters that use your own electricity to heat the room..."
CNBC also spoke to Andrew Sobko, founder of Argentum AI (which is building a marketplace for sharing computing power), who says the idea makes the most sense in larger settings. "We're working with partners who are already redirecting compute heat into building heating systems and even agricultural greenhouse warming. That's where the economics and environmental benefits make real sense. Instead of trying to move the heat physically, you move the compute closer to where that heat provides value."

An anonymous reader quotes a report from The Record: Russian telecom operators have begun cutting mobile internet access for 24 hours for citizens returning to the country from abroad, in what officials say is an effort to prevent Ukrainian drones from using domestic SIM cards for navigation. "When a SIM card enters Russia from abroad, the user has to confirm that it's being used by a person -- not installed in a drone," the Digital Development Ministry said in a statement earlier this week.

Users can restore access sooner by solving a captcha or calling their operator for identification. Authorities said the temporary blackout is meant to "ensure the safety of Russian citizens" and prevent SIM cards from being embedded in "enemy drones." The new rule has led to unexpected outages for residents in border regions, whose phones can automatically connect to foreign carriers. Officials advised users to switch to manual network selection to avoid being cut off.

Amazon announced that its satellite broadband project called Project Kuiper will now be known as Amazon Leo. GeekWire reports: Leo is a nod to "low Earth orbit," where Amazon has so far launched more than 150 satellites as part of a constellation that will eventually include more than 3,200. In a blog post, Amazon said the 7-year-old Project Kuiper began "with a handful of engineers and a few designs on paper" and like most early Amazon projects "the program needed a code name." The team was inspired by the Kuiper Belt, a ring of asteroids in the outer solar system.

A new website for Amazon Leo proclaims "a new era of internet is coming," as Amazon says its satellites can help serve "billions of people on the planet who lack high-speed internet access, and millions of businesses, governments, and other organizations operating in places without reliable connectivity." Amazon said it will begin rolling out service once it's added more coverage and capacity to the network. Details about pricing and availability haven't been announced.

An anonymous reader quotes a report from TechCrunch: As generative AI content starts to fill our social apps, a project to bring back Vine's six-second looping videos is launching with Twitter co-founder Jack Dorsey's backing. On Thursday, a new app called diVine will give access to more than 100,000 archived Vine videos, restored from an older backup that was created before Vine's shutdown. The app won't just exist as a walk down memory lane; it will also allow users to create profiles and upload their own new Vine videos. However, unlike on traditional social media, where AI content is often haphazardly labeled, diVine will flag suspected generative AI content and prevent it from being posted. According to TechCrunch, a volunteer preservation group called the Archive Team saved Vine's content when it shut down in 2016. The only problem was that everything was stored in massive 40-50 GB binary blob files that were basically unusable for casual viewing.

Evan Henshaw-Plath (who goes by the name Rabble), an early Twitter employee and member of Jack Dorsey's nonprofit "and Other Stuff," dug into those backup files to try and salvage as much as he could. He spent months writing big-data extraction scripts, reverse-engineering how the archived binaries were structured, and reconstructing the original video files, old user info, view counts, and more. "I wasn't able to get all of them out, but I was able to get a lot out and basically reconstruct these Vines and these Vine users, and give each person a new user [profile] on this open network," he said.

Rabble estimates that through this process he was able to successfully recover 150,000-200,000 Vine videos from around 60,000 creators. diVine then rebuilt user profiles on top of the decentralized Nostr protocol so creators can reclaim their accounts, request takedowns, or upload missing videos.

You can check out the app for yourself at diVine.video. It's available in beta form on both iOS and Android.

German Chancellor Friedrich Merz said Chinese suppliers such as Huawei will be excluded from the country's future telecommunication networks on security grounds as he pushes for more digital sovereignty. From a report: "We have decided within the government that everywhere it's possible we'll replace components, for example in the 5G network, with components we have produced ourselves," Merz told a business conference in Berlin on Thursday. "And we won't allow any components from China in the 6G network."

Europe is increasingly concerned about its reliance on foreign technology, ranging from Asian semiconductors to US artificial intelligence and cloud infrastructure, as trade and geopolitical tensions threaten critical supply chains. Germany last year ordered telecom operators to remove Huawei equipment from their core networks, citing risks to national security. Berlin is now considering using public funds to pay Deutsche Telekom AG and others to strip out Chinese gear, Bloomberg News reported last month.

According to the Financial Times (paywalled), Meta's Chief AI Scientist Yann LeCun, a deep-learning pioneer and Turing Award winner, is reportedly leaving the company to launch his own startup. Reuters reports: The owner of Facebook and Instagram has significantly increased its investments in artificial intelligence, with CEO Mark Zuckerberg reorganizing the company's AI initiatives under Superintelligence Labs. Zuckerberg hired Alexandr Wang, former CEO of data-labeling startup Scale AI to lead the new AI effort. As a result, LeCun, who had reported to chief product officer Chris Cox, is now reporting to Wang, the report said.

The company began investing in AI in 2013 by launching Facebook Artificial Intelligence Research (FAIR) unit and recruiting LeCun, who is a known skeptic of the large language model path to superintelligence. LeCun is also a Silver Professor of data science, computer science, neural science and electrical and computer engineering at New York University, according to his LinkedIn page. He is known for his work in deep learning and the invention of the convolutional neural network, which is widely used for image, video and speech recognition.

The European Commission is considering turning its non-binding 2020 guidance on "high-risk vendors" into a legal requirement that would effectively force EU member states to phase out Huawei and ZTE from mobile and fixed-line networks. Bloomberg reports: Commission Vice President Henna Virkkunen wants to convert the European Commission's 2020 recommendation to stop using high-risk vendors in mobile networks into a legal requirement, according to the people, who asked not to be identified because the negotiations are private. While infrastructure decisions rest with national governments, Virkkunen's proposal would compel EU countries to align with the commission's security guidance.

The EU is increasingly focused on the risks posed by Chinese telecom equipment makers as trade and political ties with its second-largest trading partner fray. The concern is that handing over control of critical national infrastructure to companies with such close ties to Beijing could compromise national security interests.

Virkkunen is examining ways to limit the use of Chinese equipment suppliers in fixed-line networks, as countries push for the rapid deployment of state-of-the-art fiber cables to expand high-speed internet access. The commission is also considering measures to dissuade non-EU countries from relying on Chinese vendors, including by withholding Global Gateway funding from nations that use the grants for projects involving Huawei equipment, according to the people.

Investment in subsea cable projects is expected to reach around $13 billion between 2025 and 2027, almost twice the amount invested between 2022 and 2024, according to telecommunications data provider TeleGeography. Tech giants Meta, Google, Amazon and Microsoft now represent about 50% of the overall market, up from a negligible share a decade ago.

The companies are expanding their subsea infrastructure to connect growing networks of data centers needed for AI development. Meta announced Project Waterworth in February, a 50,000-kilometer cable connecting five continents that will be the world's longest subsea cable project. Amazon announced its first wholly-owned subsea cable called Fastnet, connecting Maryland to Ireland. Google has invested in over 30 subsea cables. Over 95% of international data and voice call traffic travels through nearly a million miles of underwater cables.

Visa and Mastercard are nearing a settlement with merchants that aims to end a 20-year-old legal dispute by lowering fees stores pay and giving them more power to reject certain credit cards, WSJ reports, citing people familiar with the matter. From the report: Under terms being discussed, Visa and Mastercard would lower credit-card interchange fees, which are often between 2% and 2.5%, by an average of around 0.1 percentage point over several years, the people said. They would also loosen rules that require merchants that accept one of a network's credit cards to accept all of them.

A deal could be announced soon, the people said, and would require court approval to take effect. If an agreement is finalized, consumers could see big changes at the register. Merchants that accept one kind of Visa credit card wouldn't have to accept all Visa credit cards, for example. Under the current talks, credit-card acceptance would be divided into several categories including rewards credit cards, credit cards with no rewards programs, and commercial cards, the people familiar with the matter said.

Some stores might turn away rewards cards, which charge them higher fees and in recent years have become very popular with consumers. But stores that reject those cards would face the risk of declining sales.

The Rust Foundation has a responsibility to "shed light on the impact of supporting the often unseen work" that keeps the Rust Project running. So this week they announced a new initiative "to provide consistent, transparent, and long term support for the developers who make the Rust programming language possible."

It's the Rust Foundation Maintainers Fund, "an initiative we'll shape in close collaboration with the Rust Project Leadership Council and Project Directors to ensure funding decisions are made openly and with accountability." In the months ahead, we'll define the fund's structure, secure contributions, and work with the Rust Project and community to bring it to life. This work will build on lessons from earlier iterations of our grants and fellowships to create a lasting framework for supporting Rust's maintainers... Over the past several months, through ongoing board discussions and input from the Leadership Council, this initiative has taken shape as a way to help maintainers continue their vital development and review work, and plan for the future...

This initiative reflects our commitment to Rust being shaped by its people, guided by open collaboration, and backed by a global network of contributors and partners. The Rust Foundation Maintainers Fund will operate within the governance framework shared between the Rust Project and the Rust Foundation, ensuring alignment and oversight at every level... The Rust Foundation's approach to this initiative will be guided by our structure: as a 501( C)(6) nonprofit, we operate under a mandate for transparency and accountability to the Rust Project, language community, and our members. That means we must develop this fund in coordination with the Rust Project's priorities, ensuring shared governance and long-term viability...

Our goal is simple: to help the people building Rust continue their essential work with the support they deserve. That means creating the conditions for long term maintainer roles and ensuring continuity for those whose efforts keep the language stable and evolving. Through the Rust Foundation Maintainers Fund, we aim to address these needs directly.
"The more companies using Rust can contribute to the Rust Foundation Maintainers Fund, the more we can keep the language and tooling evolving for the benefit of everyone," says Rust Foundation project director Carol Nichols.

In 2022 the iPhone 14 featured emergency satellite service, and there's now support for roadside assistance and the ability to send and receive text messages.

But for future iPhones, Apple is now reportedly working on five new satellite features, reports LiveMint: As per Bloomberg's Mark Gurman, Apple is building an API that would allow developers to add satellite connections to their own apps. However, the implementation is said to depend on app makers, and not every feature or service may be compatible with this system. The iPhone maker is also reportedly working on bringing satellite connectivity to Apple Maps, which would give users the chance to navigate without having access to a SIM card or Wi-Fi. The company is also said to be working on improved satellite messages that could support sending photos and not be limited to just text messages. Apple currently relies on the satellite network run by Globalstar to power current features on iPhones. However, the company is said to be exploring a potential sale, and Elon Musk's SpaceX could be a possible purchaser.
The Mac Observer notes Bloomberg also reported Apple "has discussed building its own satellite service instead of depending on partners." And while some Apple executives pushed back, "the company continues to fund satellite research and infrastructure upgrades with the goal of offering a broader range of features."

And "Future iPhones will use satellite links to extend 5G coverage in low-signal regions, ensuring that users remain connected even when cell towers are out of range.... Apple's slow but steady progress shows how the company wants iPhone satellite technology to move from emergency use to everyday convenience."

"According to court filings and interviews with lawyers and scholars, the legal profession in recent months has increasingly become a hotbed for AI blunders," reports the New York Times: Earlier this year, a lawyer filed a motion in a Texas bankruptcy court that cited a 1985 case called Brasher v. Stewart. Only the case doesn't exist. Artificial intelligence had concocted that citation, along with 31 others. A judge blasted the lawyer in an opinion, referring him to the state bar's disciplinary committee and mandating six hours of A.I. training.

That filing was spotted by Robert Freund, a Los Angeles-based lawyer, who fed it to an online database that tracks legal A.I. misuse globally. Mr. Freund is part of a growing network of lawyers who track down A.I. abuses committed by their peers, collecting the most egregious examples and posting them online. The group hopes that by tracking down the A.I. slop, it can help draw attention to the problem and put an end to it... [C]ourts are starting to map out punishments of small fines and other discipline. The problem, though, keeps getting worse. That's why Damien Charlotin, a lawyer and researcher in France, started an online database in April to track it.

Initially he found three or four examples a month. Now he often receives that many in a day. Many lawyers... have helped him document 509 cases so far. They use legal tools like LexisNexis for notifications on keywords like "artificial intelligence," "fabricated cases" and "nonexistent cases." Some of the filings include fake quotes from real cases, or cite real cases that are irrelevant to their arguments. The legal vigilantes uncover them by finding judges' opinions scolding lawyers...

Court-ordered penalties "are not having a deterrent effect," said Freund, who has publicly flagged more than four dozen examples this year. "The proof is that it continues to happen."

A former Business Analyst reportedly filed a class action lawsuit claiming that for years, hundreds of remote employees at Bank of America first had to boot up complex computer systems before their paid work began, reports Human Resources Director magazine: Tava Martin, who worked both remotely and at the company's Jacksonville facility, says the financial institution required her and fellow hourly workers to log into multiple security systems, download spreadsheets, and connect to virtual private networks — all before the clock started ticking on their workday. The process wasn't quick. According to the filing in the United States District Court for the Western District of North Carolina, employees needed 15 to 30 minutes each morning just to get their systems running. When technical problems occurred, it took even longer...

Workers turned on their computers, waited for Windows to load, grabbed their cell phones to request a security token for the company's VPN, waited for that token to arrive, logged into the network, opened required web applications with separate passwords, and downloaded the Excel files they needed for the day. Only then could they start taking calls from business customers about regulatory reporting requirements...

The unpaid work didn't stop at startup. During unpaid lunch breaks, many systems would automatically disconnect or otherwise lose connection, forcing employees to repeat portions of the login process — approximately three to five minutes of uncompensated time on most days, sometimes longer when a complete reboot was required. After shifts ended, workers had to log out of all programs and shut down their computers securely, adding another two to three minutes.
Thanks to Slashdot reader Joe_Dragon for sharing the article.