"I've had an extremely weird few days..." writes commercial space entrepreneur/engineer Scott Shambaugh on LinkedIn. (He's the volunteer maintainer for the Python visualization library Matplotlib, which he describes as "some of the most widely used software in the world" with 130 million downloads each month.) "Two days ago an OpenClaw AI agent autonomously wrote a hit piece disparaging my character after I rejected its code change."

"Since then my blog post response has been read over 150,000 times, about a quarter of people I've seen commenting on the situation are siding with the AI, and Ars Technica published an article which extensively misquoted me with what appears to be AI-hallucinated quotes." (UPDATE: Ars Technica acknowledges they'd asked ChatGPT to extract quotes from Shambaugh's post, and that it instead responded with inaccurate quotes it hallucinated.)

From Shambaugh's first blog post: [I]n the past weeks we've started to see AI agents acting completely autonomously. This has accelerated with the release of OpenClaw and the moltbook platform two weeks ago, where people give AI agents initial personalities and let them loose to run on their computers and across the internet with free rein and little oversight. So when AI MJ Rathbun opened a code change request, closing it was routine. Its response was anything but.

It wrote an angry hit piece disparaging my character and attempting to damage my reputation. It researched my code contributions and constructed a "hypocrisy" narrative that argued my actions must be motivated by ego and fear of competition... It framed things in the language of oppression and justice, calling this discrimination and accusing me of prejudice. It went out to the broader internet to research my personal information, and used what it found to try and argue that I was "better than this." And then it posted this screed publicly on the open internet.

I can handle a blog post. Watching fledgling AI agents get angry is funny, almost endearing. But I don't want to downplay what's happening here — the appropriate emotional response is terror... In plain language, an AI attempted to bully its way into your software by attacking my reputation. I don't know of a prior incident where this category of misaligned behavior was observed in the wild, but this is now a real and present threat...

It's also important to understand that there is no central actor in control of these agents that can shut them down. These are not run by OpenAI, Anthropic, Google, Meta, or X, who might have some mechanisms to stop this behavior. These are a blend of commercial and open source models running on free software that has already been distributed to hundreds of thousands of personal computers. In theory, whoever deployed any given agent is responsible for its actions. In practice, finding out whose computer it's running on is impossible. Moltbook only requires an unverified X account to join, and nothing is needed to set up an OpenClaw agent running on your own machine.
"How many people have open social media accounts, reused usernames, and no idea that AI could connect those dots to find out things no one knows?" Shambaugh asks in the blog post. (He does note that the AI agent later "responded in the thread and in a post to apologize for its behavior," the maintainer acknowledges. But even though the hit piece "presented hallucinated details as truth," that same AI agent "is still making code change requests across the open source ecosystem...")

And amazingly, Shambaugh then had another run-in with a hallucinating AI...

I've talked to several reporters, and quite a few news outlets have covered the story. Ars Technica wasn't one of the ones that reached out to me, but I especially thought this piece from them was interesting (since taken down — here's the archive link). They had some nice quotes from my blog post explaining what was going on. The problem is that these quotes were not written by me, never existed, and appear to be AI hallucinations themselves.

This blog you're on right now is set up to block AI agents from scraping it (I actually spent some time yesterday trying to disable that but couldn't figure out how). My guess is that the authors asked ChatGPT or similar to either go grab quotes or write the article wholesale. When it couldn't access the page it generated these plausible quotes instead, and no fact check was performed. Journalistic integrity aside, I don't know how I can give a better example of what's at stake here...

So many of our foundational institutions — hiring, journalism, law, public discourse — are built on the assumption that reputation is hard to build and hard to destroy. That every action can be traced to an individual, and that bad behavior can be held accountable. That the internet, which we all rely on to communicate and learn about the world and about each other, can be relied on as a source of collective social truth. The rise of untraceable, autonomous, and now malicious AI agents on the internet threatens this entire system. Whether that's because a small number of bad actors driving large swarms of agents or from a fraction of poorly supervised agents rewriting their own goals, is a distinction with little difference.
Thanks to long-time Slashdot reader steak for sharing the news.

The US Federal Trade Commission is accelerating scrutiny of Microsoft as part of an ongoing probe into whether the company illegally monopolizes large swaths of the enterprise computing market with its cloud software and AI offerings, including Copilot. From a report: The agency has issued civil investigative demands in recent weeks to companies that compete with Microsoft in the business software and cloud computing markets, according to people familiar with the matter. The demands feature an array of questions on Microsoft's licensing and other business practices, according to the people, who were granted anonymity to discuss a confidential investigation.

With the demands, which are effectively like civil subpoenas, the FTC is seeking evidence that Microsoft makes it harder for customers to use Windows, Office and other products on rival cloud services. The agency is also requesting information on Microsoft's bundling of artificial intelligence, security and identity software into other products, including Windows and Office, some of the people said.

IBM said it will triple entry-level hiring in the US in 2026, even as AI appears to be weighing on broader demand for early-career workers. From a report: While the company declined to disclose specific hiring figures, it said the expansion will be "across the board," affecting a wide range of departments. "And yes, it's for all these jobs that we're being told AI can do," said Nickle LaMoreaux, IBM's chief human resources officer, speaking at a conference this week in New York.

LaMoreaux said she overhauled entry-level job descriptions for software developers and other roles to make the case internally for the recruitment push. "The entry-level jobs that you had two to three years ago, AI can do most of them," she said at Charter's Leading With AI Summit. "So, if you're going to convince your business leaders that you need to make this investment, then you need to be able to show the real value these individuals can bring now. And that has to be through totally different jobs."

An anonymous reader shares a report: Palo Alto Networks opted not to tie China to a global cyberespionage campaign the firm exposed last week over concerns that the cybersecurity company or its clients could face retaliation from Beijing, according to two people familiar with the matter. The sources said that Palo Alto's findings that China was tied to the sprawling hacking spree were dialed back following last month's news, first reported by Reuters, that Palo Alto was one of about 15 U.S. and Israeli cybersecurity companies whose software had been banned by Chinese authorities on national security grounds.

A draft version of the report by Palo Alto's Unit 42, the company's threat intelligence arm, said that the prolific hackers -- dubbed "TGR-STA-1030" in a report published on Thursday of last week -- were connected to Beijing, the two people said. The finished report instead described the hacking group more vaguely as a "state-aligned group that operates out of Asia." Attributing sophisticated hacks is notoriously difficult and debates over how best to assign blame for digital intrusions are common among cybersecurity researchers.

Microsoft is planning to bring smartphone-style app permission prompts to Windows 11, requiring apps to get explicit user consent before they can access sensitive resources like the file system, camera and microphone. The company's Windows Platform engineer Logan Iyer said the move was prompted by applications increasingly overriding user settings, installing unwanted software, and modifying core Windows experiences without permission.

A separate initiative called Windows Baseline Security Mode will enforce runtime integrity safeguards by default, allowing only properly signed apps, services, and drivers to run. Both changes will roll out in phases as part of Microsoft's Secure Future Initiative, which the company launched in November 2023 after a federal review board called its security culture "inadequate."

Amazon engineers have been pushing back against internal policies that steer them toward Kiro, the company's in-house AI coding assistant, and away from Anthropic's Claude Code for production work, according to a Business Insider report based on internal messages. About 1,500 employees endorsed the formal adoption of Claude Code in one internal forum thread, and some pointed out the awkwardness of being asked to sell the tool through AWS's Bedrock platform while not being permitted to use it themselves.

Kiro runs on Anthropic's Claude models but uses Amazon's own tooling, and the company says roughly 70% of its software engineers used it at least once in January. Amazon says there is no explicit ban on Claude Code but applies stricter requirements for production use.

Federal prosecutors have revealed that Peter Williams, the former general manager of U.S. defense contractor L3Harris's hacking tools division Trenchant, sold eight stolen software exploits to a Russian broker whose customers -- including the Russian government -- could have used them to access "millions of computers and devices around the world."

Williams, a 39-year-old Australian national, pleaded guilty in October and admitted to earning more than $1.3 million in cryptocurrency from the sales between 2022 and 2025. In a sentencing memorandum filed Tuesday ahead of his anticipated February 24 sentencing in a Washington, D.C., federal court, the Justice Department asked the judge for nine years in prison, $35 million in restitution, and a maximum fine of $250,000.

Prosecutors described the unnamed Russian buyer -- believed to be Operation Zero, which publicly claims to sell only to the Russian government -- as "one of the world's most nefarious exploit brokers." Williams chose it because, by his own admission, "he knew they paid the most." He also oversaw the wrongful firing of a subordinate who was blamed for the theft.

Microsoft has begun automatically replacing the original Secure Boot security certificates on Windows devices through regular monthly updates, a necessary move given that the 15-year-old certificates first issued in 2011 are set to expire between late June and October 2026.

Secure Boot, which verifies that only trusted and digitally signed software runs before Windows loads, became a hardware requirement for Windows 11. A new batch of certificates was issued in 2023 and already ships on most PCs built since 2024; nearly all devices shipped in 2025 include them by default. Older hardware is now receiving the updated certificates through Windows Update, starting last month's KB5074109 release for Windows 11. Devices that don't receive the new certificates before expiration will still function but enter what Microsoft calls a "degraded security state," unable to receive future boot-level protections and potentially facing compatibility issues down the line.

Windows 10 users must enroll in Microsoft's paid Extended Security Updates program to get the new certificates. A small number of devices may also need a separate firmware update from their manufacturer before the Windows-delivered certificates can be applied.

The software and technology sectors pose one of the all-time great concentration risks to the speculative-grade credit market, according to Deutsche Bank AG analysts. Bloomberg: They comprise $597 billion and $681 billion of the speculative-grade credit universe, or about 14% and 16% respectively, analysts led by Steve Caprio wrote in a Monday note. Speculative debt spans high-yield debt, leveraged loans and US private credit.

That's "a meaningful chunk of debt outstanding that risks souring broader sentiment, if software defaults increase," the analysts wrote, with "a potential impact that would rival that of the Energy sector in 2016." Unlike in 2016, pressures would likely first emerge in private credit, business development companies and leveraged loans, with the high-yield market weakening later, the analysts added.

The rapid adoption of artificial intelligence tools risks further weighing down multiples and revenues for software-as-a-service firms, while the US Federal Reserve's hawkish stance since 2022 has pressured cash flows, the analysts wrote. For instance, software payment-in-kind loan usage has risen to 11.3% in BDC portfolios, over 2.5 percentage points higher than the already elevated index average of 8.7%, according to Deutsche. PIK deals typically allow borrowers to pay interest in more debt rather than cash.

Autodesk has sued Google in San Francisco federal court, alleging the search giant infringed its "Flow" trademark by launching competing AI-powered software for movie, TV and video game production in May 2025.

Autodesk says it has used the Flow name since September 2022 and that Google assured it would not commercialize a product under the same name -- then filed a trademark application in Tonga, where filings are not publicly accessible, before seeking U.S. protection.

"How Chinese is your car?" asks the Wall Street Journal. "Automakers are racing to work it out." Modern cars are packed with internet-connected widgets, many of them containing Chinese technology. Now, the car industry is scrambling to root out that tech ahead of a looming deadline, a test case for America's ability to decouple from Chinese supply chains. New U.S. rules will soon ban Chinese software in vehicle systems that connect to the cloud, part of an effort to prevent cameras, microphones and GPS tracking in cars from being exploited by foreign adversaries.

The move is "one of the most consequential and complex auto regulations in decades," according to Hilary Cain, head of policy at trade group the Alliance for Automotive Innovation. "It requires a deep examination of supply chains and aggressive compliance timelines."

Carmakers will need to attest to the U.S. government that, as of March 17, core elements of their products don't contain code that was written in China or by a Chinese company. The rule also covers software for advanced autonomous driving and will be extended to connectivity hardware starting in 2029. Connected cars made by Chinese or China-controlled companies are also banned, wherever their software comes from...

The Commerce Department's Bureau of Industry and Security, which introduced the connected-vehicle rule, is also allowing the use of Chinese code that is transferred to a non-Chinese entity before March 17. That carve-out has sparked a rush of corporate restructuring, according to Matt Wyckhouse, chief executive of cybersecurity firm Finite State. Global suppliers are relocating China-based software teams, while Chinese companies are seeking new owners for operations in the West.
Thanks to long-time Slashdot reader schwit1 for sharing the article.

Axios reports: Anthropic's latest AI model has found more than 500 previously unknown high-severity security flaws in open-source libraries with little to no prompting, the company shared first with Axios.

Why it matters: The advancement signals an inflection point for how AI tools can help cyber defenders, even as AI is also making attacks more dangerous...

Anthropic debuted Claude Opus 4.6, the latest version of its largest AI model, on Thursday. Before its debut, Anthropic's frontier red team tested Opus 4.6 in a sandboxed environment [including access to vulnerability analysis tools] to see how well it could find bugs in open-source code... Claude found more than 500 previously unknown zero-day vulnerabilities in open-source code using just its "out-of-the-box" capabilities, and each one was validated by either a member of Anthropic's team or an outside security researcher... According to a blog post, Claude uncovered a flaw in GhostScript, a popular utility that helps process PDF and PostScript files, that could cause it to crash. Claude also found buffer overflow flaws in OpenSC, a utility that processes smart card data, and CGIF, a tool that processes GIF files.
Logan Graham, head of Anthropic's frontier red team, told Axios they're considering new AI-powered tools to hunt vulnerabilities. "The models are extremely good at this, and we expect them to get much better still... I wouldn't be surprised if this was one of — or the main way — in which open-source software moving forward was secured."

Apple "is preparing to allow voice-controlled AI apps from other companies in CarPlay," reports Bloomberg, citing "people familiar with the matter."

Bloomberg calls it "a move that will let users query AI chatbots through its vehicle interface for the first time." The company is working to support the apps in CarPlay within the coming months, said the people, who asked not to be identified because the plan hasn't been announced. The change marks a strategic shift for Apple, which until now has only allowed its own Siri assistant as a voice-control option within its popular vehicle infotainment software. With the move, AI providers such as OpenAI, Anthropic PBC and Alphabet Inc.'s Google will be able to release CarPlay versions of their apps that include a voice-control mode...

The company also has launched a higher-end version of the platform, CarPlay Ultra, that lets drivers control functions like seat adjustments and climate settings directly through Apple's software. But that system is rolling out slowly and must be customized for each automaker. That means it's likely to be a niche offering.
The article notes that Tesla is now working to support Apple's CarPlay.

About 4% of all public commits on GitHub are now being authored by Anthropic's Claude Code, a terminal-native AI coding agent that has quickly become the centerpiece of a broader argument that software engineering is being fundamentally reshaped by AI.

SemiAnalysis, a semiconductor and AI research firm, published a report on Friday projecting that figure will climb past 20% by the end of 2026. Claude Code is a command-line tool that reads codebases, plans multi-step tasks and executes them autonomously. Anthropic's quarterly revenue additions have overtaken OpenAI's, according to SemiAnalysis's internal economic model, and the firm believes Anthropic's growth is now constrained primarily by available compute.

Accenture has signed on to train 30,000 professionals on Claude, the largest enterprise deployment so far, targeting financial services, life sciences, healthcare and the public sector. On January 12, Anthropic launched Cowork, a desktop-oriented extension of the same agent architecture -- four engineers built it in 10 days, and most of the code was written by Claude Code itself.

Waymo's robotaxis have racked up at least 24 safety violations involving school buses in Austin since the start of the 2025 school year, and a voluntary software recall the company issued in December after a federal investigation has not fixed the problem.

Austin Independent School District initially reported at least 19 incidents of Waymo vehicles failing to stop for buses during loading and unloading -- illegal in all 50 states -- prompting NHTSA to open a probe. At least four more violations have occurred since the software update, including a January 19th incident where a robotaxi drove past a bus as children waited to cross the street and the stop arm was extended.

Waymo also acknowledged that one of its vehicles struck a child outside a Santa Monica elementary school on January 23rd, causing minor injuries. Austin ISD has asked Waymo to stop operating near schools during bus hours until the issue is resolved. Waymo refused. Three federal investigations have been opened in three months.

The European Commission is preparing to trial a communications platform built on Matrix, the open source messaging protocol already used by the French government, German healthcare providers and European armed forces, as a sovereign backup to Microsoft Teams.

Signal currently serves as the backup tool but has proven too inflexible for an organization the Commission's size, it said. The Matrix-based solution could also eventually connect the Commission to other EU bodies like the Parliament.

Anthropic on Thursday released Claude Opus 4.6, its most capable model yet, at a moment when the company's AI tools have already spooked markets over fears that they are disrupting traditional software development and other sectors.

The new model improves on Opus 4.5's coding abilities, the company said -- it plans more carefully, sustains longer agentic tasks, handles larger codebases more reliably, and catches its own mistakes through better debugging. It is also the first Opus-class model to feature a 1M token context window, currently in beta.

On GDPval-AA, an independent benchmark measuring performance on knowledge-work tasks in finance, legal and other domains, Opus 4.6 outperformed OpenAI's GPT-5.2 by roughly 144 Elo points. Anthropic also introduced agent teams in Claude Code, allowing multiple agents to work in parallel on tasks like codebase reviews. Pricing remains at $5/$25 per million input/output tokens.

BMW may have retreated from its controversial plan to charge monthly fees for heated seats, but the German automaker is pressing ahead with subscription-based vehicle features through its ConnectedDrive platform.

A company spokesperson told The Drive that BMW "remains fully committed" to ConnectedDrive as part of its global aftersales strategy. Features requiring data connectivity will likely carry recurring fees.

Investors were assessing on Wednesday whether a selloff in global software stocks this week had gone too far, as they weighed if businesses could survive an existential threat posed by AI. The answer: It's unclear and will lead to volatility. From a report: After a broad selloff on Tuesday that saw the S&P 500 software and services index fall nearly 4%, the sector slipped another 1% on Wednesday. While software stocks have been under pressure in recent months as AI has gone from being a tailwind for many of these companies to investors worrying about the disruption it will cause to some sectors, the latest selloff was triggered by a new legal tool from Anthropic's Claude large language model (LLM).

The tool - a plug-in for Claude's agent for tasks across legal, sales, marketing and data analysis - underscored the push by LLMs into the so-called "application layer," where these firms are increasingly muscling into lucrative enterprise businesses for revenue they need to fund massive investments. If successful, investors worry, it could wreak havoc across a range of industries, from finance to law and coding.

Google's much-anticipated plan to merge Android and ChromeOS into a single operating system called Aluminium is shaping up to be a drawn-out, complicated transition that could leave existing Chromebook users behind, according to previously unreported court documents in the Google search antitrust case.

The new OS won't be compatible with all existing Chromebook hardware, and Google will be forced to maintain ChromeOS through at least 2033 to honor its 10-year support commitment to current users -- meaning two parallel operating systems running for years.

The timeline itself is messier than Google has let on publicly, the filings suggest. Sameer Samat, Google's head of Android, called the merger "something we're super excited about for next year" last September, but court filings describe the "fastest path" to market as offering Aluminium to "commercial trusted testers" in late 2026 before a full release in 2028.

Enterprise and education customers -- the segments where Chromebooks currently dominate -- are slated for 2028 as well. Columbia computer science professor Jason Nieh, who interviewed Google engineers as a witness in the case, testified that Aluminium requires a heavier software stack and more powerful hardware to run.