| A Possible US Government iPhone-Hacking Toolkit Is Now In the Hands of Foreign Spies, Criminals Mar 4th 2026, 03:00 by BeauHD Security researchers say a highly sophisticated iPhone exploitation toolkit dubbed "Coruna," which possibly originated from a U.S. government contractor, has spread from suspected Russian espionage operations to crypto-stealing criminal campaigns. Apple has patched the exploited vulnerabilities in newer iOS versions, but tens of thousands of devices may have already been compromised. An anonymous reader quotes an excerpt from Wired's report: Security researchers at Google on Tuesday released a report describing what they're calling "Coruna," a highly sophisticated iPhone hacking toolkit that includes five complete hacking techniques capable of bypassing all the defenses of an iPhone to silently install malware on a device when it visits a website containing the exploitation code. In total, Coruna takes advantage of 23 distinct vulnerabilities in iOS, a rare collection of hacking components that suggests it was created by a well-resourced, likely state-sponsored group of hackers. In fact, Google traces components of Coruna to hacking techniques it spotted in use in February of last year and attributed to what it describes only as a "customer of a surveillance company." Then, five months later, Google says a more complete version of Coruna reappeared in what appears to have been an espionage campaign carried out by a suspected Russian spy group, which hid the hacking code in a common visitor-counting component of Ukrainian websites. Finally, Google spotted Coruna in use yet again in what seems to have been a purely profit-focused hacking campaign, infecting Chinese-language crypto and gambling sites to deliver malware that steals victims cryptocurrency. Conspicuously absent from Google's report is any mention of who the original surveillance company "customer" that deployed Coruna may have been. But the mobile security company iVerify, which also analyzed a version of Coruna it obtained from one of the infected Chinese sites, suggests the code may well have started life as a hacking kit built for or purchased by the US government. Google and iVerify both note that Coruna contains multiple components previously used in a hacking operation known as "Triangulation" that was discovered targeting Russian cybersecurity firm Kaspersky in 2023, which the Russian government claimed was the work of the NSA. (The US government didn't respond to Russia's claim.) Coruna's code also appears to have been originally written by English-speaking coders, notes iVerify's cofounder Rocky Cole. "It's highly sophisticated, took millions of dollars to develop, and it bears the hallmarks of other modules that have been publicly attributed to the US government," Cole tells WIRED. "This is the first example we've seen of very likely US government tools -- based on what the code is telling us -- spinning out of control and being used by both our adversaries and cybercriminal groups." Regardless of Coruna's origin, Google warns that a highly valuable and rare hacking toolkit appears to have traveled through a series of unlikely hands, and now exists in the wild where it could still be adopted -- or adapted -- by any hacker group seeking to target iPhone users. "How this proliferation occurred is unclear, but suggests an active market for 'second hand' zero-day exploits," Google's report reads. "Beyond these identified exploits, multiple threat actors have now acquired advanced exploitation techniques that can be re-used and modified with newly identified vulnerabilities."   Read more of this story at Slashdot. | | OpenAI Is Developing an Alternative To GitHub Mar 4th 2026, 01:00 by BeauHD OpenAI is reportedly developing a code-hosting platform that could compete with GitHub, The Information reported on Tuesday. "If OpenAI does sell the product, it would mark a bold move by the creator of ChatGPT to compete directly against Microsoft, which holds a significant stake in the firm," notes Reuters. From the report: Engineers from OpenAI encountered a rise in service disruptions that rendered GitHub unavailable in recent months, which ultimately prompted the decision to develop the new product, the report said. The OpenAI project is in its early stages and likely will not be completed for months, according to The Information. Employees working on it have considered making the code repository available for purchase to OpenAI's customer base. Read more of this story at Slashdot. | | Google Chrome Is Switching To a Two-Week Release Cycle Mar 3rd 2026, 23:00 by BeauHD Google is accelerating Chrome's major release cadence from four weeks to two starting with version 153 on September 8th. "...our goal is to ensure developers and users have immediate access to the latest performance improvements, fixes and new capabilities," says Google. "Building on our history of adapting our release process to match the demands of a modern web, Chrome is moving to a two-week release cycle." The company says the "smaller scope" of these releases "minimizes disruption and simplifies post-release debugging." They also cite "recent process enhancements" that will "maintain [Chrome's] high standards for stability." 9to5Google reports: There will still be weekly security updates between milestones. This applies to desktop, Android, and iOS, while there are "no changes to the Dev and the Canary channels": "A Chrome Beta for each version will ship three weeks before the stable release. We recommend developers test with the beta to keep up to date with any upcoming changes that might impact your sites and applications." The eight-week Extended Stable release schedule for enterprise customers and Chromium embedders will not change. Chromebooks will also have "extended release options": "Our priority is a seamless experience, so the latest Chrome releases will roll out to Chromebooks after dedicated platform testing. We are adapting these channels for the new two-week browser cycle and we will share more details soon regarding milestone updates for managed devices." Read more of this story at Slashdot. | | LibreOffice Says Its UI Is Way Better Than Microsoft Office's Mar 3rd 2026, 22:00 by BeauHD darwinmac writes: While many users choose Microsoft Office over LibreOffice because of its support for the proprietary formats (.docx, .xlsx, and .pptx), others prefer Office for its "better" ribbon interface. These users often criticize LibreOffice for having a "clunky" UI instead of the "standard" ribbon interface you would find in Word, Excel, and other Office apps. Now, Neowin reports that LibreOffice is fighting back, arguing that its UI is actually superior because it is customizable, with several modes such as the classic toolbar interface, an Office-inspired ribbon layout, a sidebar-focused design, and more. Furthermore, it argues that there is no evidence that the ribbon offers "superior usability" over other interface modes. LibreOffice says in a blog post: Incidentally, the characterization of ribbon-style interfaces as "modern" or "standard," used by several users, is not based on any objective usability parameter or design principle, but is the result of Microsoft's dominance in the market and the huge investments made when the ribbon was introduced in Office 2007 as a new paradigm for productivity software. The idea that "modern" equals "similar to a ribbon" is a normalization effect: the Microsoft interface has become a benchmark because of its ubiquity, not because of its proven advantages in terms of usability. Added to this is the fact that many users evaluate office software through the lens of familiarity with Microsoft Office and consider deviation from it as a problem rather than a design choice. Before this, LibreOffice had also criticized its competitor OnlyOffice, accusing it of being "fake open source" because it believes OnlyOffice is working with Microsoft to lock users into the Office ecosystem by prioritizing the formats mentioned earlier instead of LibreOffice's own OpenDocument Format (ODF). Read more of this story at Slashdot. | | Meta's AI Display Glasses Reportedly Share Intimate Videos With Human Moderators Mar 3rd 2026, 21:00 by BeauHD An anonymous reader quotes a report from Engadget: Users of Meta's AI smart glasses in Europe may be unknowingly sharing intimate video and sensitive financial information with moderators outside of the bloc, according to a report from Sweden's Svenska Dagbladet released last week. Employees in Kenya doing AI "annotation" told the journalists that they've seen people nude, using the toilet and engaging in sexual activity, along with credit card numbers and other sensitive information. With Meta's Ray-Ban Display and other glasses with AI capabilities, users can record what they're looking at or get answers to questions via a Meta AI assistant. If a wearer wants to make use of that AI, though, they must agree to Meta's terms of service that allow any data captured to be reviewed by humans. That's because Meta's large language models (LLMs) often require people to annotate visual data so that the AI can understand it and build its training models. This data can end up in places like Nairobi, Kenya, often moderated by underpaid workers. Such actions are subject to Europe's GDPR rules that require transparency about how personal data is processed, according to a data protection lawyer cited in the report. However, Svenska Dagbladet's reporters said they needed to jump through some hoops to see Meta's privacy policy for its wearable products. That policy states that either humans or automated systems may review sensitive data, and puts the onus on the user to not share sensitive information. Read more of this story at Slashdot. | | OpenAI Amends Pentagon Deal As Sam Altman Admits It Looks 'Sloppy' Mar 3rd 2026, 20:00 by BeauHD OpenAI is amending its Pentagon contract after CEO Sam Altman acknowledged it appeared "opportunistic and sloppy." On Monday night, Altman said the company would explicitly restrict its technology from being used by intelligence agencies and for mass domestic surveillance. The Guardian reports: OpenAI, which has more than 900 million users of ChatGPT, made the deal almost immediately after the Pentagon's existing AI contractor, Anthropic, was dropped. [...] The deal prompted an online backlash against OpenAI, with users of X and Reddit encouraging a "delete ChatGPT" campaign. One post read: "You're now training a war machine. Let's see proof of cancellation." In a message to employees reposted on X, the OpenAI CEO said the original deal announced on Friday had been struck too quickly after Anthropic was dropped. "We shouldn't have rushed to get this out on Friday," Altman wrote. "The issues are super complex, and demand clear communication. We were genuinely trying to de-escalate things and avoid a much worse outcome, but I think it just looked opportunistic and sloppy." Upon announcing the deal, OpenAI had said the contract had "more guardrails than any previous agreement for classified AI deployments, including Anthropic's." [...] However, observers including OpenAI's former head of policy research, Miles Brundage, have queried how OpenAI has managed to secure a deal that assuages ethical concerns Anthropic believed were insurmountable. Posting on X, he wrote: "OpenAI employees' default assumption here should unfortunately be that OpenAI caved + framed it as not caving, and screwed Anthropic while framing it as helping them." Brundage added: "To be clear, OAI is a complex org, and I think many people involved in this worked hard for what they consider a fair outcome. Some others I do not trust at all, particularly as it relates to dealings with government and politics." In his X post, he also wrote that he would "rather go to jail" than follow an unconstitutional order from the government. "We want to work through democratic processes," Brundage wrote. "It should be the government making the key decisions about society. We want to have a voice, and a seat at the table where we can share our expertise, and to fight for principles of liberty." Read more of this story at Slashdot. | | Accenture Acquires Ookla, Downdetector As Part of $1.2 Billion Deal Mar 3rd 2026, 19:00 by BeauHD Accenture is acquiring Downdetector parent company Ookla from Ziff Davis in a $1.2 billion deal to bolster its network analytics and visibility tools for telecoms, hyperscalers, and enterprises. "The deal, which will transfer all of Ziff Davis's Connectivity division to Accenture, includes Ookla's Speedtest, Ekahau, and RootMetrics," notes The Register reports: "Modern networks have evolved from simple infrastructure into business-critical platforms," said Accenture CEO Julie Sweet in a canned statement. "Without the ability to measure performance, organizations cannot optimize experience, revenue, or security." Ookla is meant to let them do just that. Data captured at the network and device layer are used to enhance fraud prevention in banking, smart homes monitoring, and traffic optimization in retail, Accenture said. Ookla's platform, which lets user's test their own connectivity speed, captures more than 1,000 attributes per test, and provides the foundation for those analytics, Accenture said. Read more of this story at Slashdot. | | India's Top Court Angry After Junior Judge Cites Fake AI-Generated Orders Mar 3rd 2026, 18:00 by BeauHD An anonymous reader quotes a report from the BBC: India's Supreme Court has threatened legal consequences after a judge was found to have adjudicated on a property dispute using fake judgements generated by artificial intelligence. The top court, which was responding to an appeal by the defendants, will now examine the ruling given by the lower court in the southern state of Andhra Pradesh. The Supreme Court called the case a matter of "institutional concern" and said fake AI-generated judgements had "a direct bearing on integrity of adjudicatory process." [...] Coming down sternly against the fake judgements, the top court last Friday stayed the lower court's order on the property dispute. It said the use of AI while making judgements was not simply "an error in decision making" but an act of "misconduct." "This case assumes considerable institutional concern, not because of the decision that was taken on the merits of the case, but about the process of adjudication and determination," the top court said. The court said it would examine the case in more detail and issued notices to the country's Attorney and Solicitor General, as well as the Bar Council of India. Read more of this story at Slashdot. | | Apple Launches New M5 Chips, MacBook Pro, and First New Monitors In Years Mar 3rd 2026, 17:00 by BeauHD Today, Apple updated the MacBook Pro and MacBook Air with support for its new M5 chips. It also unveiled a pair of all-new Studio Display XDR monitors. Longtime Slashdot reader jizmonkey shares details about the M5 Pro and M5 Max chips, which look to be fairly major updates from the previous generation: Apple announced its newest CPUs today, which it claims has the fastest single-threaded performance in the world. Both the M5 Pro and M5 Max have eighteen-core designs, versus twelve or fourteen in the M4 Pro and fourteen or sixteen in the M4 Max. However, the number of higher-performing cores has been reduced significantly. In the older M4 designs, the chips had eight, ten, or twelve "performance" cores and four "efficiency" cores. In the M5 design, there are now only six higher-performing cores (now called "super" cores) and twelve lower-performing cores (now called "performance" cores). [Apple positions this "reduction" as a redesigned architecture with new core types.] The maximum amount of RAM remains the same at 128GB for the M5 Max (64GB for the M5 Pro), and GPU performance has increased. [The M5 Pro features up to a 20-core GPU, while the M5 Max scales up to 40 cores, each equipped with a Neural Accelerator. Apple also says the new architecture delivers over 4x peak GPU compute for AI compared to the previous generation, along with up to 35 percent faster performance in ray-traced graphics workloads.] Laptops with the new chips are available to order starting tomorrow and will be delivered starting March 11. As for the new XDR monitors, MacRumors highlights some of the key features in its reporting: Apple today introduced an all-new Studio Display XDR monitor with a 27-inch screen, mini-LED backlighting, 5K resolution, peak brightness of 2,000 nits for HDR content, up to a 120Hz refresh rate, Thunderbolt 5, and more. The new Studio Display XDR replaces Apple's former Pro Display XDR, which has been discontinued. Going forward, there are now two Studio Display models. Both new Studio Display models have the same overall design as the original model. Both models have a 12-megapixel Center Stage camera, but it now supports Desk View on the new models. Both models also feature an upgraded six-speaker system, with Apple advertising "30 percent deeper bass" compared to the previous model. Only the higher-end Studio Display XDR received a 120Hz refresh rate, mini-LED backlighting, increased brightness, and faster 140W pass-through charging. The regular Studio Display still has a 60Hz refresh rate and up to 600 nits of brightness. Both models have 27-inch displays with a 5K resolution. The new Studio Displays can be pre-ordered starting Wednesday, March 4, ahead of a Wednesday, March 11 launch. In the U.S., the regular Studio Display continues to start at $1,599, while the Studio Display XDR starts at $3,299. Read more of this story at Slashdot. | |
Comments
Post a Comment