In December 2024 the Google Threat Intelligence Group published research on the code of the commercial spyware "Predator". But there's now been new research by Jamf (the company behind a mobile device management solution) showing Predator is more dangerous and sophisticated than we realized, according to SecurityWeek.

Long-time Slashdot reader wiredmikey writes: The new research reveals an error taxonomy that reports exactly why deployments fail, turning black boxes into diagnostic events for threat actors. Almost exclusively marketed to and used by national governments and intelligence agencies, the spyware also detects cybersecurity tools, suppresses forensics evidence, and has built-in geographic restrictions.

Ars Technica reports: Security firm Mandiant [part of Google Cloud] has released a database that allows any administrative password protected by Microsoft's NTLM.v1 hash algorithm to be hacked in an attempt to nudge users who continue using the deprecated function despite known weaknesses.... a precomputed table of hash values linked to their corresponding plaintext. These generic tables, which work against multiple hashing schemes, allow hackers to take over accounts by quickly mapping a stolen hash to its password counterpart... Mandiant said it had released an NTLMv1 rainbow table that will allow defenders and researchers (and, of course, malicious hackers, too) to recover passwords in under 12 hours using consumer hardware costing less than $600 USD. The table is hosted in Google Cloud. The database works against Net-NTLMv1 passwords, which are used in network authentication for accessing resources such as SMB network sharing.

Despite its long- and well-known susceptibility to easy cracking, NTLMv1 remains in use in some of the world's more sensitive networks. One reason for the lack of action is that utilities and organizations in industries, including health care and industrial control, often rely on legacy apps that are incompatible with more recently released hashing algorithms. Another reason is that organizations relying on mission-critical systems can't afford the downtime required to migrate. Of course, inertia and penny-pinching are also causes.

"By releasing these tables, Mandiant aims to lower the barrier for security professionals to demonstrate the insecurity of Net-NTLMv1," Mandiant said. "While tools to exploit this protocol have existed for years, they often required uploading sensitive data to third-party services or expensive hardware to brute-force keys."
"Organizations that rely on Windows networking aren't the only laggards," the article points out. "Microsoft only announced plans to deprecate NTLMv1 last August."

Thanks to Slashdot reader joshuark for sharing the news.

An anonymous reader quotes a report from TechCrunch: Last week, Nicholas Moore, 24, a resident of Springfield, Tennessee, pleaded guilty to repeatedly hacking into the U.S. Supreme Court's electronic document filing system. At the time, there were no details about the specifics of the hacking crimes Moore was admitting to. On Friday, a newly filled document -- first spotted by Court Watch's Seamus Hughes -- revealed more details about Moore's hacks. Per the filing, Moore hacked not only into the Supreme Court systems, but also the network of AmeriCorps, a government agency that runs stipend volunteer programs, and the systems of the Department of Veterans Affairs, which provides healthcare and welfare to military veterans.

Moore accessed those systems using stolen credentials of users who were authorized to access them. Once he gained access to those victims' accounts, Moore accessed and stole their personal data and posted some online to his Instagram account: @ihackthegovernment. In the case of the Supreme Court victim, identified as GS, Moore posted their name and "current and past electronic filing records." [...] According to the court document, Moore faces a maximum sentence of one year in prison and a maximum fine of $100,000.

Salesforce CEO Marc Benioff said this week that his company's software engineering headcount has remained "mostly flat" over the past year as internal AI tools have delivered substantial productivity gains.

Speaking on TBPN, Benioff said he has about 15,000 engineers who are "more productive than ever." The company has redirected its hiring efforts toward sales and customer engagement roles, hiring 20% more account executives this year as it pushes its Agentforce agentic AI service.

Human salespeople remain essential for explaining the "intricacies and nuances" of agentic AI to skeptical enterprise customers, he argued. Other parts of the business have seen deeper cuts. In a separate appearance on The Logan Bartlett Show, Benioff said that Salesforce had reduced its customer support workforce by roughly 50%.

An anonymous reader shares a report: Raspberry Pi is launching a new add-on board capable of running generative AI models locally on the Raspberry Pi 5. Announced on Thursday, the $130 AI HAT+ 2 is an upgraded -- and more expensive -- version of the module launched last year, now offering 8GB of RAM and a Hailo 10H chip with 40 TOPS of AI performance.

Once connected, the Raspberry Pi 5 will use the AI HAT+ 2 to handle AI-related workloads while leaving the main board's Arm CPU available to complete other tasks. Unlike the previous AI HAT+, which is focused on image-based AI processing, the AI HAT+ 2 comes with onboard RAM and can run small gen AI models like Llama 3.2 and DeepSeek-R1-Distill, along with a series of Qwen models. You can train and fine-tune AI models using the device as well.

An anonymous reader quotes a report from Ars Technica: According to the government's version of events, 43-year-old Christopher Southerland was working in 2023 as a sysadmin for the House Committee on Transportation and Infrastructure. In his role, Southerland had the authority to order cell phones for committee staffers, of which there are around 80. But during the early months of 2023, Southerland is said to have ordered 240 brand-new phones -- far more than even the total number of staffers -- and to have shipped them all to his home address in Maryland.

The government claims that Southerland then sold over 200 of these cell phones to a local pawn shop, which was told to resell the devices only "in parts" as a way to get around the House's mobile device management software, which could control the devices remotely. It's hard to find good help these days, though, even at pawn shops. At some point, at least one of the phones ended up, intact, on eBay, where it was sold to a member of the public.

This member of the public promptly booted the phone, which did not display the expected device operating system screen but instead "a phone number for the House of Representatives Technology Service Desk." The phone buyer called this number, which alerted House IT staff that government phones were being sold on eBay. According to the government, this sparked a broader investigation to figure out what was going on, which revealed that "several phones purchased by Southerland were unaccounted for." The full scheme is said to have cost the government over $150,000. Southerland was indicted in early December 2025 and arrested on January 8, 2026. He pled not guilty and has a court date scheduled for later this month.

Dell's chief operating officer Jeff Clarke has informed employees that the company is preparing for what he calls the "biggest transformation in company history," a sweeping systems overhaul scheduled to launch on May 3 that will standardize processes across nearly every major division.

The initiative, dubbed One Dell Way, will replace Dell's existing sprawl of applications, servers and databases with a single enterprise platform designed to unify the 42-year-old company's operations. Clarke's memo, sent to staff on Tuesday and obtained by Business Insider, said Dell has spent the past two years building toward this transition.

The May 3 launch will affect the company's PC business, finance, supply chain, marketing, sales, revenue operations, services, and HR. The ISG division, which handles cloud and AI infrastructure, will follow in August. "We need one way -- simplified, standardized and automated -- so we can be more competitive and serve our customers better," Clarke wrote. Mandatory training begins February 3.

An anonymous reader shares a report: Chinese authorities have told domestic companies to stop using cybersecurity software made by roughly a dozen firms from the U.S. and Israel due to national security concerns, two people briefed on the matter said.

As trade and diplomatic tensions flare between China and the U.S. and both sides vie for tech supremacy, Beijing has been keen to replace Western-made technology with domestic alternatives. The U.S. companies whose cybersecurity software has been banned include Broadcom-owned VMware, Palo Alto Networks and Fortinet, while the Israeli companies include Check Point Software Technologies, the sources said.

Amazon founder Jeff Bezos once told an audience that he views local PC hardware the same way he views a 100-year-old electric generator he saw in a brewery museum -- as a relic of a pre-grid era, destined to be replaced by centralized utilities that users simply rent rather than own. The anecdote, shared at a talk a few years ago, positioned Amazon Web Services and Microsoft Azure as the inevitable successors to the desktop tower. Bezos argued that users would eventually abandon local computing for cloud-based solutions, much as businesses once abandoned on-site power generation for the electrical grid.

Current market dynamics have made that prediction feel more plausible. DRAM prices have become increasingly untenable for consumers, and companies like Dell and ASUS have signaled price increases across their PC ranges. Micron has shut down its consumer DRAM operations entirely, prioritizing AI datacenter demand instead. SSD storage is expected to face similar constraints. Cloud gaming services from Amazon Luna, NVIDIA GeForce Now and Xbox are seeing steady growth.

Microsoft previously developed a consumer version of its business-grade Windows 365 cloud PC product, though the company deprioritized it -- the economics didn't work when cheap laptops remained available. That calculus could shift. Xbox Game Pass's 1440p cloud gaming runs $30 monthly and NVIDIA recently imposed a 100-hour cap on its cloud platform. The infrastructure remains expensive to operate, but rising local hardware costs may eventually close that gap.

The chief constable of one of Britain's largest police forces has admitted that Microsoft's Copilot AI assistant made a mistake in a football (soccer) intelligence report. From a report: The report, which led to Israeli football fans being banned from a match last year, included a nonexistent match between West Ham and Maccabi Tel Aviv.

Copilot hallucinated the game and West Midlands Police included the error in its intelligence report without fact checking it. "On Friday afternoon I became aware that the erroneous result concerning the West Ham v Maccabi Tel Aviv match arose as result of a use of Microsoft Co Pilot [sic]," says Craig Guildford, chief constable of West Midlands Police, in a letter to the Home Affairs Committee earlier this week. Guildford previously denied in December that the West Midlands Police had used AI to prepare the report, blaming "social media scraping" for the error.

An anonymous reader quotes a report from Ars Technica: Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers. The framework, referred to as VoidLink by its source code, features more than 30 modules that can be used to customize capabilities to meet attackers' needs for each infected machine. These modules can provide additional stealth and specific tools for reconnaissance, privilege escalation, and lateral movement inside a compromised network. The components can be easily added or removed as objectives change over the course of a campaign.

VoidLink can target machines within popular cloud services by detecting if an infected machine is hosted inside AWS, GCP, Azure, Alibaba, and Tencent, and there are indications that developers plan to add detections for Huawei, DigitalOcean, and Vultr in future releases. To detect which cloud service hosts the machine, VoidLink examines metadata using the respective vendor's API. Similar frameworks targeting Windows servers have flourished for years. They are less common on Linux machines. The feature set is unusually broad and is "far more advanced than typical Linux malware," said researchers from Checkpoint, the security firm that discovered VoidLink. Its creation may indicate that the attacker's focus is increasingly expanding to include Linux systems, cloud infrastructure, and application deployment environments, as organizations increasingly move workloads to these environments. "VoidLink is a comprehensive ecosystem designed to maintain long-term, stealthy access to compromised Linux systems, particularly those running on public cloud platforms and in containerized environments," the researchers said in a separate post. "Its design reflects a level of planning and investment typically associated with professional threat actors rather than opportunistic attackers, raising the stakes for defenders who may never realize their infrastructure has been quietly taken over."

The researchers note that VoidLink poses no immediate threat or required action since it's not actively targeting systems. However, defenders should remain vigilant.

An anonymous reader quotes a report from Network World: The global technology sector eliminated some 244,851 jobs in 2025, according to a report from RationalFX. The U.K.-based financial services company says the worldwide downsizing reflects how companies in 2025 restructured their operations to focus on efficiency, profitability, and AI-driven productivity. The RationalFX analysis, which examined layoffs reported by TrueUp, TechCrunch, and multiple state WARN databases, points to economic uncertainty, elevated interest rates, and accelerating AI and automation adoption as reasons that 2025 marked "another year of sustained downsizing following the post-pandemic correction that began in 2022."

Companies indicated that AI and automation were among the most frequently cited drivers for layoffs in 2025. Some companies retrained employees when faced with the technology; many replaced roles entirely, RationalFX reports. "Tech sector layoffs in 2025 displaced hundreds of thousands of workers worldwide as companies accelerated structural resets rather than short-term cost corrections," said Alan Cohen, analyst at RationalFX, in a statement. "While macroeconomic pressures such as high interest rates, trade restrictions, and geopolitical uncertainty continued to weigh on business confidence, the dominant force behind last year's job cuts was the rapid adoption of automation and artificial intelligence."

The analysis also uncovered that U.S.-headquartered technology companies were responsible for the majority of job losses, accounting for approximately 69.7% of all global tech layoffs. This resulted in more than 170,000 employees being cut across both domestic and offshore operations from U.S. tech companies. California spearheaded layoffs in the U.S. tech sector this year, with 73,499 job cuts accounting for roughly 43.08% of all tech layoffs in the country, according to the RationalFX report. The report also points out that Washington has seen 42,221 tech jobs cut since the start of the year, accounting for 24.74% of all U.S. tech layoffs. Intel contributed the single largest number of layoffs last year, reducing its headcount from 109,000 people at the end of 2024 to around 75,000 by the end of 2025. Other major U.S. tech companies with large-scale layoffs last year include Amazon (more than 20,000 jobs cut), Microsoft (approximately 19,215 layoffs), Verizon (15,000 employees), Accenture (11,000 employees), IBM (9,000 job cuts), and HP (6,000 roles).

Microsoft announced Tuesday what it calls a "community first" initiative for its AI data centers, pledging to pay full electricity costs and reject local property tax breaks following months of growing opposition from residents facing higher power bills. The announcement in Washington, D.C. marks a clear departure from past practices; Microsoft has previously accepted tax abatements for data centers in Ohio and Iowa.

Brad Smith, Microsoft's president, said the company has been developing the initiative since September. Residential power prices in data center hubs like Virginia, Illinois, and Ohio jumped 12-16% over the past year, faster than the U.S. average. Three Democratic senators launched an investigation last month into whether tech giants are raising residential bills. Microsoft also pledged a 40% improvement in water efficiency by 2030 and committed to replenishing more water than it uses in each district where it operates.

An anonymous reader quotes a report from The Verge: Betterment, a financial app, sent a sketchy-looking notification on Friday asking users to send $10,000 to Bitcoin and Ethereum crypto wallets and promising to "triple your crypto," according to a thread on Reddit. The Betterment account says in an X thread that this was an "unauthorized message" that was sent via a "third-party system." TechCrunch has since confirmed that an undisclosed number of Betterment's customers have had their personal information accessed. "The company said customer names, email and postal addresses, phone numbers, and dates of birth were compromised in the attack," reports TechCrunch.

Betterment said it detected the attack on the same day and "immediately revoked the unauthorized access and launched a comprehensive investigation, which is ongoing." The fintech firm also said it has reached out to the customers targeted by the hackers and "advised them to disregard the message."

"Our ongoing investigation has continued to demonstrate that no customer accounts were accessed and that no passwords or other log-in credentials were compromised," Betterment wrote in the email.

22 years ago, developer and columnist John Gruber released Markdown, a simple plain-text formatting system designed to spare writers the headache of memorizing arcane HTML tags. As technologist Anil Dash writes in a long piece, Markdown has since embedded itself into nearly every corner of modern computing.

Aaron Swartz, then seventeen years old, served as the beta tester before its quiet March 2004 debut. Google eventually added Markdown support to Docs after more than a decade of user requests; Microsoft put it in Notepad; Slack, WhatsApp, Discord, and Apple Notes all support it now. Dash writes: The part about not doing this stuff solely for money matters, because even the most advanced LLM systems today, what the big AI companies call their "frontier" models, require complex orchestration that's carefully scripted by people who've tuned their prompts for these systems through countless rounds of trial and error. They've iterated and tested and watched for the results as these systems hallucinated or failed or ran amok, chewing up countless resources along the way. And sometimes, they generated genuinely astonishing outputs, things that are truly amazing to consider that modern technology can achieve. The rate of progress and evolution, even factoring in the mind-boggling amounts of investment that are going into these systems, is rivaled only by the initial development of the personal computer or the Internet, or the early space race.

And all of it -- all of it -- is controlled through Markdown files. When you see the brilliant work shown off from somebody who's bragging about what they made ChatGPT generate for them, or someone is understandably proud about the code that they got Claude to create, all of the most advanced work has been prompted in Markdown. Though where the logic of Markdown was originally a very simple version of "use human language to tell the machine what to do", the implications have gotten far more dire when they use a format designed to help expresss "make this **bold**" to tell the computer itself "make this imaginary girlfriend more compliant".