Longtime Slashdot reader whoever57 writes: Birmingham City Council, the largest such entity in Europe, has been declared effectively bankrupt. There are a couple of reasons for this, but one of them is a disastrous project to replace the city's income management system using Oracle. The cost of this has risen to $230 million, while the initial estimate was $24 million. There was a failed rollout of the new system earlier this year. "Original plans for the replacement of SAP with Oracle Fusion set aside a 19.965 million-euro budget for three years implementation until the end of the 2021 financial year," reports The Register. "Go-live date was later put back until April 2022 and the budget increased to 40 million euros. After the council realized it would need to reimplement all of Oracle, the budget for running the old system and introducing the new one increased to 131 million euros."

"In a hastily convened Audit Committee meeting this week, councilor heard how that date has now been put back until November, expressing their anger that the news hit the media before they were told." Testing failed with only a 73.3% pass rate and 10 severe deficits, "below the acceptance criteria of a 95 percent pass rate and zero severe deficits.

The Shai-Hulud malware campaign impacted hundreds of npm packages across multiple maintainers, reports Koi Security, including popular libraries like @ctrl/tinycolor and some packages maintained by CrowdStrike. Malicious versions embed a trojanized script (bundle.js) designed to steal developer credentials, exfiltrate secrets, and persist in repositories and endpoints through automated workflows.
Koi Security created a table of packages identified as compromised, promising it's "continuously updated" (and showing the last compromise detected Tuesday). Nearly all of the compromised packages have a status of "removed from NPM". Attackers published malicious versions of @ctrl/tinycolor and other npm packages, injecting a large obfuscated script (bundle.js) that executes automatically during installation. This payload repackages and republishes maintainer projects, enabling the malware to spread laterally across related packages without direct developer involvement. As a result, the compromise quickly scaled beyond its initial entry point, impacting not only widely used open-source libraries but also CrowdStrike's npm packages.

The injected script performs credential harvesting and persistence operations. It runs TruffleHog to scan local filesystems and repositories for secrets, including npm tokens, GitHub credentials, and cloud access keys for AWS, GCP, and Azure. It also writes a hidden GitHub Actions workflow file (.github/workflows/shai-hulud-workflow.yml) that exfiltrates secrets during CI/CD runs, ensuring long-term access even after the initial infection. This dual focus on endpoint secret theft and backdoors makes Shai-Hulud one of the most dangerous campaigns ever compared to previous compromises.
"The malicious code also attempts to leak data on GitHub by making private repositories public," according to a Tuesday blog post from security systems provider Sysdig: The Sysdig Threat Research Team (TRT) has been monitoring this worm's progress since its discovery. Due to quick response times, the number of new packages being compromised has slowed considerably. No new packages have been seen in several hours at the time...
Their blog post concludes "Supply chain attacks are increasing in frequency. It is more important than ever to monitor third-party packages for malicious activity."

Some context from Tom's Hardware: To be clear: This campaign is distinct from the incident that we covered on Sept. 9, which saw multiple npm packages with billions of weekly downloads compromised in a bid to steal cryptocurrency. The ecosystem is the same — attackers have clearly realized the GitHub-owned npm package registry for the Node.js ecosystem is a valuable target — but whoever's behind the Shai-Hulud campaign is after more than just some Bitcoin.

There's something rare about a snail named Ned, reports CNN: Ned's shell spirals left, while almost all other snails have right spiraling shells. It's a one in 40,000 genetic condition among the common corno espersum... "I was quite breathless for a moment," says Giselle Clarkson, an author, illustrator and self-described 'observologist' who found Ned while digging in her garden in Wairarapa, just north of capital Wellington. "I was just pulling out this plant, and a snail tumbled into the dirt and I was just about to scoop it up and just chuck it off to the side, when I realized what I had," Clarkson told CNN. It was a serendipitous moment for Ned, now named for Homer Simpson's left-handed neighbor. Clarkson was aware of this rare asymmetry in snails from her work with the magazine New Zealand Geographic.
But "should Ned hope to mate one day, it will have to be with another very rare left-coiled snail," notes the Washington Post (since, as CNN points out, this snail's reproductive organs "don't line up" with those of snails with right-spiraling shells). This has sparked a national campaign to locate a compatible snail — something that was last successfully attempted in 2016.

"If 40,000 people read this," the campaign explains, "chances are, Ned's dreams will come true."

A real estate developer searched Google for a cruise ship company's customer service number, reports the Washington Post, calling the number in Google's AI Overview. "He chatted with a knowledgeable representative and provided his credit card details," the Post's reporter notes — but the next day he "saw fishy credit card charges and realized that he'd been fooled by an impostor for Royal Caribbean customer service."

And the Post's reporter found the same phone number "appearing to impersonate other cruise company hotlines and popping up in Google and ChatGPT" (including Disney and Carnival's Princess line): He'd encountered an apparent AI twist on a classic scam targeting travelers and others searching Google for customer help lines of airlines and other businesses... The rep knew the cost and pickup locations for Royal Caribbean shuttles in Venice. [And "had persuasive explanations" when questioned about paying certain fees and gratuities.] The rep offered to waive the shuttle fees...

Here's how a scam like this typically works: Bad guys write on online review sites, message boards and other websites claiming that a number they control belongs to a company's customer service center. When you search Google, its technology looks for clues to relevant and credible information, including online advice. If scammer-controlled numbers are repeated as truth often enough online, Google may suggest them to people searching for a business.

Google is a patsy for scammers — and we're the ultimate victims. Google's AI Overviews and OpenAI's ChatGPT may use similar clues as Google's search engine to spit out information gleaned from the web. That makes them new AI patsies for the old impostor number scams.
"I've seen so many versions of similar trickery targeting Google users that I largely blame the company for not doing enough to safeguard its essential gateway to information," the reporter concludes, (adding "So did two experts in Google's inner workings.") The Post is now advising its reader to "be suspicious of phone numbers in Google results or in chatbots."

Reached for comment, a Google spokesman told the Post they'd "taken action" on several impostor numbers identified by the reporter. That spokesman also said Google continues to "work on broader improvements" to "address rarer queries like these." OpenAI said that many of the webpages that ChatGPT referenced with the bogus cruise number appear to have been removed, and that it can take time for its information to update "after abusive content is removed at the source."
Meanwhile, the man with the bogus charges has now canceled his credit card, the Post reports, with the charges being reversed. Reflecting on his experience, he tells the Post's readers "I can't believe that I fell for it. Be careful."

Slashdot reader ffkom writes: The air around you mostly consists of nitrogen [78%]. And in that air exist happy little monogamous pairs of two nitrogen atoms per molecule, also known as N2. Researchers from the University of Giessen, Germany, recently managed to synthesize N6 molecules, "the first, to our knowledge, experimentally realized neutral molecular nitrogen allotrope beyond N2 that exhibits unexpected stability."

And these appear to be pretty angry little molecules, as they detonate at more than twice the energy density than good old TNT:

A kiloton of N6 is 1.19×10**7mol, which can release an energy of 2.20×109kcal (9.21terajoules) based on the enthalpy. Considering that the standard kiloton TNT equivalent is 4.184terajoules, N6 can release 2.2 times the energy of TNT of the same weight. On the basis of the documented TNT equivalent based on weight for HMX (1.15) and RDX (1.15), N6 can release 1.9 times the energy of HMX or RDX with the same weight.

In interviews the researchers contemplated the possibility of using N6 as rocket fuel, given its superior energy density and that its reaction product is just N2, so basically air, but no smoke, no CO2 or other potentially harmful substances.

A Rutgers-led study using advanced computational modeling reveals that expanding solar power by just 15% could reduce U.S. carbon emissions by over 8.5 million metric tons annually, with the greatest benefits concentrated in specific regions like California, Texas, and the Southwest. The study has been published in Science Advances. From the report: The study quantified both immediate and delayed emissions reductions resulting from added solar generation. For example, the researchers found that in California, a 15% increase in solar power at noon was associated with a reduction of 147.18 metric tons of CO2 in the region in the first hour and 16.08 metric tons eight hours later.

The researchers said their methods provide a more nuanced understanding of system-level impacts from solar expansion than previous studies, pinpointing where the benefits of increased solar energy adoption could best be realized. In some areas, such as California, Florida, the mid-Atlantic, the Midwest, Texas and the Southwest, small increases in solar were estimated to deliver large CO2 reductions, while in others, such as New England, the central U.S., and Tennessee, impacts were found to be minimal -- even at much larger increases in solar generation.

In addition, the researchers said their study demonstrates the significant spillover effects solar adoption has on neighboring regions, highlighting the value of coordinated clean energy efforts. For example, a 15% increase in solar capacity in California was associated with a reduction of 913 and 1,942 metric tons of CO2 emissions per day in the northwest and southwest regions, respectively. "It was rewarding to see how advanced computational modeling can uncover not just the immediate, but also the delayed and far-reaching spillover effects of solar energy adoption," said the lead author Arpita Biswas, an assistant professor with the Department of Computer Science at the Rutgers School of Arts and Sciences. "From a computer science perspective, this study demonstrates the power of harnessing large-scale, high-resolution energy data to generate actionable insights. For policymakers and investors, it offers a roadmap for targeting solar investments where emissions reductions are most impactful and where solar energy infrastructure can yield the highest returns."

An anonymous reader quotes a report from Ars Technica: Google is fond of saying its mission is to "organize the world's information," but who gets to decide what information is worthy of organization? A San Francisco tech CEO has spent the past several years attempting to remove unflattering information about himself from Google's search index, and the nonprofit Freedom of the Press Foundation says he's still at it. Most recently, an unknown bad actor used a bug in one of Google's search tools to scrub the offending articles.

The saga began in 2023 when independent journalist Jack Poulson reported on Maury Blackman's 2021 domestic violence arrest. Blackman, who was then the CEO of surveillance tech firm Premise Data Corp., took offense at the publication of his legal issues. The case did not lead to charges after Blackman's 25-year-old girlfriend recanted her claims against the 53-year-old CEO, but Poulson reported on some troubling details of the public arrest report. Blackman has previously used tools like DMCA takedowns and lawsuits to stifle reporting on his indiscretion, but that campaign now appears to have co-opted part of Google's search apparatus. The Freedom of the Press Foundation (FPF) reported on Poulson's work and Blackman's attempts to combat it late last year. In June, Poulson contacted the Freedom of the Press Foundation to report that the article had mysteriously vanished from Google search results.

The foundation began an investigation immediately, which led them to a little-known Google search feature known as Refresh Outdated Content. Google created this tool for users to report links with content that is no longer accurate or that lead to error pages. When it works correctly, Refresh Outdated Content can help make Google's search results more useful. However, Freedom of the Press Foundation now says that a bug allowed an unknown bad actor to scrub mentions of Blackman's arrest from the Internet. Upon investigating, FPF found that its article on Blackman was completely absent from Google results, even through a search with the exact title. Poulson later realized that two of his own Substack articles were similarly affected. The Foundation was led to the Refresh Outdated Content tool upon checking its search console. The bug in the tool allowed malicious actors to de-index valid URLs from search results by altering the capitalization in the URL slug. Although URLs are typically case-sensitive, Google's tool treated them as case-insensitive. As a result, when someone submitted a slightly altered version of a working URL (for example, changing "anatomy" to "AnAtomy"), Google's crawler would see it as a broken link (404 error) and mistakenly remove the actual page from search results.

Ironically, Blackman is now CEO of the online reputation management firm The Transparency Company.

In 1995's online world, AOL existed mostly beside the internet as a "walled, manicured garden," remembers Fast Company.

Then along came AOHell "the first of what would become thousands of programs designed by young hackers to turn the system upside down" — built by a high school dropout calling himself "Da Chronic" who says he used "a computer that I couldn't even afford" using "a pirated copy of Microsoft Visual Basic." [D]istributed throughout the teen chatrooms, the program combined a pile of tricks and pranks into a slick little control panel that sat above AOL's windows and gave even newbies an arsenal of teenage superpowers. There was a punter to kick people out of chatrooms, scrollers to flood chats with ASCII art, a chat impersonator, an email and instant message bomber, a mass mailer for sharing warez (and later mp3s), and even an "Artificial Intelligence Bot" [which performed automated if-then responses]. Crucially, AOHell could also help users gain "free" access to AOL. The program came with a program for generating fake credit card numbers (which could fool AOL's sign up process), and, by January 1995, a feature for stealing other users' passwords or credit cards. With messages masquerading as alerts from AOL customer service reps, the tool could convince unsuspecting users to hand over their secrets...

Of course, Da Chronic — actually a 17-year-old high school dropout from North Carolina named Koceilah Rekouche — had other reasons, too. Rekouche wanted to hack AOL because he loved being online with his friends, who were a refuge from a difficult life at home, and he couldn't afford the hourly fee. Plus, it was a thrill to cause havoc and break AOL's weak systems and use them exactly how they weren't meant to be, and he didn't want to keep that to himself. Other hackers "hated the fact that I was distributing this thing, putting it into the team chat room, and bringing in all these noobs and lamers and destroying the community," Rekouche told me recently by phone...

Rekouche also couldn't have imagined what else his program would mean: a free, freewheeling creative outlet for thousands of lonely, disaffected kids like him, and an inspiration for a generation of programmers and technologists. By the time he left AOL in late 1995, his program had spawned a whole cottage industry of teenage script kiddies and hackers, and fueled a subculture where legions of young programmers and artists got their start breaking and making things, using pirated software that otherwise would have been out of reach... In 2014, [AOL CEO Steve] Case himself acknowledged on Reddit that "the hacking of AOL was a real challenge for us," but that "some of the hackers have gone on to do more productive things."

When he first met Mark Zuckerberg, he said, the Facebook founder confessed to Case that "he learned how to program by hacking [AOL]."
"I can't imagine somebody doing that on Facebook today," Da Chronic says in a new interview with Fast Company. "They'll kick you off if you create a Google extension that helps you in the slightest bit on Facebook, or an extension that keeps your privacy or does a little cool thing here and there. That's totally not allowed."

AOHell's creators had called their password-stealing techniques "phishing" — and the name stuck. (AOL was working with federal law enforcement to find him, according to a leaked internal email, but "I didn't even see that until years later.") Enrolled in college, he decided to write a technical academic paper about his program. "I do believe it caught the attention of Homeland Security, but I think they realized pretty quickly that I was not a threat."

He's got an interesting perspective today, noting with today's AI tool's it's theoretically possible to "craft dynamic phishing emails... when I see these AI coding tools I think, this might be like today's Visual Basic. They take out a lot of the grunt work."

What's the moral of the story? "I didn't have any qualifications or anything like that," Da Chronic says. "So you don't know who your adversary is going to be, who's going to understand psychology in some nuanced way, who's going to understand how to put some technological pieces together, using AI, and build some really wild shit."

"Anybody who's got a hosted SharePoint server has got a problem," the senior VP of cybersecurity firm CrowdStrike told the Washington Post. "It's a significant vulnerability."

And it's led to a new "global attack on government agencies and businesses" in the last few days, according to the article, "breaching U.S. federal and state agencies, universities, energy companies and an Asian telecommunications company, according to state officials and private researchers..."

"Tens of thousands of such servers are at risk, experts said, and Microsoft has issued no patch for the flaw, leaving victims around the world scrambling to respond." (Microsoft says they are "working on" security updates "for supported versions of SharePoint 2019 and SharePoint 2016," offering various mitigation suggestions, and CISA has released their own recommendations.)

From the Washington Post's article Sunday: Microsoft has suggested that users make modifications to SharePoint server programs or simply unplug them from the internet to stanch the breach. Microsoft issued an alert to customers but declined to comment further... "We are seeing attempts to exploit thousands of SharePoint servers globally before a patch is available," said Pete Renals, a senior manager with Palo Alto Networks' Unit 42. "We have identified dozens of compromised organizations spanning both commercial and government sectors.''

With access to these servers, which often connect to Outlook email, Teams and other core services, a breach can lead to theft of sensitive data as well as password harvesting, Netherlands-based research company Eye Security noted. What's also alarming, researchers said, is that the hackers have gained access to keys that may allow them to regain entry even after a system is patched. "So pushing out a patch on Monday or Tuesday doesn't help anybody who's been compromised in the past 72 hours," said one researcher, who spoke on the condition of anonymity because a federal investigation is ongoing.

The breaches occurred after Microsoft fixed a security flaw this month. The attackers realized they could use a similar vulnerability, according to the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency. CISA spokeswoman Marci McCarthy said the agency was alerted to the issue Friday by a cyber research firm and immediately contacted Microsoft... The nonprofit Center for Internet Security, which staffs an information-sharing group for state and local governments, notified about 100 organizations that they were vulnerable and potentially compromised, said Randy Rose, the organization's vice president. Those warned included public schools and universities. Others that were breached included a government agency in Spain, a local agency in Albuquerque and a university in Brazil, security researchers said.
But there's many more breaches, according to the article:

• "Eye Security said it has tracked more than 50 breaches, including at an energy company in a large state and several European government agencies."

• "At least two U.S. federal agencies have seen their servers breached, according to researchers."

• "One state official in the eastern U.S. said the attackers had 'hijacked' a repository of documents provided to the public to help residents understand how their government works. The agency involved can no longer access the material..."

"It was not immediately clear who is behind the hacking of global reach or what its ultimate goal is. One private research company found the hackers targeting servers in China..."

Historian Garrett M. Graff describes his upcoming book, The Devil Reached Toward the Sky: An Oral History of the Making and Unleashing of the Atomic Bomb. "I assembled an oral history of the Manhattan Project, the bombings of Hiroshima and Nagasaki and the end of World War II in the Pacific, told through the voices of around 500 participants and witnesses of the events — including luminaries like Albert Einstein and Oppenheimer and political figures like President Harry Truman."

It was 80 years ago this week that physicists and 150 other leaders in the atomic bomb program "gathered in the desert outside Alamogordo, New Mexico, for the world's first test of a nuclear explosion." In an except from his upcoming book, Graff publishes quotes from eyewitness: Brig. Gen. Leslie Groves: I had become a bit annoyed with Fermi when he suddenly offered to take wagers from his fellow scientists on whether or not the bomb would ignite the atmosphere, and if so, whether it would merely destroy New Mexico or destroy the world. He had also said that after all it wouldn't make any difference whether the bomb went off or not because it would still have been a well worthwhile scientific experiment. For if it did fail to go off, we would have proved that an atomic explosion was not possible. Afterward, I realized that his talk had served to smooth down the frayed nerves and ease the tension of the people at the base camp, and I have always thought that this was his conscious purpose. Certainly, he himself showed no signs of tension that I could see...

As the hour approached, we had to postpone the test — first for an hour and then later for 30 minutes more — so that the explosion was actually three- and one-half hours behind the original schedule... Our preparations were simple. Everyone was told to lie face down on the ground, with his feet toward the blast, to close his eyes and to cover his eyes with his hands as the countdown approached zero. As soon as they became aware of the flash they could turn over and sit or stand up, covering their eyes with the smoked glass with which each had been supplied... The quiet grew more intense. I, myself, was on the ground between Bush and Conant...

Edward Teller: We all were lying on the ground, supposedly with our backs turned to the explosion. But I had decided to disobey that instruction and instead looked straight at the bomb. I was wearing the welder's glasses that we had been given so that the light from the bomb would not damage our eyes. But because I wanted to face the explosion, I had decided to add some extra protection. I put on dark glasses under the welder's glasses, rubbed some ointment on my face to prevent sunburn from the radiation, and pulled on thick gloves to press the welding glasses to my face to prevent light from entering at the sides... We all listened anxiously as the broadcast of the final countdown started; but, for whatever reason, the transmission ended at minus five seconds...

Kenneth T. Bainbridge: My personal nightmare was knowing that if the bomb didn't go off or hang-fired, I, as head of the test, would have to go to the tower first and seek to find out what had gone wrong...

Brig. Gen. Thomas F. Farrell: Dr. Oppenheimer held on to a post to steady himself. For the last few seconds, he stared directly ahead.
A few examples of how they remembered the explosion:

• William L. Laurence: There rose from the bowels of the earth a light not of this world, the light of many suns in one.

• Kenneth T. Bainbridge: I felt the heat on the back of my neck, disturbingly warm.

• George B. Kistiakowsky: I am sure that at the end of the world — in the last millisecond of the earth's existence — the last man will see what we have just seen.

• Brig. Gen. Thomas F. Farrell: Oppenheimer's face relaxed into an expression of tremendous relief.

• J. Robert Oppenheimer: We knew the world would not be the same. A few people laughed, a few people cried.

• Norris Bradbury, physicist, Los Alamos Lab: Some people claim to have wondered at the time about the future of mankind. I didn't. We were at war, and the damned thing worked.

The Verge's Emma Roth reports: The News/Media Alliance, a trade association behind major news publishers, announced that it has "successfully secured" the removal of 12ft.io, a website that helped users bypass paywalls online. The trade association says 12ft.io's webhost took down the site on July 14th "following the News/Media Alliance's efforts." 12ft.io -- or 12 Foot Ladder -- also allowed users to view webpages without ads, trackers, or pop-ups by disguising a user's browser as a web crawler, giving them unfettered access to a webpage's contents. Software engineer Thomas Millar says he created the site when he realized "8 of the top 10 links on Google were paywalled" when doing research during the pandemic. [...]

In its announcement, News/Media Alliance says 12ft.io "offered illegal circumvention technology" that allowed users to access copyrighted content without paying for it. The organization adds that it will take "similar actions" against other sites that let users get around paywalls. The News Media Alliance recently called Google's AI Mode "theft." (Like many chatbots, Google's AI Mode eliminates the need to visit a website, starving publishers of the pageviews they need to be compensated for their work.) "Publishers commit significant resources to creating the best and most informative content for consumers, and illegal tools like 12ft.io undermine their ability to financially support that work through subscriptions and ad revenue," News/Media Alliance president and CEO Danielle Coffey said in the press release. "Taking down paywall bypassers is an essential part of ensuring we have a healthy and sustainable information ecosystem."

"In the battle for Ukraine, the front line is increasingly at a standstill" because of "rapid innovations in drone technology..." according to the Wall Street Journal. "Each side has hundreds of them constantly in the air across the 750-mile front line."

And drones "now bring everything from food and water to ammunition, power banks — and, in at least one case, a fire extinguisher — to the front, sparing soldiers trips through the most dangerous part of the battlefield where enemy drones might pick them off." Drones can lay mines, deliver everything from ammunition to medication and even evacuate wounded or dead soldiers. Crucially, drones spot any movement along the front line and are dispatched to strike enemy troops and vehicles. When Russia sent tank columns into Ukraine in February 2022, Ukraine needed to find out where they were headed — and fast. Enter the humble "wedding drone," available in stores for about $2,000 and repurposed to scan for enemy units rather than capture nuptial panoramas. Deployed by enthusiasts acting independently or attached to army units, the drones helped Ukrainian forces, which were vastly outnumbered and outgunned, to know exactly where to deploy to counter Russian arrowheads.

Surveillance drones quickly became a necessity rather than a luxury. Often provided by charity funds, they were used to scan enemy positions for equipment, stores and headquarters.... A cheap and simple tweak made the so-called wedding drones deadly. Tech buffs realized that a simple claw-like contraption, created using a 3-D printer, could be activated from the radio controller by turning on the drone's light, causing it to release a grenade. The explosion could wound or kill a soldier or even detonate an armored vehicle if dropped through its hatch. Over time, soldiers experimented with ways to add more explosives, for example by melting down explosives garnered from Soviet-era munitions and pouring them into new, lighter plastic casings.

No innovation has had a bigger impact on the war in Ukraine than first-person-view, or FPV, drones. With explosives strapped to them, FPVs fly directly into their targets, turning them into low-cost suicide bombers. Though FPVs don't deliver as much explosive punch as rockets, they are far more accurate — and the sheer volume that Ukraine has manufactured means they can be deployed to similar effect... Sitting in a bunker several miles behind the front, a drone pilot slips on FPV goggles to see the view from the drone's camera and fly it into an enemy position or asset. The Russians have since adopted FPVs en masse. Their abundance has played a central role in slowing down the movement of the front line. Anything within around 12 miles of the contact line can now become a target for FPVs. They are so cheap to make that both sides can expend them on any target — even a single infantryman.

Because they are so small and fast, FPVs are difficult to shoot down. The main defense against them has been electronic jamming systems, which disrupt the communication between the drone and the pilot. Though most drone innovations in the war have come from the Ukrainian side, the Russians pioneered the most important adaptation for FPV drones — the addition of a fiber-optic cable connecting the drone to the pilot that can overcome jamming.
Benjamin Franklin once predicted flying machines might "convince sovereigns of the folly of war... since it will be impracticable for the most potent of them to guard his dominions..."

A Maine police department has now acknowledged "it inadvertently shared an AI-altered photo of drug evidence on social media," reports Boston.com: The image from the Westbrook Police Department showed a collection of drug paraphernalia purportedly seized during a recent drug bust on Brackett Street, including a scale and white powder in plastic bags. According to Westbrook police, an officer involved in the arrests snapped the evidence photo and used a photo editing app to insert the department's patch. "The patch was added, and the photograph with the patch was sent to one of our Facebook administrators, who posted it," the department explained in a post. "Unbeknownst to anyone, when the app added the patch, it altered the packaging and some of the other attributes on the photograph. None of us caught it or realized it."

It wasn't long before the edited image's gibberish text and hazy edges drew criticism from social media users. According to the Portland Press Herald, Westbrook police initially denied AI had been used to generate the photo before eventually confirming its use of the AI chatbot ChatGPT. The department issued a public apology Tuesday, sharing a side-by-side comparison of the original and edited images.

"It was never our intent to alter the image of the evidence," the department's post read. "We never realized that using a photoshop app to add our logo would alter a photograph so substantially."

An anonymous reader shared this report from the San Francisco Standard: About an hour into my meeting with the undisputed hackathon king of San Francisco, Rene Turcios asked if I wanted to smoke a joint with him. I politely declined, but his offer hardly surprised me. Turcios has built a reputation as a cannabis-loving former professional Yu-Gi-Oh! player who resells Labubus out of his Tenderloin apartment when he's not busy attending nearly every hackathon happening in the city. Since 2023, Turcios, 29, has attended more than 200 events, where he's won cash, software credits, and clout. "I'm always hustling," he said.

The craziest part: he doesn't even know how to code.

"Rene is the original vibe coder," said RJ Moscardon, a friend and fellow hacker who watched Turcios win second place at his first-ever hackathon at the AGI House mansion in Hillsborough. "All the engineers with prestigious degrees scoffed at him at first. But now they're all doing exactly the same thing...." Turcios was vibe coding long before the technique had a name — and was looked down upon by longtime hackers for using AI. But as Tiger Woods once said, "Winning takes care of everything...."

Instead of vigorously coding until the deadline, he finished his projects hours early by getting AI to do the technical work for him. "I didn't write a single line of code," Turcios said of his first hackathon where he prompted ChatGPT using plain English to generate a program that can convert any song into a lo-fi version. When the organizers announced Turcios had won second place, he screamed in celebration.... "I realized that I could compete with people who have degrees and fancy jobs...."

Turcios is now known for being able to build anything quickly. Businesses reach out to him to contract out projects that would take software engineering teams weeks — and he delivers in hours. He's even started running workshops to teach non-technical groups and experienced software engineers how to get the most out of AI for coding.
"He grew up in Missouri to parents who worked in an international circus, taming bears and lions..."

Thousands of Norwegians briefly believed they had won massive Eurojackpot prizes after a manual coding error by Norsk Tipping mistakenly multiplied winnings by 100 instead of dividing. The Register reports: Eurojackpot, a pan-European lottery launched in 2012, holds two draws per week, and its jackpots start at about $12 million with a rollover cap of $141 million. Norsk Tipping, Norway's Eurojackpot administrator, admitted on Friday that a "manual error" it its conversion process from Eurocents to Norwegian kroner multiplied amounts by 100 instead of dividing them. As a result, "thousands" of players were briefly shown jackpots far higher than their actual winnings before the mistake was caught, but no incorrect payouts were made.

Norsk Tipping didn't disclose how large the false jackpots were, but math suggests the improper amounts were 10,000x times higher. Regardless, it seems like a lot of people thought they were big winners, based on what the company's now-former CEO, Tonje Sagstuen, said on Saturday. "I have received many messages from people who had managed to make plans for holidays, buying an apartment or renovating before they realized that the amount was wrong," Sagstuen said in a statement. "To them I can only say: Sorry!" The incorrect prize amounts were visible on the Norsk Tipping website only briefly on Friday, but the CEO still resigned over the weekend following the incident.

While one of the Norsk Tipping press releases regarding the incident described it as "not a technical error," it still appears someone fat-fingered a bit of data entry. The company said it will nonetheless be investigating how such a mistake could have happened "to prevent something similar from happening again."

Mitch Kapor dropped out of MIT's business school in 1979 — and had soon cofounded the pioneering spreadsheet company Lotus. He also cofounded the EFF, was the founding chair of the Mozilla Foundation, and is now a billionaire (and an VC investor at Kapor Capital).

45 years later, when the 74-year-old was invited to give a guest lecture at MIT's business school last year by an old friend (professor Bill Aulet), he'd teased the billionaire that "there's only one problem, Mitch, I see here you haven't graduated from MIT."

The Boston Globe tells the story... After graduating from Yale in 1971 and bouncing around for almost a decade as "a lost and wandering soul," working as a disc jockey, a Transcendental Meditation teacher, and a mental health counselor, Kapor said he became entranced by the possibilities of the new Apple II personal computer. He started writing programs to solve statistics problems and analyze data, which caught the attention of Boston-area software entrepreneurs Dan Bricklin and Bob Frankston, who co-created VisiCalc, one of the first spreadsheet programs. They introduced Kapor to their California-based software publisher, Personal Software.

Midway through Kapor's 12-month master's program, the publisher offered him the then-princely sum of about $20,000 if he'd adapt his stats programs to work with VisiCalc. To finish the project, he took a leave from MIT, but then he decided to leave for good to take a full-time job at Personal. Comparing his decision to those of other famed tech founder dropouts, like Bill Gates, Kapor said he felt the startup world was calling to him. "It was just so irresistible," he said. "It felt like I could not let another moment go by without taking advantage of this opportunity or the window would close...."

When Aulet made his joke on the phone call with his old friend in 2024, Kapor had largely retired from investing and realized that he wanted to complete his degree. "I don't know what prompted me, but it started a conversation" with MIT about the logistics of finally graduating, Kapor said. By the time Kapor gave the lecture in March, Aulet had discovered Kapor was only a few courses short. MIT does not give honorary degrees, but school officials allow students to make up for missing classes with an independent study and a written thesis. Kapor decided to write a paper on the roots and development of his investing strategy. "It's timely, it's highly relevant, and I have things to say," he said.

One 77-page thesis later, Kapor, donning a cap and gown, finally received his master's degree in May, at a ceremony in the Hyatt Regency Hotel in Cambridge, not far from where he founded Lotus.

An anonymous reader shared this report from Smithsonian magazine: Last year, Australian scientists picked up a mysterious burst of radio waves that briefly appeared brighter than all other signals in the sky. Now, the researchers have discovered the blast didn't come from a celestial object, but a defunct satellite orbiting Earth... "We got all excited, thinking maybe we'd discovered a new pulsar or some other object," says Clancy James, a researcher at Australia's Curtin University who is on the Australian Square Kilometer Array Pathfinder (ASKAP) team, to Alex Wilkins at New Scientist. After taking a closer look, however, the team realized that the only viable source for the burst was NASA's dead Relay 2, a short-lived satellite that hasn't been in operation since 1967....

The researchers also discovered that at the time of the event, the satellite was only around 2,800 miles away from Earth, which explains why the signal appeared so strong. The reason behind Relay 2's sudden burst is not clear, but the team has come up with two potential explanations — and neither involves the satellite coming back to life like a zombie. One relates to electrostatic discharge — a build-up of electricity that can result in a sudden blast. Spacecraft get charged with electricity when they pass through plasma, and once enough charge accumulates, it can create a spark. "New spacecraft are built with materials to reduce the build-up of charge, but when Relay 2 was launched, this wasn't well-understood," explains James to Space.com's Robert Lea. The other idea is that a micrometeorite hit the satellite, releasing a small cloud of plasma and radio waves.

Karen Aplin, a space scientist at the University of Bristol in England who was not involved in the study, tells New Scientist that it would be tough to differentiate between signals produced by each of those two scenarios, because they would look very similar. The researchers say they favor the first idea, however, because micrometeorites the size of the one that could have caused the signal are uncommon.
"Their findings were published in a pre-print paper on the arXiv server that has not yet been peer-reviewed."

On the International Space Station, air has been slowly leaking out for years from a Russia-controlled module, reports CNN. But recently "station operators realized the gradual, steady leak had stopped. And that raised an even larger concern." It's possible that efforts to seal cracks in the module's exterior wall have worked, and the patches are finally trapping air as intended. But, according to NASA, engineers are also concerned that the module is actually holding a stable pressure because a new leak may have formed on an interior wall — causing air from the rest of the orbiting laboratory to begin rushing into the damaged area. Essentially, space station operators are worried that the entire station is beginning to lose air.

Much about this issue is unknown. NASA revealed the concerns in a June 14 statement. The agency said it would delay the launch of the private Ax-4 mission, carried out by SpaceX and Houston-based company Axiom Space, as station operators worked to pinpoint the problem. "By changing pressure in the transfer tunnel and monitoring over time, teams are evaluating the condition of the transfer tunnel and the hatch seal," the statement read.

More than a week later, the results of that research are not totally clear. After revealing the new Wednesday launch target Monday night, NASA said in a Tuesday statement that it worked with Roscosmos officials to investigate the issue. The space agencies agreed to lower the pressure in the transfer tunnel, and "teams will continue to evaluate going forward," according to the statement... The cracks are minuscule and mostly invisible to the naked eye, hence the difficulty attempting to patch problem areas.
Axiom Space launched four astronauts to the International Space Station on Wednesday.

But its four-person crew had previously "remained locked in quarantine in Florida for about a month, waiting for their chance to launch," notes CNN, as NASA and the Russian space agency Roscosmos "attempted to sort through" the leak issue.

sciencehabit shares a report from Science.org: The newly discovered microbe provisionally known as Sukunaarchaeum isn't a virus. But like viruses, it seemingly has one purpose: to make more of itself. As far as scientists can tell from its genome -- the only evidence of its existence so far -- it's a parasite that provides nothing to the single-celled creature it calls home. Most of Sukunaarchaeum's mere 189 protein-coding genes are focused on replicating its own genome; it must steal everything else it needs from its host Citharistes regius, a dinoflagellate that lives in ocean waters all over the world. Adding to the mystery of the microbe, some of its sequences identify it as archaeon, a lineage of simple cellular organisms more closely related to complex organisms like us than to bacteria like Escherichia coli.

The discovery of Sukunaarchaeum's bizarrely viruslike way of living, reported last month in a bioRxiv preprint, "challenges the boundaries between cellular life and viruses," says Kate Adamala, a synthetic biologist at the University of Minnesota Twin Cities who was not involved in the work. "This organism might be a fascinating living fossil -- an evolutionary waypoint that managed to hang on." Adamala adds that if Sukunaarchaeum really does represent a microbe on its way to becoming a virus, it could teach scientists about how viruses evolved in the first place. "Most of the greatest transitions in evolution didn't leave a fossil record, making it very difficult to figure out what were the exact steps," she says. "We can poke at existing biochemistry to try to reconstitute the ancestral forms -- or sometimes we get a gift from nature, in the form of a surviving evolutionary intermediate."

What's already clear: Sukunaarchaeum is not alone. When team leader Takuro Nakayama, an evolutionary microbiologist at Tsukuba, and his colleagues sifted through publicly available DNA sequences extracted from seawater all over the world, they found many sequences similar to those of Sukunaarchaeum. "That's when we realized that we had not just found a single strange organism, but had uncovered the first complete genome of a large, previously unknown archaeal lineage," Nakayama says.

Edd Gent reporting for IEEE Spectrum: IBM has unveiled a new quantum computing architecture it says will slash the number of qubits required for error correction. The advance will underpin its goal of building a large-scale, fault-tolerant quantum computer, called Starling, that will be available to customers by 2029. Because of the inherent unreliability of the qubits (the quantum equivalent of bits) that quantum computers are built from, error correction will be crucial for building reliable, large-scale devices. Error-correction approaches spread each unit of information across many physical qubits to create "logical qubits." This provides redundancy against errors in individual physical qubits.

One of the most popular approaches is known as a surface code, which requires roughly 1,000 physical qubits to make up one logical qubit. This was the approach IBM focused on initially, but the company eventually realized that creating the hardware to support it was an "engineering pipe dream," Jay Gambetta, the vice president of IBM Quantum, said in a press briefing. Around 2019, the company began to investigate alternatives. In a paper published in Nature last year, IBM researchers outlined a new error-correction scheme called quantum low-density parity check (qLDPC) codes that would require roughly one-tenth of the number of qubits that surface codes need. Now, the company has unveiled a new quantum-computing architecture that can realize this new approach. "We've cracked the code to quantum error correction and it's our plan to build the first large-scale, fault-tolerant quantum computer," said Gambetta, who is also an IBM Fellow. "We feel confident it is now a question of engineering to build these machines, rather than science."