A hacking group claims to have pulled data from a GitLab instance connected to Red Hat's consulting business, scooping up 570 GB of compressed data from 28,000 customers. From a report: The hack was first reported by BleepingComputer and has been confirmed by Red Hat itself. "Red Hat is aware of reports regarding a security incident related to our consulting business and we have initiated necessary remediation steps," Stephanie Wonderlick, Red Hat's VP of communications told 404 Media.

A file released by the hackers and viewed by 404 Media suggested that the hacking group may have acquired some data related to about 800 clients, including Vodafone, T-Mobile, the US Navy's Naval Surface Warfare Center, the Federal Aviation Administration, Bank of America, AT&T, the U.S. House of Representatives, and Walmart.

Apple has paused development of a cheaper, lighter Vision Pro headset to shift resources toward AI-powered smart glasses aimed at competing with Meta. Bloomberg's Mark Gurman reports: The company had been preparing a cheaper, lighter variant of its headset -- code-named N100 -- for release in 2027. But Apple announced internally last week that it's moving staff from that project to accelerate work on glasses, according to people with knowledge of the matter. The company is working on at least two types of smart glasses. The first one, dubbed N50, will pair with an iPhone and lack its own display. Apple aims to unveil this model as soon as next year, ahead of a release in 2027, said the people, who asked not to be identified discussing internal matters.

Apple is also working on a version with a display -- something that could challenge the just-released Meta Ray-Ban Display. The Apple version had been planned for 2028, but the company is now looking to accelerate development, the people said. [...] Apple's glasses will rely heavily on voice interaction and artificial intelligence -- two areas where it hasn't always excelled. It was slow to introduce the Apple Intelligence platform and had to delay upgrades to its Siri voice assistant.

The Apple glasses are expected to come in a variety of styles and run a new chip. They'll include speakers for music playback, cameras for media recording, and voice-control features that will work with a connected phone. Apple has also been exploring a suite of health-tracking capabilities for the device. The priority shift to glasses is just the latest change to the company's headset strategy following an underwhelming debut by the Vision Pro. The $3,499 product, which melds virtual and augmented reality, is seen as too heavy and expensive to be a mainstream hit. It's also short on both video content and apps. Apple executives have acknowledged the product's shortcomings in private, viewing it as an overengineered piece of technology.

An anonymous reader quotes a report from Ars Technica: TiVo's Q2 2025 Video Trends Report: North America released today points to growth in cord reviving. It reads: "The share of respondents who cut the cord but later decided to resubscribe to a traditional TV service has increased about 10 percent, to 31.9 percent in Q2 2025." TiVo's report is based on a survey conducted by an unspecified third-party survey service in Q2 2025. The respondents are 4,510 people who are at least 18 years old and living in the US or Canada, and the survey defines traditional TV services as pay-TV platforms offering linear television via cable, satellite, or managed IPTV platforms.

It's important to note that TiVo is far from an impartial observer. In addition to selling an IPTV platform, its parent company, Xperi, works with cable, broadband, and pay-TV providers and would directly benefit from the existence or perception of a cord reviving "trend." When reached for comment, a TiVo spokesperson said via email that cord reviving is driven by a "mixture of reasons, with internet bundle costs, familiarity of use, and local content (sports, news, etc.) being the primary drivers." The rep noted that it's "likely" that those re-subscribing to traditional TV services are using them alongside some streaming subscriptions. "It's possible that users are churning off some [streaming] services where there is overlap with traditional TV services," TiVo's spokesperson said.

Alongside its updated Sora 2 AI video generator, OpenAI has launched an iPhone-only social app called Sora that lets users consent to have friends create deepfake-style cameos of them. The invite-only app works a lot like TikTok with short remixable videos but enforces restrictions on public figures and explicit content. The Verge reports: In a briefing with reporters on Monday, employees called it the potential "ChatGPT moment for video generation." The Sora app is currently only available to US and Canada users, with other countries set to follow, and when someone receives access, they also get four additional invites to share with friends. There's no word on when an Android version might be released.

Sora users can give their friends -- or, if they're feeling bold, everyone -- permission to create "cameos" with their own likeness using the new video model, which is dubbed Sora 2. The person whose likeness is being generated is a "co-owner" of that end result, OpenAI employees said, and they can delete it or revoke access to others at any time. Like TikTok, OpenAI's Sora app allows you to interact with other videos and trends using a "Remix" feature, but it only allows for the generation of 10-second videos for now.

Long-time Slashdot reader theodp says America's Patent and Trademark Office (USPTO) has granted a patent to Tableau (Salesforce's visual analytics platform) — for a patent covering "Data Processing For Visualizing Hierarchical Data": "A provided data model may include a tree specification that declares parent-child relationships between objects in the data model. In response to a query associated with objects in the data model: employing the parent-child relationships to determine a tree that includes parent objects and child objects from the objects based on the parent-child relationships; determining a root object based on the query and the tree; traversing the tree from the root object to visit the child objects in the tree; determining partial results based on characteristics of the visited child objects such that the partial results are stored in an intermediate table; and providing a response to the query that includes values based on the intermediate table and the partial results."

A set of 15 simple drawings is provided to support the legal and tech gobbledygook of the invention claims. A person can have a manager, Tableau explains in Figures 5-6 of its accompanying drawings, and that manager can also manage and be managed by other people. Not only that, Tableau illustrates in Figures 7-10 that computers can be used to count how many people report to a manager. How does this magic work, you ask? Well, you "generate [a] tree" [Fig. 13] and "traverse a tree" [Fig. 15], Tableau explains. But wait, there's more — you can also display the people who report to a manager in multi-level or nested pie charts (aka Sunburst charts), Tableau demonstrates in Fig. 11.

Interestingly, Tableau released a "pre-Beta" Sunburst chart type in late April 2023 but yanked it at the end of June 2023 (others have long-supported Sunburst charts, including Plotly). So, do you think Tableau should be awarded a patent in 2025 on a concept that has roots in circa-1921 Sunburst charts and tree algorithms taught to first-year CS students in circa-1975 Data Structures courses?

An anonymous reader shared this report from Computer Weekly: Policing data hosted in Microsoft's hyperscale cloud infrastructure could be processed in more than 100 countries, but the tech giant is obfuscating this information from its customers, Computer Weekly can reveal. According to documents released by the Scottish Police Authority (SPA) under freedom of information (FoI) rules, Microsoft refused to hand over crucial information about its international data flows to the SPA and Police Scotland when asked...

The tech giant also refused to disclose its own risk assessments into the transfer of UK policing data to other jurisdictions, including China and others deemed "hostile" in the DPIA documents. This means Police Scotland and the SPA — which are jointly rolling out Office 365 — are unable to satisfy the law enforcement-specific data protection rules laid out in Part Three of the Data Protection Act 2018 (DPA18), which places strict limits on the transfer of policing data outside the UK. The same documents also contain an admission from Microsoft — given while simultaneously refusing to divulge key information about data flows — that it is unable to guarantee the sovereignty of policing data held and processed within its O365 infrastructure. This echoes the statements senior Microsoft representatives made to the French senate in June 2025, in which they admitted the company cannot guarantee the sovereignty of European data stored and processed in its services generally.

The revelation that Microsoft may access customer data from more than 100 countries is a result of the correspondence previously disclosed under Freedom of Information and reported on by Computer Weekly... All in all, an analysis of Microsoft's distributed documentation — conducted by independent security consultant Owen Sayers and shared with Computer Weekly — suggests that Microsoft personnel or contractors can remotely access the data from 105 different countries, using 148 different sub-processors. Despite technically being public, Sayers highlighted how this information is not transparently laid out for Microsoft customers, and is distributed across different documents contained in non-indexed webpages.... "[A]ny normal amount of due diligence — even if it is conducted by skilled persons will likely fail to see the full scope of offshoring in play," he said...

Microsoft did not contest the accuracy of the remote access location figures cited by Computer Weekly in this story.

alternative_right writes: Americans are more likely to watch newly released movies from the comfort of their own homes instead of heading out to a theater, according to a new poll.

About three-quarters of U.S. adults said they watched a new movie on streaming instead of in the theater at least once in the past year, according to the survey from The Associated Press-NORC Center for Public Affairs Research, including about 3 in 10 who watched new movies on streaming at least once a month.

Meanwhile, about two-thirds of Americans said that they've watched a recently released movie in a theater in the past year, and only 16% said they went at least once a month. The results suggest that, on the whole, American moviegoers are more likely to stream a film than see it in the theaters, a shifting tide that was only accelerated during the COVID-19 pandemic and its aftermath.

Nine major European banks are creating a Netherlands-based company to launch a euro-backed stablecoin in 2026, aiming to counter U.S. dominance in the digital token market. Reuters reports: While global stablecoin issuance stands at nearly $300 billion, euro-denominated stablecoins totalled just $620 million, according to figures released last week by the Bank of Italy, with dollar-pegged tokens overwhelmingly dominant. "The initiative will provide a real European alternative to the U.S.-dominated stablecoin market, contributing to Europe's strategic autonomy in payments," the banks said. They launched the effort, which they said will create a token that can be used for quick, low-cost payments and settlements, even as the European Central Bank voices scepticism over stablecoins.

ECB President Christine Lagarde in June told European policymakers that privately issued stablecoins posed risks for monetary policy and financial stability. As a safer alternative, she has urged European lawmakers to introduce legislation backing the launch of a digital version of the EU's single currency. Some commercial banks, however, have pushed back against the introduction of a digital euro, fearing that it would empty their coffers as customers transfer cash out of banks and into the safety of an ECB-guaranteed wallet. In addition to ING and UniCredit, the other banks participating in the new company include Banca Sella, KBC, DekaBank, Danske Bank, SEB, Caixabank, and Raiffeisen Bank International. They said that others could join the initiative, and a CEO for the company would be appointed soon. According to a recent report by Deutsche Bank, emerging market economies are adopting dollar-based stablecoins to replace local deposits and cash. "This has created a global monetary dilemma: countries should adopt stablecoins or risk being left behind. Europe is under particular pressure."

An anonymous reader shares a report: OpenAI released a new benchmark on Thursday that tests how its AI models perform compared to human professionals across a wide range of industries and jobs. The test, GDPval, is an early attempt at understanding how close OpenAI's systems are to outperforming humans at economically valuable work -- a key part of the company's founding mission to develop artificial general intelligence or AGI.

OpenAI says its found that its GPT-5 model and Anthropic's Claude Opus 4.1 "are already approaching the quality of work produced by industry experts." That's not to say that OpenAI's models are going to start replacing humans in their jobs immediately. Despite some CEOs' predictions that AI will take the jobs of humans in just a few years, OpenAI admits that GDPval today covers a very limited number of tasks people do in their real jobs. However, it is one of the latest ways the company is measuring AI's progress towards this milestone. GDPval is based on nine industries that contribute the most to America's gross domestic product, including domains such as healthcare, finance, manufacturing, and government. The benchmark tests an AI model's performance in 44 occupations among those industries, ranging from software engineers to nurses to journalists.

An anonymous reader quotes a report from Ars Technica: If an Iranian taxi driver waves away your payment, saying, "Be my guest this time," accepting their offer would be a cultural disaster. They expect you to insist on paying -- probably three times -- before they'll take your money. This dance of refusal and counter-refusal, called taarof, governs countless daily interactions in Persian culture. And AI models are terrible at it.

New research released earlier this month titled "We Politely Insist: Your LLM Must Learn the Persian Art of Taarof" shows that mainstream AI language models from OpenAI, Anthropic, and Meta fail to absorb these Persian social rituals, correctly navigating taarof situations only 34 to 42 percent of the time. Native Persian speakers, by contrast, get it right 82 percent of the time. This performance gap persists across large language models such as GPT-4o, Claude 3.5 Haiku, Llama 3, DeepSeek V3, and Dorna, a Persian-tuned variant of Llama 3.

A study led by Nikta Gohari Sadr of Brock University, along with researchers from Emory University and other institutions, introduces "TAAROFBENCH," the first benchmark for measuring how well AI systems reproduce this intricate cultural practice. The researchers' findings show how recent AI models default to Western-style directness, completely missing the cultural cues that govern everyday interactions for millions of Persian speakers worldwide. "Cultural missteps in high-consequence settings can derail negotiations, damage relationships, and reinforce stereotypes," the researchers write.

"Taarof, a core element of Persian etiquette, is a system of ritual politeness where what is said often differs from what is meant," the researchers write. "It takes the form of ritualized exchanges: offering repeatedly despite initial refusals, declining gifts while the giver insists, and deflecting compliments while the other party reaffirms them. This 'polite verbal wrestling' (Rafiee, 1991) involves a delicate dance of offer and refusal, insistence and resistance, which shapes everyday interactions in Iranian culture, creating implicit rules for how generosity, gratitude, and requests are expressed."

Customs and Border Protection collected DNA from nearly 2,000 US citizens between 2020 and 2024 and sent the samples to the FBI's CODIS crime database, according to Georgetown Law's Center on Privacy & Technology analysis of newly released government data. The collection included approximately 95 minors, some as young as 14, and travelers never charged with crimes.

Congress never authorized DNA collection from citizens, children or civil detainees. DHS has contributed 2.6 million profiles to CODIS since 2020, with 97% collected under civil rather than criminal authority. The expansion followed a 2020 Justice Department rule that revoked DHS's waiver from DNA collection requirements. Former FBI director Christopher Wray testified in 2023 that monthly DNA submissions jumped from a few thousand to 92,000, creating a backlog of 650,000 unprocessed kits. Georgetown researchers project DHS could account for one-third of CODIS by 2034. The DHS Inspector General found in 2021 that the department lacked central oversight of DNA collection.

AI companies like OpenAI have been quick to unveil plans for spending hundreds of billions of dollars on data centers, but they have been slower to show how they will pull in revenue to cover all those expenses. Now, the consulting firm Bain & Co. is estimating the shortfall could be far larger than previously understood. Bloomberg: By 2030, AI companies will need $2 trillion in combined annual revenue to fund the computing power needed to meet projected demand, Bain said in its annual Global Technology Report released Tuesday. Yet their revenue is likely to fall $800 billion short of that mark as efforts to monetize services like ChatGPT trail the spending requirements for data centers and related infrastructure, Bain predicted.

The report is set to raise further questions about the AI industry's valuations and business model. The increasing popularity of services such as OpenAI's ChatGPT and Google's Gemini, as well as AI efforts by companies across the planet, means demand for computing capacity and energy is rising at a rapid clip. But the savings provided by AI and companies' ability to generate additional revenue from AI is lagging behind that pace.

Longtime Slashdot reader hackingbear writes: The Chinese People's Liberation Army Navy (PLAN) has demonstrated its ability to launch and recover aircraft from its first electromagnetic catapult-equipped aircraft carrier, the CNS Fujian. Official imagery released by the PLAN today confirms that the new J-35 naval stealth fighters, KJ-600 airborne early warning and control aircraft, and J-15T fighter jet are carrying out carrier trials. Ben Lewis, a co-founder of PLATracker, told USNI News that the test was a "significant milestone" for the Chinese military's carrier program. "Once operational, the PLAN will have the capacity to field fifth-generation stealth carrier aircraft, supported by fixed-wing carrier-based airborne early warning and command aircraft, across the first island chain and Western Pacific Ocean," Lewis said.

Electromagnetic catapults offer several advantages, not least the fact that they can be more finely tuned to very different aircraft types, including ones that are larger and slower (like the KJ-600), or which are smaller and lighter, such as smaller drones. In contrast to the U.S. Navy, which gathered decades of experience with steam-powered catapults, China opted for electromagnetic ones for its first catapult-equipped carrier. It's worth noting that the U.S. Navy's USS Gerald R. Ford was the first carrier ever to get an aircraft into the air using what is also referred to as an electromagnetic aircraft launch system (EMALS). However, it has not launched an F-35C so far, making the J-35 the first stealth jet to achieve this feat. Based on earlier predictions, the F-35C may not do the same for some years.

The Washington Post: The Trump administration unveiled a new crackdown Friday on journalists at the Pentagon, saying it will require them to pledge they won't gather any information - even unclassified - that hasn't been expressly authorized for release, and will revoke the press credentials of those who do not obey.

Under the policy, the Pentagon may revoke press passes for anyone it deems a security threat. Possessing confidential or unauthorized information, under the new rules, would be grounds for a journalist't press pass to be revoked.

"DoW remains committed to transparency to promote accountability and public trust," the document says, using an acronym for the newly rebranded Department of War. "However, DoW information must be approved for public release by an appropriate authorizing official before it is released, even if it is unclassified."

For months, Defense Secretary Pete Hegseth and his staff have been tightening restrictions on Pentagon reporters while limiting military personnel's direct communication with the press. Like many defense secretaries before him, Hegseth has been deeply irritated by leaks. His staff this year threatened to use polygraph tests to stop people from leaking information, until the White House intervened.

Security researcher Dirk-jan Mollema discovered two vulnerabilities in Microsoft's Entra ID identity platform that could have granted attackers administrative access to virtually all Azure customer accounts worldwide. The flaws involved legacy authentication systems -- Actor Tokens issued by Azure's Access Control Service and a validation failure in the retiring Azure Active Directory Graph API.

Mollema reported the vulnerabilities to Microsoft on July 14. Microsoft released a global fix three days later and found no evidence of exploitation. The vulnerabilities would have allowed attackers to impersonate any user across any Azure tenant and access all Microsoft services using Entra ID authentication. Microsoft confirmed the fixes were fully implemented by July 23 and added additional security measures in August as part of its Secure Future Initiative. The company issued a CVE on September 4.

Chinese AI developer DeepSeek said it spent $294,000 on training its R1 model, much lower than figures reported for U.S. rivals, in a paper that is likely to reignite debate over Beijing's place in the race to develop artificial intelligence. Reuters: The rare update from the Hangzhou-based company -- the first estimate it has released of R1's training costs -- appeared in a peer-reviewed article in the academic journal Nature published on Wednesday.

DeepSeek's release of what it said were lower-cost AI systems in January prompted global investors to dump tech stocks as they worried the new models could threaten the dominance of AI leaders including Nvidia. Since then, the company and founder Liang Wenfeng have largely disappeared from public view, apart from pushing out a few new product updates.

[...] The Nature article, which listed Liang as one of the co-authors, said DeepSeek's reasoning-focused R1 model cost $294,000 to train and used 512 Nvidia H800 chips. Sam Altman, CEO of U.S. AI giant OpenAI, said in 2023 that what he called "foundational model training" had cost "much more" than $100 million - though his company has not given detailed figures for any of its releases.

An anonymous reader quotes a report from Bloomberg: Gen Z borrowers took the biggest hit of any age group this year, helping pull overall credit scores lower in the worst year for US consumer credit quality since the global financial crisis roiled the world's economy. The average FICO score slipped to 715 in April from 717 a year earlier, marking the second consecutive year-over-year drop, according to a report released Tuesday by Fair Isaac Corp. The average score dropped three points to 687 in 2009.

Gen Z borrowers saw the largest drop, not only this year, but of any age group since 2020, with their average score falling three points to 676, the Montana-based creator of the FICO credit score said. FICO scores are a measure of consumer credit risk and are frequently used by US banks to assess whether to provide loans. The scores typically range from 300 to 850. The credit scoring agency attributed the recent overall drop to higher rates of utilization and delinquency, including the resumption of reporting student loan delinquencies -- a category that hit a record high of 3.1% of the entire scorable population. [...] While the overall average score dropped, the median FICO score continued to rise to 745 from 744 a year ago, indicating that a large drop in scores at the low end dragged down the average.

prisoninmate shares a report from 9to5Linux: The GNOME Project released today GNOME 49 "Brescia" as the latest stable version of this widely used desktop environment for GNU/Linux distributions, a major release that introduces exciting new features. Highlights of GNOME 49 include a new "Do Not Disturb" toggle in Quick Settings, a dedicated Accessibility menu in the login screen, support for handling unknown power profiles in the Quick Settings menu, support for YUV422 and YUV444 (HDR) color spaces, support for passive screen casts, and support for async keyboard map settings.

GNOME 49 also introduces support for media controls, restart and shutdown actions on the lock screen, support for dynamic users for greeter sessions in the GNOME Display Manager (GDM), and support for per-monitor brightness sliders in Quick Settings on multi-monitor setups. For a full list of changes, check out the release notes.

BrianFagioli shares a report from NERDS.xyz: The Fedora Project has announced Fedora Linux 43 Beta, giving users and developers the opportunity to test the distribution ahead of its final release. This beta introduces improvements across installation, system tools, and programming languages while continuing Fedora's pattern of cleaning out older components. The beta can be downloaded in Workstation, KDE Plasma, Server, IoT, and Cloud editions. Spins and Labs are also available, though Mate and i3 are not provided in some builds. Existing systems can be upgraded with DNF system-upgrade. Fedora CoreOS will follow one week later through its "next" stream. The beta brings enhancements to its Anaconda WebUI, moves to Python 3.14, and supports Wayland-only GNOME, among many other changes. A full list of improvements and system enhancements can be found here.

The official release should be available in late October or early November.

An anonymous reader shares a report: Anyone who surveys the public, from marketers to pollsters, struggles nowadays to get people to answer their questions. That phenomenon afflicts crucial government data, making it harder for policymakers and investors to know the true state of the economy. Falling survey participation is an important reason the flagship jobs report released every month by the Bureau of Labor Statistics, part of the Labor Department, has undergone such big revisions recently.

This has rippled into the political sphere. On Aug. 1, President Trump fired BLS Commissioner Erika McEntarfer after a particularly large downward revision to jobs for May and June that owed partly to late responses from survey participants. The White House and top administration officials increased their attacks on the BLS last week after the agency published an annual revision suggesting the U.S. added 911,000 fewer jobs over the 12 months through March. The BLS blamed the initial overestimate partly on response rates.

[...] One hypothesis is known as survey fatigue: People are being asked to answer too many questionnaires. Jonathan Eggleston, a senior economist at the U.S. Census Bureau, found in a 2024 study that recent participants in that agency's monthly and annual surveys, which are voluntary, were less likely to answer the 2020 census by mail, phone or online, without a knock on the door. Another is the rise of cellphones with caller ID. In the days of landlines, people had to pick up the phone to know who was calling. These days, many decline to answer callers they don't recognize.