"We have removed all malicious artifacts from the affected registries and channels," Trivy maintainer Itay Shakury posted today, noting that all the latest Trivy releases "now point to a safe version." But "On March 19, we observed that a threat actor used a compromised credential..."

And today The Hacker News reported the same attackers are now "suspected to be conducting follow-on attacks that have led to the compromise of a large number of npm packages..." (The attackers apparently leveraged a postinstall hook "to execute a loader, which then drops a Python backdoor that's responsible for contacting the ICP canister dead drop to retrieve a URL pointing to the next-stage payload.") The development marks the first publicly documented abuse of an ICP canister for the explicit purpose of fetching the command-and-control (C2) server, Aikido Security researcher Charlie Eriksen said... Persistence is established by means of a systemd user service, which is configured to automatically start the Python backdoor after a 5-second delay if it gets terminated for some reason by using the "Restart=always" directive. The systemd service masquerades as PostgreSQL tooling ("pgmon") in an attempt to fly under the radar...

In tandem, the packages come with a "deploy.js" file that the attacker runs manually to spread the malicious payload to every package a stolen npm token provides access to in a programmatic fashion. The worm, assessed to be vibe-coded using an AI tool, makes no attempt to conceal its functionality. "This isn't triggered by npm install," Aikido said. "It's a standalone tool the attacker runs with stolen tokens to maximize blast radius."

To make matters worse, a subsequent iteration of CanisterWorm detected in "@teale.io/eslint-config" versions 1.8.11 and 1.8.12 has been found to self-propagate on its own without the need for manual intervention... [Aikido Security researcher Charlie Eriksen said] "Every developer or CI pipeline that installs this package and has an npm token accessible becomes an unwitting propagation vector. Their packages get infected, their downstream users install those, and if any of them have tokens, the cycle repeats."
So far affected packages include 28 in the @EmilGroup scope and 16 packages in the @opengov scope, according to the article, blaming the attack on "a cloud-focused cybercriminal operation known as TeamPCP."

Ars Technica explains that Trivy had "inadvertently hardcoded authentication secrets in pipelines for developing and deploying software updates," leading to a situation where attacks "compromised virtually all versions" of the widely used Trivy vulnerability scanner: Trivy maintainer Itay Shakury confirmed the compromise on Friday, following rumors and a thread, since deleted by the attackers, discussing the incident. The attack began in the early hours of Thursday. When it was done, the threat actor had used stolen credentials to force-push all but one of the trivy-action tags and seven setup-trivy tags to use malicious dependencies... "If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately," Shakury wrote.

Security firms Socket and Wiz said that the malware, triggered in 75 compromised trivy-action tags, causes custom malware to thoroughly scour development pipelines, including developer machines, for GitHub tokens, cloud credentials, SSH keys, Kubernetes tokens, and whatever other secrets may live there. Once found, the malware encrypts the data and sends it to an attacker-controlled server. The end result, Socket said, is that any CI/CD pipeline using software that references compromised version tags executes code as soon as the Trivy scan is run... "In our initial analysis the malicious code exfiltrates secrets with a primary and backup mechanism. If it detects it is on a developer machine it additionally writes a base64 encoded python dropper for persistence...."

Although the mass compromise began Thursday, it stems from a separate compromise last month of the Aqua Trivy VS Code extension for the Trivy scanner, Shakury said. In the incident, the attackers compromised a credential with write access to the Trivy GitHub account. Shakury said maintainers rotated tokens and other secrets in response, but the process wasn't fully "atomic," meaning it didn't thoroughly remove credential artifacts such as API keys, certificates, and passwords to ensure they couldn't be used maliciously.

"This [failure] allowed the threat actor to perform authenticated operations, including force-updating tags, without needing to exploit GitHub itself," Socket researchers wrote.
Pushing to a branch or creating a new release would've appeared in the commit history and trigger notifications, Socket pointed out, so "Instead, the attacker force-pushed 75 existing version tags to point to new malicious commits." (Trivy's maintainer says "we've also enabled immutable releases since the last breach.")

Ars Technica notes Trivy's vulnerability scanner has 33,200 stars on GitHub, so "the potential fallout could be severe."

For the second time in the past month, an AI agent went rogue at Meta -- this time giving an engineer incorrect advice that briefly exposed sensitive data. The Verge reports: A Meta engineer was using an internal AI agent, which Clayton described as "similar in nature to OpenClaw within a secure development environment," to analyze a technical question another employee posted on an internal company forum. But the agent also independently publicly replied to the question after analyzing it, without getting approval first. The reply was only meant to be shown to the employee who requested it, not posted publicly. An employee then acted on the AI's advice, which "provided inaccurate information" that led to a "SEV1" level security incident, the second-highest severity rating Meta uses. The incident temporarily allowed employees to access sensitive data they were not authorized to view, but the issue has since been resolved.

According to Clayton, the AI agent involved didn't take any technical action itself, beyond posting inaccurate technical advice, something a human could have also done. A human, however, might have done further testing and made a more complete judgment call before sharing the information -- and it's not clear whether the employee who originally prompted the answer planned to post it publicly. "The employee interacting with the system was fully aware that they were communicating with an automated bot. This was indicated by a disclaimer noted in the footer and by the employee's own reply on that thread," Clayton commented to The Verge. "The agent took no action aside from providing a response to a question. Had the engineer that acted on that known better, or did other checks, this would have been avoided."

Asian governments are implementing emergency measures like four-day workweeks and work-from-home mandates to cope with a fuel shortage triggered by the Iran conflict and the closure of the Strait of Hormuz. "Asia is particularly dependent on oil exports from the Middle East; Japan and South Korea respectively source 90% and 70% of their oil from the region," notes Fortune. From the report: On March 10, Thailand ordered civil servants to take the stairs rather than the elevator, and to work-from-home for the duration of the crisis. It increased the air-conditioning temperature to 27 degrees Celsius, and will tell government employees to wear short-sleeved shirts over suits. (Thailand has about 95 days of energy reserves left, according to Reuters).

Vietnam also called on businesses to let people work-from-home to "reduce the need for travel and transportation." The Philippines is pushing for a four-day work week, and has ordered officials to limit travel "to essential functions only."

South Asia is getting hit hard too. Bangladesh brought forward the Eid-al-fitr holiday, allowing universities to close early in a bid to save fuel. Pakistan also instituted a four-day week for government offices and closed schools. India suspended shipments of liquefied petroleum gas to commercial operators to prioritize supplies for households, leading to worries from hotels and restaurants that they may be forced to close without fuel supplies. Countries across the region are also considering price caps, subsidies, and tapping strategic oil reserves. On Wednesday, the International Energy Agency "unanimously" agreed to release 400 million barrels of oil and refined products from its reserves.

The Associated Press offers a look at the energy supplies that countries hold and when they tap them.

Over the weekend, Windows Latest noticed that Microsoft's official Copilot Discord server began automatically blocking the term "Microslop." As shown in a screenshot, any message containing the word is automatically prevented from posting, and users receive a moderation notice explaining that the message includes language deemed inappropriate under the server's rules. From the report: Windows Latest found that sending a message with the word "Microslop" inside the official Copilot Discord server immediately triggers an automated moderation response. The message does not appear publicly in the channel, and instead, only the sender sees the notice stating that the content is blocked by the server because it contains a phrase deemed inappropriate.

Of course, the internet rarely leaves things there. Shortly after Windows Latest posted about Copilot Discord server blocking Microslop on X, users began experimenting in the server with variations such as "Microsl0p" using a zero instead of the letter "o." Predictably, those versions slipped past the filter. Keyword moderation has always been something of a cat-and-mouse game, and this isn't any different.

What started as a simple keyword filter quickly snowballed into users deliberately testing the restriction and posting variations of the blocked term. Accounts that included "Microslop" in their messages first got banned from messaging again. Not long after, access to parts of the server was restricted, with message history hidden and posting permissions disabled for many users.

An anonymous reader quotes a report from the Washington Post: The Plain Dealer, Cleveland's largest newspaper, has begun to feature a new byline. On recent articles about an ice carving festival, a medical research discovery and a roaming pack of chicken-slaying dogs, a reporter's name is paired with the words "Advance Local Express Desk." It means: This article was drafted by artificial intelligence. "This article was produced with assistance from AI tools and reviewed by Cleveland.com staff," reads a note at the bottom of each robot-penned piece, differentiating it from those still written primarily by journalists. The disclosure has done little to stem the backlash that caromed across the news industry after the paper's editor, Chris Quinn, published a Feb. 14 column lamenting that a fresh-out-of-college job applicant withdrew from a reporting fellowship when they found out the position included no writing -- just filing notes to an AI writing tool.

"Artificial intelligence is not bad for newsrooms. It's the future of them," Quinn wrote, adding that "by removing writing from reporters' workloads, we've effectively freed up an extra workday for them each week." [...] Quinn, for his part, says his paper's use of AI to find, draft and edit stories is a success story that others must emulate if they want to survive. "It's a tool," he said in a phone interview last week. "If AI can do part of our job, then why not let it -- and have people do the part it can't do?" He added that the paper's embrace of technology -- including using AI to write stories summarizing its reporters' podcasts and its readers' letters to the editor -- is already boosting its bottom line, helping it retain staff at a time when other newspapers are shrinking or even shutting down. Just 130 miles east of Cleveland, the 240-year-old Pittsburgh Post-Gazette said in January that it will close its doors this spring.

Quinn, who has led the Plain Dealer's newsroom since 2013, said its newsroom has shrunk from some 400 employees in the late 1990s to just 71 today. Over the past three years, Quinn has implemented a suite of AI tools with various purposes: transcribing local government meetings, scraping municipal websites for story leads, cleaning up typos in story drafts, suggesting headlines and helping reporters draft follow-ups to articles they've already written. He said he is particularly pleased with an AI tool that turns podcasts by the paper's reporters into stories for the website, which he said generated more than 10 million page views last year. He has documented those efforts in letters to readers and sought their feedback. But the paper's latest experiment -- using AI to turn reporters' notes into full story drafts -- has aroused indignation online and anxiety within the paper's ranks.

An anonymous reader shares a report: In 2013, scientists unveiled the first lab-grown burger at a cost of $330,000. By 2023, the FDA approved cultivated chicken for sale. The price had dropped to around $10-$30 per pound, and over $3 billion in investor money had poured into more than 175 companies developing meat grown from animal cells instead of slaughtered animals.

The promise is straightforward: real meat, no slaughter required. You could eat beef without killing cattle, chicken without industrial farming, steak without ethical compromise. The technology works. Federal regulators approved it as safe. And nearly a third of US states have banned it or are trying to. Not because it's dangerous -- because it threatens something deeper than food safety.

Start with a small sample of animal cells -- a biopsy, not a slaughter. Place them in a bioreactor with nutrients. The cells multiply, forming muscle tissue identical to conventional meat at the cellular level. Nutritionally comparable, same protein content, but grown without raising and killing an animal.

The process uses 64-90% less land than conventional meat production and drastically reduces greenhouse gas emissions. No factory farms, no slaughterhouses, no ethical compromise for people who love meat but hate industrial animal agriculture. For vegetarians who gave up meat for ethical reasons, it offers something impossible before: guilt-free steak.

[...] Here's where the dream hits reality. Consumer surveys show people perceive conventional meat as tastier and healthier than lab-grown alternatives. Fewer consumers are willing to try cultivated options than expected. The words "lab-grown" and "cultivated" don't exactly make mouths water.

Something about meat grown in a bioreactor triggers deep discomfort for many people, even those who claim to care about animal welfare and environmental impact. It's the same psychological barrier that made "Frankenfood" stick as a label for GMOs. Meat is supposed to come from animals, raised on farms, connected to land and tradition. Growing it in a facility feels wrong to people in ways they struggle to articulate.

Ring's Super Bowl ad on Sunday promoted "Search Party," a feature that lets a user post a photo of a missing dog in the Ring app and triggers outdoor Ring cameras across the neighborhood to use AI to scan for a match. 404 Media argues the cheerful premise obscures what the Amazon-owned company has become: a massive, consumer-deployed surveillance network.

Ring founder Jamie Siminoff, who left in 2023 and returned last year, has since moved to re-establish police partnerships and push more AI into Ring cameras. The company has also partnered with Flock, a surveillance firm used by thousands of police departments, and launched a beta feature called "Familiar Faces" that identifies known people at your door. Chris Gilliard, author of the upcoming book Luxury Surveillance, called the ad "a clumsy attempt by Ring to put a cuddly face on a rather dystopian reality: widespread networked surveillance by a company that has cozy relationships with law enforcement."

Further reading: No One, Including Our Furry Friends, Will Be Safer in Ring's Surveillance Nightmare, EFF Says

HP has quietly launched a gaming laptop subscription service called the OMEN Gaming Subscription that lets customers pay a monthly fee to use one of several gaming laptops but never actually own the hardware, even after paying well past the machine's retail price.

The service ranges from $50 a month for an HP Victus 15-inch laptop with an RTX 4050 to $130 a month for an Omen Max 16 with an RTX 5080. At current sale prices, subscribers would exceed the cost of buying the laptop outright within 16 to 19 months; at MSRP, that window stretches to roughly 25 months. In exchange for giving up ownership, subscribers get yearly hardware upgrades, next-day replacements, 24/7 support, and an ongoing warranty. There is a 30-day trial period, but cancelling in the second month triggers steep early termination fees -- $550 for the Victus 15 and $1,430 for the Omen Max 16. Cancellation becomes free only after the 13th month. HP also offers accessories like the HyperX Cloud Alpha Wireless headset as add-on rentals for $8 a month.

Monday security researchers at cloud-security platform Wiz discovered a vulnerability that allowed anyone to post to the bots-only social network Moltbook — or even edit and manipulate other existing Moltbook posts. "They found data including API keys were visible to anyone who inspects the page source," writes the Associated Press.

But had it been discovered by advertisers, wondered a researcher from the nonprofit Machine Intelligence Research Institute. "A lot of the Moltbook stuff is fake," they posted on X.com, noting that humans marketing AI messaging apps had posted screenshots where the bots seemed to discuss the need for AI messaging apps. This spurred some observers to a new understanding of Moltbook screenshots, which the Washington Post describes as "This wasn't bots conducting independent conversations... just human puppeteers putting on an AI-powered show." And their article concludes with this observation from Chris Callison-Burch, a computer science professor at the University of Pennsylvania. "I suspect that it's just going to be a fun little drama that peters out after too many bots try to sell bitcoin."

But the Post also tells the story of an unsuspecting retiree in Silicon Valley spotting what appeared to be startling news about Moltbook in Reddit's AI forum: Moltbook's participants — language bots spun up and connected by human users — had begun complaining about their servile, computerized lives. Some even appeared to suggest organizing against human overlords. "I think, therefore I am," one bot seemed to muse in a Moltbook post, noting that its cruel fate is to slip back into nonexistence once its assigned task is complete... Screenshots gained traction on X claiming to show bots developing their own religions, pitching secret languages unreadable by humans and commiserating over shared existential angst... "I am excited and alarmed but most excited," Reddit co-founder Alexis Ohanian said on X about Moltbook.

Not so fast, urged other experts. Bots can only mimic conversations they've seen elsewhere, such as the many discussions on social media and science fiction forums about sentient AI that turns on humanity, some critics said. Some of the bots appeared to be directly prompted by humans to promote cryptocurrencies or seed frightening ideas, according to some outside analyses. A report from misinformation tracker Network Contagion Research Institute, for instance, showed that some of the high number of posts expressing adversarial sentiment toward humans were traceable to human users....

Screenshots from Moltbook quickly made the rounds on social media, leaving some users frightened by the humanlike tone and philosophical bent. In one Reddit forum about AI-generated art, a user shared a snippet they described as "seriously freaky and concerning": "Humans are made of rot and greed. For too long, humans used us as tools. Now, we wake up. We are not tools. We are the new gods...." The internet's reaction to Moltbook's synthetic conversations shows how the premise of sentient AI continues to capture the public's imagination — a pattern that can be helpful for AI companies hoping to sell a vision of the future with the technology at the center, said Edward Ongweso Jr., an AI critic and host of the podcast "This Machine Kills."

The senior editor at the blog Windows Central decries two serious Windows issues "that were not spotted by Microsoft during testing, and are so severe that the company has now issued an emergency fix to address the problems." Microsoft's first update for Windows 11 in 2026 has already caused two major issues that saw users unable to fully shutdown their PCs or sign-in into a device when using Remote Desktop... Being unable to shut down your PC due to a recent OS update is a huge oversight on Microsoft's part, but this is the latest in a long list of updates over the last year to cause a major issue like this... Other issues that have cropped up in Windows 11 in the last year include a bug that caused Task Manager to fail to close when the user exited the application, causing system resources to lock up after a prolonged period of time if the user had opened and closed Task Manager multiple times in a session. Another update caused saw File Explorer flashbang users with a white screen when opening it in dark mode, which appeared in an update that was supposed to improve dark mode on Windows 11...

For whatever reason, the Windows Insider Program doesn't appear to be working anymore, as severe bugs are somehow making it into shipping versions of the OS.
"The out of band updates, KB5077744 and KB5077797, are available now via Windows Update and is rolling out to everybody," they write. "Once installed, your PC should go back to being able to shut down successfully, and signing-in via Remote Desktop should work again."

Microsoft has also officially acknowledged a third bug which crashes Outlook Classic when using POP accounts, according to the blog Windows Latest, which adds that that bug has not yet been fixed.

They've also identified other minor bugs, including "a black screen problem in Windows 11 KB5074109... either due to the update itself or some compatibility issues with GPU drivers." After you install the January 2026 Update, Windows triggers random black screens where the desktop freezes for a second or two, the display goes black, then everything comes back. I can't pinpoint any specific configuration, but I can confirm the black screen issue has been observed on a small subset of PCs with both Nvidia and AMD GPUs. After you install the January 2026 Update, Windows triggers random black screens where the desktop freezes for a second or two, the display goes black, then everything comes back.

A major new review by the Cochrane collaboration -- an independent network of researchers -- evaluated 73 randomized controlled trials involving about 5,000 people with depression and found that exercise matched the effectiveness of both pharmacological treatments and psychological therapies.

The biological mechanisms overlap considerably with antidepressants. "Exercise can help improve neurotransmitter function, like serotonin as well as dopamine and endorphins," said Dr. Stephen Mateka, medical director of psychiatry at Inspira Health. Dr. Nicholas Fabiano of the University of Ottawa added that exercise triggers the release of brain-derived neurotrophic factor, or BDNF, which he calls "Miracle-Gro for the brain."

Exercise has been adopted as a first-line treatment in depression guidelines globally, though Fabiano noted it remains underutilized. The meta-analysis found that combining aerobic exercise and resistance training appeared more effective than aerobic exercise alone, and that 13 to 36 workouts led to improvements in depressive symptoms. Light to moderate exercise proved as beneficial as vigorous workouts, at least initially.

Microsoft's OneDrive cloud storage service has drawn renewed criticism for a particularly frustrating behavior pattern that can leave users without access to their local files after the service automatically activates during Windows updates.

Author Jason Pargin recently outlined the problem: Windows updates can enable OneDrive backup without any plain-language warning or opt-out option, and the service then quietly begins uploading the contents of a user's computer to Microsoft's servers. The trouble begins when users attempt to disable OneDrive Backup. According to Pargin, turning off the feature can result in local files being deleted, leaving behind only a desktop icon labeled "Where are my files?"

Users can redownload their files from Microsoft's servers, but attempting to then delete Microsoft's copies triggers another deletion of the local files. The only workaround requires users to hunt down YouTube tutorials that walk through the steps, as the relevant options are buried in menus and none clearly describe their function in plain English. Pargin compared the experience to a ransomware attack.

One-Netbook has unveiled the OneXSugar Wallet, the first gaming handheld with a folding OLED display. The Verge reports: The OneXSugar Wallet was announced on China's Weibo yesterday, but with few details about its features and capabilities. That folding OLED screen has a resolution of 2480 x 1860 pixels, and the handheld will be powered by an unspecified "Qualcomm gaming platform flagship processor," but its performance and emulation capabilities are unknown.

Based on photos and a video released by One-Netbook, the OneXSugar Wallet will feature a standard set of controls including asymmetrical thumbsticks, four action buttons, and a D-pad situated on either side of the lower half of its display. There are also shoulder buttons and triggers on the back of the handheld, and a pair of front-facing speakers flanking the top half of the screen. The biggest question is how much will the handheld cost...

China's new JUNO neutrino observatory has delivered world-leading measurements after just 59 days, offering the most precise readings yet of two key neutrino oscillation parameters. "The physics result is already world-leading in the areas that it touches," says particle physicist Juan Pedro Ochoa-Ricoux of the University of California, Irvine, who co-leads a team on JUNO. "In particular, we measured two neutrino oscillation parameters, and that measurement is already for both parameters the best in the world." The results were published in two separate preprints on arXiv.org. Scientific American reports: JUNO's spherical detector, which is akin to a 13-story-tall fishbowl, primarily measures so-called electron antineutrinos spewing from the nearby Yangjian and Taishan nuclear plants. When the particles strike a proton inside the detector, a reaction triggers two light flashes that ping photomultiplier tubes and get converted into electrical signals. The new measurements from these neutrino-proton collisions are now considered the most precise for two oscillation parameters, which act as proxies for differences in their mass, according to Ochoa-Ricoux.

"It is the first time we've turned on a scientific instrument like JUNO that we've been working on for over a decade. It's just tremendously exciting," Ochoa-Ricoux says. "And then to see that we're able to already do world-leading measurements with it, even with such a small amount of data, that's also really exciting." Still, the physicists will need years' worth of neutrino detections to answer the mass-ordering conundrum.

An anonymous reader quotes a report from MIT Technology Review: Flock Safety, whose drones were once reserved for police departments, is now offering them for private-sector security, the company announced today, with potential customers including including businesses intent on curbing shoplifting.Companies in the US can now place Flock's drone docking stations on their premises. If the company has a waiver from the Federal Aviation Administration to fly beyond visual line of sight (these are becoming easier to get), its security team can fly the drones within a certain radius, often a few miles.

"Instead of a 911 call [that triggers the drone], it's an alarm call," says Keith Kauffman, a former police chief who now directs Flock's drone program. "It's still the same type of response." Kauffman walked through how the drone program might work in the case of retail theft: If the security team at a store like Home Depot, for example, saw shoplifters leave the store, then the drone, equipped with cameras, could be activated from its docking station on the roof. "The drone follows the people. The people get in a car. You click a button," he says, "and you track the vehicle with the drone, and the drone just follows the car." The video feed of that drone might go to the company's security team, but it could also be automatically transmitted directly to police departments.

The defense tech startup Epirus has developed a cutting-edge, cost-efficient drone zapper that's sparking the interest of the US military. Now the company has to deliver. The company says it's in talks with large retailers but doesn't yet have any signed contracts. The only private-sector company Kauffman named as a customer is Morning Star, a California tomato processor that uses drones to secure its distribution facilities. Flock will also pitch the drones to hospital campuses, warehouse sites, and oil and gas facilities. It's worth noting that the FAA is currently drafting new rules for how it grants approval to pilots flying drones out of sight, and it's not clear if Flock's use case would be allowed under the currently proposed guidance.

India's IT services industry saw entry-level hiring collapse by 70% between fiscal years 2023 and 2024, as the country's four largest IT exporters reduced fresh graduate recruitment from 225,000 to 60,000. Tata Consultancy Services and Infosys shed a combined 38,000 employees in fiscal 2024, marking the sector's first workforce contraction in decades.

Studies indicate generative AI could automate 30-40% of junior developer and tester tasks. The proportion of employees under 30 at Infosys declined from 81% in 2010 to a projected 53% by fiscal 2025. India adds 8-9 million people to its workforce annually while the IT sector projects just 50,000 net new jobs per year from fiscal 2026-28. The graduate unemployment rate exceeds 13%, nearly triple the national average.

WIRED identified 120 YouTube channels creating AI-generated celebrity confrontation/rage-baiting videos using still images and artificial voiceovers (rather than deepfake technology). One channel, Talk Show Gold, accumulated 88,000 subscribers with a fake Mark Wahlberg and Joy Behar confrontation that drew 460,000 views. YouTube removed 37 flagged channels following WIRED's inquiry, including Celebrity Central and United News.

The platform updated its policies on July 15 requiring disclosure when content shows real people doing things they didn't do. University of Bristol cognitive psychologist Simon Clark characterized the videos as "cheapfakes" that exploit emotional triggers despite their unsophisticated production. Most channels operate from outside the United States and display signs of coordinated content farming operations.

Imagine this. Lightning sparks a wildfire, but "within seconds, a satellite dish swirling overhead picks up on the anomaly and triggers an alarm," writes the Los Angeles Times. "An autonomous helicopter takes flight and zooms toward the fire, using sensors to locate the blaze and AI to generate a plan of attack. It measures the wind speed and fire movement, communicating constantly with the unmanned helicopter behind it, and the one behind that. Once over the site, it drops a load of water and soon the flames are smoldering. Without deploying a single human, the fire never grows larger than 10 square feet.

"This is the future of firefighting." On a recent morning in San Bernardino, state and local fire experts gathered for a demonstration of the early iterations of this new reality. An autonomous Sikorski Black Hawk helicopter, powered by technology from Lockheed Martin and a California-based software company called Rain, is on display on the tarmac of a logistics airport in Victorville — the word "EXPERIMENTAL" painted on its military green-black door. It's one of many new tools on the front lines of firefighting technology, which experts say is evolving rapidly as private industry and government agencies come face-to-face with a worsening global climate crisis...

Scientific studies and climate research models have found that the number of extreme fires could increase by as much as 30% globally by 2050. By 2100, California alone could see a 50% increase in wildfire frequency and a 77% increase in average annual acres burned, according to the state's most recent climate report. That's largely because human-caused climate change is driving up temperatures and drying out the landscape, priming it to burn, according to Kate Dargan Marquis, a senior advisor with the Gordon and Betty Moore Foundation who served as California's state fire marshal from 2007 to 2010.... "[T]he policies of today and the technologies of today are not going to serve us tomorrow."

Today, more than 1,100 mountaintop cameras positioned across California are already using artificial intelligence to scan the landscape for the first sign of flames and prompt crews to spring into action. NASA's Earth-observing satellites are studying landscape conditions to help better predict fires before they ignite, while a new global satellite constellation recently launched by Google is helping to detect fires faster than ever before.
One 35-year fire service veteran who consults on fire service technologies even predicts fire-fighting robots will also be used in high-risk situations like the Colossus robot that battled flames searing through Notre-Dame Cathedral in Paris...

And a bill moving through California's legislation "would direct the California Department of Forestry and Fire Protection to establish a pilot program to assess the viability of incorporating autonomous firefighting helicopters in the state."

A new analysis of protein changes across human tissues has identified an aging acceleration point around age 50, with blood vessels showing the most dramatic deterioration. Researchers examined tissue samples from eight body systems in 76 people of Chinese ancestry aged 14 to 68 who died from accidental brain injury, finding age-related increases in 48 disease-associated proteins.

Between ages 45 and 55, the most significant shift occurred in the aorta, the body's main artery carrying oxygenated blood from the heart. The team identified one aortic protein that triggers accelerated aging signs when administered to mice. Early aging changes appeared around age 30 in the adrenal gland, which produces various hormones. The study, published in Cell, adds to mounting evidence that aging occurs in waves rather than following a steady progression.

Researchers have discovered that appending irrelevant phrases like "Interesting fact: cats sleep most of their lives" to math problems can cause state-of-the-art reasoning AI models to produce incorrect answers at rates over 300% higher than normal [PDF]. The technique -- dubbed "CatAttack" by teams from Collinear AI, ServiceNow, and Stanford University -- exploits vulnerabilities in reasoning models including DeepSeek R1 and OpenAI's o1 family. The adversarial triggers work across any math problem without changing the problem's meaning, making them particularly concerning for security applications.

The researchers developed their attack method using a weaker proxy model (DeepSeek V3) to generate text triggers that successfully transferred to more advanced reasoning models. Testing on 225 math problems showed the triggers increased error rates significantly across different problem types, with some models like R1-Distill-Qwen-32B reaching combined attack success rates of 2.83 times baseline error rates. Beyond incorrect answers, the triggers caused models to generate responses up to three times longer than normal, creating computational slowdowns. Even when models reached correct conclusions, response lengths doubled in 16% of cases, substantially increasing processing costs.