An anonymous reader writes: Reuters News on Friday withdrew a four-minute video containing an exchange between Russian President Vladimir Putin and Chinese President Xi Jinping discussing the possibility that humans can live to 150 years old, after China state TV demanded its removal and withdrew the legal permission to use it.

The footage, which included the open mic exchange from the military parade in Beijing marking the 80th anniversary of the end of World War Two, was licensed by the China state television network, China Central Television (CCTV). The clips were edited by Reuters into a four-minute video and distributed to more than 1,000 global media clients including major international news broadcasters and TV stations around the world. Other news agency licensees of CCTV also distributed edits of the footage.

Reuters removed the video from its website and issued a "kill" order to its clients on Friday after receiving a written request from CCTV's lawyer. The letter said the news agency exceeded usage terms of its agreement. The letter further criticized Reuters "editorial treatment applied to this material," but did not specify details.

Kevin Barry, founder and sole developer of Nova Launcher, has left parent company Branch Metrics after being told to stop work on both the launcher and an open-source release. While the app remains on Google Play, the launcher's website currently shows a 404 error. The Verge reports: Mobile analytics company Branch Metrics acquired Nova in 2022. The company's CEO at the time, co-founder Alex Austin, said on Reddit that if Barry were to leave Branch, "it's contracted that the code will be open-sourced and put in the hands of the community." Austin left Branch in 2023, and now with Barry officially gone from the company, too, it's unclear if the launcher will now actually be open-sourced.

"I think the newer leadership since Alex Austin left has put a different focus on the company and Nova simply isn't part of that focus in any way at all," Cliff Wade, Nova's former customer relations lead who left as part of the 2024 layoffs, tells The Verge. "It's just some app that they own but no longer feel they need or want." Wade also said that "I don't believe Branch will do the right thing any time soon with regards to open-sourcing Nova. I think they simply just don't care and don't want to invest time, unless of course, they get enough pressure from the community and individuals who care."

Users have started a change.org petition to ask for the project to be open-sourced, and Wade says it's a "great start" to apply that pressure. Wade said he hasn't personally seen Barry's contract, so couldn't corroborate the claim of a contractual obligation to open-source Nova. Still, he said that the community "deserves" for the launcher to be open-sourced. "Branch just simply needs to do the right thing here and honor what they as a company have stated as well as what then CEO Alex Austin has stated numerous times prior to him leaving Branch."

An anonymous reader shares a report: In what is being called the largest supply chain attack in history, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack.

The package maintainer whose accounts were hijacked in this supply-chain attack confirmed the incident earlier today, stating that he was aware of the compromise and adding that the phishing email came from support [at] npmjs [dot] help, a domain that hosts a website impersonating the legitimate npmjs.com domain.

In the emails, the attackers threatened that the targeted maintainers' accounts would be locked on September 10th, 2025, as a scare tactic to get them to click on the link redirecting them to the phishing sites.

An anonymous reader shares a report: Can AI help "smooth over" discussion on abortion, racism, immigration, or Israel-Palestine? Columbia University sure hopes so. The Verge has learned that the university recently began testing Sway, an AI debate program currently in beta. Developed by two researchers at Carnegie Mellon University, Sway matches up students with opposing views to chat one-on-one about hot-button issues and "facilitates better discussions between them," according to the tool's website. Nicholas DiBella, a postdoctoral scholar at CMU who helped develop Sway, told The Verge that about 3,000 students from more than 30 colleges and universities have used the tool.

One of those may soon be Columbia. News of the potential partnership comes after more than two years of escalating tensions at Columbia between students, administrators, and the federal government. The university has spent years at the center of controversy after controversy: expulsions of pro-Palestinian student protesters, a string of police raids, and demands from the federal government.

People at Columbia's Teachers College are testing Sway in order to potentially integrate it into the conflict resolution curriculum and "bridge-building initiatives at Columbia," DiBella said. He said there's also been interest from other teams at Columbia in using Sway for the fall 2026 semester and onward. Simon Cullen, an assistant professor at CMU and the other developer behind Sway, told The Verge that the company is also in touch with Columbia University Life.

An Indiana bankruptcy lawyer named Mark Zuckerberg is suing Meta after his Facebook page was repeatedly shut down for "impersonating" CEO Mark Zuckerberg, despite being his real legal name. TechCrunch reports: Mark Zuckerberg the lawyer uses a commercial Facebook page to advertise his legal practice and communicate with potential clients. But his page has been disabled five times in the last eight years, since Meta's moderation systems flag his account as falsely impersonating Mark Zuckerberg, the founder of the platform. Mark Zuckerberg is not impersonating Mark Zuckerberg, because he, too, is Mark Zuckerberg. In his legal complaint, Mark Zuckerberg points out that he has been practicing law since Mark Zuckerberg was just three years old.

"It's not funny," Mark Zuckerberg, the lawyer, said to Indianapolis' 13WTHR. "Not when they take my money. This really pissed me off." Mark Zuckerberg has spent over $11,000 to advertise his page on Mark Zuckerberg's Meta platforms, but when Mark Zuckerberg's account is disabled for allegedly impersonating Mark Zuckerberg, Mark Zuckerberg still has to pay for these advertisements. Zuckerberg created a website, iammarkzuckerberg.com, chronicling how his life has been shaped by being named Mark Zuckerberg.

The lawsuit can be found here.

Germany has already met its 2028 goal for reducing coal-fired power generation, so won't need to order the shutdown of any plants for a second year running, the country's regulator said. From a report: Germany has an interim 2028 target of reducing coal-fired power by 8.7 gigawatts, and as of Sept. 1 it had exceeded this level by about 10%, the Federal Network Agency said on its website on Monday.

Almost two thirds of Germany's electricity comes from renewables and excess solar power production has frequently pushed prices below zero, making burning coal less profitable. Yet Europe's largest economy remains heavily dependent on the fossil fuel and is still the European Union's biggest polluter.

Graphic designer Lisa Carstens "spends a good portion of her day working with startups and individual clients looking to fix their botched attempts at AI-generated logos," reports NBC News: Such gigs are part of a new category of work spawned by the generative AI boom that threatened to displace creative jobs across the board: Anyone can now write blog posts, produce a graphic or code an app with a few text prompts, but AI-generated content rarely makes for a satisfactory final product on its own... Fixing AI's mistakes is not their ideal line of work, many freelancers say, as it tends to pay less than traditional gigs in their area of expertise. But some say it's what helps pay the bills....

As companies struggle to figure out their approach to AI, recent data provided to NBC News from freelance job platforms Upwork, Freelancer and Fiverr also suggest that demand for various types of creative work surged this year, and that clients are increasingly looking for humans who can work alongside AI technologies without relying on or rejecting them entirely. Data from Upwork found that although AI is already automating lower-skilled and repetitive tasks, the platform is seeing growing demand for more complex work such as content strategy or creative art direction. And over the past six months, Fiverr said it has seen a 250% boost in demand for niche tasks across web design and book illustration, from "watercolor children story book illustration" to "Shopify website design." Similarly, Freelancer saw a surge in demand this year for humans in writing, branding, design and video production, including requests for emotionally engaging content like "heartfelt speeches...."

The low pay from clients who have already cheaped out on AI tools has affected gig workers across industries, including more technical ones like coding. For India-based web and app developer Harsh Kumar, many of his clients say they had already invested much of their budget in "vibe coding" tools that couldn't deliver the results they wanted. But others, he said, are realizing that shelling out for a human developer is worth the headaches saved from trying to get an AI assistant to fix its own "crappy code." Kumar said his clients often bring him vibe-coded websites or apps that resulted in unstable or wholly unusable systems.
"Even outside of any obvious mistakes made by AI tools, some artists say their clients simply want a human touch to distinguish themselves from the growing pool of AI-generated content online..."

A widely used Node.js utility called fast-glob, relied on by thousands of projectsâ"including over 30 U.S. Department of Defense systems -- is maintained solely by a Russian developer linked to Yandex. While there's no evidence of malicious activity, cybersecurity experts warn that the lack of oversight in such critical open-source projects leaves them vulnerable to potential exploitation by state-backed actors. The Register reports: US cybersecurity firm Hunted Labs reported the revelations on Wednesday. The utility in question is fast-glob, which is used to find files and folders that match specific patterns. Its maintainer goes by the handle "mrmlnc", and the Github profile associated with that handle identifies its owner as a Yandex developer named Denis Malinochkin living in a suburb of Moscow. A website associated with that handle also identifies its owner as the same person, as Hunted Labs pointed out.

Hunted Labs told us that it didn't speak to Malinochkin prior to publication of its report today, and that it found no ties between him and any threat actor. According to Hunted Labs, fast-glob is downloaded more than 79 million times a week and is currently used by more than 5,000 public projects in addition to the DoD systems and Node.js container images that include it. That's not to mention private projects that might use it, meaning that the actual number of at-risk projects could be far greater.

While fast-glob has no known CVEs, the utility has deep access to systems that use it, potentially giving Russia a number of attack vectors to exploit. Fast-glob could attack filesystems directly to expose and steal info, launch a DoS or glob-injection attack, include a kill switch to stop downstream software from functioning properly, or inject additional malware, a list Hunted Labs said is hardly exhaustive. [...] Hunted Labs cofounder Haden Smith told The Register that the ties are cause for concern. "Every piece of code written by Russians isn't automatically suspect, but popular packages with no external oversight are ripe for the taking by state or state-backed actors looking to further their aims," Smith told us in an email. "As a whole, the open source community should be paying more attention to this risk and mitigating it." [...]

Hunted Labs said that the simplest solution for the thousands of projects using fast-glob would be for Malinochkin to add additional maintainers and enhance project oversight, as the only other alternative would be for anyone using it to find a suitable replacement. "Open source software doesn't need a CVE to be dangerous," Hunted Labs said of the matter. "It only needs access, obscurity, and complacency," something we've noted before is an ongoing problem for open source projects. This serves as another powerful reminder that knowing who writes your code is just as critical as understanding what the code does," Hunted Labs concluded.

Amazon is facing a proposed class action lawsuit alleging it misleads customers by advertising digital movies and TV shows as "purchases," when in reality buyers only receive revocable licenses that can disappear if Amazon loses distribution rights. From the Hollywood Reporter: On Friday, a proposed class action was filed in Washington federal court against Amazon over a "bait and switch" in which the company allegedly misleads consumers into believing they've purchased content when they're only getting a license to watch, which can be revoked at any time. [...] The lawsuit accuses Amazon, which didn't respond to a request for comment, of misrepresenting the nature of movie and TV transactions during the purchase process. On its website and platform, the company tells consumers they can "buy" a movie. But hidden in a footnote on the confirmation page is fine print that says, "You receive a license to the video and you agree to our terms," the complaint says.

The issue is already before a court. In a 2020 lawsuit alleging unfair competition and false advertising over the practice, Amazon maintained that its use of the word "buy" for digital content isn't deceptive because consumers understand their purchases are subject to licenses. Quoting Webster's Dictionary, it said that the term means "rights to the use or services of payment" rather than perpetual ownership and that its disclosures properly warn people that they may lose access. The court ultimately rebuffed Amazon's bid to dismiss the lawsuit outside of a claim alleging a violation of Washington's unjust enrichment law.

Farmers Insurance disclosed a breach affecting 1.1 million customers after attackers exploited Salesforce in a widespread campaign involving ShinyHunters and allied groups. According to BleepingComputer, the hackers stole personal data such as names, birth dates, driver's license numbers, and partial Social Security numbers. From the report: The company disclosed the data breach in an advisory on its website, saying that its database at a third-party vendor was breached on May 29, 2025. "On May 30, 2025, one of Farmers' third-party vendors alerted Farmers to suspicious activity involving an unauthorized actor accessing one of the vendor's databases containing Farmers customer information (the "Incident")," reads the data breach notification (PDF) on its website. "The third-party vendor had monitoring tools in place, which allowed the vendor to quickly detect the activity and take appropriate containment measures, including blocking the unauthorized actor. After learning of the activity, Farmers immediately launched a comprehensive investigation to determine the nature and scope of the Incident and notified appropriate law enforcement authorities."

The company says that its investigation determined that customers' names, addresses, dates of birth, driver's license numbers, and/or last four digits of Social Security numbers were stolen during the breach. Farmers began sending data breach notifications to impacted individuals on August 22, with a sample notification [1, 2] shared with the Maine Attorney General's Office, stating that a combined total of 1,111,386 customers were impacted. While Farmers did not disclose the name of the third-party vendor, BleepingComputer has learned that the data was stolen in the widespread Salesforce data theft attacks that have impacted numerous organizations this year. Further reading: Google Suffers Data Breach in Ongoing Salesforce Data Theft Attacks

An anonymous reader quotes a report from Ars Technica: AMD's X3D-series Ryzen chips have become popular with PC gamers because games in particular happen to benefit disproportionately from the chips' extra 64MB of L3 cache memory. But that extra memory occasionally comes with extra headaches. Not long after they were released earlier this year, some early adopters started having problems with their CPUs, ranging from failure to boot to actual physical scorching and burnout -- the problems were particularly common for users of the 9800X3D processor in ASRock motherboards, and one Reddit thread currently records 157 incidents of failure for that CPU model across various ASRock boards.

In an interview with the Korean language website Quasar Zone (via Tom's Hardware), AMD executives David McAfee and Travis Kirsch acknowledged the problems and pointed to the most likely culprit: motherboard makers who don't follow AMD's recommended specifications. Some manufacturers have historically shipped their AMD and Intel motherboards with elevated default power settings in the interest of squeezing a bit more performance out of the chips -- but those adjustments can also cause problems in some cases, especially for higher-end CPUs.

An anonymous reader shares a report: As it tries to unseat Google, OpenAI is relying on search data from an unlikely source: Google. OpenAI has been using Google search results scraped from the web to help power ChatGPT responses, according to two people with knowledge of it.

The Google search data helps answer ChatGPT queries on current events, such as news, sports and equity markets, one of the people said. OpenAI is getting the data from SerpApi, an eight-year-old web-scraping firm, which listed OpenAI as a customer on its website as recently as May last year. It removed the reference for reasons that couldn't be learned.

A 22-year-old Oregon man has been charged with operating one of the most powerful botnets ever recorded. The network, known as Rapper Bot, launched over 370,000 DDoS attacks worldwide, including against X, DeepSeek, U.S. tech firms, and even Defense Department systems. It was allegedly operated by Ethan Foltz of Eugene, Oregon. The Wall Street Journal reports: Foltz faces a maximum of 10 years in prison on a charge of abetting computer intrusions, the Justice Department said in a news release. Rapper Bot was made up of tens of thousands of hacked devices and was capable of flooding victims' websites with enough junk internet traffic to knock them offline, an attack known as a distributed denial of service, or DDoS.

In February, the networking company Nokia measured a Rapper Bot attack against a gaming platform at 6.5 trillion bits per second, well above the several hundred million bits a second of the average high-speed internet connection. "This would place Rapper Bot among the most powerful DDoS botnets to have ever existed," said a criminal complaint that the prosecutors filed Tuesday in a federal court in Alaska. Investigators said Rapper Bot's attacks were so powerful that they were able to overwhelm all but the most robust networks.

Foltz allegedly rented out Rapper Bot to paying customers, including gambling website operators who would use the network in extortion attempts, according to the complaint. The botnet was used to launch more than 370,000 attacks in 80 countries, including China, Japan and the U.S., prosecutors said. It launched its attacks from hacked routers, digital video recorders and cameras, not from computers. [...] "At its height, it mobilized tens of thousands of devices, many with no prior role in DDoS," said Jerome Meyer, a researcher with Nokia's Deepfield network-analysis division. "Taking it down removes a major source of the largest attacks we see."

In a pair of class actions filed this week, passengers from each coast quibbled with United Airlines and Delta Air Lines' policies charging extra for window seats that are not actually beside windows, instead offering a view of a blank aircraft wall. From a report: "Delta indicated to the plaintiff and class members that the particular seats they chose had a 'window'; even though Delta knew full well they did not," the plaintiffs taking on Delta said in an 18-page complaint filed in federal court in New York, accusing the airline of false advertising and deceptive business practices.

Half of Delta's fleet of nearly 1,000 aircraft comprises Boeing 737s, Boeing 757s and Airbus A321s -- all of which have at least one wall-adjacent seat with no window, according to the plaintiffs. It's where vertical air conditioning riser ducts are located, making putting a window there impossible, the competing Alaska Airlines explains on its website. But unlike Alaska and others, the plaintiffs complain, Delta advertises the seats as having a window, offering them as a "window seat" option on its seat map during checkout.

The U.S. Federal Trade Commission sued ticket reseller Key Investment Group for evading purchasing limits to buy up thousands of tickets to live events including Taylor Swift's Eras tour and resell them at a markup, according to a complaint filed in Maryland federal court on Monday. From a report: The Baltimore, Maryland-based company, which operates ticket resale sites including TotalTickets.com, used thousands of Ticketmaster accounts, including fake or purchased accounts, the FTC said.

Ticketmaster faced intense criticism after its botched 2022 sale of tickets to Swift's much-hyped Eras tour, when billions of requests from Swift fans, bots and ticket resellers overwhelmed its website and the company canceled a planned ticket sale to the general public.

For one Swift concert in Las Vegas in March 2023, Key Investment Group and its affiliates used 49 different accounts to purchase 273 tickets and evade a 6-ticket purchase limit, netting more than $119,000 in revenue on resales, the FTC said on Monday. The company made more than $1.2 million reselling 2,280 Swift concert tickets it purchased in 2023, the agency said.

Croatia has extended its digital nomad visa from one year to up to three years, allowing non-EU residents and their close family members to live and work remotely in the country. CNBC reports: A digital nomad visa is a short-term permit that allows individuals to stay in a country for an extended period and work remotely. The length of time a nomad can stay varies from place to place but most countries allow for six months to a year -- unless you have your eye on Croatia. Recently, the Balkan country announced it an update its digital nomad visa, which will allow non-EU residents to stay for up to three years. The visa also permits close family members of a digital nomad to join them.

Croatia's digital nomad visa website states that close family members also include partners or non-married couples who have been together for longer than three years without children, or for less time if they do have children together. Madrid Sartoretto believes that Croatia's expansion of its digital nomad program is a sign that the country is trying to attract more talent and compete with neighboring countries and their offerings.

"I think they are competing with other countries that are in the same region, like Estonia and Romania, that also attract a lot of digital nomads. If you give more benefits to people to come to your country, then you attract more talent. It's all about competition now," she adds. For those looking to apply for Croatia's digital nomad visa, Dr. Madrid Sartoretto says the country offers a low cost of living but still needs to improve its infrastructure, like more reliable internet speeds. "If you compare internet speed and reliability to countries like Romania, which has one of the fastest speeds in the world, Croatia needs to improve its infrastructure," she adds.

To apply for Croatia's digital nomad visa online, applicants must provide proof that they work outside of Croatia. Additionally, they must provide a copy of a valid travel document, proof of health insurance, proof of address in Croatia, and a minimum monthly income of 3,295 euros or $3,855 USD. For proof of income, applicants can submit a bank statement showing the total amount required, a bank statement demonstrating regular income, or pay slips for at least six months. Applicants must also send evidence that they have not been convicted of criminal offences in their home country or the country in which they have resided for more than a year immediately before arriving in Croatia.

Rising subscription costs, shrinking content libraries, and regional restrictions are pushing viewers back toward piracy. Once seen as nearly dead, piracy has resurged through illicit streaming platforms as the fractured, ad-laden streaming market struggles to deliver convenience and value. The Guardian reports: According to London-based piracy monitoring and content-protection firm MUSO, unlicensed streaming is the predominant source of TV and film piracy, accounting for 96% in 2023 (PDF). Piracy reached a low in 2020, with 130bn website visits. But by 2024 that number had risen to 216bn (PDF). In Sweden, 25% of people surveyed (PDF) reported pirating in 2024, a trend mostly driven by those aged 15 to 24. Piracy is back, just sailing under a different flag.

"Piracy is not a pricing issue," Gabe Newell, the co-founder of Valve, the company behind the world's largest PC gaming platform, Steam, observed in 2011. "It's a service issue." Today, the crisis in streaming makes this clearer than ever. With titles scattered, prices on the rise, and bitrates throttled depending on your browser, it is little wonder some viewers are raising the jolly roger again. Studios carve out fiefdoms, build walls and levy tolls for those who wish to visit. The result is artificial scarcity in a digital world that promised abundance.

Whether piracy today is rebellion or resignation is almost irrelevant; the sails are hoisted either way. As the streaming landscape fractures into feudal territories, more viewers are turning to the high seas. The Medici understood the value linked to access. [The 2016 historical drama series tells of the rise of the powerful Florentine banking dynasty, and with it, the story of the Renaissance.] A client could travel from Rome to London and still draw on their credit, thanks to a network built on trust and interoperability. If today's studios want to survive the storm, they may need to rediscover that truth.

theodp writes: The New York Times reports from the CS grad job-seeking trenches: Growing up near Silicon Valley, Manasi Mishra remembers seeing tech executives on social media urging students to study computer programming. "The rhetoric was, if you just learned to code, work hard and get a computer science degree, you can get six figures for your starting salary," Ms. Mishra, now 21, recalls hearing as she grew up in San Ramon, Calif.

Those golden industry promises helped spur Ms. Mishra to code her first website in elementary school, take advanced computing in high school and major in computer science in college. But after a year of hunting for tech jobs and internships, Ms. Mishra graduated from Purdue University in May without an offer. "I just graduated with a computer science degree, and the only company that has called me for an interview is Chipotle," Ms. Mishra said in a get-ready-with-me TikTok video this summer that has since racked up more than 147,000 views.

Some graduates described feeling caught in an A.I. "doom loop." Many job seekers now use specialized A.I. tools like Simplify to tailor their resumes to specific jobs and autofill application forms, enabling them to quickly apply to many jobs. At the same time, companies inundated with applicants are using A.I. systems to automatically scan resumes and reject candidates.

Plasma 6.4.5 is coming September 9th, reports Neowin. But they also report that the KDE team is already focusing on other upcoming release: Starting with KDE Frameworks, KDE's collection of foundational libraries, version 6.18 promises to let you do something with that "dumb" Microsoft Copilot key found on many new laptops. The developers will soon allow you to set up keyboard shortcuts using this new key, and the team plans to let you remap it to another key in the future. If you're curious, one user on KDE's bug tracker noted that on GNOME, the key combination shows up as "Meta+Shift+Touchpad Disable" and is fully remappable...

When you try to install a Flatpak from a website like Flathub in Plasma 6.5 [coming in October], Discover now has proper support for flatpak+https:// URLs, so it opens automatically. 6.5 is also bringing a much stricter window activation policy on Wayland to stop applications from rudely stealing your focus. And now, when you mute your microphone with a shortcut, the "Mute Microphone" button will mute all input sources, not just the active one.

Since Firefox does not block the system from sleeping during a download, the Plasma Browser Integration extension for Firefox has gotten an update to handle that job itself.

"KDE Linux is an all-new desktop Linux distro being developed as a showcase for the KDE desktop project," reports The Register.

"The project is still in a pre-alpha testing stage, but recently went public on the KDE website. Versions are available to download and try out." KDE Linux is an entirely new and experimental OS. There's lots of room for confusion here, because KDE already has a demonstration distro, KDE Neon. KDE Linux is a totally separate and far more ambitious project. In terms of its underlying design, it's intended to be a super-stable end-user distro. This is in contrast with Neon, which is an experimental showcase for the latest and greatest code. Neon isn't meant to be anyone's daily driver...

Several aspects of [KDE Linux's] design are clearly influenced by Valve's SteamOS 3. Like SteamOS 3, KDE Linux is an immutable distro, with dual read-only Btrfs-format root partitions that update each other alternately... KDE Linux isn't based on Ubuntu or Debian. It's built using Arch Linux, but it's different enough that it doesn't really count as an Arch variant. As an immutable distro, there's no package manager, for instance, so the user can't install Arch packages... You can only install sandboxed apps that go in their own corner of the OS, and here the plan is that users will install Flatpak (and possibly Snap, "if it's not too hard and the UX is OK") packages using the KDE Discover app store. Aside from them, you won't be able to update individual packages. OS updates come as a whole new system image, with all components updated at once.
"This is intended to one day be a bulletproof daily driver, not a demo system, which is the intended purpose of KDE Neon..." the article concludes.

And while their test of current work-in-progress/test version kept crashing, "the promise is considerable, and this could turn out to be one of the most radical end-user distros out there."

Thanks to Slashdot reader king*jojo for sharing the news.