181171112
submission
joshuark writes:
Lawmakersare pressing the nation's top intelligence official to publicly disclose whether Americans who use commercialVPN servicesrisk being treated as foreigners under United States surveillance law—a classification that would strip them of constitutional protections against warrantless government spying. Lawmakers pressed Tulsi Gabbard to reveal whether using a VPN can strip Americans of their constitutional protections against warrantless surveillance.
In a letter sent Thursday to Director of National IntelligenceTulsi Gabbard, the lawmakers say that because VPNs obscure a user's true location, and because intelligence agencies presume that communications of unknown origin are foreign, Americans may be inadvertently waiving the privacy protections they're entitled to under the law.
Several federal agencies, including the FBI, the National Security Agency, and the Federal Trade Commission, haverecommendedthat consumers use VPNs toprotect their privacy. But following that advice may inadvertently cost Americans the very protections they're seeking.
181118468
submission
joshuark writes:
LiteLLM is an open-source Python library that serves as a gateway to multiple large language model (LLM) providers via a single API. The package is very popular, with over 3.4 million downloads a day and over 95 million in the past month.
The TeamPCP hacking group compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. According to research by Endor Labs, threat actors compromised the project and published malicious versions of LiteLLM 1.82.7 and 1.82.8 to PyPI today that deploy an infostealer that harvests a wide range of sensitive data.
The malicious code was injected into 'litellm/proxy/proxy_server.py' [VirusTotal] as a base64 encoded payload, which is decoded and executed whenever the module is imported. "Once triggered, the payload runs a three-stage attack: it harvests credentials (SSH keys, cloud tokens, Kubernetes secrets, crypto wallets, and .env files), attempts lateral movement across Kubernetes clusters by deploying privileged pods to every node, and installs a persistent systemd backdoor that polls for additional binaries," explains Endor Labs.
Stolen data is bundled into an encrypted archive named tpcp.tar.gz and sent to attacker-controlled infrastructure at models.litellm[.]cloud, where the threat actors can access it.
If compromise is suspected, all credentials on affected systems should be treated as exposed and rotated immediately. Both malicious LiteLLM versions have been removed from PyPI, with version 1.82.6 now the latest clean release.
181099930
submission
joshuark writes:
A Serve Robotics food delivery robot crashed through the glass wall of a bus stop shelter in Chicago earlier this week, shattering the glass all over the sidewalk.
“We’re aware of the incident involving one of our robots in Chicago. No injuries were reported, our team responded quickly to clean up, and we’re reviewing what happened to make improvements,” the spokesperson said. “We have also been in contact with local stakeholders and are committed to addressing any concerns directly. We take this matter very seriously.”
Serve deployed its robots to Chicago in September under a partnership with Uber Eats. The company operates in a few cities around the country, including in Los Angeles, where activists have been filming the robots in various compromising positions or after they have been knocked over by passersby.
Footage of the aftermath of the crash went viral on social media, with one of the company’s robots shaking shards of glass onto the sidewalk. The crash comes amid a protest against delivery robots in Chicago. Delivery robots have been controversial in Chicago, where at least 3,600 Chicago residents have signed a “No Sidewalk Bots” petition asking the city to ban the robots. The Chicago Department of Transportation did not respond to a request for comment.
181054316
submission
joshuark writes:
OpenAI is planning to combine its Atlas web browser, ChatGPT app, and Codex coding app into a singular desktop super app. CEO of Applications, Fidji Simo, said the company was doubling down on its successful products.
By taking this move, the AI company aims to streamline the user experience and reduce fragmentation. With that said, each of the apps currently do quite different things so it will be interesting to see how they put this all together. Simo said in an internal memo: “We realized we were spreading our efforts across too many apps and stacks, and that we need to simplify our efforts. That fragmentation has been slowing us down and making it harder to hit the quality bar we want.”
OpenAI is in a fierce battle with companies like Anthropic and Google to produce the best models and products. By unifying and speeding up the development of their desktop offering, it gives OpenAI a leg up in the race.
Atlas is probably the least known among the three products. It lets users browse the web with ChatGPT packed in. This browser is only available on macOS, so fewer people have had a chance to use it.
180961070
submission
joshuark writes:
Microsoft has filed an amicus brief on Tuesday in support of Anthropic's lawsuit asking the court to temporarily block the U.S. Department of Defense designation of the AI startup as a supply-chain risk. Microsoft backed Anthropic's request for a temporary restraining order against the Pentagon order, arguing that its determination should be paused while the court considers the case. Microsoft, integrates the AI lab's products and services into technology it provides to the U.S. military, said that it was directly impacted by the DOD designation.
"Should this action proceed without the entry of a temporary restraining order, Microsoft and other government contractors with expertise in developing solutions to support U.S. government missions will be forced to account for a new risk in their business planning," the company said.
Microsoft's filing argued the temporary restraining order is needed to prevent costly disruptions for suppliers, who would otherwise have to rapidly rebuild offerings that rely on Anthropic's products. The judge overseeing the case must approve Microsoft's request to file the brief before it is officially entered, but courts often permit outside parties to weigh in on important cases.
180903534
submission
joshuark writes:
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks.
VMware Aria Operations is an enterprise monitoring platform that helps organizations track the performance and health of servers, networks, and cloud infrastructure.
The flaw has now been added to the CISA's Known Exploited Vulnerabilities (KEV) catalog, with the US cyber agency requiring federal civilian agencies to address the issue by March 24, 2026. Broadcom said it is aware of reports indicating the vulnerability is exploited in attacks but cannot confirm the claims.
"A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress," the advisory explains.
Broadcom released security patches on February 24 and also provided a temporary workaround for organizations unable to apply the patches immediately.
The mitigation is a shell script named "aria-ops-rce-workaround.sh," which must be executed as root on each Aria Operations appliance node. There are currently no details on how the vulnerability is being exploited in the wild, who is behind it, and the scale of such efforts.
180884682
submission
joshuark writes:
Claude appears to be having a major outage right now, with elevated errors reported across all platforms.The first “Investigating” notice went out at 11:49 UTC, and a follow-up update at 12:06 UTC said the investigation is ongoing.
For now, that likely means you may see failed requests, timeouts, or inconsistent responses when trying to use Claude on web, mobile, or API. There’s no ETA mentioned yet, but the status suggests it’s actively being worked on. No SAAS no service.
180866082
submission
joshuark writes:
Ars Technica writes: AI company Perplexity just launched its new ‘Perplexity Computer,’ a new platform that “reasons, delegates, searches, builds, remembers, codes, and delivers” in what Perplexity is calling a “general-purpose digital worker” somewhere between OpenClaw and Claude Cowork. The “Computer,” a new tool that allows users to assign tasks and see them carried out by a system that coordinates multiple agents running various models.
Perplexity Computer runs Opus 4.6 for its core reasoning engine and orchestrates sub-agents with the best models for specific tasks: Gemini for deep research (creating sub-agents), Nano Banana for images, Veo 3.1 for video, Grok for speed in lightweight tasks, and ChatGPT 5.2 for long-context recall and wide search. Users describe an outcome, and the system spins up sub-agents that can browse, code, connect to apps, and autonomously handle tasks.
There could still be risks, though. For one thing, LLMs make mistakes, and those could be consequential if Computer is working with data you don’t have backed up elsewhere or if you’re not verifying the outputs, for example.
180861330
submission
joshuark writes:
Jensen Huang CEO of NVidia states that the markets "got it wrong" about AI.
“I think the markets got it wrong,” Huang said, pushing back on fears that AI agents will cannibalize the enterprise software industry. He expects a broad swath of software firms to use agentic AI to develop their software and boost efficiency.
Huang calls this “counterintuitive,” that software tools will utilize AI. “That’s the reason why we also say agents are tool users,” he added. He gave the internet browser and Microsoft’s Excel as examples of tools that AI agents will use.
"All of these tools that we use today, whether it’s Cadence or Synopsis or ServiceNow or SAP, these tools exist for a fundamentally good reason. These agentic AI will be intelligent software that uses these tools on our behalf and help us be more productive,” Huang added.
The comments came after Nvidia reported that its revenue for the fiscal fourth quarter climbed 73% to $68.13 billion from a year earlier, beating analysts’ estimates for $66.21 billion.
Investors had grown weary that the massive run-up in spending on AI hardware might not be sustainable, stoking fears of a bubble building in the sector. NVidia issued an upbeat guidance with revenue for the fiscal first quarter to be $78 billion, plus or minus 2%, well above analysts’ forecast for $72.6 billion.
Dan Niles, founder and portfolio manager of Niles Investment Management, told CNBC after Huang’s interview that, "People need to remember that all everything — whether it’s the railroads, canals, the internet, all of these things tend to get overbuilt — and then we figure out who the winners and losers are going to be.”
Niles explained, “There’s some real companies that are going to go to zero in the software space.” He added that the most resilient players will be in the database and cybersecurity sectors.
Nvidia shares rose as much as 2% in extended trading.
180848882
submission
joshuark writes:
Microsoft is investigating a known issue that causes the mouse pointer to disappear in the classic Outlook desktop email client for some users.This bug has been acknowledged almost two months after the first reports started surfacing online, with users saying that Outlook became unusable after the mouse pointer vanished while using the app.
Microsoft explained in a recent support document that the mouse pointer (and in some cases the cursor) will suddenly vanish as users move it across Outlook's interface. "When using classic Outlook, you may find that the mouse pointer or mouse cursor disappears as you move the pointer over the Outlook interface," it said. "Although the mouse pointer is not there, the email in the message list will change color as you hover over it. This issue has also been reported with OneNote and other Microsoft 365 apps to a lesser degree."
Microsoft added that the Outlook team is investigating the issues and will provide updates as more information becomes available. While a timeline for a permanent fix is not yet available, Microsoft has offered three temporary workarounds that require affected users to click an email in the message list when the cursor disappears, which may cause it to reappear.
Alternatively, switching to PowerPoint, clicking into an editable area, and then returning to Outlook may also restore the mouse pointer.
180843282
submission
joshuark writes:
Comments and other data left on a PDF detailing Homeland Security’s proposal to build “mega” detention and processing centers reveal the personnel involved in its creation. The PDF provided to New Hampshire governor Kelly Ayotte’s office about a new effort to build “mega” detention and processing centers across the United States contains embedded comments and metadata identifying the people who worked on it. Metadata in the document, which concerns ICE’s “Detention Reengineering Initiative” (DRI), lists as its author Jonathan Florentino, the director of ICE’s Newark, New Jersey, Field Office of Enforcement and Removal Operations.
DHS did not respond to a request for comment nor did it answer questions about access to a PDF processor subscription that might have enabled him to scrub metadata and comments from the PDF before sending it to the New Hampshire governor. (The so-called Department of Government Efficiency spent last year slashing the number of software licenses across the federal government.) Across the country, ICE’s mega detention center projects have sparked controversy.
ICE’s purchase of a warehouse in Surprise, Arizona, spurred hundreds to attend a city council meeting on the topic, according to KJZZ in Phoenix. In Social Circle, Georgia, city officials have pushed back against DHS’s proposal to build a mega center there, because officials say the city’s water and sewage treatment infrastructure would not be able to handle the influx of people.
180823916
submission
joshuark writes:
Microsoft says an Exchange Online issue that mistakenly quarantined legitimate emails last week was triggered by faulty heuristic detection rules designed to block credential phishing campaigns. The incident, tracked by Microsoft under EX1227432, began on February 5 and was not fully resolved until February 12. During that period, users across Exchange Online and Microsoft Teams were unable to open links in messages, with some of their emails quarantined entirely.
Administrators also received warnings that a "potentially malicious URL click was detected," alerts that Microsoft later confirmed were false positives. Other security tools within Microsoft's detection infrastructure also amplified the incident's impact, and a separate bug in the company's security signature systems further delayed efforts to roll back the flawed detection rules. "This issue occurred due to a logic error in a heuristic detection aimed at novel credential phishing campaigns that spiked several hours after release," Microsoft explained.
While this preliminary report was published on Monday, Microsoft said that it will issue a final report within five business days of full resolution.
180809714
submission
joshuark writes:
Do you miss the Cartoon Network of old? The decline of Saturday morning cartoons? When shows like Codename: Kids Next Door and Xiaolin Showdown were mainstays of the early aughts? If so, you may want to consider signing up for Tubi come March 1st, because the free streaming service has announced a huge wave of classic Cartoon Network shows that’ll be arriving on the platform.
Describing it as the start of its “cartoon era,” Tubi is adding 100 Cartoon Network and Warner Bros. programs to its library. The list of titles includes Dexter’s Laboratory, Ed, Edd n Eddy, Courage the Cowardly, The Powerpuff Girls, Teen Titans, and Foster’s Home for Imaginary Friends. Tubi’s move to add classic cartoons comes at a moment when they’ve become increasingly difficult to find on streaming. Last year several Cartoon Network series were purged from HBO Max after their license deals expired and were not renewed.
180778430
submission
joshuark writes:
Gallup will soon no longer measure presidential approval, the analytics firm confirmed on Feb. 11.
Founded by George Gallup in 1935, the Washington, DC-based management company began tracking the president's job performance 88 years ago. A statistician and founder of the American Institute of Public Opinion, Gallup first sent pollsters across the United States during the Depression era to ask people whether they approved or disapproved of how the nation's commander-in-chief was handling his job.
Starting in 2026, the firm told USA TODAY, Gallup will no longer publish "favorability ratings of political figures," a decision it said "reflects an evolution in how Gallup focuses its public research and thought leadership."
The change is part of "a broader, ongoing effort to align all of Gallup’s public work with its mission," the company wrote. Gallup said the ratings are now "widely produced, aggregated and interpreted, and no longer represent an area where Gallup can make its most distinctive contribution." The company wrote: "Our commitment is to long-term, methodologically sound research on issues and conditions that shape people’s lives."
https://www.youtube.com/watch?...
180681850
submission
joshuark writes:
The FBI has seized the notorious RAMP cybercrime forum, a platform used to advertise a wide range of malware and hacking services, and one of the few remaining forums that openly allowed the promotion of ransomware operations.
Both the forum's Tor site and its clearnet domain, ramp4u[.]io, now display a seizure notice stating, "The Federal Bureau of Investigation has seized RAMP."
While there has been no official announcement by law enforcement regarding this seizure, the domain name servers have now been switched to those used by the FBI when seizing domains. In a forum post to the XSS hacking forum, one of the alleged former RAMP operators known as "Stallman" confirmed the seizure.
