Spain's leftwing government has introduced a bill requiring digital platforms and social media influencers with large followings to publish corrections to false or harmful information. The law intends to "[make] life more difficult for those who dedicate themselves to lies and spreading fake news every day," said justice minister Felix Bolanos. The Guardian reports: The draft law replaces legislation from 1984 and targets internet users who have more than 100,000 followers on a single platform or 200,000 across several, the justice ministry said in a statement. These outlets and the platforms that host them must have a mechanism to facilitate citizens' right to ask that false or inaccurate information that harms them be corrected publicly, the ministry said. The correction request will no longer have to be addressed to the outlet's director because confirming their identity is difficult for many "pseudo media," justice minister Felix Bolanos told a press conference.

Saturday night two men were arrested near Boston "following a hazardous drone operation near Logan Airport's airspace," according to a police statement. They credit an officer "leveraging advanced UAS monitoring technology" who "identified the drone's location, altitude, flight history, and the operators' position." Recognizing the serious risks posed by the drone's proximity to Logan's airspace, additional resources were mobilized. The Boston Police Department coordinated with Homeland Security, the Massachusetts State Police, the Joint Terrorism Task Force, the Federal Communications Commission (FCC), and Logan Airport Air Traffic Control to address the situation.
"Both suspects face charges of trespassing, with additional fines or charges potentially forthcoming."

Meanwhile on Friday night "Officials at Stewart International Airport, located roughly 60 miles north of New York City, said they shut down their runways for an hour," reports ABC News, after America's Federal Aviation Administration "alerted them that a drone was spotted in the area around 9:30 p.m." Though officials say flight operations weren't impacted during the closure, the article notes that New York's governor is now calling for federal assistance, including more federal law enforcement officers, saying "This has gone too far." [Governor Hochul] called on Congress to pass the Counter-UAS Authority Security, Safety, and Reauthorization Act, which would strengthen the FAA's oversight of drones and give more authority to state and local law enforcement agencies to investigate the activity.
The article explores the larger problem of Americans reporting drone sightings: Officials from a wide range of federal agencies spoke with reporters Saturday on a phone call and emphasized that the federal investigation into drone sightings in New Jersey is ongoing. One FBI official said that out of the nearly 5,000 tips they have received, less than 100 have generated credible leads for further investigation. A Department of Homeland Security official said that they are "confident that many of the reported drone sightings are, in fact, manned aircraft being misidentified as drones." The FBI official also talked about how investigators overlaid the locations of the reported drone sightings and found that "the density of reported sightings matches the approach pattern" of the New York area's busy airports including Newark-Liberty, JFK, and LaGuardia.

But, an FAA official says that there have "without a doubt" been drones flying over New Jersey, pointing to the fact that there are nearly a million drones registered in the U.S. "With nearly a million registered [unmanned aircraft systems] in the United States, there's no doubt many of them are owned and operated here within the state," the FAA official said... A Joint Chiefs of Staff official said that there have been visual sightings of drones reported by "highly trained security personnel" near Picatinny Arsenal and Naval Weapons Station Earle in New Jersey. The official said that they do not believe the sightings "were aligned with a foreign actor, or that they had malicious intent."

"We don't know what activity is. We don't know if it is criminal, but I will tell you that it is irresponsible," the official said. "Here on the military side, we are just as frustrated with the irresponsible nature of this activity."
Later ABC News reported that the FAA had imposed temporary drone flight restrictions in New Jersey over the Picatinny Arsenal military base. And they added that America's Homeland Security Secretary Alejandro Mayorkas "said the federal government is taking action to address the aerial drones that have prompted concern among New Jersey residents. "I want to assure the American public that we in the federal government have deployed additional resources, personnel, technology to assist the New Jersey State Police in addressing the drone sightings...." There have been numerous reports of drone activity along the East Coast since November. Mayorkas cited the 2023 change of a Federal Aviation Administration rule that allows drones to fly at night as to why there might be an uptick in sightings. "I want to assure the American public that we are on it," he said, before calling on Congress to expand local and state authority to help address the issue.

"It is critical, as we all have said for a number of years, that we need from Congress additional authorities to address the drone situation," Mayorkas said. "Our authorities currently are limited and they are set to expire. We need them extended and expanded... We want state and local authorities to also have the ability to counter growing activity under federal supervision," he added, echoing sentiments from local officials...

Addressing national security concerns the sightings have prompted, Mayorkas said the U.S. knows of no foreign involvement and that it remains "vigilant" in investigating the drone sightings. [ABC News anchor George] Stephanopoulos pressed Mayorkas about past security threats drones have caused, including the arrest of a Chinese national last week who allegedly flew a drone over an Air Force base in California. "When a drone is flown over restricted airspace, we act very, very swiftly," the homeland security secretary said. "In fact, when an individual in California flew a drone over restricted airspace, that individual was identified, apprehended and is being charged by federal authorities."

Launched in 2013, itch.io lets users host and sell indie video games online — now offering more than 200,000 — as well as other digital content like music and comics. But then someone uploaded a page based on a major videogame title, according to Game Rant. And somehow this provoked a series of overreactions and missteps that eventually knocked all of itch.io offline for several hours...

The page was about the first release from game developer 10:10 — their game Funko Fusion, which features characters in the style of Funko's long-running pop-culture bobbleheads. As a major brand, Funko monitors the web with a "brand protection" partner (named BrandShield). Interestingly, BrandShield's SaaS product "leverages AI-driven online brand protection," according to their site, to "detect and remove" things like brand impersonations "with over 98% success. Our advanced takedown capabilities save you time..." (Although BrandShield's CEO told the Verge that following AI reports "our team of Cybersecurity Threat hunters and IP lawyers decide on what actions should be taken.") This means that after automatically spotting the itch.io page with its web-crawling software, it was BrandShield's "team of Cybersecurity Threat hunters and IP lawyers" who decided to take action (for that specific page). But itch.io founder Leaf Corcoran commented on social media: From what I can tell, some person made a fan page for an existing Funko Pop video game (Funko Fusion), with links to the official site and screenshots of the game. The BrandShield software is probably instructed to eradicate all "unauthorized" use of their trademark, so they sent reports independently to our host and registrar claiming there was "fraud and phishing" going on, likely to cause escalation instead of doing the expected DMCA/cease-and-desist. Because of this, I honestly think they're the malicious actor in all of this.
Corcoran says he replied to both his registrar (iwantmyname) and to his site's host, telling them he'd removed the offending page (and disabled its uploader's account). This satisfied his host, Corcoran writes — but the registrar's owner later told him they'd never received his reply.

"And that's why they took the domain down."

In an interview with Polygon, Corcoran points out that the web page in question had already been dealt with five days before his registrar offlined his entire site. "No communication after that.... No 'We haven't heard from you, we're about to shut your domain down' or anything like that."

Defending themselves over the incident, BrandShield posted on X.com that they'd identified an "infringement" (also calling it an "abuse"), and that they'd requested "a takedown of the URL in question — not of the entire itch.io domain." They don't say this, but it seems like their concern might've been that the page looked official enough to impersonate Funko Fusion. But X.com readers added this context. "Entire domains do not go down on the basis of a copyright takedown request of an individual URL. This is the direct result of a fraudulent claim of malicious activity."

And Corcoran also posted an angry summation on X.com: I kid you not, @itchio has been taken down by @OriginalFunko because they use some trash "AI Powered" Brand Protection Software called @BrandShieldltd that created some bogus Phishing report to our registrar, @iwantmyname, who ignored our response and just disabled the domain.
The next day Funko's official account on X.com also issued their own statement that they "hold a deep respect and appreciation for indie games, indie gamers, and indie developers." (Though "Added Context" from X.com readers notes Funko's statement still claimed a "takedown request" was issued, rather than what Corcoran says was a false "fraud and phishing" report.)

Funko.com also posted that they'd "reached out" to itch.io "to engage with them on this issue." But this just led to another angry post from Corcoran. "This is not a joke, Funko just called my mom." Cocoran then posted what looks like a screenshot of a text message his mother sent him. Though she doesn't say which company was involved, his mother's text says she "Got a strange call from a company about accusatory statements on your social media account. Call me..."

Thanks to ewhac (Slashdot reader #5,844) for sharing the news.

"A man is accused of several felony charges after he allegedly posed as an Uber driver and then stole hundreds of thousands of dollars in cryptocurrency from customers in Scottsdale," reports Arizona news channel Fox 10.

"Prosecutors have called it an 'extremely sophisticated electronic fraud,'" reports Gizmodo, " and it's a strange approach to scamming that makes it sound unique in several ways." Nuruhussein Hussein, 40, allegedly picked up two unsuspecting people who were looking for Uber rides they'd ordered in Scottsdale — one in March and the other in October according to Fox 10 — by shouting their names on the street outside a hotel. It's not clear how Hussein may have known these people were looking for rides and court documents give no indication how he accomplished this or knew the victims would have crypto accounts, according to Fox 10, though a hotel does make sense as a target-rich environment for those looking to get picked up.

Once the victims were in the car, Hussein allegedly obtained the phones of the victims through some kind of pretense, including problems with his own phone and the need to look something up as well as a need to connect with the Uber app, according to NBC News. Hussein would then allegedly open up the victim's Coinbase account. "While manipulating the unsuspecting victim's phone the suspect transferred cryptocurrency from their digital wallet to his digital wallet," police reportedly explained in a statement.

Long-time Slashdot reader smooth wombat writes: Scientist have unlocked the secret to a bacteria dubbed 'Conan the Bacterium' which is listed in the Guinness Book of World Records as the most radiant-resistant life-form. Deinococcus radiodurans can withstand radiation doses 28,000 times greater than that which would kill a human [and every other organism]. In addition, this bacteria can survive on the outside of the International Space Station for three years. It can also withstand acid, cold, and dehydration (a D&D player's worst nightmare). All of this protection comes down to a unique antioxidant.

The antioxidant is formed by a simple group of small molecules called metabolites, including manganese, phosphate and a small peptide, or molecule, of amino acids.
CNN reports: The antioxidant is formed by a simple group of small molecules called metabolites, including manganese, phosphate and a small peptide, or molecule, of amino acids. Together, this powerful trilogy is more effective in protecting against radiation than manganese combined with just one of the other components, according to a new study published Monday in the Proceedings of the National Academy of Sciences.

The findings could be used to protect astronauts from high doses of cosmic radiation on future deep-space missions across our solar system, according to the study authors.

"We've long known that manganese ions and phosphate together make a strong antioxidant, but discovering and understanding the 'magic' potency provided by the addition of the third component is a breakthrough," said study coauthor Brian Hoffman, the Charles E. and Emma H. Morrison Professor of Chemistry and professor of molecular biosciences at Northwestern University's Weinberg College of Arts and Sciences, in a statement...

On Earth, the antioxidant could be used for protection against accidents that release radiation.

An anonymous reader quotes a report from Engadget: The United States Postal Service unveiled a plan to buy a fleet of all-electric mail trucks for its mail carriers back in 2022, of which 3,000 were supposed to be delivered by now. Unfortunately, those plans aren't even close to fruition. The Washington Post reported that defense contractor Oshkosh has only delivered 93 vehicles so far. [...]

The Washington Post obtained nearly 21,000 government and internal company records and spoke with 20 people familiar with the trucks' manufacturing and design process. Its reporting shows that Oshkosh ran into significant manufacturing delays of the electric NGDVs that caused lower than expected delivery numbers. Some of the anonymous sources said that engineers struggled to calibrate the mail trucks' airbags, and the vehicles' body and internal components are unable to contain water leaks to an alarming degree. The turnaround time for building these new mail trucks is also very slow. The Post reports that the South Carolina factory can only build one truck per day even though Oshkosh hoped it could build at least 80 vehicles a day by now.

Oshkosh also failed to inform the Postal Service about these delays. Four of the background sources say a senior company executive tried to update the Postal Service about these manufacturing issues only to have those efforts blocked by their corporate superiors. An Oshkosh spokesperson said in a statement that the defense contractor is still "fully committed to being a strong and reliable partner" with the Postal Services and insists "we remain on track to meet all delivery deadlines," according to The Post.

An anonymous reader writes: Russia's communications watchdog Roskomnadzor said on Friday it had blocked access to Rakuten-owned Viber messaging app, the latest in a line of social media services to be banned by Russian authorities. In a statement, Roskomnadzor said the block was related to a violation of rules concerning the prevention of terrorism, extremism, and drug dealing.

Microsoft, trying to mitigate the climate impact of its data center building boom, is starting to roll out a new design that uses zero water to cool the facilities' chips and servers. From a report: Launched in August, the new design will eliminate the more than 125 million liters of water each data center typically uses per year, the company said in a statement. The new system use a "closed loop" to recycle water; liquid is added during construction and continually circulated -- obviating the need for fresh supplies. Data centers will still require fresh water for worker facilities like bathrooms and kitchens.

Microsoft spent more than $50 billion on capital expenditures in the fiscal year ended June 30, the vast majority related to data center construction fueled by demand for artificial intelligence services. It plans to top that figure in the current year, requiring rapidly rising amounts of energy to run the networks and water to cool equipment. Many of latest facilities are going up in hot, dry areas like Arizona and Texas, making it even more critical to find ways to conserve water. Microsoft's existing data centers will continue to use a mix of older technologies, but new projects in Phoenix and Mount Pleasant, Wisconsin, will begin using the zero-water designs in 2026.

ChatGPT maker OpenAI released its AI-generated video tool called Sora for general use by its paying customers Monday. From a report: The company then said it would do wide testing with creatives and red-teaming with security experts before its release to the public. "We don't want the world to just be text," OpenAI CEO Sam Altman said in a live-streamed announcement Monday.

"[Video] is important to our culture," Altman added. The company said in a statement that the latest version of Sora, which will be offered as a standalone product to ChatGPT Plus and Pro customers, is "significantly faster" than the one it previewed. It lets you generate videos up to 20 seconds long.

"OpenAI is partnering with defense tech company Anduril," wrote the Verge this week, noting that OpenAI "used to describe its mission as saving the world." It was Anduril founder Palmer Luckey who advocated for a "warrior class" and autonomous weapons during a talk at Pepperdine University, saying society's need people "excited about enacting violence on others in pursuit of good aims." The Verge notes it's OpenAI's first partnership with a defense contractor "and a significant reversal of its earlier stance towards the military." OpenAI's terms of service once banned "military and warfare" use of its technology, but it softened its position on military use earlier this year, changing its terms of service in January to remove the proscription.
Hours after the announcement, some OpenAI employees "raised ethical concerns about the prospect of AI technology they helped develop being put to military use," reports the Washington Post. "On an internal company discussion forum, employees pushed back on the deal and asked for more transparency from leaders, messages viewed by The Washington Post show." OpenAI has said its work with Anduril will be limited to using AI to enhance systems the defense company sells the Pentagon to defend U.S. soldiers from drone attacks. Employees at the AI developer asked in internal messages how OpenAI could ensure Anduril systems aided by its technology wouldn't also be directed against human-piloted aircraft, or stop the U.S. military from deploying them in other ways. One OpenAI worker said the company appeared to be trying to downplay the clear implications of doing business with a weapons manufacturer, the messages showed. Another said that they were concerned the deal would hurt OpenAI's reputation, according to the messages...

OpenAI executives quickly acknowledged the concerns, messages seen by The Post show, while also writing that the company's work with Anduril is limited to defensive systems intended to save American lives. Other OpenAI employees in the forum said that they supported the deal and were thankful the company supported internal discussion on the topic. "We are proud to help keep safe the people who risk their lives to keep our families and our country safe," OpenAI CEO Sam Altman said in a statement...

[OpenAI] has invested heavily in safety testing, and said that the Anduril project was vetted by its policy team. OpenAI has held feedback sessions with employees on its national security work in the past few months, and plans to hold more, Liz Bourgeois, an OpenAI spokesperson said. In the internal discussions seen by The Post, the executives stated that it was important for OpenAI to provide the best technology available to militaries run by democratically-elected governments, and that authoritarian governments would not hold back from using AI for military uses. Some workers countered that the United States has sold weapons to authoritarian allies. By taking on military projects, OpenAI could help the U.S. government understand AI technology better and prepare to defend against its use by potential adversaries, executives also said.
"The debate inside OpenAI comes after the ChatGPT maker and other leading AI developers including Anthropic and Meta changed their policies to allow military use of their technology," the article points out. And it also notes another concern raised in OpenAI's internal discussion forum.

The comment said "that defensive use cases still represented militarization of AI, and noted that the fictional AI system Skynet, which turns on humanity in the Terminator movies, was also originally designed to defend against aerial attacks on North America.

"The U.S. government on Friday ordered testing of the nation's milk supply for bird flu," reports the Associated Press, "to better monitor the spread of the virus in dairy cows." Raw or unpasteurized milk from dairy farms and processors nationwide must be tested on request starting Dec. 16, the Agriculture Department said. Testing will begin in six states — California, Colorado, Michigan, Mississippi, Oregon and Pennsylvania.

Officials said the move is aimed at "containing and ultimately eliminating the virus," known as Type A H5N1, which was detected for the first time in March in U.S. dairy cows. Since then, more than 700 herds have been confirmed to be infected in 15 states. "This will give farms and farmworkers better confidence in the safety of their animals and ability to protect themselves, and it will put us on a path to quickly controlling and stopping the virus' spread nationwide," Agriculture Secretary Tom Vilsack said in a statement.

The risk to people from bird flu remains low, health officials said. Pasteurization, or heat treatment, kills the virus in milk, leaving it safe to drink... At least 58 people in the U.S. have been infected with bird flu, mostly farm workers who became mildly ill after close contact with infected cows, including their milk, or infected poultry.

Nuclear rods are traditionally clad in metal. But a U.S. energy company wants to develop a better, safer alternative that instead uses silicon carbide composites. Working with America's Energy Department, General Atomics Electromagnetic Systems just completed a 120-day irradiation testing period simulating the intense radiation and extreme temperatures (3,452F) of a pressurized water reactor in a real-world nuclear power plant.

And the tests "showed no significant mass change, indicating promising performance," the company said in a statement. "This indicates that the SiGA cladding is exceptionally resistant to the damaging effects of radiation." Long-time Slashdot reader fahrbot-bot shared this report from the Interesting Engineering blog: "This success is a key milestone on SiGA cladding's development path to enhance the safety of the existing U.S. fleet of light water reactors," added Scott Forney, president of GA-EMS. "It could also do the same for the future generation of advanced nuclear power systems." This advanced material offers significant advantages over traditional metal cladding. It can withstand temperatures up to 1900 degreesC (3452 degreesF), far exceeding the limits of current materials. This enhanced heat resistance is crucial for improving safety margins in nuclear reactors. Moreover, the company claims that in case of any accident, SiGA cladding is designed to maintain its integrity at temperatures where traditional cladding might fail. This could prevent the release of radioactive materials and significantly improve overall reactor safety.

Furthermore, SiGA cladding offers performance benefits. It enables higher power operation and longer fuel lifetimes. This translates to increased efficiency and reduced costs for nuclear power plants...

The design, safety, and installation of new nuclear reactors have been a prime subject for research. Recently, France-based Newcleo applied to the United Kingdom's Department of Energy Security and Net Zero (DESNZ) to enter its lead-cooled small modular reactor for generating fission energy in the generic design assessment phase. Newcleo's SMR can operate at atmospheric pressure, and the company also states that no significant energy release occurs in cases of vessel failure. This also eliminates the need for high-pressure-resistant containment.
The article notes that General Atomics's collaboration with the U.S. Energy Department is "part of the Accident Tolerant Fuel Program, a national effort to improve the safety and performance of nuclear reactors."

"TikTok has lost its bid to strike down a law that could result in the platform being banned in the United States," reports CNN.

A U.S. federal appeals court just unanimously ruled in favor of the new U.S. law requiring TikTok's China-based owners to either sell the app next month or face an effective ban in the United States. Denying TikTok's argument that the law was unconstitutional, the judges found that the law does not "contravene the First Amendment to the Constitution of the United States," nor does it "violate the Fifth Amendment guarantee of equal protection of the laws"... After the [January 25] deadline, U.S. app stores and internet services could face hefty fines for hosting TikTok if it is not sold. (Under the legislation, President Biden may issue a one-time extension of the deadline.)

In a statement, TikTok indicated it would appeal the decision. "The Supreme Court has an established historical record of protecting Americans' right to free speech, and we expect they will do just that on this important constitutional issue," said company spokesperson Michael Hughes. "Unfortunately, the TikTok ban was conceived and pushed through based upon inaccurate, flawed and hypothetical information, resulting in outright censorship of the American people. The TikTok ban, unless stopped, will silence the voices of over 170 million Americans here in the US and around the world on January 19th, 2025"....

"People in the United States would remain free to read and share as much PRC propaganda (or any other content) as they desire on TikTok or any other platform of their choosing," the judges said. "What the Act targets is the PRC's ability to manipulate the content covertly. Understood in that way, the Government's justification is wholly consonant with the First Amendment."
The judges also wrote that "in part precisely because of the platform's expansive reach, Congress and multiple Presidents determined that divesting it from the PRC's control is essential to protect our national security... Congress judged it necessary to assume that risk given the grave national-security threats it perceived."

CNN notes that ByteDance "has previously indicated it will not sell TikTok."

"Okay, we're doing this," begins a new announcement at The Verge: Today we're launching a Verge subscription that lets you get rid of a bunch of ads, gets you unlimited access to our top-notch reporting and analysis across the site and our killer premium newsletters, and generally lets you support independent tech journalism in a world of sponsored influencer content. It'll cost $7 / month or $50 / year — and for a limited time, if you sign up for the annual plan, we'll send you an absolutely stunning print edition of our CONTENT GOBLINS series, with very fun new photography and design... A surprising number of you have asked us to launch something like this, and we're happy to deliver. If you don't want to pay, rest assured that big chunks of The Verge will remain free — we're thinking about subscriptions a lot differently than everyone else...

If you're a Verge reader, you know we've been covering massive, fundamental changes to how the internet works for years now. Most major social media platforms are openly hostile to links, huge changes to search have led to the death of small websites, and everything is covered in a layer of AI slop and weird scams. The algorithmic media ecosystem is now openly hostile to the kind of rigorous, independent journalism we want to do.

A few years ago, we decided the only real way to survive all this was to stand apart and bet on our own website so that we could remain independent of these platforms and their algorithms. We didn't want to write stories to chase Google Search trends or because we thought they'd do well on social media. And we definitely didn't want to compromise our famously strict ethics policy to accept brand endorsement deals from the companies we cover, which almost all of our competitors in the creator economy are forced to do in order to run sustainable businesses...

[W]e intend to keep making this thing together for a long, long time. So many of you like The Verge that we've actually gotten a shocking number of notes from people asking how they can pay to support our work. It's no secret that lots of great websites and publications have gone under over the past few years as the open web falls apart, and it's clear that directly supporting the creators you love is a big part of how everyone gets to stay working on the modern internet. At the same time, we didn't want to simply paywall the entire site — it's a tragedy that traditional journalism is retreating behind paywalls while nonsense spreads across platforms for free.
The print premium for subscribers is described as a "beautiful / deranged print product" that's drawn from a series of articles "about what Google had done to the web, capped off by a feature about search engine optimization titled 'The People Who Ruined the Internet.'" But it ships with a satirical cover that instead proclaims it as "The Verge Guide to Search Engine Optimization". A tongue-in-check announcement explains: [A] year has passed, and we've had a change of heart. Maybe search engine optimization is actually a good thing. Maybe appeasing the search algorithm is not only a sustainable strategy for building a loyal audience, but also a strategic way to plan and produce content. What are journalists, if not content creators? Anyway, SEO community, consider this our apology. And what better way to say "our bad, your industry is not a cesspool of AI slop but a brilliant vision of what a useful internet could look like" than collecting all the things we've learned in one handy print magazine? Which is why I'm proud to introduce The Verge Guide to Search Engine Optimization: All the Tips, Tricks, Hints, Schemes, and Techniques for Promoting High-Quality Content!
Whoops — slip off the cover and the real title appears: "CONTENT GOBLINS" (written in green slime). Again, it's "an anthology of stories about 'content' and the people who 'make' it." In very Verge fashion, we are meeting the moment where the internet has been overrun by AI garbage by publishing a beautifully designed, limited edition print product. (Also, the last time we printed a magazine, it won a very prestigious design award.) Content Goblins collects some of our best stories over the past couple years, capturing the cynical push for the world's great art and journalism to be reduced into units that can be packaged, distributed, and consumed on the internet. Consider Content Goblins as our resistance to that movement. With terrific new art and photography, we're making the case that great reporting is vital and enduring — and worth paying for.

This gorgeous, grotesque magazine can be yours if you commit to an annual subscription to The Verge — while supplies last.

The Solana JavaScript SDK "was temporarily compromised yesterday in a supply chain attack," reports BleepingComputer, "with the library backdoored with malicious code to steal cryptocurrency private keys and drain wallets." Solana offers an SDK called "@solana/web3.js" used by decentralized applications (dApps) to connect and interact with the Solana blockchain. Supply chain security firm Socket reports that Solana's Web3.js library was hijacked to push out two malicious versions to steal private and secret cryptography keys to secure wallets and sign transactions... Solana confirmed the breach, stating that one of their publish-access accounts was compromised, allowing the attackers to publish two malicious versions of the library... Solana is warning developers who suspect they were compromised to immediately upgrade to the latest v1.95.8 release and to rotate any keys, including multisigs, program authorities, and server keypairs...

Once the threat actors gain access to these keys, they can load them into their own wallets and remotely drain all stored cryptocurrency and NFTs... Socket says the attack has been traced to the FnvLGtucz4E1ppJHRTev6Qv4X7g8Pw6WPStHCcbAKbfx Solana address, which currently contains 674.86 Solana and varying amounts of the Irish Pepe , Star Atlas, Jupiter, USD Coin, Santa Hat, Pepe on Fire, Bonk, catwifhat, and Genopets Ki tokens. Solscan shows that the estimated value of the stolen cryptocurrency is $184,000 at the time of this writing.

For anyone whose wallets were compromised in this supply chain attack, you should immediately transfer any remaining funds to a new wallet and discontinue the use of the old one as the private keys are now compromised.
Ars Technica adds that "In social media posts, one person claimed to have lost $20,000 in the hack."

The compromised library "receives more than ~350,000 weekly downloads on npm," Socket posted. (Although Solana's statement says the compromised versions "were caught within hours and have since been unpublished."

An anonymous reader shared this report from Reuters: Elon Musk's artificial intelligence startup xAI plans to expand its Memphis, Tennessee, supercomputer to house at least one million graphics processing units (GPUs), the Greater Memphis Chamber said on Wednesday, as xAI races to compete against rivals like OpenAI.

The move represents a massive expansion for the supercomputer called Colossus, which currently has 100,000 GPUs to train xAI's chatbot called Grok. As part of the expansion, Nvidia, which supplies the GPUs, and Dell and Super Micro, which have assembled the server racks for the computer, will establish operations in Memphis, the chamber said in a statement.
The Greater Memphis chamber (an economic development organization) called it "the largest capital investment in the region's history," even saying that xAI "is setting the stage for Memphis to become the global epicenter of artificial intelligence." ("To facilitate this massive undertaking, the Greater Memphis Chamber established an xAI Special Operations Team... This team provides round-the-clock concierge service to the company.")

Reuters calls the supercomputer "a critical component of advancing Musk's AI efforts, as the billionaire has deepened his rivalry against OpenAI..." And the Greater Memphis chamber describes the expansion by Nvidia/Dell/Super Micro as "further solidifying the city's position as the 'Digital Delta'... Memphis has provided the power and velocity necessary for not just xAI to grow and thrive, but making way for other companies as well."

"$15.8 million every 60 seconds. That's how much US consumers spent in two hours on Monday night," reports CNN, "capping off a five-day spending spree that smashed previous records." U.S. consumers spent a total of $13.3 billion on Cyber Monday, up 7.3% from the previous year, according to Adobe Analytics... Consumers spent a record $41.1 billion across the five days beginning Thanksgiving Day, according to Adobe. "While Cyber Monday remained the season's and year's biggest online shopping day, year-over-year growth was stronger on both Thanksgiving and Black Friday," Vivek Pandya, lead analyst at Adobe Digital Insights, said in a statement... The company's data projects that holiday spending from November 1 to December 31 will surpass $240 billion, up 8.4% from the previous year.

The record sales on Cyber Monday were boosted by US consumers shopping on their mobile devices, which accounted for $7.6 billion in spending. This year, 57% of online sales came through a mobile device, compared to 33% in 2019, as shopping on mobile phones has surged in popularity... Buy now, pay later" programs also contributed nearly $1 billion in spending on Cyber Monday, a record high. About 75% of these types of transactions occurred through a mobile device.

Cyber Monday shopping wasn't just confined to the US, either. Global sales reached $49.7 billion, up 3% from the previous year, according to data from Salesforce.
The top-selling items included consumer electronics like the PlayStation 5, Xbox Series X and Nintendo Switch OLED, the article points out (adding that "About 78% of all consumer smartphones and 87% of consoles were imported from China in 2023, according to a report from the Consumer Technology Association.")

More interesting statistics from CNN:

• "Discounts on apparel peaked at just over 23% off, while TVs and computers peaked at almost 22% off, according to Adobe. And the discounts might last: Adobe projects discounts of up to 18% off computers through the end of the year... "

• "For US retail sites, the share of revenue from affiliates and partners like social media influencers was 20.3% on Cyber Monday, up almost 7% from the previous year. "

• "Additionally, companies employed AI chatbots to assist consumers, like Amazon's Rufus. Traffic to retail sites from chatbots increased by nearly 2,000% on Cyber Monday, according to Adobe."

Have you been to Enron.com lately?

"It's the comeback story no one asked for," reports CNN, "the resurrection of a brand so toxic it remains synonymous with corporate fraud more than two decades after it collapsed in bankruptcy.

"That's right, folks: Enron is back. But only kind of." TL;DR: A company that makes T-shirts bought the Enron trademark and appears to be trying to sell some merch on behalf of the guy behind the satirical conspiracy theory "Birds Aren't Real...."

On Monday, the 23rd anniversary of Enron's filing for bankruptcy, rumors began to spread that the former Texas energy giant had come back from the dead. A sleek new website, enron.com, appeared to show that the company had done some serious soul-searching and, inexplicably, reincorporated under its original brand. As a modern energy company, it would be dedicated to "solving the global energy crisis," its press statement reads. The site is packed with the kind of stock art and benign corporate platitudes that lend it credibility. There's a link to job openings, employee testimonials and even a minute-long video titled "I am Enron," a movie-trailer-style mashup of cityscape time lapses, rockets launching into space, a ballerina twirling on a beach — a mess of imagery and baritone voiceover so trite it's almost believable.

But the site and its associated social media accounts are, like Enron's balance sheets, mostly fiction. Unlike the Enron scandal, however, this one appears to be little more than performance art designed to sell branded hoodies. Publicly available documents show that an Akansas-based LLC called The College Company bought the Enron trademark for $275 in 2020... You can tab over to the site's "Company Store" page to browse a selection of Enron-branded hoodies ($118 before tax and shipping), puffer vests ($89), tees ($40) baseball hats ($40), beanies ($30) and water bottles emblazoned with the slogan "you've got great energy."
Somewhere on the site CNN spotted a list of "key pillars" which included a commitment to "permissionless innovation," which CNN took to be "a nod that prompted some speculation online that the new 'Enron' would launch some kind of digital token." That phrase has apparently been changed now to "continuous innovation." An Enron-branded X account posted and later deleted a message teasing at a crypto offering, saying "we do not have any token or coin (yet). Stay tuned, we are excited to show you more soon."
But sharp-eyed X.com users also found the key context to add: that the Terms of Use at Enron.com declare the site's information "is First Amendment-protected parody, represents performance art, and is for entertainment purposes only."

Still, the site includes this testimonial from someone it says is a current employee. "Like many of my peers in the Enron family, I was skeptical at first.

"Now, not only do I have complete confidence in the integrity of the company, I also genuinely believe that we are leading the way for a new chapter of American business."

59-year-old Alex Mashinsky, the founder/former CEO of cryptocurrency lender Celsius Network, "pleaded guilty on Tuesday to two counts of fraud," reports Reuters.

He'd been indicted in July on seven counts of fraud, conspiracy and market manipulation charges, according to the article, and federal prosecutors in Manhattan "said he misled customers of Celsius to persuade them to invest, and artificially inflated the value of his company's proprietary crypto token." On Tuesday, during a hearing before U.S. District Judge John Koeltl, Mashinsky said he pleaded guilty to two out of the seven counts he was initially charged with: commodities fraud, and a fraudulent scheme to manipulate the price of CEL, Celsius' in-house token. In court, Mashinsky admitted to giving Celsius customers "false comfort" by giving an interview in 2021 in which he said Celsius had received approval from regulators for its "Earn" program, which it had not. That program offered to deploy customers' cryptocurrency assets to yield investment returns. He said he also failed to disclose that he had been selling his holdings of CEL, the platform's in-house token.

"I know what I did was wrong, and I want to try to do whatever I can to make it right," Mashinsky said. As part of his plea deal with prosecutors, Mashinsky agreed not to appeal any sentence of 30 years or less — the maximum he faces for the two counts. Koeltl is set to sentence him on April 8, 2025.

Federal prosecutors in Manhattan have said Mashinsky also personally reaped approximately $42 million in proceeds from selling his holdings of the Cel token. "Mashinsky made tens of millions of dollars selling his own CEL at artificially high prices, while his customers were left holding the bag when the company went bankrupt," Damian Williams, the U.S. Attorney in Manhattan, said in a statement on Tuesday... Founded in 2017, Celsius filed for Chapter 11 bankruptcy protection in July 2022 after customers rushed to withdraw deposits as crypto prices fell. Many were initially unable to access their funds... Celsius' former chief revenue officer, Roni Cohen-Pavon, pleaded guilty in September 2023 and agreed to cooperate with prosecutors' investigation.
"The company exited bankruptcy on Jan. 31, and has pivoted to Bitcoin mining..."

RTFKT, the NFT project most known for its attempt at making "digital shoes" a thing, is shutting down, according to a statement on Monday. From a report: The project, acquired by athletic wear juggernaut Nike in 2021 for an undisclosed sum, plans to fully unwind by the end of January, though its Ethereum-based tokens will remain accessible.

Launched in 2020 amid the beginnings of the mania around NFTs and the metaverse, RTFKT quickly garnered a reputation as a fast-moving startup. It spun up "drops" with brands, including Nike, and collaborated with the likes of sneaker designer Jeff Staple and Japanese artist Takashi Murakami.