An anonymous reader shared this report from CNN: Particles from Earth's atmosphere have been carried into space by solar wind and have been landing on the moon for billions of years, mixing into the lunar soil, according to a new study [published in the journal Nature Communications Earth & Environment last month]. The research sheds new light on a puzzle that has endured for over half a century since the Apollo missions brought back lunar samples with traces of substances such as water, carbon dioxide, helium and nitrogen embedded in the regolith — the moon's dusty surface layer. Early studies theorized that the sun was the source of some of these substances. But in 2005 researchers at the University of Tokyo suggested that they could have also originated from the atmosphere of a young Earth before it developed a magnetic field about 3.7 billion years ago. The authors suspected that the magnetic field, once in place, would have stopped the stream by trapping the particles and making it difficult or impossible for them to escape into space. Now, the new research upends that assumption by suggesting that Earth's magnetic field might have helped, rather than blocked, the transfer of atmospheric particles to the moon — which continues to this day. "This means that the Earth has been supplying volatile gases like oxygen and nitrogen to the lunar soil over all this time," said Eric Blackman, coauthor of the new study and a professor in the department of physics and astronomy at the University of Rochester in New York. Earth's magnetic field "somewhat inflates the atmosphere of Earth" when it's hit by solar winds, according to study coauthor Eric Blackman, a physics/astronomy professor at New York's University of Rochester. He told CNN the moon passes through this region for a few days each month, with particles landing on the lunar surface and embedding in the soil (because the moon lacks an atmosphere that would block them). This also means the moon's soil could actually contain a chemical record of Earth's ancient atmosphere, according to the study — "spanning billions of years..."

Read more of this story at Slashdot.

Slashdot reader BrianFagioli writes: Acer has filed three separate patent infringement lawsuits against AT&T, Verizon, and T-Mobile, taking the unusual step of hauling the nation's largest wireless carriers into federal court. The suits, filed in the Eastern District of Texas, claim the companies are using Acer-developed cellular networking technology without paying for the privilege. Acer says it tried to negotiate licenses for years but reached a dead end, arguing it was left with no option except litigation. The case centers on six U.S. patents Acer asserts are core to modern wireless networks, rather than anything tied to PCs or laptops. The company describes itself as reluctant to pursue courtroom battles, but it has been quietly building a large global patent portfolio after pouring hundreds of millions of dollars into R&D. Acer also notes that some of its patents count as standard-essential, hinting the carriers may be required to license them. All three companies are expected to push back, and the dispute could become another long-running telecom patent saga. Consumers will not notice any immediate changes, but if Acer wins or settles, it may find a new revenue stream far beyond its traditional hardware business. Further coverage from Hot Hardware

Read more of this story at Slashdot.

Long-time Slashdot reader schwit1 shared this report from Futurism: China has unveiled an extremely powerful "hypergravity machine" that can generate forces almost two thousand times stronger than Earth's regular gravity. The futuristic-looking machine, called CHIEF1900, was constructed at China's Centrifugal Hypergravity and Interdisciplinary Experiment Facility (CHIEF) at Zheijang University in Eastern China, and allows researchers to study how extreme forces affect various materials, plants, cells, or other structures, as the South China Morning Post reports... [Once up and running, it will allow researchers to recreate "catastrophic events such as dam failures and earthquakes inside a laboratory, according to the university."] For instance, it can analyze the structural stability of an almost 1,000-feet-tall dam by spinning a ten-foot model at 100 Gs, meaning 100 times the Earth's regular gravity. It could also be used to study the resonance frequencies of high-speed rail tracks, or how pollutants seep into soil over thousands of years. The machine officially dethroned its predecessor, CHIEF1300, which became the world's most powerful centrifuge a mere four months ago... It can generate 1,900 g-tonnes of force, or 1,900 times the Earth's gravity. To put that into perspective, a washing machine only reaches about two g-tonnes.

Read more of this story at Slashdot.

AMD researchers argue that, while algorithms like the Ozaki scheme merit investigation, they're still not ready for prime time.

Double precision floating point computation (aka FP64) is what keeps modern aircraft in the sky, rockets going up, vaccines effective, and, yes, nuclear weapons operational. But rather than building dedicated chips that process this essential data type in hardware, Nvidia is leaning on emulation to increase performance for HPC and scientific computing applications, an area where AMD has had the lead in recent generations.…

European satellite operator Eutelsat "plans to launch 440 Airbus-built LEO satellites in the coming years to replenish and expand its constellation," Reuters reported Friday. And last week America's Federal Communications Commission approved SpaceX's request to deploy another 7,500 Starlink satellites, while Starlink "projects it will eventually have a constellation of 34,000 satellites," writes Fast Company, and Amazon's Project Leo "plans to launch more than 3,200 satellites." Meanwhile "Beijing and some Chinese companies are planning two separate mega-constellations, Guowang and G60 Starlink, totaling nearly 26,000 satellites," and this week the Chinese government "applied for launch permits for 200,000 satellites." But a small Texas-based company called AST SpaceMobile "believes it can provide better service with fewer than 100 gigantic satellites in space." AST SpaceMobile has developed a direct-to-cell technology that utilizes large satellites called BlueBirds. These machines use thousands of antennas to deliver broadband coverage directly to standard mobile phones, says the company's president, Scott Wisniewski. "This approach is remarkably efficient: We can achieve global coverage with approximately 90 satellites, not thousands or even tens of thousands required by other systems," Wisniewski writes in an email... The key is its satellites' size and sophistication. AST's first generation of commercial satellite, the BlueBird 1-5, unfolds into a massive 693-square-foot array in space. Today, the company has five operational BlueBird 1-5 satellites in orbit, but its ambitions are much bigger. On December 24, 2025, AST launched the first of its next-generation satellites from India — called Block 2 — and this one broke records. The BlueBird 6 has a surface of almost 2,400 square feet, making it the largest single satellite in low Earth orbit. The company plans to launch up to 60 more by the end of 2026. "This large surface area is essential for gathering faint signals from standard, unmodified mobile phones on the ground," Wisniewski explains. It is essentially a single, extremely powerful and sensitive cell tower in the sky, capable of serving a huge geographical area... To be clear, AST SpaceMobile's approach is not without its own controversies. The sheer size of the company's satellites makes them incredibly bright in the night sky, a significant source of frustration for ground-based astronomers. McDowell confirms that when it launched in 2022, AST's prototype satellite, BlueWalker 3, became "one of the top 10 brightest objects in the night sky for a while." "It's a serious issue, and we are working directly with the astronomy community to mitigate our impact," Wisniewski says. The company is exploring solutions like anti-reflective coatings and operational adjustments to minimize the time its satellites are at maximum brightness... AST SpaceMobile has already proven its technology works, the article points out, with six working satellites now transmitting at typical 5G speeds directly to regular phones.

Read more of this story at Slashdot.

'OpenSlopware' briefly flowers, fades, falls – but fortunately was forked, fast

The splendidly-named "OpenSlopware" was, for a short time, a list of open source projects using LLM bots. Due to harassment, it's gone, but forks of it live on.…

En réponse à BabaArouj.

Ben, vous êtes un rigolo, des jeunes sont vieux dans leurs pratiques . J’ ai 70 balais et je suis passé à ubuntu seul avec quelques m… Mais là c’est bon.
Iml faut oser!!!

This week Google "unveiled a set of tools for retailers that helps them roll out AI agents," reports the Wall Street Journal, The new retail AI agents, which help shoppers find their desired items, provide customer support and let people order food at restaurants, are part of what Alphabet-owned Google calls Gemini Enterprise for Customer Experience. Major retailers, including home improvement giant Lowe's, the grocer Kroger and pizza chain Papa Johns say they are already using Google's tools to help prepare for the incoming wave of AI-assisted shopping and ordering... Kicking off the race among tech giants to get ahead of this shift, OpenAI released its Instant Checkout feature last fall, which lets users buy stuff directly through its chatbot ChatGPT. In January, Microsoft announced a similar checkout feature for its Copilot chatbot. Soon after OpenAI's release last year, Walmart said it would partner with OpenAI to let shoppers buy its products within ChatGPT. But that's just the beginning, reports the New York Times, with hundreds of start-ups also vying for the attention of retailers: There are A.I. start-ups that offer in-store cameras that can detect a customer's age or gender, robots that manage shelves on their own and headsets that give store workers access to product information in real time... The scramble to exploit artificial intelligence is happening across the retail spectrum, from the highest echelons of luxury goods to the most pragmatic of convenience stores. 7-Eleven said it was using conversational A.I. to hire staff at its convenience stores through an agent named Rita (Recruiting Individuals Through Automation). Executives said that they no longer had to worry about whether applicants would show up to interviews and that the system had reduced hiring time, which had taken two weeks, to less than three days. The article notes that at the National Retail Federation conference, other companies showing their AI advancements included Applebee's, IHOP, the Vitamin Shoppe, Urban Outfitters, Rag & Bone, Kendra Scott, Michael Kors and Philip Morris.

Read more of this story at Slashdot.

=[ "More than half of all cryptocurrencies ever launched are now defunct," reports CoinDesk, citing a new analysis by cryptocurrency data aggregator CoinGecko. And most of those failures occurred in 2025: The study looked at token listings on GeckoTerminal between mid-2021 and the end of 2025. Of the nearly 20.2 million tokens that entered the market during that period, 53.2% are no longer actively traded. A staggering 11.6 million of those failures happened in 2025 alone — accounting for 86.3% of all token deaths over the past five years. One key driver behind the surge in dead tokens was the rise of low-effort memecoins and experimental projects launched via crypto launchpads like pump.fun, CoinGecko analyst Shaun Paul Lee said. These platforms lowered the barrier to entry for token creation, leading to a wave of speculative assets with little or no development backing. Many of these tokens never made it past a handful of trades before disappearing.

Read more of this story at Slashdot.

At the AI safety site Foom, science journalist Mordechai Rorvig explores a paper presented at November's Empirical Methods in Natural Language Processing conference: [R]esearchers at the Swiss Federal Institute of Technology (EPFL), the Massachusetts Institute of Technology (MIT), and Georgia Tech revisited earlier findings that showed that language models, the engines of commercial AI chatbots, show strong signal correlations with the human language network, the region of the brain responsible for processing language... The results lend clarity to the surprising picture that has been emerging from the last decade of neuroscience research: That AI programs can show strong resemblances to large-scale brain regions — performing similar functions, and doing so using highly similar signal patterns. Such resemblances have been exploited by neuroscientists to make much better models of cortical regions. Perhaps more importantly, the links between AI and cortex provide an interpretation of commercial AI technology as being profoundly brain-like, validating both its capabilities as well as the risks it might pose for society as the first synthetic braintech. "It is something we, as a community, need to think about a lot more," said Badr AlKhamissi, doctoral student in computer science at EPFL and first author of the preprint, in an interview with Foom. "These models are getting better and better every day. And their similarity to the brain [or brain regions] is also getting better — probably. We're not 100% sure about it...." There are many known limitations with seeing AI programs as models of brain regions, even those that have high signal correlations. For example, such models lack any direct implementations of biochemical signalling, which is known to be important for the functioning of nervous systems. However, if such comparisons are valid, then they would suggest, somewhat dramatically, that we are increasingly surrounded by a synthetic braintech. A technology not just as capable as the human brain, in some ways, but actually made up of similar components. Thanks to Slashdot reader Gazelle Bay for sharing the article.

Read more of this story at Slashdot.

As 2026 begins, MIT Technology Review publishes "educated guesses" on emerging technologies that will define the future, advances "we think will drive progress or incite the most change — for better or worse — in the years ahead." This year's list includes next-gen nuclear, gene-editing drugs (as well as the "resurrection" of ancient genes from extinct creatures), and three AI-related developments: AI companions, AI coding tools, and "mechanistic interpretability" for revealing LLM decision-making. But also on the list is sodium-ion batteries, "a cheaper, safer alternative to lithium." Backed by major players and public investment, they're poised to power grids and affordable EVs worldwide. [Chinese battery giant CATL claims to have already started manufacturing sodium-ion batteries at scale, and BYD also plans a massive production facility for sodium-ion batteries.] The most significant impact of sodium-Âion technology may be not on our roads but on our power grids. Storing clean energy generated by solar and wind has long been a challenge. Sodium-ion batteries, with their low cost, enhanced thermal stability, and long cycle life, are an attractive alternative. Peak Energy, a startup in the US, is already deploying grid-scale sodium-ion energy storage. Sodium-ion cells' energy density is still lower than that of high-end lithium-ion ones, but it continues to improve each year — and it's already sufficient for small passenger cars and logistics vehicles. And another "breakthrough technology" on their list is commercial space stations: Vast Space from California, plans to launch its Haven-1 space station in May 2026 on a SpaceX Falcon 9 rocket. If all goes to plan, it will initially support crews of four people staying aboard the bus-size habitat for 10 days. Paying customers will be able to experience life in microgravity and conduct research such as growing plants and testing drugs. On its heels will be Axiom Space's outpost, the Axiom Station, consisting of five modules (or rooms). It's designed to look like a boutique hotel and is expected to launch in 2028. Voyager Space aims to launch its version, called Starlab, the same year, and Blue Origin's Orbital Reef space station plans to follow in 2030. Thanks to long-time Slashdot reader sandbagger for sharing the article.

Read more of this story at Slashdot.

In December 2024 the Google Threat Intelligence Group published research on the code of the commercial spyware "Predator". But there's now been new research by Jamf (the company behind a mobile device management solution) showing Predator is more dangerous and sophisticated than we realized, according to SecurityWeek. Long-time Slashdot reader wiredmikey writes: The new research reveals an error taxonomy that reports exactly why deployments fail, turning black boxes into diagnostic events for threat actors. Almost exclusively marketed to and used by national governments and intelligence agencies, the spyware also detects cybersecurity tools, suppresses forensics evidence, and has built-in geographic restrictions.

Read more of this story at Slashdot.

Ars Technica reports: Security firm Mandiant [part of Google Cloud] has released a database that allows any administrative password protected by Microsoft's NTLM.v1 hash algorithm to be hacked in an attempt to nudge users who continue using the deprecated function despite known weaknesses.... a precomputed table of hash values linked to their corresponding plaintext. These generic tables, which work against multiple hashing schemes, allow hackers to take over accounts by quickly mapping a stolen hash to its password counterpart... Mandiant said it had released an NTLMv1 rainbow table that will allow defenders and researchers (and, of course, malicious hackers, too) to recover passwords in under 12 hours using consumer hardware costing less than $600 USD. The table is hosted in Google Cloud. The database works against Net-NTLMv1 passwords, which are used in network authentication for accessing resources such as SMB network sharing. Despite its long- and well-known susceptibility to easy cracking, NTLMv1 remains in use in some of the world's more sensitive networks. One reason for the lack of action is that utilities and organizations in industries, including health care and industrial control, often rely on legacy apps that are incompatible with more recently released hashing algorithms. Another reason is that organizations relying on mission-critical systems can't afford the downtime required to migrate. Of course, inertia and penny-pinching are also causes. "By releasing these tables, Mandiant aims to lower the barrier for security professionals to demonstrate the insecurity of Net-NTLMv1," Mandiant said. "While tools to exploit this protocol have existed for years, they often required uploading sensitive data to third-party services or expensive hardware to brute-force keys." "Organizations that rely on Windows networking aren't the only laggards," the article points out. "Microsoft only announced plans to deprecate NTLMv1 last August." Thanks to Slashdot reader joshuark for sharing the news.

Read more of this story at Slashdot.

Friday a federal judge "cleared U.S. power company Dominion Energy to resume work on its Virginia offshore wind project." But a U.S. federal judge also ruled Thursday that another major offshore wind farm is allowed to resume construction, reports the Hill. "The project, which would supply power to New York, was one of five that were halted by the Trump administration in December...." In fact, there were three different court rulings this week each allowing construction to continue on a U.S. wind project: Judge Carl Nichols, a Trump appointee, granted a preliminary injunction allowing Empire Wind to keep building... Another, Revolution Wind, was also allowed to move forward in court this week... The project would provide enough power for up to 500,000 homes, according to its website. The court's decision allows construction to resume while the underlying case against the Trump order plays out. Meanwhile, power company Orsted "is also suing over the pause of its Sunrise Wind project for New York," reports the Associated Press, "with a hearing still to be set." The fifth paused project is Vineyard Wind, under construction in Massachusetts. Vineyard Wind LLC, a joint venture between Avangrid and Copenhagen Infrastructure Partners, joined the rest of the developers in challenging the administration on Thursday. CNN points out that the Vineyard Wind project "has been allowed to send power to the grid even amid Trump's suspension, a spokesperson for regional grid operator ISO-New England told CNN in an email." Residential customers in the mid-Atlantic region, including Virginia, desperately need more energy to service the skyrocketing demand from data centers â" and many are seeing spiking energy bills while they wait for new power to be brought online. CNN notes that president Trump said last week "My goal is to not let any windmill be built; they're losers." The Associated Press adds that "In contrast to the halted action in the US, the global offshore wind market is growing, with China leading the world in new installations. Nearly all of the new electricity added to the grid in 2024 was renewable. The British government said on Wednesday it had secured a record 8.4 gigawatts of offshore wind in Europe's largest offshore wind auction, enough clean electricity to power more than 12m homes."

Read more of this story at Slashdot.

A new article from Bloomberg says dozens of America's colleges "succumbed to a fundamental problem killing colleges across the US: not enough students. The schools will award their final degrees this spring, stranding students not yet ready to graduate and forcing faculty and staff to hunt for new jobs." The country's tumbling birth rate is pushing schools toward a "demographic cliff," where a steadily dropping population of people in their late teens and early 20s will leave desks and classrooms empty. Many smaller, lesser-known schools like Cazenovia have already hit the precipice. They're firing professors, paring back liberal arts courses in favor of STEM — or closing altogether. Others will likely reach the cliff in the next few years... [T]the US birth rate ticked upward slightly before the 2008 financial crisis, and that brief demographic boost has kept enrollment at larger schools afloat. But the nationwide pool of college-aged Americans is expected to shrink after 2025. Schools face the risk that each incoming class could be smaller than the last. The financial pressure will be relentless... Since 2020, more than 40 schools have announced plans to close, displacing students and faculty and leaving host towns without a key economic engine... Close to 400 schools could vanish in the coming decade, according to Huron Consulting Group. The projected closures and mergers will impact around 600,000 students and redistribute about $18 billion in endowment funds, Huron estimates... Pennsylvania State University, citing falling enrollment at many of its regional branches, plans to shutter seven of its 20 branch campuses after the spring 2027 semester... [C]ampuses in far-flung places, without brand recognition, are falling out of favor with students already questioning the value of a college degree. For example, while Penn State's flagship University Park campus saw enrollment grow 5% from 2014 to 2024, 12 other Penn State campuses recorded a 35% drop, according to a report tasked with determining whether closures were necessary. The article notes that "Less than half of students whose schools shut down before they graduate re-enroll in another college or university, according to a 2022 study." But even at colleges that remain, "The shrinking supply of students has already sparked a frenzied competition for high school seniors..." Some public institutions are letting seniors bypass traditional requirements like essays and letters of recommendation to gain entry automatically... Direct-admission programs, which allow students to skip traditional applications, are one potential response. Some 15 states have them, according to Taylor Odle, assistant professor of educational policy studies at the University of Wisconsin-Madison. He found in a 2022 paper that direct admissions increased first-year undergrad enrollment by 4% to 8%... And they don't require nearly as many paid staff to run, since there are no essays or letters of recommendation to read.

Read more of this story at Slashdot.

"A mega rocket set to take astronauts around the Moon for the first time in decades is being taken to its launch pad," the BBC reported this morning. NASA is livestreaming their move of the 11-million-pound "stack" — which includes the Artemis II Space Launch System (SLS) rocket and the Orion spacecraft secured to it, all standing on its Mobile Launch Platform. Travelling at less than 1 mile per hour, the move is expected to take 12 hours. The mission — which could blast off as soon as 6 February — is expected to take 10 days. It is part of a wider plan aimed at returning astronauts to the lunar surface. As well as the rocket being ready, the Moon has to be in the right place too, so successive launch windows are selected accordingly. In practice, this means one week at the beginning of each month during which the rocket is pointed in the right direction followed by three weeks where there are no launch opportunities. The potential launch dates are: — 6, 7, 8, 10 and 11 February — 6, 7, 8, 9 and 11 March — 1, 3, 4, 5 and 6 April "The crew of four will travel beyond the far side of the moon, which could set a new record for the farthest distance humans have ever traveled from Earth, currently held by Apollo 13," reports CNN: But why won't Artemis II land on the lunar surface? "The short answer is because it doesn't have the capability. This is not a lunar lander," said Patty Casas Horn, deputy lead for Mission Analysis and Integrated Assessments at NASA. "Throughout the history of NASA, everything that we do is a bit risky, and so we want to make sure that that risk makes sense, and only accept the risk that we have to accept, within reason. So we build out a capability, then we test it out, then we build out a capability, then we test it out. And we will get to landing on the moon, but Artemis II is really about the crew..." The upcoming flight is the first time that people will be on board the Artemis spacecraft: The Orion capsule will carry the astronauts around the moon, and the SLS rocket will launch Orion into Earth orbit before the crew continues deeper into space... The mission will begin with two revolutions around Earth, before starting the translunar injection — the maneuver that will take the spacecraft out of Earth orbit and on toward the moon — about 26 hours into the flight, Horn said. "That's when we set up for the big burn — it's about six minutes in duration. And once we do this, you're on your way back to Earth. There's nothing else that you need to do. You're going to go by the moon, and the moon's gravity is going to pull you around and swing you back towards the Earth...." Avoiding entering lunar orbit keeps the mission profile simpler, allowing the crew to focus on other tasks as there is no need to pilot the spacecraft in any way. "The Artemis program's first planned lunar lander is called the Starship HLS, or Human Landing System, and is currently under development by SpaceX..."

Read more of this story at Slashdot.

A couple months ago, YouTuber Benn Jordan "found vulnerabilities in some of Flock's license plate reader cameras," reports 404 Media's Jason Koebler. "He reached out to me to tell me he had learned that some of Flock's Condor cameras were left live-streaming to the open internet." This led to a remarkable article where Koebler confirmed the breach by visiting a Flock surveillance camera mounted on a California traffic signal. ("On my phone, I am watching myself in real time as the camera records and livestreams me — without any password or login — to the open internet... Hundreds of miles away, my colleagues are remotely watching me too through the exposed feed.") Flock left livestreams and administrator control panels for at least 60 of its AI-enabled Condor cameras around the country exposed to the open internet, where anyone could watch them, download 30 days worth of video archive, and change settings, see log files, and run diagnostics. Unlike many of Flock's cameras, which are designed to capture license plates as people drive by, Flock's Condor cameras are pan-tilt-zoom (PTZ) cameras designed to record and track people, not vehicles. Condor cameras can be set to automatically zoom in on people's faces... The exposure was initially discovered by YouTuber and technologist Benn Jordan and was shared with security researcher Jon "GainSec" Gaines, who recently found numerous vulnerabilities in several other models of Flock's automated license plate reader (ALPR) cameras. Jordan appeared this week as a guest on Koebler's own YouTube channel, while Jordan released a video of his own about the experience. titled "We Hacked Flock Safety Cameras in under 30 Seconds." (Thanks to Slashdot reader beadon for sharing the link.) But together Jordan and 404 Media also created another video three weeks ago titled "The Flock Camera Leak is Like Netflix for Stalkers" which includes footage he says was "completely accessible at the time Flock Safety was telling cities that the devices are secure after they're deployed." The video decries cities "too lazy to conduct their own security audit or research the efficacy versus risk," but also calls weak security "an industry-wide problem." Jordan explains in the video how he "very easily found the administration interfaces for dozens of Flock safety cameras..." — but also what happened next: None of the data or video footage was encrypted. There was no username or password required. These were all completely public-facing, for the world to see.... Making any modification to the cameras is illegal, so I didn't do this. But I had the ability to delete any of the video footage or evidence by simply pressing a button. I could see the paths where all of the evidence files were located on the file system... During and after the process of conducting that research and making that video, I was visited by the police and had what I believed to be private investigators outside my home photographing me and my property and bothering my neighbors. John Gaines or GainSec, the brains behind most of this research, lost employment within 48 hours of the video being released. And the sad reality is that I don't view these things as consequences or punishment for researching security vulnerabilities. I view these as consequences and punishment for doing it ethically and transparently. I've been contacted by people on or communicating with civic councils who found my videos concerning, and they shared Flock Safety's response with me. The company claimed that the devices in my video did not reflect the security standards of the ones being publicly deployed. The CEO even posted on LinkedIn and boasted about Flock Safety's security policies. So, I formally and publicly offered to personally fund security research into Flock Safety's deployed ecosystem. But the law prevents me from touching their live devices. So, all I needed was their permission so I wouldn't get arrested. And I was even willing to let them supervise this research. I got no response. So instead, he read Flock's official response to a security/surveillance industry research group — while standing in front of one of their security cameras, streaming his reading to the public internet. "Might as well. It's my tax dollars that paid for it." " 'Flock is committed to continuously improving security...'"

Read more of this story at Slashdot.

Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta. In addition, the group's alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (Нефедов Олег Евгеньевич), has been added to the European Union's Most Wanted and INTERPOL's Red Notice lists, authorities

T2 SDE "is not just a regular Linux distribution," explains its repository on GitHub. "It is a flexible Open Source System Development Environment or Distribution Build Kit. Others might even name it Meta Distribution. T2 allows the creation of custom distributions with state of the art technology, up-to-date packages and integrated support for cross compilation." And now after "a decade of deep focus on embedded and server systems," T2 SDE Linux "is back to the Desktop," according to its web site, calling the new "T2 Desktop" flavour "ready for everyday home and office use!" Built on the latest KDE Plasma, systemd, and Wayland, the new T2 Desktop flavour delivers a modern, clean, and performant experience while retaining the project's trademark portability and reproducible cross-compilation across architectures. T2 Desktop targets x86_64, arm64, and riscv64, delivering "a fully polished, streamlined out-of-the-box experience," according to project lead René Rebe (also long-time Slashdot reader ReneR): I>[T2 Desktop] delivered a full KDE Plasma desktop on RISC-V, reproducibly cross-compiled from source using T2 SDE Linux. The desktop spans more than 600 packages — from toolchain to Qt and KDE and targets a next-generation RVA23 RISC-V flagship desktop, including full multimedia support and AMD RDNA GPU acceleration under Wayland. As a parallel milestone, the same fully reproducible desktop stack is now also landing on Qualcomm X1 ARM64 platforms, highlighting T2 SDE's architecture-independent approach and positioning both RISC-V and ARM64 as serious, first-class Linux desktop contenders.

Read more of this story at Slashdot.

An anonymous reader shared this report from the Washington Post: The U.S. Department of Transportation brought an automated bus to D.C. this week to showcase its work on self-driving vehicles, taking officials from around the country on a ride between agency headquarters at Navy Yard and Union Station. One of those trips was interrupted Sunday when the bus got rear-ended. The bus, produced by the company Beep, was following its fixed route when it was struck by a Tesla with Maryland plates whose driver was trying to change lanes, officials said. The bus had a human driver behind the wheel for backup as required by the city. The Tesla driver stayed on the scene on H Street for about 10 minutes. No police were called. "The service was temporarily paused after another vehicle made an illegal lane change and contacted the rear of the autonomous bus, which resulted in minor cosmetic damage to both vehicles," a spokesman for Beep said in a statement. "The autonomous bus operated appropriately in the moment and, after review, it was determined the autonomous bus was safe to resume service." Beep is working with the [U.S.] Transportation Department and Carnegie Mellon University on a pilot program of automated public buses. The vehicle was brought to D.C. for an annual conference that brings together transportation researchers and policymakers...

Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: Nearly five million social media accounts belonging to Australian teenagers have been deactivated or removed, a month after a landmark law barring those younger than 16 from using the services took effect, the government said on Thursday. The announcement was the first reported metric reflecting the rollout of the law, which is being closely watched by several other countries weighing whether the regulation can be a blueprint for protecting children from the harms of social media, or a cautionary tale highlighting the challenges of such attempts. The law required 10 social media platforms, including Instagram, Facebook, Snapchat and Reddit, to prevent users under 16 from accessing their services. Under the law, which came into force in December, failure by the companies to take "reasonable steps" to remove underage users could lead to fines of up to 49.5 million Australian dollars, about $33 million. [...] The number of removed accounts offered only a limited picture of the ban's impact. Many teenagers have said in the weeks since the law took effect that they were able to get around the ban by lying about their age, or that they could easily bypass verification systems. The regulator tasked with enforcing and tracking the law, the eSafety Commissioner, did not release a detailed breakdown beyond announcing that the companies had "removed access" to about 4.7 million accounts belonging to children under 16. Meta, the parent company of Instagram and Facebook, said this week that it had removed almost 550,000 accounts of users younger than 16 before the ban came into effect. "Change doesn't happen overnight," said Prime Minister Anthony Albanese. "But these early signs show it's important we've acted to make this change."

Read more of this story at Slashdot.

Sloppy implementation of Google spec leaves 'hundreds of millions' of devices vulnerable

Hundreds of millions of wireless earbuds, headphones, and speakers are vulnerable to silent hijacking due to a flaw in Google's Fast Pair system that allows attackers to seize control without the owner ever touching the pairing button.…

Nicholas Moore pleaded guilty to repeatedly hacking the U.S. Supreme Court’s filing system and illegally accessing computer systems belonging to AmeriCorps and the Department of Veterans Affairs.

The post Tennessee Man Pleads Guilty to Repeatedly Hacking Supreme Court’s Filing System appeared first on SecurityWeek.

The U.S. Supreme Court will hear Monsanto's argument that federal pesticide law should shield it and parent company Bayer from tens of thousands of state lawsuits over Roundup since the Environmental Protection Agency has not required a cancer warning label. The case could determine whether federal rules preempt state failure-to-warn claims without deciding whether glyphosate causes cancer. The Los Angeles Times reports: Some studies have found it is a likely carcinogen, and others concluded it does not pose a true cancer risk for humans. However, the court may free Monsanto and Bayer, its parent company, from legal claims from more than 100,000 plaintiffs who sued over their cancer diagnosis. The legal dispute involves whether the federal regulatory laws shield the company from being sued under state law for failing to warn consumers. [...] "EPA has repeatedly determined that glyphosate, the world's most widely used herbicide, does not cause cancer. EPA has consistently reached that conclusion after studying the extensive body of science on glyphosate for over five decades," the company told the court in its appeal. They said the EPA not only refused to add a cancer warning label to products with Roundup, but said it would be "misbranded" with such a warning. Nonetheless, the "premise of this lawsuit, and the thousands like it, is that Missouri law requires Monsanto to include the precise warning that EPA rejects," they said. On Friday, the court said in a brief order that it would decide "whether the Federal Insecticide, Fungicide, and Rodenticide Act preempts a label-based failure-to-warn claim where EPA has not required the warning." The court is likely to hear arguments in the case of Monsanto vs. Durnell in April and issue a ruling by late June.

Read more of this story at Slashdot.

Rinse of the machines: A cautionary tale about relying on robots

Bork!Bork!Bork!  UK water company Severn Trent learned an unfortunate lesson about text-to-speech systems when a robocall to customers went hilariously wrong.…

OpenAI on Friday said it would start showing ads in ChatGPT to logged-in adult U.S. users in both the free and ChatGPT Go tiers in the coming weeks, as the artificial intelligence (AI) company expanded access to its low-cost subscription globally. "You need to know that your data and conversations are protected and never sold to advertisers," OpenAI said. "And we need to keep a high bar and give

A federal judge has temporarily lifted the Trump administration's suspension of the Coastal Virginia Offshore Wind, allowing construction on the largest offshore wind project in the U.S. to resume. CNBC reports: Judge Jamar Walker of the U.S. District Court for the Eastern District of Virginia granted Dominion's request for a preliminary injunction Friday. Dominion called the Trump suspension "arbitrary and illegal" in its lawsuit. "Our team will now focus on safely restarting work to ensure CVOW begins delivery of critical energy in just weeks," a Dominion spokesperson told CNBC in a statement Friday. "While our legal challenge proceeds, we will continue seeking a durable resolution of this matter through cooperation with the federal government," the spokesperson said. Dominion said in December that "stopping CVOW for any length of time will threaten grid reliability for some of the nation's most important war fighting, AI and civilian assets." Coastal Virginia Offshore Wind is a 176-turbine project that would provide enough power for more than 600,000 homes, according to Dominion. It is scheduled to start dispatching power by the end of the first quarter of 2026. In December, the Trump administration paused the leases on all five offshore wind sites currently under construction in the U.S., blaming the decisions on a classified report from the Department of Defense.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Guardian: Even low levels of common agricultural pesticides can stunt the long-term lifespan of fish, according to research led by Jason Rohr, a biologist at the University of Notre Dame in Indiana. Signs of aging accelerated when fish were exposed to the chemicals, according to the study, published in Science, which could have implications for other organisms. [...] The research found that fish from pesticide-affected lakes showed shortened telomeres, the caps at the end of chromosomes that are known as the biological clock for aging. When they shorten, it is a sign of cellular aging and a decline in the body's regenerative capacity. The lake populations consisted of younger fish, indicating that the pesticides contributed to shortened lives. Laboratory experiments confirmed the findings and showed chronic low-dose exposure reduced fish survival and degraded telomeres. These effects were not seen with acute high-dose exposure. Chemical analysis showed chlorpyrifos, which is banned in the UK and the EU but used in the US and China, was the only compound found in the fish tissues that was consistently associated with signs of aging. These included shortened telomeres and lipofuscin deposition -- a buildup of insoluble proteins often described as cellular "junk". The worrying aging effects occurred at concentrations below current US freshwater safety standards, Rohr said, suggesting the effects of chemicals and pesticides could be occurring at low levels over the long term. While short-term exposure to high doses did not appear to cause these aging issues -- though it did cause high toxicity and death in fish -- the researchers concluded that it was long-term exposure to low doses that drove the changes. The scientists added that reduced lifespan was particularly problematic because older fish often contribute disproportionately to reproduction, genetic diversity and population stability.

Read more of this story at Slashdot.

Anna's Archive has been hit with a U.S. federal court default judgment and permanent injunction over its scraping and distribution of OCLC's WorldCat data, which occurred more than two years ago. According to the ruling, the shadow library must delete all copies of its WorldCat data and stop scraping, using, storing, or distributing the data. "It is expected that OCLC will use the injunction to motivate third-party intermediaries to take action against Anna's Archive," reports TorrentFreak. From the report: Yesterday, a federal court in Ohio issued a default judgment and permanent injunction against the site's unidentified operator(s). This order was requested by OCLC, which owns the proprietary WorldCat database that was scraped and published by Anna's Archive more than two years ago. OCLC initially demanded millions of dollars in damages but eventually dropped this request, focusing on taking the site down through an injunction that would also apply to intermediaries. "Anna's Archive's flagrantly illegal actions have damaged and continue to irreparably damage OCLC. As such, issuance of a permanent injunction is necessary to stop any further harm to OCLC," the request read. This pivot makes sense since Anna's Archive did not respond to the lawsuit and would likely ignore all payment demands too. However, with the right type of court order, third-party services such as hosting companies and domain registrars might come along. The permanent injunction, issued by U.S. District Court Judge Michael Watson yesterday, does not mention any third-party services by name. However, it is directed at all parties that are "in active concert and participation with" Anna's Archive. Specifically, the site's operator and these third parties are prohibited from scraping WorldCat data, storing or distributing the data on Anna's Archive websites, and encouraging others to store, use or share this data. Additionally, the site has to delete all WorldCat data, which also includes all torrents. Judge Watson denied the default judgment for 'unjust enrichment' and 'tortious interference.' However, he granted the order based on the 'trespass to chattels' and 'breach of contract' claims. The latter is particularly noteworthy, as the judge ruled that because Anna's Archive is a 'sophisticated party' that scraped the site daily, it had constructive notice of the terms and entered into a 'browsewrap' agreement simply by using the service. While these nuances are important for legal experts, the result for Anna's Archive is that it lost. And while there are no monetary damages, the permanent injunction can certainly have an impact. Further reading: Spotify Says 'Anti-Copyright Extremists' Scraped Its Library

Read more of this story at Slashdot.

A recent Microsoft Patch Tuesday update has introduced a bug in Windows 11 23H2 that causes some PCs to refuse to shut down or hibernate, "no matter how many times you try," reports The Register. From the report: In a notice on its Windows release health dashboard, Microsoft confirmed that some PCs running Windows 11 23H2 might fail to power down properly after installing the latest security updates. Instead of slipping into shutdown or hibernation, affected machines stay stubbornly awake, draining batteries and ignoring shutdown like they have a mind of their own and don't want to experience temporary non-existence. The bug appears to be tied to Secure Launch, a security feature that uses virtualization-based protections to ensure only trusted components load during boot. On systems with Secure Launch enabled, attempts to shut down, restart, or hibernate after applying the January patches may fail to complete. From the user's perspective, everything looks normal -- until the PC keeps running anyway, refusing to be denied life. Microsoft says that entering the command "shutdown /s /t 0" at the command prompt will, in fact, force your PC to turn off, whether it wants to or not. "Until this issue is resolved, please ensure you save all your work, and shut down when you are done working on your device to avoid the device running out of power instead of hibernating," Microsoft said.

Read more of this story at Slashdot.

Gotta pay for those datacenter buildouts somehow

OpenAI's budget ChatGPT Go subscription tier has migrated to the US, soon to be accompanied by advertising. The company's free tier will be similarly afflicted.…

It just needs PJM Interconnection, one of the US's biggest grid operators, to green light the auction

The Trump administration says it wants big tech companies to take more accountability for the power their datacenters consume in an effort to shield voters from higher power bills at home.…

The Trump administration urged the largest electricity grid in the U.S. to make big tech companies pay for new power plants to support the surging electricity demand from AI and data centers. CNBC reports: Electricity prices have exploded in recent years on PJM Interconnection due in part to the data centers that tech companies are building to train and power artificial intelligence. The PJM grid serves more than 65 million people across 13 states and Washington, D.C. Its service area includes northern Virginia, the largest data center market in the world. The Trump administration and several states signed a pact that calls for tech companies to pay for new power plants built in PJM. Leading tech companies have agreed to fund $15 billion of new generation for the grid, according to an administration statement. The Trump administration and the states urged PJM to hold an emergency capacity auction to procure this power, according to the Department of Energy. PJM should also cap the amount that existing power plants can charge in the grid's capacity market to protect ratepayers, according to the administration. "We have to get out from underneath this bureaucratic system that we have in the regional grid operators and we've got to allow markets to work," said Interior Secretary Doug Burgum at the White House. "One of the ways markets can work is to have the hyperscalers actually rapidly building power."

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Last week, Nicholas Moore, 24, a resident of Springfield, Tennessee, pleaded guilty to repeatedly hacking into the U.S. Supreme Court's electronic document filing system. At the time, there were no details about the specifics of the hacking crimes Moore was admitting to. On Friday, a newly filled document -- first spotted by Court Watch's Seamus Hughes -- revealed more details about Moore's hacks. Per the filing, Moore hacked not only into the Supreme Court systems, but also the network of AmeriCorps, a government agency that runs stipend volunteer programs, and the systems of the Department of Veterans Affairs, which provides healthcare and welfare to military veterans. Moore accessed those systems using stolen credentials of users who were authorized to access them. Once he gained access to those victims' accounts, Moore accessed and stole their personal data and posted some online to his Instagram account: @ihackthegovernment. In the case of the Supreme Court victim, identified as GS, Moore posted their name and "current and past electronic filing records." [...] According to the court document, Moore faces a maximum sentence of one year in prison and a maximum fine of $100,000.

Read more of this story at Slashdot.

Does that kind of time saving actually pay for itself?

Researchers at Dakota State University, in partnership with regional insurance carrier Safety Insurance, devised an experimental chatbot called "Axlerod" to assist independent insurance agents. Whether that assistance was substantial is up for some debate.…

Cloudflare has acquired the core team behind the open source JavaScript framework Astro, bringing its creators in-house while pledging to keep Astro fully open source. The New Stack reports: Astro is used by major brands like IKEA, Unilever, Visa and OpenAI to build fast, content-driven websites. Search engines prioritize fast-loading and clean pages, the Cloudflare statement noted. Websites that rely heavily on JavaScript for initial rendering often struggle to deliver the required speed, which hinders search rankings and customer conversions. Pages on Astro serve up only the code needed to display a page in a browser. That's in part because of its Island architecture, which it introduced in 2021. Astro's Islands allow developers to create "islands" of interactive client-side components, while most of the page is generated statically in HTML. Server Islands extend the same architecture to the server. Astro is also UI-agnostic, meaning that while it has its own independent engine, it allows developers to bring in components from React, Svelte, Vue and other frameworks. This makes Astro a preferred choice for building high-performance, content-driven websites optimized for speed, according to Cloudflare. "Over the past few years, we've seen an incredibly diverse range of developers and companies use Astro to build for the web," said Astro's former CTO, Fred Schott, in a post with Cloudflare senior product manager Brendan Irvine-Broque. "At Cloudflare, we use Astro, too -- for our developer docs, website, landing pages and more." They said that the acquisition will allow them to "double down" on making Astro the best framework for content-driven websites.

Read more of this story at Slashdot.

Longtime Slashdot reader hackingbear shares a report from the Washington Times: Breaking with the United States, Canada has agreed to cut its 100% tariff [back to 6.1%] on Chinese electric cars in return for lower tariffs on Canadian farm products, Prime Minister Mark Carney said Friday after meeting Chinese President Xi Jinping in Beijing. He said there would be an initial annual cap of 49,000 vehicles on Chinese EV exports to Canada, growing to about 70,000 over five years. Prior to the 100% tariff, China exported about 41,000 vehicles to Canada in 2023. In exchange, China will reduce its total tariff on canola seeds, a major Canadian export, from 84% to about 15%, he told reporters. Carney said China has become a more predictable partner to deal with than the U.S, the country's neighbor and longtime ally. [hackingbear writes: "After helping the U.S. arrest Huawei CFO Meng Wanzhou, who was later released without admitting guilty by the Biden administration after bickering with China, Canada had followed the U.S. in putting tariffs of 100% on EVs from China and 25% on steel and aluminum under former Prime Minister Justin Trudeau, Carney's predecessor."] China responded by imposing duties of 100% on Canadian canola oil and meal and 25% on pork and seafood. It added a 75.8% tariff on canola seeds last August. Collectively, the import taxes effectively closed the Chinese market to Canadian canola, an industry group has said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: On Thursday, Taiwan Semiconductor Manufacturing Company (TSMC) reported record fourth-quarter earnings and said it expects AI chip demand to continue for years. During an earnings call, CEO C.C. Wei told investors that while he cannot predict the semiconductor industry's long-term trajectory, he remains bullish on AI. "All in all, I believe in my point of view, the AI is real -- not only real, it's starting to grow into our daily life. And we believe that is kind of -- we call it AI megatrend, we certainly would believe that," Wei said during the call. "So another question is 'can the semiconductor industry be good for three, four, five years in a row?' I'll tell you the truth, I don't know. But I look at the AI, it looks like it's going to be like an endless -- I mean, that for many years to come." TSMC posted net income of NT$505.7 billion (about $16 billion) for the quarter, up 35 percent year over year and above analyst expectations. Revenue hit $33.7 billion, a 25.5 percent increase from the same period last year. The company expects nearly 30 percent revenue growth in 2026 and plans to spend between $52 billion and $56 billion on capital expenditures this year, up from $40.9 billion in 2025.

Read more of this story at Slashdot.

CVE-2025-64155, a command injection vulnerability, was disclosed earlier this week and quickly came under attack from a variety of IP addresses.

Chipmaker claims the four-fab site could expand US-based DRAM production by a factor of 12

Micron broke snowy winter ground in New York on Friday to begin building a chip fab that promises to bring up to 50,000 jobs and much-needed computer memory production to US shores, as the AI boom continues to push memory prices up.…

An anonymous reader shares a report: The prospect of Britain realigning its financial rules with the European Union has passed, and the country should avoid linking its regulations to any single jurisdiction, the ambassador for London's financial services sector told Reuters. Nearly a decade after Brexit, newly appointed Lady Mayor of London Susan Langley said that while maintaining dialogue with the EU remained important -- particularly on defence -- Britain should work with all nations that share its values and respect the rule of law. "We've still got huge alignment with Europe, cash flows between us are huge... Would we ever go back in terms of regulation? I think we've moved away from that," she said.

Read more of this story at Slashdot.

A new study from Cornell and University of Toronto researchers has found that polyester microfibers shed from synthetic clothing during laundry can interfere with cherry tomato plant development [non-paywalled source] when these particles accumulate in agricultural soil. Plants grown in contaminated soil were 11% less likely to emerge, grew smaller and took several days longer to flower and ripen. Household laundry is a leading source of this contamination. Treated sewage sludge retains roughly 90% of microfibers from washers, and farmers in some countries apply this material to up to 75% of cropland as fertilizer. Some scientists have questioned the methodology. Willie Peijnenburg, a professor of environmental toxicology at Leiden University, told WaPo the microfiber concentration used was much higher than field observations. His research suggests plants primarily absorb microplastics through airborne particles entering leaf stomata rather than through soil.

Read more of this story at Slashdot.

A researchers' propensity for risky projects is passed down to their doctoral students -- and stays with trainees after they leave the laboratory, according to an analysis of thousands of current and former PhD students and their mentors. From a report: Science involves taking risks, and some of the most impactful discoveries require taking big bets. However, scientists and policymakers have raised concerns that the current academic system's emphasis on short-term outcomes encourages researchers to play it safe. Studies have shown, for example, that risky research is less likely to be funded. Anders Brostrom, an economist studying science policy at the University of Gothenburg in Sweden, and his colleagues decided to examine the role of doctoral education in shaping risk-related behaviour -- an area that Brostrom says has been largely overlooked. "We often focus on thinking about how we can change the funding systems to make it more likely for people to take risks, but that's not the only lever we have," says Chiara Franzoni, an economist at the Polytechnic University of Milan in Italy. This study is "refreshing" because "we've discussed policy interventions a lot, but we haven't discussed training," she adds. [...] The team found that students' risk-taking dispositions matched those of their supervisors. This link was stronger when students and their supervisors communicated frequently, and weaker when students were also mentored by scientists outside their lab.

Read more of this story at Slashdot.

An anonymous reader shares a report: A hit song has been excluded from Sweden's official chart after it emerged the "artist" behind it was an AI creation. I Know, You're Not Mine -- or Jag Vet, Du Ar Inte Min in Swedish -- by a singer called Jacub has been a streaming success in Sweden, topping the Spotify rankings. However, the Swedish music trade body has excluded the song from the official chart after learning it was AI-generated. "Jacub's track has been excluded from Sweden's official chart, Sverigetopplistan, which is compiled by IFPI Sweden. While the song appears on Spotify's own charts, it does not qualify for inclusion on the official chart under the current rules," said an IFPI Sweden spokesperson. Ludvig Werber, IFPI Sweden's chief executive, said: "Our rule is that if it is a song that is mainly AI-generated, it does not have the right to be on the top list."

Read more of this story at Slashdot.

OpenAI said Friday that it will begin testing ads on ChatGPT in the coming weeks, as the $500 billion startup seeks new revenue streams to fund its continued expansion and compete against rivals Google and Anthropic. The company had previously resisted embedding ads into its chatbot, citing concerns that doing so could undermine the trustworthiness and objectivity of responses. The ads will appear at the bottom of ChatGPT answers on the free tier and the $8-per-month ChatGPT Go subscription in the U.S., showing only when relevant to the user's query. Pro, Business, and Enterprise subscriptions will remain ad-free. OpenAI expects to generate "low billions" of dollars from advertising in 2026, FT reported, and more in subsequent years. The revenue is intended to help fund roughly $1.4 trillion in computing commitments over the next decade. The company said it will not show ads to users under 18 or near sensitive topics like health, mental health, or politics.

Read more of this story at Slashdot.

The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 archives. "The actor creates a malformed archive as an anti-analysis technique," Expel security researcher Aaron Walton said in a report shared with The Hacker News. "That is, many unarchiving tools

Other noteworthy stories that might have slipped under the radar: BodySnatcher agentic AI hijacking, Telegram IP exposure, shipping systems hacked by researcher.

The post In Other News: FortiSIEM Flaw Exploited, Sean Plankey Renominated, Russia’s Polish Grid Attack appeared first on SecurityWeek.

Microsoft claims it's a Secure Launch bug

We're not saying Copilot has become sentient and decided it doesn't want to lose consciousness. But if it did, it would create Microsoft's January Patch Tuesday update, which has made it so that some PCs flat-out refuse to shut down or hibernate, no matter how many times you try.…

First sign-in restore aims to cut rebuilds when users skip setup options

Microsoft has quietly tweaked Windows Backup for Organizations to include restore at first sign-in.…

Cybersecurity researchers have discovered five new malicious Google Chrome web browser extensions that masquerade as human resources (HR) and enterprise resource planning (ERP) platforms like Workday, NetSuite, and SuccessFactors to take control of victim accounts. "The extensions work in concert to steal authentication tokens, block incident response capabilities, and enable complete account

Security professionals are moving up the executive ranks as enterprises face rising regulatory and compliance standards.

Newer kernel, newer Cinnamon, new tools, and even new icons

The timing is right if you're looking to try out Mint. New improved "Zena" is here – still based on Ubuntu Noble, but now with Cinnamon 6.6 and improved Wayland support, plus better internationalization, new System Information and System Administration tools, and clearer icons.…

Ransomware kingpin who escaped Armenian custody is believed to be lying low back home

German cops have added Russian national Oleg Evgenievich Nefekov to their list of most-wanted criminals for his services to ransomware.…

The company will use the investment to accelerate the adoption of its solution among financial institutions and digital businesses.

The post Monnai Raises $12 Million for Identity and Risk Data Infrastructure appeared first on SecurityWeek.

The startup is building the necessary infrastructure and tools to help organizations transition to post-quantum computing.

The post Project Eleven Raises $20 Million for Post-Quantum Security appeared first on SecurityWeek.

That went well

Imagine changing your popular brand to capitalize on an emerging tech trend that never emerged. Mark Zuckerberg did just that, and now Meta is backing away from the virtual reality business in which it invested billions.…

Analyst: We'll hit a spot where 'we go from that was a great idea to where's my revenue?'

Software vendors and cloud providers are bearing the burden of the expected trillion-dollar increase in AI spending this year, as investment hits $2.52 trillion, according to Gartner.…

Pacific Northwest National Labs' expert cybersecurity system, ALOHA, can recreate attacks and test them against organizations' infrastructure to bolster defense.

Gold phone more like fool's gold as none show up six months later

Senator Elizabeth Warren is leading calls for the Federal Trade Commission to investigate Trump Mobile for failing to ship gold phones, months after collecting deposits.…

Check Point observes 40K+ attack attempts in 4 hours, with government organizations under fire

A critical HPE OneView flaw is now being exploited at scale, with Check Point tying mass, automated attacks to the RondoDox botnet.…

Hello!

I was going to make an issue on the PeerTube gitHub but I thought I’d ask here first.

It would be extremely useful to be able to control user creation/modification through the peertube-cli. Having looked through PeerTube/apps/peertube-cli/src something like peertube-upload.ts would be ideal.

peertube-user.ts would have the following functionality.

Create User
$ peertube-cli user add -u "username" -p "password/password_hash" --type "User" --video_quota "None" --daily_video_quota "None"

Returns list of users and various attributes
$ peertube-cli user list

Block/Unblock User
$ peertube-cli user block "username"
$ peertube-cli user unblock "username"

First question would be, is this feasable? How difficult would it be? Are there any other admins wanting to do this type of thing? Should I go ahead and post a feature request on gitHub?

I looked into doing a similar thing by editing the database directly but the schema seems far too complicated.

Thanks

1 message - 1 participant(e)

Lire le sujet en entier

The incident impacted the personal information of CIRO member firms and their registered employees.

The post 750,000 Impacted by Data Breach at Canadian Investment Watchdog appeared first on SecurityWeek.

We've known that social engineering would get AI wings. Now, at the beginning of 2026, we are learning just how high those wings can soar.

The post Cyber Insights 2026: Social Engineering appeared first on SecurityWeek.

Agency dodges deep cut and mass mission shutdowns, but ambitious red planet plan gets the boot

US Congress has rejected plans to slash NASA's science budget, restoring most funding with one notable exception: Mars Sample Return remains cancelled.…

Much of the damage done well before first power-on, in bit barns' childhood, says study

Constructing datacenters accounts for 39 percent of their total carbon dioxide emissions, almost as much as operating them, according to an environmental analysis covering the entire lifecycle of a facility.…

Owner reverse-engineered his ride, revealing authentication was never properly individualized

An Estonian e-scooter owner locked out of his own ride after the manufacturer went bust did what any determined engineer might do. He reverse-engineered it, and claims he ended up discovering the master key that unlocks every scooter the company ever sold.…

The critical issue impacts Bluetooth audio accessories with improper Google Fast Pair implementations.

The post WhisperPair Attack Leaves Millions of Audio Accessories Open to Hijacking appeared first on SecurityWeek.

China has more than 5,000 cybersecurity companies and all the top 20 firms are working with the government. 

The post Cybersecurity Firms React to China’s Reported Software Ban appeared first on SecurityWeek.

For trivial projects, it's fine. For serious work, forget about it

Opinion  Vibe coding got a big boost when everyone's favorite open source programmer, Linux's Linus Torvalds, said he'd been using Google's Antigravity LLM on his toy program AudioNoise, which he uses to create "random digital audio effects" using his "random guitar pedal board design."…

Researcher shows how anyone can access Copenhagen experience attendees' names, videos

Exclusive  The Carlsberg exhibition in Copenhagen offers a bunch of fun activities, like blending your own beer, and the Danish brewer lets you relive those memories by making images available to download after the tour is over.…

You lock your doors at night. You avoid sketchy phone calls. You’re careful about what you post on social media. But what about the information about you that’s already out there—without your permission? Your name. Home address. Phone number. Past jobs. Family members. Old usernames. It’s all still online, and it’s a lot easier to find than you think. The hidden safety threat lurking online Most

Security experts have disclosed details of a new campaign that has targeted U.S. government and policy entities using politically themed lures to deliver a backdoor known as LOTUSLITE. The targeted malware campaign leverages decoys related to the recent geopolitical developments between the U.S. and Venezuela to distribute a ZIP archive ("US now deciding what's next for Venezuela.zip")

UAT-9686 exploited the bug to deploy the AquaShell backdoor on Cisco appliances with certain ports open to the internet.

The post Cisco Patches Vulnerability Exploited by Chinese Hackers appeared first on SecurityWeek.

You can't park there, mate

An enterprising engineer has turned an old parking meter into a jukebox using a Pi Zero 2 and some open source code.…

The Trump administration is directing employees at the U.S. Department of Agriculture to investigate foreign scientists who collaborate with the agency on research papers for evidence of “subversive or criminal activity.”

The new directive, part of a broader effort to increase scrutiny of research done with foreign partners, asks workers in the agency’s research arm to use Google to check the backgrounds of all foreign nationals collaborating with its scientists. The names of flagged scientists are being sent to national security experts at the agency, according to records reviewed by ProPublica.

At a meeting last month, USDA supervisors pushed back against the instructions, with one calling it “dystopic” and others expressing shock and confusion, according to an audio recording reviewed by ProPublica.

The USDA frequently collaborates with scientists based at universities in the U.S. and abroad. Some agency workers told ProPublica they were uncomfortable with the new requirement because they felt it could put those scientists in the crosshairs of the administration. Students and postdocs are particularly vulnerable as many are in the U.S. on temporary visas and green cards, the employees said.

Jennifer Jones, director for the Center for Science and Democracy at the Union of Concerned Scientists, called the directive a “throwback to McCarthyism” that could encourage scientists to avoid working with the “best and brightest” researchers from around the world.

“Asking scientists to spy on and report on their fellow co-authors” is a “classic hallmark of authoritarianism,” Jones said. The Union of Concerned Scientists is an organization that advocates for scientific integrity.

Jones, who hadn’t heard of the instructions until contacted by ProPublica, said she had never witnessed policies so extreme during prior administrations or in her former career as an academic scientist.

The new policy applies to pending scientific publications co-authored by employees in the USDA’s Agricultural Research Service, which conducts research on crop yields, invasive species, plant genetics and other agricultural issues.

The USDA instructed employees to stop agency researchers from collaborating on or publishing papers with scientists from “countries of concern,” including China, Cuba, Iran, North Korea, Russia and Venezuela.

But the agency is also vetting scientists from nations not considered “countries of concern” before deciding whether USDA researchers can publish papers with them. Employees are including the names of foreign co-authors from nations such as Canada and Germany on lists shared with the department’s Office of Homeland Security, according to records reviewed by ProPublica. That office leads the USDA’s security initiatives and includes a division that works with federal intelligence agencies. The records don’t say what the office plans to do with the lists of names.

Asked about the changes, the USDA sent a statement noting that in his first term, President Donald Trump signed a memorandum designed to strengthen protections of U.S.-funded research across the federal government against foreign government interference. “USDA under the Biden Administration spent four years failing to implement this directive,” the statement said. The agency said Agriculture Secretary Brooke Rollins last year rolled out “long-needed changes within USDA’s research enterprise, including a prohibition on authoring a publication with a foreign national from a country of concern.”

International research has been essential to the Agricultural Research Service’s work, according to a page of the USDA website last updated in 2024: “From learning how to mitigate diseases before they reach the United States, to testing models and crops in diverse growing conditions, to accessing resources not available in the United States, cooperation with international partners provides solutions to current and future agricultural challenges.”

Still, the U.S. government has long been worried about agricultural researchers acting as spies, sometimes with good reason. In 2016, the Chinese scientist Mo Hailong was sentenced to three years in prison for conspiring to steal patented corn seeds. And in 2022, Xiang Haitao, admitted to stealing a trade secret from Monsanto.

National security questions have also been raised about recent increases in foreign ownership of agricultural land. In 2022, Congress allocated money for a center to educate U.S. researchers about how to safeguard their data in international collaborations.

Since Trump took office last year, foreign researchers have faced increased obstacles. In March, a French researcher traveling to a conference was denied entry to the U.S. after a search of his phone at the airport turned up messages critical of Trump. The National Institutes of Health blocked researchers from China, Russia and other “countries of concern” from accessing various biomedical databases last spring. And in August, the Department of Homeland Security proposed shortening the length of time foreign students could remain in the country.

But the latest USDA instructions represent a significant escalation, casting suspicion on all researchers from outside the U.S. and asking agency staff to vet the foreign nationals they collaborate with. It’s unclear if employees at other federal agencies have been given similar directions.

The new USDA policy was announced internally in November and followed a July memo from Rollins that highlighted the national security risks of working with scientists who are not U.S. citizens.

“Foreign competitors benefit from USDA-funded projects, receiving loans that support overseas businesses, and grants that enable foreign competitors to undermine U.S. economic and strategic interests,” Rollins wrote in the memo. “Preventing this is the responsibility of every USDA employee.” The memo called for the department to “place America First” by taking a number of steps, including scrutinizing and making lists of the agency’s arrangements to work with foreign researchers and prohibiting USDA employees from participating in foreign programs to recruit scientists, “malign or otherwise.”

Rollins, a lawyer who studied agricultural development, co-founded the pro-Trump America First Policy Institute before being tapped to head the agency.

There have long been restrictions on collaborating with researchers from certain countries, such as Iran and China. But these new instructions create blanket bans on working with scientists from “countries of concern.”

In a late November email to staff members of the Agricultural Research Service at one area office, a research leader instructed managers to immediately stop all research with scientists who come from — or collaborate with institutions in — “countries of concern.”

The email also instructed employees to reject papers with foreign authors if they deal with “sensitive subjects” such as “diversity” or “climate change.” National security concerns were listed as another cause for rejection, with USDA research service employees instructed to ask if a foreigner could use the research against American farmers.

In the audio recording of the December meeting, some employees expressed alarm about the instructions to investigate their fellow scientists. The “part of figuring out if they are foreign … by Googling is very dystopic,” said one person at the meeting, which involved leadership from the Agricultural Research Service.

Faced with questions about how to ascertain the citizenship of a co-author, another person at the meeting said researchers should do their best with a Google search, then put the name on the list “and let Homeland Security do their behind the scenes search.”

Rollins’ July memo specifies that, within 60 days of receiving a list of “current arrangements” that involve foreign people or entities, the USDA’s Office of Homeland Security along with its offices of Chief Scientist and General Counsel should decide which arrangements to terminate. The USDA laid off 70 employees from “countries of concern” last summer as a result of the policy change laid out in the memo, NPR reported.

The USDA and Department of Homeland Security declined to answer questions about what happens to the foreign researchers flagged by the staff beyond potentially having their research papers rejected.

The documents also suggested new guidance would be issued on Jan. 1, but the USDA employees ProPublica interviewed said that the vetting work was continuing and that they had not received any written updates. The staff spoke on the condition of anonymity because they weren’t authorized to talk publicly.

Scientists are often evaluated based on their output of new scientific research. Delaying or denying publication of pending papers could derail a researcher’s career. Over the past 40 years, the number of international collaborations among scientists has increased across the board, according to Caroline Wagner, an emeritus professor of public policy at the Ohio State University. “The more elite the researcher, the more likely they’re working at the international level,” said Wagner, who has spent more than 25 years researching international collaboration in science and technology.

The changes in how the USDA is approaching collaboration with foreign researchers, she said, “will certainly reduce the novelty, the innovative nature of science and decrease these flows of knowledge that have been extremely productive for science over the last years.”

The post Trump Administration Orders USDA Employees to Investigate Foreign Researchers They Work With appeared first on ProPublica.

La Toyota Yaris si aggiorna per il nuovo model year 2026, introducendo importanti novità in Italia. Analizziamo nel dettaglio la gamma e i listini ufficiali per scoprire tutti i nuovi modelli di auto. La celebre city car giapponese si rinnova nella struttura degli allestimenti e arricchisce la dotazione di serie, diventando ancora più competitiva.

Scopriamo insieme cosa è cambiato e quanto costa portare a casa uno dei modelli più amati del mercato.

Nuova gamma allestimenti per la Toyota Yaris nel 2026

La novità principale del nuovo model year riguarda la riorganizzazione della gamma. Toyota ha semplificato l'offerta, allineandola a quella degli altri modelli del marchio.

La nuova struttura prevede quattro versioni ben distinte:

• Yaris (versione di ingresso)
• Icon
• Premium
• GR Sport

Questa modifica rende la scelta più intuitiva e chiara per il cliente. Ma le novità non si fermano qui.

Su tutte le versioni, Toyota ha reso di serie accessori molto richiesti, come i retrovisori esterni richiudibili elettricamente e la regolazione in altezza per entrambi i sedili anteriori. Si tratta di dettagli importanti che migliorano il comfort quotidiano.

L'allestimento Icon si rinnova: più ricco e desiderabile

L'allestimento Icon è quello che beneficia maggiormente di questo aggiornamento. La sua dotazione di serie è stata potenziata con elementi prima riservati alle versioni superiori. Tra questi spiccano lo Smart Entry & Push Button per l'accesso senza chiave, il comodo Wireless Charger per lo smartphone e l'Ambient Light, che crea un'atmosfera più accogliente.

Anche l'estetica e l'intrattenimento sono stati migliorati. La versione Icon ora monta nuovi cerchi in lega da 17 pollici, che sostituiscono i precedenti da 16 pollici. L'impianto audio è stato potenziato e ora include 6 altoparlanti. In più i sedili presentano una forma più sportiva e sono rivestiti con nuovi tessuti di alta qualità.

Sicurezza e stile per la Toyota Yaris 2026

La sicurezza è da sempre un pilastro per Toyota. Il pacchetto di sistemi di assistenza alla guida, il Toyota T-Mate, si arricchisce con l'introduzione della Driver Monitor Camera. Questo sistema intelligente utilizza una telecamera dedicata per monitorare costantemente il livello di attenzione del guidatore. Infatti in caso di stanchezza o distrazione, interviene per prevenire situazioni di pericolo.

Sul fronte dello stile debutta una nuova colorazione per la carrozzeria, il Celestite Grey, disponibile per tutta la gamma. L'allestimento Premium offre in esclusiva la tinta bi-tone Everest Green & Black, per un contrasto dal look più audace.

Motorizzazioni ibride: efficienza confermata

Il nuovo model year non porta cambiamenti sotto il cofano. Toyota conferma le sue apprezzate ed efficienti motorizzazioni ibride, che rappresentano il cuore dell'offerta Yaris.

Le opzioni disponibili rimangono le due collaudate versioni:

• Hybrid 115: il perfetto equilibrio tra prestazioni e consumi ridotti.
• Hybrid 130: per chi cerca maggiore brio e reattività, senza rinunciare ai vantaggi della tecnologia full hybrid.

Questa scelta conferma la grande affidabilità di una tecnologia che Toyota ha perfezionato nel corso degli anni, garantendo un equilibrio ideale tra prestazioni e consumi.

Listino ufficiale con tutti i prezzi della Toyota Yaris nel 2026

Il nuovo model year è già ordinabile presso la rete ufficiale Toyota, con le prime produzioni previste a partire da marzo.

Ecco il listino completo con tutti i prezzi della Toyota Yaris 2026 per il mercato italiano:

• Yaris Hybrid 115: a partire da 24.750 euro
• Yaris Hybrid Icon 115: a partire da 27.550 euro
• Yaris Hybrid Premium 130: a partire da 29.750 euro
• Yaris Hybrid GR Sport 130: a partire da 31.750 euro

La Yaris si presenta come una vettura più matura, tecnologica e sicura. La gamma semplificata, ma arricchita nei contenuti, la rende una proposta ancora più interessante nel competitivo segmento delle city car.

L'articolo Toyota Yaris 2026 guida completa ai prezzi in Italia proviene da sicurezza.net.

La notizia è finalmente ufficiale: vedremo una Siri potenziata Gemini AI grazie a una collaborazione strategica tra Apple e Google. Dopo mesi di indiscrezioni, la conferma segna una svolta epocale per l'assistente vocale che conosciamo. Si tratta di un passo che promette di trasformare radicalmente il modo in cui interagiamo con i nostri iPhone, iPad e altri dispositivi della Mela.

Ma cosa significa davvero per noi utenti e come cambierà la nostra esperienza quotidiana?

Perché Apple ha scelto Google?

Negli ultimi anni Siri sembrava aver perso terreno. Mentre il mondo dell'intelligenza artificiale progrediva con ChatGPT, Copilot e lo stesso Gemini, l'assistente di Apple appariva legato a un modello più tradizionale, con capacità conversazionali limitate. Apple stessa aveva ammesso le difficoltà nel tenere il passo.

La decisione di affidarsi a un modello esterno come Gemini AI non è una sconfitta, ma una risposta pragmatica e intelligente per colmare il divario tecnologico. Invece di attendere oltre, l'azienda ha scelto la soluzione migliore sul mercato per offrire ai suoi utenti un assistente davvero intelligente.

Come funzionerà la nuova Siri potenziata con Gemini AI?

L'integrazione di Gemini AI con Siri avverrà in modo quasi invisibile per l'utente. Immaginiamo Gemini come il nuovo e potente motore di un'automobile: dall'esterno, il design e gli interni restano familiari, ma le prestazioni cambiano radicalmente. Funzionerà proprio così. Siri manterrà la sua voce e la sua perfetta integrazione nell'ecosistema Apple, mentre Gemini lavorerà "sotto il cofano", fornendo la potenza di calcolo necessaria a comprendere richieste complesse. Non vedremo loghi di Google o riferimenti a Gemini AI: l'esperienza sarà puramente Apple, ma con un cervello potenziato.

Privacy e controllo: le priorità di Apple

Un punto cruciale dell'accordo è il pieno controllo che Apple manterrà sull'intera operazione. Sarà Cupertino a orchestrare le risposte, a gestire i dati e, soprattutto, a garantire la privacy degli utenti. Questo approccio ibrido unisce la tecnologia AI di Google con l'attenzione maniacale di Apple per la sicurezza e l'esperienza utente.

Cosa aspettarsi dalla partnership tra Siri e Gemini AI?

Già negli scorsi mesi Apple stava testando questo potenziamento, e ora le implementazioni ufficiali sono previste per il 2026.

Le novità concrete, però, potrebbero includere:

• Conversazioni più naturali e fluide, con una reale comprensione del contesto.
• Esecuzione di comandi complessi e articolati in più passaggi.
• Capacità di interagire con le app in modo più profondo e proattivo.

Immagina di poter chiedere a Siri di pianificare un'intera serata, dalla prenotazione al ristorante al calcolo del percorso, tutto con un'unica richiesta. Ciò che oggi sembra fantascienza, domani potrebbe diventare la normalità.

Un segnale di cambiamento anche ai vertici

Questa mossa strategica ha avuto ripercussioni anche a livello manageriale. L'accordo è stato accompagnato da un cambio ai vertici del team AI di Apple, un segnale che conferma quanto lo sviluppo interno si sia rivelato più complesso del previsto. La decisione riflette la volontà di rimettere in carreggiata la roadmap con una soluzione audace e pragmatica.

In conclusione l'alleanza tra Apple e Google non è solo una notizia tecnologica, ma l'inizio di una nuova era. La competizione si sposta sulla capacità di offrire un'intelligenza artificiale che sia non solo potente, ma anche sicura, integrata e intuitiva. Per Siri, e per tutti gli utenti iPhone, il futuro si preannuncia molto più intelligente.

L'articolo Siri e Gemini AI: l'alleanza che rivoluzionerà il tuo iPhone proviene da sicurezza.net.

Easterly will be leading the world-renowned cybersecurity conference and other RSAC programs.

The post Former CISA Director Jen Easterly Appointed CEO of RSAC appeared first on SecurityWeek.

How not to maintain computers

On Call  Welcome again to On Call, The Register's Friday column in which we take great delight in telling your tech support stories – mostly the ones involving bizarre behavior and heroic fixes.…

A threat actor likely aligned with China has been observed targeting critical infrastructure sectors in North America since at least last year. Cisco Talos, which is tracking the activity under the name UAT-8837, assessed it to be a China-nexus advanced persistent threat (APT) actor with medium confidence based on tactical overlaps with other campaigns mounted by threat actors from the region.

Cisco on Thursday released security updates for a maximum-severity security flaw impacting Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager, nearly a month after the company disclosed that it had been exploited as a zero-day by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686. The vulnerability, tracked as CVE-2025-20393 (CVSS

Microsoft promises to be a responsible copilot

The Wikimedia Foundation, the org behind Wikipedia and other open knowledge platforms, has revealed it’s signed six more AI companies as ‘enterprise partners’, status that gives them preferential access to the content it tends.…

Utile et instructif, merci.

Instructif et bien partagé, merci !

C’était une excellente lecture, très utile.

Merci pour le partage de ces précieuses informations.

Merci pour cette mise à jour, très bien expliquée.

Contenu très utile, merci du partage !

Merci pour la publication ! Clair et pertinent

Excellent partage, j’ai appris quelque chose de nouveau

Merci pour ces informations ! C’était vraiment très utile.

Merci pour le partage ! Très instructif et utile.

2nm process will go large this year, and bring inevitable price rises

Taiwanese chipmaking giant TSMC has posted huge growth, says more is on the way as the AI boom is not abating, but also pointed to the inevitability of price rises for its output.…

A judge in Milwaukee brought a 13-year quest for justice by a grieving father to a close on Thursday, accepting a plea deal for two men charged criminally for their role in the killing of his teenaged son. 

Robert W. Beringer and Jesse R. Cole pleaded guilty to felony murder under a deferred prosecution agreement that allows them to avoid jail time yet publicly stand accountable for their actions leading to the 2012 death of Corey Stingley. The men helped restrain the 16-year-old inside a convenience store after an attempted shoplifting incident involving $12 worth of alcohol.

“What happened to Corey Stingley should have never happened. His death was unnecessary, brutal and devastating,” Dane County District Attorney Ismael Ozanne told the judge in a letter filed with the court. 

Both of Stingley’s parents spoke directly to the judge in an hourlong hearing in a courtroom filled with family members, community activists, spiritual leaders and some of the teen’s former classmates. 

“Corey was my baby. A mother is not supposed to bury her child,” Alicia Stingley told the judge. She spoke of the grace of forgiveness, and after the hearing she hugged Beringer. The Stingleys’ surviving son, Cameron, shook both men’s hands. 

The agreement requires Cole and Beringer to make a one-time $500 donation each to a charitable organization of the Stingley family’s choosing in honor of Corey. After six months, if the two men comply with the terms and do not commit any crimes, the prosecution will dismiss the case, according to documents filed with the court. 

ProPublica, in a 2023 story, reexamined the incident, the legal presumptions, the background of the men and Stingley’s father’s relentless legal campaign to bring the men into court. The three men previously had defended their actions as justified and necessary to deal with an emergency as they held Stingley while waiting for police to arrive.

Ozanne, who was appointed in 2022 to review the case, recommended the agreement after the two men and the Stingley family engaged in an extensive restorative justice process, in which they sat face to face, under the supervision of a retired judge, and shared their thoughts and feelings. Ozanne said in the letter that the process “appears to have been healing for all involved.”

From the bench, Milwaukee County Circuit Court Judge Laura Crivello said she found the agreement to be fair and just and commended the work of all the parties to come to a resolution. 

“Maybe this is the spark that makes other people see similarities in each other and not differences,” she said. “Maybe this is the spark that makes them think about restorative justice and how do we come together. And maybe this is part of the spark that decreases the violence in our community and leads us to finding the paths to have those circles to sit down and have the dialogue and to have that conversation. So maybe there’s some good that comes out of it.”

Craig Stingley, Corey’s father, said during the hearing that his 13-year struggle “has turned into triumph.” 

Earlier, the Stingley family filed a statement with the court affirming its support for the agreement and the restorative justice process. 

“We sought not vengeance, but acknowledgement — of Corey’s life, his humanity, and the depth of our loss,” it states. “We believe this agreement honors Corey’s memory and offers a model of how people can come together, even after profound harm, to seek understanding and healing.” 

The family remembered Stingley as a “vibrant, loving son, brother, and friend” and found that the restorative dialogues brought “truth, understanding, and a measure of healing that the traditional court process could not.” 

Jonathan LaVoy, Cole’s attorney, told reporters after the hearing: “This has been a long 13 years. He’s been under investigation with multiple reviews over that time. I think everyone is just so happy that this day has come, that there’s been some finality to this whole situation.” 

In a joint written statement provided to the court, Beringer and Cole said they came to recognize “the profound ripple effects” of the incident and their connection to Stingley’s death. They expressed sorrow that Stingley’s “time on this earth ended far too soon.”

The proceeding followed years of work by Craig Stingley to force the justice system to view his son as a crime victim whose life was unlawfully cut short by Beringer, Cole and another store patron, Mario Laumann, who died in 2022. 

Prosecutors at the time declined to charge anyone, saying the men did not intend to kill Corey Stingley when they tackled him and pinned him to the floor of VJ’s Food Mart, in West Allis, Wisconsin. They were detaining him for police after the youth attempted to steal bottles of Smirnoff Ice. In surveillance video, Laumann can be seen holding Stingley in a chokehold while the other two men aided in restraining him. A witness told police Laumann was “squeezing the hell” out of the teenager.

The Milwaukee County Medical Examiner’s Office found that Stingley died of a brain injury due to asphyxiation after a “violent struggle with multiple individuals.” It ruled the death a homicide.

Under Wisconsin law, the charge of felony murder is brought in cases in which someone dies during the commission of another alleged crime — in this case false imprisonment. 

Ozanne wrote to the court that his analysis found that “there is no doubt Cole, Beringer and Laumann caused Corey Stingley’s death.”

All three men, he wrote, restrained Stingley “intentionally and without his consent” and without legal authority to “arrest” him. “Simply put, Corey, a teenager, was tackled and restrained to the ground by three grown men because they suspected him of shoplifting,” Ozanne wrote. “They killed him while piled on top of his body awaiting the police.” 

But he noted that there is no evidence that Beringer or Cole knew that Stingley was in medical distress during the incident. He described their hold on him as “rudimentary detention techniques.” 

It was Laumann, Ozanne concluded, who “strangled Corey Stingley to death.” Ozanne wrote that surveillance video shows Laumann’s arm for several minutes across Stingley’s neck “as he fades out of consciousness.” 

If Laumann were still alive, Ozanne said in court, prosecutors likely would have been seeking a lengthy prison term for him.

Stingley died the same year as Trayvon Martin, a Black Florida teen shot to death by a neighborhood volunteer watchman, who was acquitted in 2013. Martin’s case drew national attention and led to the formation of the Black Lives Matter movement. But Stingley’s death after being restrained by three white men did not garner widespread notice outside Wisconsin. 

Over the years, Craig Stingley unsuccessfully advocated for the men to face charges. Two prosecutors reviewed the case, but nothing came of it. 

He then discovered an obscure “John Doe” statute, dating back to Wisconsin’s territorial days, that allows a private citizen to ask a judge to consider whether a crime has been committed and, if so, by whom when a district attorney can’t or won’t do so.

Stingley filed such a petition in late 2020. That led to the appointment of Ozanne as a special prosecutor to review the matter yet again. In 2024, Ozanne informed the Stingley family that his office had found evidence of a crime but that a guilty verdict was not assured for the remaining two men.

That set in motion an effort to achieve healing and accountability through a restorative justice process. Restorative justice programs bring together survivors and offenders for conversations, led by trained facilitators, to work toward understanding and healing and how best to make amends. Last year, Stingley and members of his family met on separate occasions with both Cole and Beringer through the Andrew Center for Restorative Justice, part of the law school at Milwaukee’s Marquette University. 

The discussions led to the deferred prosecution agreement.

In an interview, Anthony Neff, a longtime friend of Craig Stingley’s, recalled seeing Corey Stingley in a hospital bed, attached to tubes and a ventilator in his final days. Corey Stingley had been a running back on his high school football team. Everyone in the program showed up for the funeral, Neff said. 

“Coaches. The ball boys. The cheerleaders. I mean, they’re all standing in solidarity with Craig and the family,” he said. 

In the years since, he and other golfing buddies of Craig Stingley’s have provided emotional support in his quest. Neff called it “a lesson in civics, a master lesson in civics.”

The post A Black Teen Died Over a $12 Shoplifting Attempt. 13 Years Later, Two Men Plead Guilty in His Killing. appeared first on ProPublica.

Merge Labs envisions controlling devices using your brain - without implanting hardware in your body

OpenAI, having invested heavily in artificial intelligence, is placing a side bet on organic intelligence.…

This is a threat to security - and to the weekend for some unlucky netadmins

Cisco finally delivered a fix for a maximum-severity bug in AsyncOS that has been under attack for at least a month.…

You might call it a RISC-V/NVLink Fusion ... or a bad day for UALink

RISC-V champion SiFive has joined a growing number of chip companies by throwing its weight behind Nvidia's proprietary NVLink Fusion interconnect tech, a move that casts doubt on the viability of rival interconnect tech UALink.…

The answer seems to be educating the enterprise workforce, and creating smarter use cases

More than half of AI projects have been delayed or canceled within the last two years citing complexities with AI infrastructure, according to a research report commissioned by DDN, a data optimization company in partnership with Google Cloud and Cognizant.…

What's next for Venezuela? Click on the file and see

What policy wonk wouldn't want to click on an attachment promising to unveil US plans for Venezuela? Chinese cyberspies used just such a lure to target US government agencies and policy-related organizations in a phishing campaign that began just days after an American military operation captured Venezuelan President Nicolás Maduro.…

Fix landed in July, but OEM firmware updates are required

If you use virtual machines, there's reason to feel less-than-Zen about AMD's CPUs. Computer scientists affiliated with the CISPA Helmholtz Center for Information Security in Germany have found a vulnerability in AMD CPUs that exposes secrets in its secure virtualization environment.…

Researchers detailed how Intellexa, Predator's owner, uses failed deployments and thwarted infections to strengthen its commercial spyware and generate more effective attacks.

The upcoming Winter Games in the Italian Alps are attracting both hacktivists looking to reach billions of people and state-sponsored cyber-spies targeting the attending glitterati.

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider's own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk. The vulnerability has been codenamed CodeBreach by cloud security company Wiz. The issue was fixed by AWS in September 2025 following responsible disclosure on

When I first learned that a critical medication for transplant patients — one that keeps them alive — had generic versions that might not be effective, I called a specialty pharmacist at a hospital in Virginia. Adam Cochrane had written a journal article about the problems with the generics. 

The drug is called tacrolimus, and it keeps a transplant patient’s body from rejecting a donated organ. I was surprised to hear that Cochrane had several patients he thought had died in part because their generic tacrolimus hadn’t worked right.

He told me about Hannah Goetz, though he didn’t divulge her name initially. She would become the focus of a story I published recently that’s part of a larger investigation into how the Food and Drug Administration has for years allowed risky drugs into your medicine cabinet. 

Hannah was 17 when she had a double lung transplant because of complications from cystic fibrosis, a genetic condition that fills the organs with mucus. She died in 2023 at just 21 years old, he said. And she had been taking one of the bad generics. 

He agreed to see if her mom would be willing to chat with me. When I met Holly Goetz at her home in Portsmouth, Virginia, she was open and personable. She was angry, too. Hannah had died too young. She welcomed the chance to tell her daughter’s story. “I was excited, because someone was going to research this issue,” Holly told me recently. “Possibly turn things around.” Before we’d met, she’d been told she didn’t have any legal recourse to sue over Hannah’s death despite the issue with the generic. Lawyers told Holly it was impossible to draw a straight line from Hannah’s death to a generic manufacturer.

I knew that in telling Hannah’s story in detail, I’d also be telling the larger story about tacrolimus, and larger still about the systemic failures at the FDA. ProPublica’s reporting typically focuses on exposing wrongdoing in the hopes of spurring change. I wasn’t sure whether our reporting would bring Holly the accountability she yearned for, at least not in a tangible way. I hoped Holly’s experience sharing an intimate, tragic part of her life wouldn’t end up being a disappointment.

Holly had been by Hannah’s side, advocating for her since she was diagnosed with cystic fibrosis and through the four-year journey after the transplant. Over several hours as the sky turned dark that February day, she took me through all that happened — from Hannah’s sudden need for a transplant where she almost died, to her doing well enough to take college courses and enjoy having her first (and only) real boyfriend, to her unexpected decline just three and half years after the successful transplant. 

“It was hard, because I was reliving everything over again,” Holly said of our first interview at her home. “Then again, I got to talk to someone else about Hannah, who she was, not just her in the hospital.” 

As she showed me Hannah’s peach bedroom that day, with its dozens of stuffed animals and the hair bows she wore every day when she was in school, Holly shared that when Hannah was a little girl she started sticking her tongue out in pictures. Holly laughed, saying she thought for sure Hannah would outgrow the habit, but it turned into her signature pose. Now, one of those pictures hangs from Holly’s rearview mirror in her car, one of many touchstones. There are photos and memorabilia of Hannah all over the house. I felt privileged to step into Holly’s own bedroom to see the pink urn with angel wings that holds Hannah’s ashes. 

During our conversation, I realized that my reporting had given me access to key details about Hannah’s death that Holly didn’t know. I didn’t relish being the messenger who informed her that Hannah had taken not just one but actually two different suspect generic versions of tacrolimus, that she had the misfortune of exclusively taking ones that doctors, pharmacists or the FDA had found problematic. Holly’s eyes widened. I had to share, too, that the FDA had revoked one version’s generic status just two months after Hannah had died. 

The two manufacturers of the generic medication Hannah was taking, companies named Accord and Dr. Reddy’s, both maintain that their tacrolimus is safe and effective. An Accord spokesperson said in a statement that the company cannot comment on individual cases but that it is “dedicated to patient safety, product quality and regulatory compliance.” Dr. Reddy’s said in a statement that it hasn’t received any complaints that “indicated any concerns in patient safety.” 

The next day as I made the three-hour drive back to Washington, D.C., where I live, I called one of ProPublica’s managing editors, Tracy Weber, whom I’ve known for years. I cried as I described my conversation with Holly. One unavoidable aspect of my job is that I’m often asking people about the worst things that have happened to them. In my two decades as a reporter — quite a few of those years spent covering the Iraq and Afghanistan wars — I’ve sat at many kitchen tables with grieving mothers. Talking with Holly, though, was the first time I’d done so as a mother myself. Her sorrow hit me differently. 

Over the next nine months, I’d be a constant presence in Holly’s life. We texted hundreds of times. She dug up old photos and videos and gave me access to Hannah’s private Instagram account. One of the hardest moments was listening to a recording Holly sent of the doctors telling Hannah shortly before she died that they couldn’t give her a second transplant.

The ask from an investigative reporter is never just, “Tell me about your loved one.” Our work requires meticulous detail and all the receipts. I had to recruit Holly to take considerable time to help with my reporting. 

There were four years of medical care I needed to comb through to write the story, which meant asking Holly to track down records from two hospitals and, crucially, the pharmacy where Hannah had gotten all her medications. It wasn’t a simple task. 

Hannah was an adult when she died, so Holly wasn’t automatically entitled to her records. Although Hannah had signed an advance directive giving Holly power of attorney before her death, including the ability to request records, Holly still couldn’t get access.

She had to recruit a lawyer friend and attend probate court to get Hannah’s hospital records for me. “What I had to go through to get them was ridiculous,” Holly said. I first asked about the records in February. It took until May for her to get appointed as executor of Hannah’s estate, and then several more months for the hospitals and pharmacy to fulfil Holly’s request and send her the records. We didn’t have them until July. 

There were upwards of 13,000 pages — all of which she shared with me. Sometimes, the records meant I had to ask uncomfortable questions of Holly. Why, for example, didn’t Hannah consistently take her medication for her pancreas? Did that mean she also didn’t take her tacrolimus? (Answers: She didn’t like how the pancreas drug made her feel, and Holly was so insistent on guaranteeing her daughter took her tacrolimus that she made her FaceTime when she took the pills away from home.) Holly was unfazed by even the most difficult questions. She and Hannah were alike that way: There was no shrinking from the world. Holly made my job a lot easier; she didn’t have to.

I hesitated each time I had to reach out, wondering if texting about Hannah in the middle of the day would be jarring. What was it like for Holly to check her phone on her break from teaching high schoolers and be greeted with a message that would take her back to Hannah’s final days in the hospital? To my relief, Holly told me later she looked forward to my texts or calls. “I like sharing everything about Hannah,” she said. 

Holly said she had agreed to talk to ProPublica because she thought speaking to me and the resulting story might bring her a sense of closure. Did it? I asked her. 

“Yes, because more people know now what really happened,” she said. “The real story.”

The post Her Daughter Died After Taking a Generic Version of a Lifesaving Drug. This Is What She Wants You to Know. appeared first on ProPublica.

Investors upset that company failed to inform them might need to take out even more debt.

Datacenters don't come cheap. Oracle debt bond holders are suing the tech giant, because they say that the company didn't tell them it would need to borrow even more money after its original sale, making their purchases less valuable.…

Office workers without AI experience warned to watch for prompt injection attacks - good luck with that

Anthropic's tendency to wave off prompt-injection risks is rearing its head in the company's new Cowork productivity AI, which suffers from a Files API exfiltration attack chain first disclosed last October and acknowledged but not fixed by Anthropic.…

SRAM-heavy compute architecture promises real-time agents, extended reasoning capabilities to bolster Altman's valuation

OpenAI says it will deploy 750 megawatts worth of Nvidia competitor Cerebras' dinner-plate sized accelerators through 2028 to bolster its inference services.…

Next month, the annual Most Inspiring Women in Cyber Awards will take place at The BT Tower, London, celebrating some of the industry’s most inspirational – and oftentimes unsung – women.

Sponsored by Fidelity International, BT, Plexal and Bridewell, and proudly supported by industry-leading diversity groups WiTCH, WiCyS UK&I and Seidea, the 2026 event is set to be bigger than ever. To make sure everyone has had the chance to nominate, we’ve extended the nomination deadline until the 16th January 2026, 5pm GMT. 

For now, it’s time to introduce our 2026 judges, who have the exceptionally hard task of picking this year’s top 20 and five ones to watch… 

• Yasemin Mustafa, Director of the Cyber Security Portfolio at BT 
• Adam Haylock, Head of Global Cyber and Information Security Department at Fidelity International 
• Rebecca Taylor, Co-Author of Co-Author of Securely Yours: An Agony Aunts’ Guide To Surviving Cyber, and Threat Intelligence Knowledge Manager and Researcher at Sophos
• Adaora Uche, GRC Lead at THG (representing Seidea) 
• Joanne Elieli, Cyber Lead and Litigation Partner at Stephenson Harwood LLP
• Diane Gilbert, Senior Lead for Programmes at Plexal 
• Yvonne Eskenzi, Co-Founder of Eskenzi PR and Founder of The Most Inspiring Women in Cyber Awards
• Jennifer Cox, Director of Solutions Engineering, EMEA and APAC, at Tines (representing WiCyS UK&I)
• Hannah Arnold, London Ambassador for WiTCH – Women in Tech & Cyber Hub

The Gurus spoke to some of our judges about the 2026 awards and what they’re looking for in a good application. 

Adaora Uche, GRC Lead at THG 

Why are initiatives like this so important?

Initiatives like this matter because visibility changes possibility. Cybersecurity is still an industry where many women don’t see themselves reflected in leadership, technical authority, or decision-making roles. By intentionally spotlighting women who are doing impactful work, we challenge outdated perceptions of who belongs in cyber and what success looks like.

Beyond recognition, these initiatives create role models, momentum, and community. They validate the work women are already doing – often quietly and behind the scenes, and help open doors for others who are earlier in their journeys. Representation is not just symbolic, it is a powerful driver for inclusion, retention, and long-term change in our industry.

Why should people nominate?

People should nominate because inspiration often goes unrecognised unless someone speaks up. So much impactful work in cybersecurity happens behind the scenes. Particularly in governance, risk, privacy, and security leadership, where success often looks like problems prevented, risks mitigated, or the right questions being asked early. This kind of impact does not always attract attention, but it is critical.

A nomination is more than an accolade; it is an act of recognition and encouragement. It tells someone that their work matters, that they are seen, and that their journey can inspire others. Nominating also helps broaden the narrative of cybersecurity by showcasing diverse paths, backgrounds, and contributions that might otherwise go unnoticed.

What makes an ‘inspiring woman’ in cyber in your eyes?

First and foremost, I believe every woman in cybersecurity is inspiring. Simply showing up each day to help make the digital world safer, often in complex, high-pressure environments, is truly heroic.

An inspiring woman in cyber creates impact while lifting others as she progresses. She may be a technical expert, a strategist, a leader, or an educator, but what sets her apart is purpose, resilience, and a commitment to making the space better than she found it. She does not just respond to challenges, she anticipates them, questions the status quo, and contributes to safer, more ethical, and more inclusive digital environments.

She does not need to dominate the room to lead. Her credibility comes from consistency, thoughtfulness, and sound judgement. It also stems from her unwavering commitment to building systems and teams that are secure, resilient, and future-ready. Importantly, she uses her voice, whether in boardrooms, classrooms, or communities to share knowledge, mentor others, and make cybersecurity more accessible and human.

Adam Haylock, Head of Global Cyber and Information Security Department at Fidelity International 

Why are initiatives like this so important?

I often find myself in meetings counting the number of male versus female attendees. Too often, there are only one or two women in the room, surrounded by many more men.

In cyber, many men take for granted that they don’t have to overcome that initial sense of standing out before even contributing to the discussion or holding their ground. While we are making some progress in addressing the gender imbalance, initiatives like this are vital in keeping the spotlight on an issue that still matters deeply. They help encourage more women to put themselves forward, particularly where they may previously have hesitated, and to feel recognised and valued for the outstanding work they do, inspiring others along the way. 

Why should people nominate?

Nominations reinforce the value that female talent brings to our field. Diversity of thought, approach and communication is critical in cyber, a discipline that is as much about culture and behaviour as it is about technology.

Recognising and celebrating female talent strengthens that value proposition, especially when nominations come from male colleagues who see first-hand, and rely on, the expertise and impact that women bring to our teams.

What makes an ‘inspiring woman’ in cyber in your eyes?

Being in the minority in any environment can create invisible barriers and perceptions that are difficult to overcome. For me, an inspiring woman in cyber – a male-dominated field – is someone willing to step outside her comfort zone, try new things, take risks, and learn from setbacks.

Standing out in a male-dominated environment requires real courage, and that courage is inspiring in itself. We need more visible role models like this to attract more women into cyber and to show that it is a field where they can thrive, feel valued, and build rewarding careers.

Rebecca Taylor, Co-Author of Securely Yours: An Agony Aunts’ Guide To Surviving Cyber, and Threat Intelligence Knowledge Manager and Researcher at Sophos

Why are initiatives like this so important?

Initiatives like the ‘Most Inspiring Women in Cyber Awards 2026’ are so important because they shine a light on women who are accomplishing amazing things in an industry that is still largely male-dominated. Recognising these achievements in an inclusive and safe way helps ensure women feel seen, valued, and celebrated for their expertise and impact.

Beyond individual recognition, these initiatives also create visible role models. Seeing women celebrated for their achievements inspires others to enter the field, stay in the industry, and aim higher. It helps challenge outdated stereotypes, builds confidence, and fosters a stronger sense of community and belonging.

Ultimately, celebrating women in cyber isn’t just about awards – It’s about changing culture. It encourages equity, boosts morale, and helps build a more diverse, inclusive, and resilient cybersecurity industry for everyone.

Why should people nominate? 

People should nominate because recognition matters! Nominating is a powerful way to celebrate women who are accomplishing amazing things and making a real impact. Remember that a nomination (let alone a win!) can boost confidence, open doors to new opportunities, and remind someone that their work truly matters. Get those entries in!

What makes an ‘inspiring woman’ in cyber in your eyes?

In my eyes, an ‘inspiring woman in cyber’ is someone who brings others with them into the conversation. They lift people up, share knowledge, and create space for others to learn, grow, and feel they belong. They want to leave a positive footprint, not just through their work, but through the way they support and encourage those around them.  They are a role model, someone who shows what’s possible and inspires others to follow their own path in cyber with confidence and purpose.

It isn’t about money, job titles, or seniority. It’s about impact. An inspiring woman is thriving in what they do, and you can see that they genuinely love their work. That passion is contagious and motivating to others.

Joanne Elieli, Cyber Lead and Litigation Partner at Stephenson Harwood LLP at Stephenson Harwood LLP

Why are initiatives like this so important? 

Initiatives like this are instrumental in recognising and celebrating the achievements of women in cybersecurity, helping to raise their visibility and inspire others. These initiatives encourage diversity, challenge stereotypes, and can empower the women being recognised to stay and advance in the field. By providing networking opportunities and driving positive industry change, initiatives like this can also help to create a more inclusive and innovative cyber sector.

Why should people nominate? 

Nominating women in the cyber industry is a meaningful way to recognise and celebrate their expertise, dedication, and achievements. Formal nominations help to bring the contributions of our exceptional women to light, ensuring they receive the appreciation they deserve. This visibility can inspire other women and girls to pursue careers in cybersecurity, which in turn fosters a more diverse and inclusive industry.

What makes an ‘inspiring woman’ in cyber in your eyes?

An inspiring woman in cyber, in my eyes, is someone who demonstrates exceptional skill and dedication to her work while also uplifting and supporting others in the industry. She is passionate about solving complex problems and is eager to learn and adapt in a rapidly changing industry. Beyond her technical abilities, she actively shares her knowledge, mentors others, and advocates for diversity and inclusion. Her resilience in overcoming challenges and her willingness to break new ground make her a role model for both current and future generations in cybersecurity.

Jennifer Cox, Director of Solutions Engineering, EMEA/APAC, at Tines

Why are initiatives like this so important?

Women’s representation in cybersecurity still has a lot of ground to cover, and initiatives like this shine a light on those who are making an impact both technically and culturally. Recognition not only celebrates achievement but also helps change perceptions;  it shows the next generation that there’s space for them here, no matter their background or neurotype. When we platform diverse voices, we accelerate innovation and make our industry stronger, more inclusive, and more human.

Why should people nominate?

Nominating someone is a simple but powerful act of allyship and pride. Many brilliant women in cyber are so focused on lifting others up or doing the hard, often invisible work that they rarely stop to celebrate themselves. A nomination says, “I see you, I value what you’re doing, and you’re shaping this industry.” You never know who might need that encouragement to keep going or step into an even bigger role, and for other women just starting their cybersecurity careers visibility of these trailblazers and their capabilities is key.

What makes an ‘inspiring woman’ in cyber in your eyes?

For me, an inspiring woman in cyber is someone who leads with both competence and compassion. She’s technically grounded, but she also uses her voice and position to make space for others; especially those whose stories aren’t often heard. She’s authentic, curious, resilient, and not afraid to challenge the norm. Above all, she shows that success in cybersecurity isn’t about fitting a mould; it’s about rewriting it so more people can belong.

 

—

You can nominate here. 

The post Most Inspiring Women in Cyber 2026: Meet The Judges appeared first on IT Security Guru.

The chatbot's challenges no longer just Elon Musk’s problem, as campaigners call on tech giants to step in

The ongoing Grok fiasco has claimed two more unwilling participants, as campaigners demand Apple and Google boot X and its AI sidekick out of their app stores, because of the Elon Musk-owned AI's tendency to produce illicit images of real people.…

And it's 'not unique to AWS,' researcher tells The Reg

A critical misconfiguration in AWS's CodeBuild service allowed complete takeover of the cloud provider's own GitHub repositories and put every AWS environment in the world at risk, according to Wiz security researchers.…

MITRE loses its lead as the top reporter of vulnerabilities, while new organizations pump out CVEs and reported bugs in WordPress plug-ins surge.

Bonjour

J’ai répondu à un sondage, il y a plusieurs jours, mais je voudrais modifier un de mes votes. Mais à chaque fois, il me demande mon nom, et me rajoute une ligne, sans modifier ma ligne initiale. Je me retrouve donc avec plusieurs lignes pour moi.

Comment faire ?

merci pour votre aide

8 messages - 2 participant(e)s

Lire le sujet en entier

A maximum-severity security flaw in a WordPress plugin called Modular DS has come under active exploitation in the wild, according to Patchstack. The vulnerability, tracked as CVE-2026-23550 (CVSS score: 10.0), has been described as a case of unauthenticated privilege escalation impacting all versions of the plugin prior to and including 2.5.1. It has been patched in version 2.5.2. The plugin

Cybersecurity researchers have disclosed details of a new attack method dubbed Reprompt that could allow bad actors to exfiltrate sensitive data from artificial intelligence (AI) chatbots like Microsoft Copilot in a single click, while bypassing enterprise security controls entirely. "Only a single click on a legitimate Microsoft link is required to compromise victims," Varonis security

When margins are this tight, mergers might follow

The memory shortage is forecast to push smartphone prices higher in 2026, triggering a market decline and forcing budget phone makers to merge or disappear.…

January patch trips up Azure Virtual Desktop and Windows 365 authentication

Microsoft has kicked off 2026 with another faulty Windows update. This time, it is connection and authentication failures in Azure Virtual Desktop and Windows 365 related to the Windows App.…

Research shows erroneous training in one domain affects performance in another, with concerning implications

Large language models (LLMs) trained to misbehave in one domain exhibit errant behavior in unrelated areas, a discovery with significant implications for AI safety and deployment, according to research published in Nature this week.…

Dans #PeerTube, vous pouvez améliorer la sécurité de votre compte en activant l'authentification à deux facteurs (2FA).
Pour y parvenir, rendez-vous dans les paramètres de votre compte, trouvez le bouton "Activez l'authentification à deux facteur" et suivez les instructions !

#PeerTubeTipOfTheWeek

The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere. This week’s stories show how fast attackers change their tricks, how small mistakes turn into big risks, and how the same old tools keep finding new ways to break in. Read on to catch up before the next wave hits. Unauthenticated RCE risk Security Flaw in Redis

Smart Driver pitched as safety app, but feds claim it's a data-harvesting scheme that jacked up premiums

The Federal Trade Commission has banned General Motors and subsidiary OnStar from sharing drivers' precise location and behavior data with consumer reporting agencies for five years under a 20-year consent order finalized January 14.…

Suspect assisting West Midlands Police over alleged theft at Walsall GP practice

The UK's West Midlands Police has released a woman on bail as part of an investigation into a data breach at a Walsall general practitioner's (GP) surgery.…

Transparently runs 16, 32, and 64-bit Windows apps, but still doesn't use the Microsoft store.

The latest version of the Wine Windows app runner arrives a year after version 10. Given its annual release cycle, its magic is starting to seem almost boring and routine, but it's far from it.…

As AI copilots and assistants become embedded in daily work, security teams are still focused on protecting the models themselves. But recent incidents suggest the bigger risk lies elsewhere: in the workflows that surround those models. Two Chrome extensions posing as AI helpers were recently caught stealing ChatGPT and DeepSeek chat data from over 900,000 users. Separately, researchers

40 TOPS of inference grunt, 8 GB onboard memory, and the nagging question: who exactly needs this?

Raspberry Pi has launched the AI HAT+ 2 with 8 GB of onboard RAM and the Hailo-10H neural network accelerator aimed at local AI computing.…

Redmond says cheap virtual desktops powered a global wave of phishing and fraud

Microsoft has taken its cybercrime fight to the UK in its first major civil action outside the US, moving to shut down RedVDS, a virtual desktop service used to power phishing and fraud at global scale.…

It’s 2026, yet many SOCs are still operating the way they did years ago, using tools and processes designed for a very different threat landscape. Given the growth in volumes and complexity of cyber threats, outdated practices no longer fully support analysts’ needs, staggering investigations and incident response. Below are four limiting habits that may be preventing your SOC from evolving at

Cold milk poured over 'spicy mode,' but it might not be enough to escape a huge fine

Ofcom is continuing with its investigation into X, despite the social media platform saying it will block Grok from digitally undressing people.…

Experts disagree on whether the vulnerabilities in a programmable logic controller from Delta are a five-alarm fire or not much to worry over.

La nuova funzionalità di ChatGPT per la traduzione sfida Google in un campo che sembrava dominato da un unico gigante. OpenAI ha lanciato, quasi in sordina, ChatGPT Translate che promette di andare oltre la semplice traduzione parola per parola ed è integrato nel suo celebre chatbot.

Ma siamo davvero di fronte a una rivoluzione in grado di spodestare lo storico Google Translate? Analizziamo insieme cosa rende questa novità così interessante e come potrebbe cambiare per sempre il nostro modo di interagire con le lingue straniere.

Cos'è ChatGPT Translate e come funziona?

Prima di tutto chiariamo un punto: non si tratta di un'applicazione separata o di un nuovo sito web. La funzione di traduzione è ora una delle tante abilità di ChatGPT. Puoi usarla direttamente nella stessa finestra di chat che già conosci.

Il suo funzionamento è incredibilmente intuitivo. Ti basta scrivere una frase come "Traduci questo testo in inglese:" e incollare il contenuto. L'intelligenza artificiale non solo rileva automaticamente la lingua di partenza, ma esegue la traduzione in modo quasi istantaneo. La vera magia, però, sta nel "come" traduce.

La grande differenza: contesto e tono di voce

Se hai mai usato un traduttore automatico per testi complessi, conosci bene la sensazione. Le parole sono giuste, ma la frase suona "strana", robotica, quasi priva di anima. Questo accade perché i traduttori tradizionali si concentrano spesso sulla correttezza letterale.

Invece ChatGPT Translate punta al contesto. Essendo un modello linguistico generativo, è addestrato su una mole immensa di testi e conversazioni. Questo gli permette di capire non solo cosa stai dicendo, ma anche come lo stai dicendo.

Vuoi una traduzione formale per un'email di lavoro? O magari un tono più colloquiale per un messaggio a un amico? Basta chiederlo. Questa capacità di adattare lo stile è il suo più grande punto di forza.

I punti di forza di ChatGPT Translate

I vantaggi principali di ChatGPT Translate si possono riassumere in tre punti chiave che lo distinguono dall'approccio di Google. Analizziamoli insieme.

Comprensione contestuale superiore

ChatGPT Translate non si limita a convertire singole parole, ma analizza la frase nel suo insieme, cogliendo sfumature, modi di dire ed espressioni idiomatiche. Il risultato è una traduzione che suona molto più naturale e fluida, quasi come se fosse stata scritta da un essere umano.

Flessibilità stilistica

Come accennato, la vera rivoluzione è la possibilità di guidare il tono della traduzione. Puoi chiedere a ChatGPT di essere più professionale, più amichevole, più semplice o addirittura più poetico. Questa personalizzazione apre scenari impensabili per un traduttore automatico tradizionale, rendendolo uno strumento creativo oltre che funzionale.

Interazione evolutiva

Se una parte della traduzione non ti convince, puoi semplicemente dirlo. Puoi chiedere: "Rendi questa frase più concisa" o "Trova un sinonimo migliore per questa parola". L'interazione permette di affinare il testo in tempo reale, trasformando un processo statico in un vero e proprio dialogo collaborativo.

Google Translate è davvero in pericolo?

Diciamolo chiaramente: per le traduzioni veloci e immediate, Google Translate rimane uno strumento formidabile, anche grazie all'introduzione di funzionalità AI. La sua velocità, l'integrazione in miliardi di dispositivi e la sua semplicità d'uso sono difficili da battere. Se hai solo bisogno di capire il significato di una parola o di una breve frase, probabilmente continuerai a usare Google.

La sfida di ChatGPT si gioca su un altro campo: quello della qualità e della raffinatezza. Per tradurre un articolo, un documento importante o un testo creativo, dove le sfumature contano, le sue introduzione di funzionalità AI. Non è una gara di velocità, ma di profondità.

Il futuro delle traduzioni AI con ChatGPT Translate

L'arrivo di un concorrente così agguerrito è una notizia fantastica per tutti noi. Questa competizione spingerà entrambe le aziende a migliorare i loro servizi, offrendoci strumenti sempre più potenti e accurati. Stiamo entrando in un'era in cui la traduzione automatica diventerà un vero assistente in grado di aiutarci a comunicare in modo più efficace e autentico. In questo modo si abbatteranno le barriere linguistiche con una naturalezza mai vista prima.

L'articolo ChatGPT Translate lancia la sfida a Google: cosa cambia davvero? proviene da sicurezza.net.

ValueLicensing case rumbles on as Windows giant appeals against copyright judgment

Microsoft's From Software Assurance (SA) program is the subject of a disclosure application as the long-running spat between Microsoft and ValueLicensing over the resale of software licenses rumbles on.…

EU-only ops, German subsidiaries, and a pinky promise your data won't end up in Uncle Sam's hands

Amid continued trade and geopolitical volatility between Europe and the US, Amazon Web Services is making its European Sovereign Cloud generally available today and plans to expand so-called Local Zones.…

Microsoft on Wednesday announced that it has taken a "coordinated legal action" in the U.S. and the U.K. to disrupt a cybercrime subscription service called RedVDS that has allegedly fueled millions in fraud losses. The effort, per the tech giant, is part of a broader law enforcement effort in collaboration with law enforcement authorities that has allowed it to confiscate the malicious

Palo Alto Networks has released security updates for a high-severity security flaw impacting GlobalProtect Gateway and Portal, for which it said there exists a proof-of-concept (PoC) exploit. The vulnerability, tracked as CVE-2026-0227 (CVSS score: 7.7), has been described as a denial-of-service (DoS) condition impacting GlobalProtect PAN-OS software arising as a result of an improper check for

bonjour,
pour mon usage de framadate (organisation d’animations oléicoles gratuites) j’appréciais beaucoup le rendu en « tableau » avec les nom à gauche et les dates validées qui apparaissent en couleur différentes dans des colonnes; chaque individu étant donc une ligne. Là c’est bien moins pratique. Est ce que ce serait envisageable d’avoir un rendu « tableau  » possible?
Comme d’autres utilisateurs il me semble également que c’est plus simple de noter le nom avant et que les couleurs (oui vert , peut-etre orange et non rouge) facilitent la lecture et l’utilisation, surtout quand on a affaire a des publics de 60 ans et plus ;)…
Merci pour tout ce que vous faites, c’est toujours dur de changer!
Bonne année à tous et toutes
Cécile

La nuova corsa allo spazio è iniziata. La Cina si prepara a lanciare la sua mega costellazione di satelliti, mettendo in discussione il primato di Starlink, e i numeri in gioco sono impressionanti.

Per anni il progetto di Elon Musk è stato visto come l'unico protagonista della connettività globale via satellite. Ora Pechino svela piani ambiziosi che potrebbero ridisegnare gli equilibri geostrategici nell'orbita terrestre. Questa competizione tra satelliti cinesi e americani tra va oltre il futuro di internet. Analizziamo insieme cosa significa.

Cosa sappiamo della mega costellazione di satelliti cinesi?

La Cina non si limita a entrare in gioco: punta a farlo in grande stile. L'obiettivo è lanciare una gigantesca rete di satelliti in orbita bassa (LEO), nota come "Guowang" o "Rete Nazionale". Anche se le cifre esatte restano riservate, si stima che il numero di satelliti potrebbe eguagliare o superare quello di Starlink nel lungo periodo. Questa iniziativa è il risultato di una strategia nazionale ben definita, volta a garantire alla Cina totale indipendenza tecnologica e infrastrutturale.

L'obiettivo è duplice:

• Fornire una connessione internet a banda larga affidabile e veloce su tutto il territorio nazionale, incluse le aree più remote.
• Proiettare la propria influenza a livello globale, offrendo servizi di connettività ai paesi partner, in particolare lungo la Nuova Via della Seta.

Si tratta di un progetto con un fortissimo valore strategico ed economico, molto più di un semplice servizio commerciale.

La Cina sfida Starlink e non è solo una questione di internet

Limitare questa competizione a una semplice battaglia per la banda larga sarebbe un errore. La posta in gioco è molto più alta.

Il controllo dell'orbita bassa terrestre è diventato un elemento cruciale per la sicurezza nazionale e per il dominio geopolitico del futuro. Una mega costellazione come quella cinese offre vantaggi che vanno ben oltre la navigazione web. Parliamo di comunicazioni militari sicure, sorveglianza avanzata, gestione di veicoli autonomi e droni.

Avere una propria infrastruttura orbitale significa non dipendere da servizi stranieri, che potrebbero essere interrotti in caso di tensioni internazionali. È una questione di sovranità digitale estesa fino allo spazio.

Le differenze chiave tra i satelliti cinesi e di Starlink

Sebbene l'obiettivo finale sembri simile, le filosofie alla base dei due progetti sono radicalmente diverse. Capire queste differenze è fondamentale per comprendere la portata della sfida.

Controllo statale vs. iniziativa privata

La differenza più evidente risiede nella governance.

Starlink è un'iniziativa di SpaceX, un'azienda privata, pur ricevendo importanti contratti governativi.

Il progetto cinese, al contrario, è interamente guidato e finanziato dallo Stato. Ciò significa che le sue priorità non sono puramente commerciali, ma rispondono a un'agenda politica e strategica nazionale.

Tempistiche e vantaggio tecnologico

Starlink ha un notevole vantaggio temporale. Possiede già migliaia di satelliti in orbita e un servizio attivo a livello globale. Tuttavia sottovalutare la Cina sarebbe un errore. Pechino ha dimostrato una capacità di esecuzione impressionante in numerosi settori tecnologici, incluso quello spaziale.

La sua sfida principale per i tecnici dei satelliti cinesi, sarà colmare il divario tecnologico e logistico, in tempi brevi.

Cosa significa per il futuro dell'orbita terrestre?

Questa nuova corsa allo spazio solleva anche serie preoccupazioni. L'orbita bassa sta diventando sempre più affollata.

L'aumento esponenziale del numero di satelliti aumenta drasticamente il rischio di collisioni e la creazione di detriti spaziali, un problema che potrebbe rendere intere fasce orbitali inutilizzabili per le generazioni future.

La competizione tra i satelliti cinesi e quelli di Starlink segna l'inizio di una nuova era. Non si tratta più solo di piantare una bandiera sulla Luna. È una complessa partita a scacchi per il controllo dell'infrastruttura digitale che governerà il nostro futuro.

La sfida per il dominio dei cieli è appena iniziata e le sue conseguenze si faranno sentire qui, sulla Terra.

L'articolo I satelliti cinesi sfidano Starlink per il dominio dello spazio proviene da sicurezza.net.

Bonjour,
existe-t-il une application pour le framacount ?
j’utilise tricount depuis longtemps pour gérer les dépenses quotidiennes avec plusieurs membres, la facilité d’accès pour tous les participant.es est important
Merci de votre réponse

Retail giant's disty, reseller, and vendor all say they can't and won't sell

Exclusive  Dell has filed a claim against VMware in the software licensing dispute brought by supermarket giant Tesco and wants the virtualization giant should fork over at least £10 million under certain circumstances.…

Hasn’t revealed how much kit did the job, so Nvidia can probably rest easy

Chinese outfit Zhipu AI claims it trained a new model entirely using Huawei hardware, and that it’s the first company to build an advanced model entirely on Chinese hardware.…

Forrester principal analyst JP Gownder says jobs eaten by bots don't come back

Interview  Analyst firm Forrester’s vice president and principal analyst J. P. Gownder remains unconvinced that AI will revolutionize productivity.…

RedVDS, a cybercrime-as-a-service operation that has stolen millions from victims, lost two domains to a law enforcement operation.

Last year in Australia, New Zealand, and the South Pacific, Main Street businesses like retail and construction suffered more cyberattacks than their critical sector counterparts.

kolbitube so kolbi can make videos

The Black Lotus Labs team at Lumen Technologies said it null-routed traffic to more than 550 command-and-control (C2) nodes associated with the AISURU/Kimwolf botnet since early October 2025. AISURU and its Android counterpart, Kimwolf, have emerged as some of the biggest botnets in recent times, capable of directing enslaved devices to participate in distributed denial-of-service (DDoS)

Researchers discovered a modular, "cloud-first" framework that is feature-rich and designed to maintain stealthy, long-term access to Linux environments.

Not long ago, AI agents were harmless. They wrote snippets of code. They answered questions. They helped individuals move a little faster. Then organizations got ambitious. Instead of personal copilots, companies started deploying shared organizational AI agents - agents embedded into HR, IT, engineering, customer support, and operations. Agents that don’t just suggest, but act. Agents

Security experts have disclosed details of an active malware campaign that's exploiting a DLL side-loading vulnerability in a legitimate binary associated with the open-source c-ares library to bypass security controls and deliver a wide range of commodity trojans and stealers. "Attackers achieve evasion by pairing a malicious libcares-2.dll with any signed version of the legitimate ahost.exe (

The browser protection and detection technology will be integrated into CrowdStrike's Falcon platform to protect endpoints, browser sessions, and cloud applications.

Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances. The operating system (OS) injection vulnerability, tracked as CVE-2025-64155, is rated 9.4 out of 10.0 on the CVSS scoring system. "An improper neutralization of special elements used in an OS command ('OS command

In Formula 1, milliseconds matter… and so does security. Keeper Security has helped Atlassian Williams F1 Team tighten its cyber defences, revealing how the iconic racing team is using KeeperPAM to protect its data, systems and global operations without taking its foot off the accelerator.

Announced on 13 January 2026, a new case study from Keeper Security details how Atlassian Williams F1 Team has overhauled its privileged access strategy using KeeperPAM, a unified, cloud-native Privileged Access Management (PAM) platform built on zero-trust and zero-knowledge principles. With terabytes of sensitive telemetry and performance data generated every race weekend, any breach, whether trackside or back at base, could be race-ending.

Unlike many organisations, Atlassian Williams F1 Team’s infrastructure isn’t parked in one place. It’s constantly on the move, travelling across more than 20 countries each season. From airports and paddocks to garages and headquarters, the team needed cybersecurity that could keep pace with a relentless global schedule without adding friction.

“We travel to more than 20 countries each season, and every week we’re in a new location,” said James Vowles, Team Principal, Atlassian Williams F1 Team. “Our infrastructure isn’t sitting safely in a single building – it’s traveling with us. That means we have to be secure wherever we are, from airports to garages to our HQ at Grove. With Keeper, we can build that fortress around our operations.”

KeeperPAM delivered that protection by putting zero trust at the heart of access control. Through role-based access, privileged session monitoring and automated provisioning, the platform allows Atlassian Williams F1 Team to enforce least privilege while keeping engineers and staff moving at racing speed.

The team has also streamlined operations by funnelling all privileged connections through a single platform, giving security teams better visibility and faster reaction times when something looks off.

“We now have a single platform where all of our connections go through,” said Harry Wilson, former Head of Information Security, Atlassian Williams F1 Team. “We can apply policies, monitor usage and generate alerts when something unexpected happens. Doing that on our server estate was critical to us.”

KeeperPAM brings together enterprise password management, secrets management, privileged session management, endpoint privilege management, secure remote access and dark web monitoring into one cloud-native platform. By replacing legacy tools with a single solution, Keeper Security says organisations gain real-time visibility, automated least-privilege enforcement and AI-driven threat detection, helping them spot threats before they cross the finish line.

For Atlassian Williams F1 Team, flexibility was just as important as control. Engineers occasionally need elevated access, but only when it’s genuinely required  and never longer than necessary.

“There are times when employees need local admin rights on a case-by-case basis,” added Wilson. “With Keeper, we can grant that access in real time and remove it automatically, which gives us confidence that privileged access is always controlled and temporary.”

Keeper Security believes modern PAM needs to work quietly in the background, more like a finely tuned race engine than a heavy braking system.

“Modern PAM has to do more than secure credentials. It has to automate provisioning, rotate secrets and eliminate standing privileges – all without burdening IT teams,” said Craig Lurey, CTO and Co-founder, Keeper Security. “That’s why we designed KeeperPAM to replace complexity with automation, freeing organisations like Atlassian Williams F1 Team to focus on what they do best.”

By centralising all credentials within a zero-knowledge environment, Atlassian Williams F1 Team has eliminated plaintext exposure while automating the provisioning and deprovisioning of privileged access. The result is lower operational overhead for IT teams and fewer roadblocks for engineers pushing performance innovation.

With KeeperPAM in place, Atlassian Williams F1 Team can now operate securely on any device, on any network, anywhere in the world. In a sport where marginal gains make all the difference, cybersecurity has become another competitive edge, helping the team stay secure, agile and firmly in the race.

The post Keeper Security puts Atlassian Williams F1 Team in pole position on cybersecurity appeared first on IT Security Guru.

Coucou les colibris !

Une question simple : comment ajouter en entête ou pied de page, un champ qui donne le chemin d’un document sur le “nuage” et non sur la machine ?

Ceci permettrait aux usagers de savoir où trouver le document qu’ils tiennent dans les mains.

Note : quand j’insère un champ Document > Nom de fichier > Chemin/Nom de fichier, j’obtiens par exemple : /tmp/user/docs/NIMyK3qpB4ayA5ik/260114.odt

alors que je voudrais quelque chose comme ODJ & CR / COORDO / CR / 260114.odt

Est-ce techniquement possible?

Gratitude pour le temps que vous me consacrerez pour m’aider dans ma demande

lnj

8 messages - 2 participant(e)s

Lire le sujet en entier

Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from 51% in 2024.  Government sector malicious activity spiked from 2% to 12.9%, while 1 in 7 Education sites show active compromise. Specific offenders: Google Tag Manager (8% of violations), Shopify (5%), Facebook Pixel (4%). Download the

When Ciji Graham visited a cardiologist on Nov. 14, 2023, her heart was pounding at 192 beats per minute, a rate healthy people her age usually reach during the peak of a sprint. She was having another episode of atrial fibrillation, a rapid, irregular heartbeat. The 34-year-old Greensboro, North Carolina, police officer was at risk of a stroke or heart failure. 

In the past, doctors had always been able to shock Graham’s heart back into rhythm with a procedure called a cardioversion. But this time, the treatment was just out of reach. After a pregnancy test came back positive, the cardiologist didn’t offer to shock her. Graham texted her friend from the appointment: “Said she can’t cardiovert being pregnant.”

The doctor told Graham to consult three other specialists and her primary care provider before returning in a week, according to medical records. Then she sent Graham home as her heart kept hammering.   

Like hundreds of thousands of women each year who enter pregnancy with chronic conditions, Graham was left to navigate care in a country where medical options have significantly narrowed.

As ProPublica has reported, doctors in states that ban abortion have repeatedly denied standard care to high-risk pregnant patients. The expert consensus is that cardioversion is safe during pregnancy, and ProPublica spoke with more than a dozen specialists who said they would have immediately admitted Graham to a hospital to get her heart rhythm under control. They found fault, too, with a second cardiologist she saw the following day, who did not perform an electrocardiogram and also sent her home. Although Graham’s family gave the doctors permission to speak with ProPublica, neither replied to ProPublica’s questions.

Graham came to believe that the best way to protect her health was to end her unexpected pregnancy. But because of new abortion restrictions in North Carolina and nearby states, finding a doctor who could quickly perform a procedure would prove difficult. Many physicians and hospitals now hesitate to discuss abortion, even when women ask about it. And abortion clinics are not set up to treat certain medically complicated cases. As a result, sick pregnant women like Graham are often on their own.

“I can’t feel like this for 9mo,” Graham wrote her friend. “I just can’t.” 

She wouldn’t. In a region that had legislated its commitment to life, she would spend her final days struggling to find anyone to save hers. 

---

Graham hated feeling out of breath; her life demanded all her energy. Widely admired for her skills behind the wheel, she was often called upon to train fellow officers at the Greensboro Police Department. At home, she needed to chase her 2-year-old son, SJ, around the apartment. She was a natural with kids — she’d helped her single mom raise her nine younger siblings.

She thought her surprise pregnancy had caused the atrial fibrillation, also called A-fib. In addition to heart disease, she had a thyroid disorder; pregnancy could send the gland into overdrive, prompting dangerous heart rhythms. 

When Graham saw the first cardiologist, Dr. Sabina Custovic, the 192 heart rate recorded on an EKG should have been a clear cause for alarm. “I can’t think of any situation where I would feel comfortable sending anyone home with a heart rate of 192,” said Dr. Jenna Skowronski, a cardiologist at the University of North Carolina. A dozen cardiologists and maternal-fetal medicine specialists who reviewed Graham’s case for ProPublica agreed. The risk of death was low, but the fact that she was also reporting symptoms — severe palpitations, trouble breathing — meant the health dangers were significant. 

All the experts said they would have tried to treat Graham with IV medication in the hospital and, if that failed, an electrical shock. Cardioversion wouldn’t necessarily be simple — likely requiring an invasive ultrasound to check for blood clots beforehand — but it was crucial to slow down her heart. A leading global organization for arrhythmia professionals, the Heart Rhythm Society, has issued clear guidance that “cardioversion is safe and effective in pregnancy.”

Even if the procedure posed a small risk to the pregnancy, the risk of not treating Graham was far greater, said Rhode Island cardiologist Dr. Daniel Levine: “No mother, no baby.”

Custovic did not answer ProPublica’s questions about why the pregnancy made her hold off on the treatment or whether abortion restrictions affect her decision-making.  

The next day — as her heart continued to thump — Graham saw a second cardiologist, Dr. Will Camnitz, at Cone Health, one of the region’s largest health care systems. 

According to medical records, Graham’s pulse registered as normal when taken at Camnitz’s office, as it had at her appointment the previous day. Camnitz noted that the EKG from the day before showed she was in A-fib and prescribed a blood thinner to prepare for a cardioversion in three weeks — if by then she hadn’t returned to a regular heart rhythm on her own. 

Some of the experts who reviewed Graham’s care said that this was a reasonable plan if her pulse was, indeed, normal. But Camnitz, who specializes in the electrical activity of the heart, did not order another EKG to confirm that her heart rate had come down from 192, according to medical records. “He’s an electrophysiologist and he didn’t do that, which is insane,” said Dr. Kayle Shapero, a cardio-obstetrics specialist at Brown University. According to experts, a pulse measurement can underestimate the true heart rate of a patient in A-fib. Every cardiologist who reviewed Graham’s care for ProPublica said that a repeat EKG would be best practice. If Graham’s rate was still as high as it was the previous day, her heart could eventually stop delivering enough blood to major organs. Camnitz did not answer ProPublica’s questions about why he didn’t administer this test.

Three weeks was a long time to wait with a heart that Graham kept saying was practically leaping out of her chest.

Camnitz knew about Graham’s pregnancy but did not discuss whether she wanted to continue it or advise her on her options, according to medical records. That same day, though, Graham reached out to A Woman’s Choice, the sole abortion clinic in Greensboro. 

North Carolina bans abortion after 12 weeks; Graham was only about six weeks pregnant. Still, there was a long line ahead of her. Women were flooding the state from Tennessee, Georgia and South Carolina, where new abortion bans were even stricter. On top of that, a recent change in North Carolina law required an in-person consent visit three days before a termination. The same number of patients were now filling twice as many appointment slots. 

Graham would need to wait nearly two weeks for an abortion. 

It’s unclear if she explained her symptoms to the clinic; A Woman’s Choice spokesperson said it routinely discards appointment forms and no longer had a copy of Graham’s. But the spokesperson told ProPublica that a procedure at the clinic would not have been right for Graham; because of her high heart rate, she would have needed a hospital with more resources. 

Dr. Jessica Tarleton, an abortion provider who spent the past few years working in the Carolinas, said she frequently encountered pregnant women with chronic conditions who faced this kind of catch-22: Their risks were too high to be treated in a clinic, and it would be safest to get care at a hospital, but it could be very hard to find one willing to terminate a pregnancy. 

In states where abortions have been criminalized, many hospitals have shied away from sharing information about their policies on abortion. Cone Health, where Graham typically went for care, would not tell ProPublica whether its doctors perform abortions and under what circumstances; it said, “Cone Health provides personalized and individualized care to each patient based on their medical needs while complying with state and federal laws.” 

Graham never learned that she would need an abortion at a hospital rather than a clinic. Physicians at Duke University and the University of North Carolina, the premier academic medical centers in the state, said that she would have been able to get one at their hospitals — but that would have required a doctor to connect her or for Graham to have somehow known to show up.  

Had Graham lived in another country, she may not have faced this maze alone. 

In the United Kingdom, for example, a doctor trained in caring for pregnant women with risky medical conditions would have been assigned to oversee all of Graham’s care, ensuring it was appropriate, said Dr. Marian Knight, who leads the U.K.’s maternal mortality review program. Hospitals in the U.K. also must abide by standardized national protocols or face regulatory consequences. Researchers point to these factors, as well as a national review system, as key to the country’s success in lowering its rate of maternal death. The maternal mortality rate in the U.S. is more than double that of the U.K. and last on the list of wealthy countries.

Graham’s friend Shameka Jackson could tell that something was wrong. Graham didn’t seem like her usual “perky and silly” self, Jackson said. On the phone, she sounded weak, her voice barely louder than a whisper. 

When Jackson offered to come over, Graham said it would be a waste of time. “There’s nothing you can do but sit with me,” Jackson said she replied. “The doctors ain’t doing nothing.” 

Graham no longer cooked or played with her son after work, said her boyfriend, Shawn Scott. She stopped hoisting SJ up to let him dunk on the hoop on the closet door. Now, she headed straight for the couch and barely spoke, except to say that no one would shock her heart. 

“I hate feeling like this,” she texted Jackson. “Ain’t slept, chest hurts.” 

“All I can do is wait until the 28th,” Graham said, the date of her scheduled abortion. 

---

On the morning of Nov. 19, Scott awoke to a rap on the front door of the apartment he and Graham shared. He’d been asleep on the couch after a night out with friends and thought that Graham had left for work. 

A police officer introduced himself and explained that Graham hadn’t shown up and wasn’t answering her phone. He knew she hadn’t been feeling well and wanted to check in. 

Most mornings, Graham was up around 5 a.m. to prepare for the day. With Scott, she would brush SJ’s teeth, braid his hair and dress him in stylish outfits, complete with Jordans or Chelsea boots. 

When Scott walked into their bedroom, Graham was face down in bed, her body cold when he touched her. The two men pulled her down to the floor to start CPR, but it was too late. SJ stood in his crib, silently watching as they realized. 

The medical examiner would list Graham’s cause of death as “cardiac arrhythmia due to atrial fibrillation in the setting of recent pregnancy.” There was no autopsy, which could have identified the specific complication that led to her death. 

High-risk pregnancy specialists and cardiologists who reviewed Graham’s case were taken aback by Custovic’s failure to act urgently. Many said her decisions reminded them of behaviors they’ve seen from other cardiologists when treating pregnant patients; they attribute this kind of hesitation to gaps in education. Although cardiovascular disease is the leading cause of death in pregnant women, a recent survey developed with the American College of Cardiology found that less than 30% of cardiologists reported formal training in managing heart conditions in pregnancy. “A large proportion of the cardiology workforce feels uncomfortable providing care to these patients,” the authors concluded in the Journal of the American Heart Association. The legal threats attached to abortion bans, many doctors have told ProPublica, have made some cardiologists even more conservative.

Custovic did not answer ProPublica’s questions about whether she felt she had adequate training. A spokesperson for Cone Health, where Camnitz works, said, “Cone Health’s treatment for pregnant women with underlying cardiac disease is consistent with accepted standards of care in our region.” Although Graham’s family gave the hospital permission to discuss Graham’s care with ProPublica, the hospital did not comment on specifics. 

Three doctors who have served on state maternal mortality review committees, which study the deaths of pregnant women, told ProPublica that Graham’s death was preventable. “There were so many points where they could have intervened,” said Dr. Amelia Huntsberger, a former member of Idaho’s panel.

Graham’s is the seventh case ProPublica has investigated in which a pregnant woman in a state that significantly restricted abortion died after she was unable to access standard care. 

The week after she died, Graham’s family held a candlelight ceremony outside of her high school, which drew friends and cops in uniform, and also Greensboro residents whose lives she had touched. One woman approached Graham’s sisters and explained Graham had interrupted her suicide attempt five years earlier and reassured her that her life had value; she had recently texted Graham, “If it wasn’t for you, I wouldn’t be here today, expecting my first child.”

As for Graham’s own son, no one explained to SJ that his mother had died. They didn’t know how to describe death to a toddler. Instead, his dad and grandmother and aunts and uncles told him that his mom had left Earth and gone to the moon. SJ now calls it the “Mommy moon.”

For the past two years, every night before bed, he asks to go outside, even on the coldest winter evenings. He points to the moon in the dark sky and tells his mother that he loves her.

The post A Pregnant Woman at Risk of Heart Failure Couldn’t Get Urgent Treatment. She Died Waiting for an Abortion. appeared first on ProPublica.

L'articolo Comunicazione quantistica: la nuova frontiera della sicurezza digitale europea proviene da Guerre di Rete.

Microsoft on Tuesday rolled out its first security update for 2026, addressing 114 security flaws, including one vulnerability that it said has been actively exploited in the wild. Of the 114 flaws, eight are rated Critical, and 106 are rated Important in severity. As many as 58 vulnerabilities have been classified as privilege escalation, followed by 22 information disclosure, 21 remote code

Last year, when Utah lawmakers passed the nation’s first statewide ban on community water fluoridation, they included a provision making it easier for people to get fluoride supplements without having to visit a dental provider.

This would make fluoride available through individual choice, rather than “mass public dosing,” as a Utah House of Representatives webpage put it — part of the rising rhetoric of skepticism that’s led to rollbacks of water fluoridation, a proven method to reduce tooth decay.

“It’s what I like to refer to as the win-win, right?” Speaker Mike Schultz said on a June episode of the “House Rules” podcast from the Utah House. “Those that want fluoride can now get fluoride easier, and those that don’t want fluoride in their drinking water don’t have to have that.”

But even as critics point to fluoride supplements as an alternative — along with fluoride toothpaste, rinses and varnishes — many are creating barriers to these same products.

Under U.S. Health and Human Services Secretary Robert F. Kennedy Jr.’s oversight, the Food and Drug Administration said it issued notices to four businesses about their ingestible fluoride supplements for children and also put out new guidance for health professionals.

In Texas, Attorney General Ken Paxton launched investigations into two large companies over their marketing of fluoride toothpaste to parents and children.

And changes to Medicaid in President Donald Trump’s so-called One Big Beautiful Bill Act threaten to make it harder than it already is for the most vulnerable people to access any oral health care at all, let alone fluoride treatments at a dentist’s office.

More than anything, experts say, alarmist language from high-profile officials is trickling down to the public, leading more people to question whether any form of fluoride — in drinking water or in other treatments — is a good idea.

Scott Tomar, a professor and associate dean at the University of Illinois Chicago College of Dentistry, is among those who have watched with dismay as the conversation about fluoride has been affected by arguments likely to scare people.

“I’m certain that the net result of all of this is going to be a greater reluctance on the part of parents and providers to prescribe fluoride supplements,” Tomar said.

Low, consistent exposure to fluoride is widely credited for dramatic declines in decaying teeth. But long-simmering skepticism about its use gained more influence in recent years, especially with Kennedy’s credibility and influence as the nation’s chief health officer.

“The evidence against fluoride is overwhelming,” he said as he stood alongside Utah lawmakers at a press conference in Salt Lake City last April.

Even though the science to support his conclusions is limited, he claimed that fluoride “causes IQ loss, profound IQ loss,” and he linked water fluoridation to ADHD, hypothyroidism, osteoarthritis, and kidney and liver issues.

Lee Zeldin, who leads the Environmental Protection Agency, spoke at the Utah event, too, crediting Kennedy for helping to spur the agency’s review of its standard for fluoride in drinking water. An EPA spokesperson, in a statement to ProPublica, said that the agency’s “next analysis of new scientific information on potential health risks of fluoride in drinking water was not due until 2030, but this agency is moving at Trump Speed.”

Meanwhile, the FDA is partnering with other federal agencies to develop what it called “a fluoride research agenda.” And, as part of a series of drastic cutbacks last spring, the Division of Oral Health at the Centers for Disease Control and Prevention was eliminated.

In a statement emailed to ProPublica, an HHS spokesperson argued that fluoride’s “predominant benefit to teeth comes from topical contact with the outside of the teeth, not from ingestion. There is no need, therefore, to ingest fluoride.”

Fluoride’s opponents cite a hotly debated “state of the science” report from the National Toxicology Program in 2024, saying that it shows an association between fluoride exposure and a lowered IQ in children.

But those findings are not widely embraced because of the review’s limitations. It analyzed studies conducted outside the U.S., with different water conditions, and involving fluoride levels at more than twice the standard for drinking water here. The report itself states, in bold type, that it does not address “whether the sole exposure to fluoride added to drinking water” at the recommended level in the United States and Canada “is associated with a measurable effect on IQ.”

In this atmosphere, as ProPublica has reported, there’s been widespread wavering on water fluoridation, even in Michigan, where the treatment debuted more than 80 years ago.

Florida joined Utah in banning fluoridation statewide. Bills to do the same were introduced in at least 19 other states last year, and that momentum is carrying forward, with statewide bans recently proposed in Arizona and South Carolina. Meanwhile, local debates over fluoridation are turning raucous.

Utah’s dental professionals are concerned about how to stave off an expected hit to oral health, as other communities experienced when they cut off fluoridation.

“We get heartburn over the situation,” said James Bekker, a pediatric dentist and past president of the Utah Dental Association.

Bekker and others are piecing together ways to provide other forms of fluoride treatment to Utahns. But he’s worried, he said, about “all these susceptible, vulnerable children in underserved populations that don’t have a choice and don’t have a voice, but they are going to suffer.”

Shortly after Utah banned fluoridation, the FDA took aim at the kind of supplements that lawmakers had presented as a key alternative. The agency announced that it was working to remove certain ingestible fluoride products for children from the market. Its press release described associations with changes to the gut microbiome, thyroid disorders, weight gain “and possibly decreased IQ.”

More than 4,600 public comments poured into the FDA, including many from people worried about losing access to supplements while simultaneously losing water fluoridation.

“Now that fluoride has been removed from much of Utah’s water, it is imperative to provide supplementation through other means,” one orthodontist wrote. A dentist in South Florida criticized the scare tactics and bad science leading states like hers to ban fluoridation and said that prescribing fluoride drops and lozenges is one of the few alternatives for pediatric patients.

On Oct. 31, the FDA announced efforts to “restrict the sale of unapproved ingestible fluoride prescription drug products for children.” The agency said it sent notices to four companies about marketing the supplements for children under 3 and older children with moderate or low risk for tooth decay. It also said it issued letters to health care professionals “warning about the risks associated with these products.”

Even though the FDA landed short of a ban, Stuart Cooper, executive director of the Fluoride Action Network, called the agency’s shift a “major victory.” He said he believes it’s just the start of federal action to limit the use of fluoride products that FAN has long campaigned against.

Fluoride supplements, which emerged in the 1940s alongside water fluoridation, never went through an FDA review. A decade ago, Cooper said, FAN submitted a citizens petition that called for the agency to pull ingestible fluoride supplements from the market. “What we’re seeing is that come to fruition,” he said, “because we finally have FDA employees who were willing to look at the issue.”

The FDA’s stance on supplements is now at odds with several health organizations, including the American Dental Association, the American Academy of Pediatric Dentistry and the American Academy of Pediatrics. Several of them jointly support a graduated fluoride supplementation schedule that starts at six months for high-risk children.

Johnny Johnson, a retired pediatric dentist in Florida, questions the FDA’s risk parameters. “If you don’t have fluoride at appropriate levels in your water, by definition, you are at high risk” of tooth decay, said Johnson, who heads the nonprofit American Fluoridation Society.

The FDA’s letter to health professionals recommends topical fluoride as an alternative, such as toothpaste. But even that method faces scrutiny. The Texas attorney general’s office launched investigations into Colgate-Palmolive and Procter & Gamble, which sell Colgate and Crest fluoride toothpastes.

Their marketing to parents and children is “misleading, deceptive and dangerous,” Paxton’s office said in a press release. Referencing the NTP report on fluoridation, the release said the investigation came “amid a growing body of scientific evidence demonstrating that excessive fluoride exposure is not safe for children.”

In September, Paxton’s office announced a “historic agreement” with Colgate-Palmolive. When its packaging and promotional material for children’s fluoride toothpaste shows the paste on a brush, the company will display a pea-sized amount, rather than the traditional swirl. This month, Paxton’s office reported a similar settlement with Procter & Gamble.

A representative from Colgate-Palmolive said in a statement to ProPubica that Paxton’s press release acknowledged that “we already provide directions on our packaging that complies with U.S. FDA requirements for how our children’s fluoride toothpastes should be used.” Procter & Gamble said in a statement that “the Texas Attorney General acknowledged in the settlement that our products comply with all laws and regulations regarding directions for use.”

Another tool for fluoride treatment is varnish applied during a dental checkup, which may be provided at free or reduced cost through insurance programs. But even with health coverage, there are barriers that often make it difficult to see the dentists and pediatricians providing such treatment. Recent research found that insurance denials for fluoride varnish applications can add another layer of complication for patients and providers.

Supplemental fluoride treatments are limited, compared with the effectiveness, reach and cost of fluoride in drinking water, said Johnson, the retired pediatric dentist, but “it is the only option that we have in Florida and in Utah.”

“Nothing replaces fluoridated water,” he added. “Nothing comes close.”

The post After Sowing Distrust in Fluoridated Water, Kennedy and Skeptics Turn to Obstructing Other Fluoride Sources appeared first on ProPublica.

La protezione dalle frodi di pagamenti online è diventata una priorità assoluta per chiunque effettui transazioni nel mondo digitale. Ogni giorno, miliardi di euro si muovono attraverso la rete, ma con questa comodità cresce anche il rischio di cadere vittima di truffe sempre più sofisticate.

Ti sei mai chiesto se i tuoi soldi sono davvero al sicuro quando fai un bonifico o un acquisto online? La verità è che i criminali informatici non si fermano mai e sfruttano tecnologie avanzate come l'intelligenza artificiale per ingannare persone e aziende. Per fortuna, anche le soluzioni di sicurezza si evolvono per offrire gli strumenti giusti.

Vediamo insieme qual è lo scenario attuale e come puoi proteggerti in modo efficace.

Un nemico invisibile: i numeri delle truffe online

Per capire la gravità del problema, basta guardare i dati. A livello globale le perdite dovute alle frodi sui pagamenti hanno raggiunto cifre sconvolgenti, toccando i 442 miliardi di dollari solo negli ultimi 12 mesi. Un numero che fa riflettere.

La parte più preoccupante è la discrepanza tra percezione e realtà. Infatti circa il 73% delle persone crede di saper riconoscere una truffa, ma quasi un quarto di loro (il 23%) finisce comunque per perdere denaro. Questo dimostra che l'eccesso di fiducia può essere il nostro peggior nemico. E il problema non riguarda solo i privati: un recente report ha rivelato che il 79% delle organizzazioni statunitensi ha subito tentativi di frode, con le truffe via email (Business Email Compromise) in cima alla lista delle minacce.

Perché i metodi tradizionali non bastano più?

Fino a poco tempo fa, molti sistemi di sicurezza si basavano su controlli superficiali, come la semplice verifica del nome associato a un conto bancario. Invece oggi questo non è più sufficiente. I criminali informatici sono diventati incredibilmente abili, utilizzando tecniche come il deepfake e l'intelligenza artificiale per creare scenari quasi perfetti. Gli attacchi basati su deepfake avvengono ormai ogni pochi minuti e le truffe più complesse crescono a un ritmo superiore al 100% anno su anno. Se i truffatori usano l'IA per attaccare, è logico usare tecnologie altrettanto avanzate per difendersi.

Le soluzioni tradizionali non sono progettate per contrastare questo livello di sofisticazione. Per questo è necessario un cambio di paradigma, come ha fatto Visa introducendo i pagamenti con Token.

La rivoluzione della verifica: oltre il semplice nome

La vera svolta sta nel cambiare approccio. Invece di limitarsi a controllare il nome del conto, le nuove tecnologie si concentrano sulla verifica dell'identità del destinatario effettivo, cioè la persona o l'entità che riceverà fisicamente i fondi. Questo aggiunge un livello di sicurezza e fiducia impensabile fino a pochi anni fa.

Un esempio concreto è la soluzione IDeveryone di Scamnetic, che permette di verificare l'identità di chiunque nel mondo durante una transazione, offrendo una difesa completa indipendentemente dal metodo di pagamento.

Come funziona la nuova protezione dalle frodi di pagamenti online?

Il processo è più semplice di quanto si possa pensare. La richiesta di verifica viene inviata tramite un'email o un SMS sicuri, rendendo la comunicazione tra le parti facile e confidenziale. La privacy è garantita, poiché nessuna informazione sensibile viene condivisa oltre al nome del destinatario.

I punti di forza di questo approccio innovativo sono:

• Copertura totale: funziona con tutti i tipi di pagamento, inclusi bonifici, sistemi digitali, criptovalute e persino assegni.
• Verifica approfondita: utilizza strumenti di livello bancario per confermare chi c'è davvero dall'altra parte.
• Assicurazione: ogni transazione può essere assicurata, offrendo un ulteriore livello di fiducia e riducendo la responsabilità per gli istituti finanziari che offrono il servizio.

I vantaggi concreti per consumatori e aziende

Adottare un approccio proattivo alla sicurezza dei pagamenti porta benefici tangibili per tutti. Per il consumatore, significa poter inviare denaro con la tranquillità di sapere esattamente a chi lo sta mandando. Il consiglio "verifica prima di pagare" diventa finalmente un'azione concreta e semplice da realizzare.

Per le banche, le fintech e i fornitori di servizi, i vantaggi sono ancora più evidenti: Riduzione delle perdite legate alle frodi, abbassamento dei costi operativi per la gestione delle truffe e maggiore sicurezza e fiducia da offrire ai propri clienti.

Guardare al futuro con la protezione dalle frodi di pagamenti online

L’era della fiducia cieca nei pagamenti digitali è ormai superata. Oggi le truffe sono sempre più sofisticate e difficili da individuare, e per questo trasparenza e verifica non sono più un optional, ma una necessità concreta. La buona notizia è che la tecnologia sta evolvendo nella giusta direzione, mettendoci a disposizione strumenti sempre più efficaci per contrastare le frodi e tutelare utenti e aziende. Informarsi, verificare e scegliere soluzioni affidabili è il primo passo per pagare online in modo consapevole.

La prossima volta che effettui un pagamento digitale, ricordalo: la sicurezza non dipende solo dalla piattaforma che utilizzi, ma anche dalla certezza di sapere esattamente chi riceverà il tuo denaro.

L'articolo Protezione dalle frodi di pagamenti online proviene da sicurezza.net.

La truffa del codice WhatsApp è tornata a colpire e rappresenta oggi uno dei pericoli più insidiosi sulla celebre piattaforma di messaggistica. Ti è mai capitato di ricevere un messaggio da un amico che ti chiede, con una scusa banale, di inoltrargli un codice a sei cifre appena ricevuto via SMS? Se dovesse accaderti, fermati subito. Potresti essere il bersaglio di un tentativo di furto del tuo account.

Ma cosa si nasconde davvero dietro questa richiesta? Non è un errore, ma una strategia ben congegnata per sottrarti il controllo del tuo profilo. Vediamo insieme come funziona, quali sono i rischi e, soprattutto, come puoi proteggerti in modo efficace.

Come funziona esattamente la truffa del codice WhatsApp?

Il meccanismo è tanto semplice quanto pericoloso. I truffatori non hanno bisogno di complesse competenze informatiche, ma contano sulla distrazione e sulla fiducia delle persone. L'inganno si svolge in pochi, rapidi passaggi. Innanzitutto il malintenzionato tenta di registrare il tuo numero di telefono su un nuovo dispositivo. Per completare questa operazione, WhatsApp invia per sicurezza un codice di verifica a sei cifre (OTP, One Time Password) via SMS al tuo numero, cioè al legittimo proprietario.

A questo punto scatta la parte cruciale dell'inganno. Il truffatore ti contatta, spesso usando l'account di un amico (già truffato in precedenza), e inventa una scusa plausibile. Potrebbe scriverti: "Ciao, scusa il disturbo, ho sbagliato a inserire il mio numero e ti ho inviato per errore un codice. Potresti girarmelo?". Se cadi nella trappola e comunichi quel codice, hai appena consegnato le chiavi del tuo account. Con quei sei numeri, il truffatore potrà completare l'accesso sul suo dispositivo, escludendoti dal tuo profilo.

Cosa succede se cadi nella trappola?

Le conseguenze possono essere molto spiacevoli. Una volta che il cybercriminale ha preso il controllo del tuo account WhatsApp, può compiere diverse azioni a tuo nome, mettendo a rischio la tua privacy e la tua reputazione.

Ecco i pericoli principali:

• Furto d'identità: il truffatore può spacciarsi per te e contattare i tuoi amici, familiari e colleghi.
• Richieste di denaro: potrebbe inventare emergenze e chiedere prestiti o ricariche telefoniche ai tuoi contatti, sfruttando la loro fiducia.
• Diffusione della truffa: userà il tuo account per ingannare altre persone nella tua rubrica, alimentando la catena.
• Accesso a informazioni private: potrebbe leggere media e informazioni scambiate nelle chat, violando la tua privacy.

La truffa del codice WhatsApp: come difendersi in 3 semplici passi

La buona notizia è che proteggersi è più semplice di quanto pensi. Non servono antivirus o software complicati, ma solo un po' di attenzione e le giuste impostazioni di sicurezza.

1. Non condividere mai il codice di WhatsApp

Questa è la regola d'oro, la più importante di tutte. Il codice di verifica di WhatsApp è strettamente personale, come il PIN di un bancomat. Nessuno, neanche l'assistenza ufficiale, ti chiederà mai di condividerlo via chat. Qualsiasi messaggio che contiene questa richiesta è, senza alcun dubbio, un tentativo di frode. Ignoralo e non rispondere.

2. Attiva la verifica in due passaggi

Questo è lo scudo di difesa più potente che hai a disposizione. La verifica in due passaggi aggiunge un ulteriore livello di sicurezza. Oltre al codice via SMS, ti verrà richiesto un PIN a 6 cifre creato da te ogni volta che registri il tuo numero su un nuovo telefono. In questo modo, anche se i truffatori ottenessero il codice SMS, non potrebbero fare nulla senza il tuo PIN segreto.

Per attivarla vai su WhatsApp e segui questo percorso: Impostazioni > Account > Verifica in due passaggi > Attiva.

È un'operazione che richiede meno di un minuto e che può salvarti da enormi problemi.

3. Segnala e blocca il contatto sospetto

Se ricevi un messaggio di questo tipo, la cosa migliore da fare è segnalare la conversazione a WhatsApp e bloccare immediatamente il contatto.

Se il messaggio proveniva da un amico, contattalo subito tramite un altro canale (una telefonata o un'altra app) per avvisarlo che il suo account è stato compromesso.

Cosa fare se sei già stato truffato?

Se ti rendi conto di aver comunicato il codice quando ormai è troppo tardi, non farti prendere dal panico. Prova subito a reinstallare WhatsApp sul tuo telefono e a effettuare di nuovo l'accesso con il tuo numero. In questo modo riceverai un nuovo codice di verifica e, inserendolo, potrai espellere il truffatore dal tuo account.

Se non riesci a rientrare, contatta l'assistenza di WhatsApp e, cosa fondamentale, avvisa i tuoi contatti più stretti dell'accaduto, così che non cadano a loro volta nella trappola.

L'articolo Truffa del codice WhatsApp: come riconoscerla e difendersi proviene da sicurezza.net.

Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software. Eight of the vulnerabilities earned Microsoft’s most-dire “critical” rating, and the company warns that attackers are already exploiting one of the bugs fixed today.

January’s Microsoft zero-day flaw — CVE-2026-20805 — is brought to us by a flaw in the Desktop Window Manager (DWM), a key component of Windows that organizes windows on a user’s screen. Kev Breen, senior director of cyber threat research at Immersive, said despite awarding CVE-2026-20805 a middling CVSS score of 5.5, Microsoft has confirmed its active exploitation in the wild, indicating that threat actors are already leveraging this flaw against organizations.

Breen said vulnerabilities of this kind are commonly used to undermine Address Space Layout Randomization (ASLR), a core operating system security control designed to protect against buffer overflows and other memory-manipulation exploits.

“By revealing where code resides in memory, this vulnerability can be chained with a separate code execution flaw, transforming a complex and unreliable exploit into a practical and repeatable attack,” Breen said. “Microsoft has not disclosed which additional components may be involved in such an exploit chain, significantly limiting defenders’ ability to proactively threat hunt for related activity. As a result, rapid patching currently remains the only effective mitigation.”

Chris Goettl, vice president of product management at Ivanti, observed that CVE-2026-20805 affects all currently supported and extended security update supported versions of the Windows OS. Goettl said it would be a mistake to dismiss the severity of this flaw based on its “Important” rating and relatively low CVSS score.

“A risk-based prioritization methodology warrants treating this vulnerability as a higher severity than the vendor rating or CVSS score assigned,” he said.

Among the critical flaws patched this month are two Microsoft Office remote code execution bugs (CVE-2026-20952 and CVE-2026-20953) that can be triggered just by viewing a booby-trapped message in the Preview Pane.

Our October 2025 Patch Tuesday “End of 10” roundup noted that Microsoft had removed a modem driver from all versions after it was discovered that hackers were abusing a vulnerability in it to hack into systems. Adam Barnett at Rapid7 said Microsoft today removed another couple of modem drivers from Windows for a broadly similar reason: Microsoft is aware of functional exploit code for an elevation of privilege vulnerability in a very similar modem driver, tracked as CVE-2023-31096.

“That’s not a typo; this vulnerability was originally published via MITRE over two years ago, along with a credible public writeup by the original researcher,” Barnett said. “Today’s Windows patches remove agrsm64.sys and agrsm.sys. All three modem drivers were originally developed by the same now-defunct third party, and have been included in Windows for decades. These driver removals will pass unnoticed for most people, but you might find active modems still in a few contexts, including some industrial control systems.”

According to Barnett, two questions remain: How many more legacy modem drivers are still present on a fully-patched Windows asset; and how many more elevation-to-SYSTEM vulnerabilities will emerge from them before Microsoft cuts off attackers who have been enjoying “living off the land[line] by exploiting an entire class of dusty old device drivers?”

“Although Microsoft doesn’t claim evidence of exploitation for CVE-2023-31096, the relevant 2023 write-up and the 2025 removal of the other Agere modem driver have provided two strong signals for anyone looking for Windows exploits in the meantime,” Barnett said. “In case you were wondering, there is no need to have a modem connected; the mere presence of the driver is enough to render an asset vulnerable.”

Immersive, Ivanti and Rapid7 all called attention to CVE-2026-21265, which is a critical Security Feature Bypass vulnerability affecting Windows Secure Boot. This security feature is designed to protect against threats like rootkits and bootkits, and it relies on a set of certificates that are set to expire in June 2026 and October 2026. Once these 2011 certificates expire, Windows devices that do not have the new 2023 certificates can no longer receive Secure Boot security fixes.

Barnett cautioned that when updating the bootloader and BIOS, it is essential to prepare fully ahead of time for the specific OS and BIOS combination you’re working with, since incorrect remediation steps can lead to an unbootable system.

“Fifteen years is a very long time indeed in information security, but the clock is running out on the Microsoft root certificates which have been signing essentially everything in the Secure Boot ecosystem since the days of Stuxnet,” Barnett said. “Microsoft issued replacement certificates back in 2023, alongside CVE-2023-24932 which covered relevant Windows patches as well as subsequent steps to remediate the Secure Boot bypass exploited by the BlackLotus bootkit.”

Goettl noted that Mozilla has released updates for Firefox and Firefox ESR resolving a total of 34 vulnerabilities, two of which are suspected to be exploited (CVE-2026-0891 and CVE-2026-0892). Both are resolved in Firefox 147 (MFSA2026-01) and CVE-2026-0891 is resolved in Firefox ESR 140.7 (MFSA2026-03).

“Expect Google Chrome and Microsoft Edge updates this week in addition to a high severity vulnerability in Chrome WebView that was resolved in the January 6 Chrome update (CVE-2026-0628),” Goettl said.

As ever, the SANS Internet Storm Center has a per-patch breakdown by severity and urgency. Windows admins should keep an eye on askwoody.com for any news about patches that don’t quite play nice with everything. If you experience any issues related installing January’s patches, please drop a line in the comments below.

Node.js has released updates to fix what it described as a critical security issue impacting "virtually every production Node.js app" that, if successfully exploited, could trigger a denial-of-service (DoS) condition. "Node.js/V8 makes a best-effort attempt to recover from stack space exhaustion with a catchable error, which frameworks have come to rely on for service availability," Node.js's

The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of new cyber attacks targeting its defense forces with malware known as PLUGGYAPE between October and December 2025. The activity has been attributed with medium confidence to a Russian hacking group tracked as Void Blizzard (aka Laundry Bear or UAC-0190). The threat actor is believed to be active since at least

Chinese cyberattacks on Taiwan's critical infrastructure — including energy utilities and hospitals — rose 6% in 2025, averaging 2.63 million attacks a day.

When cybersecurity leadership turns over too fast, risk does not reset. It compounds.

The ITSM giant tacked agentic AI onto a largely unguarded legacy chatbot, exposing customers' data and connected systems.

The vendor's first Patch Tuesday of the year also contains fixes for 112 CVEs, nearly double the amount from last month.

Attackers use a sophisticated delivery mechanism of text-only files for RAT deployment, showcasing a clever way to bypass defensive tools and rely on the target's own utilities.

Cybersecurity researchers have discovered a major web skimming campaign that has been active since January 2022, targeting several major payment networks like American Express, Diners Club, Discover, JCB Co., Ltd., Mastercard, and UnionPay. "Enterprise organizations that are clients of these payment providers are the most likely to be impacted," Silent Push said in a report published today.

The quest for justice dominated his life. 

He gathered police reports, witness statements and other evidence in the Dec. 14, 2012, fatal incident inside a Milwaukee-area convenience store. The youth had tried to shoplift $12 worth of flavored malt beverages at the shop before abandoning the items and turning to leave. That’s when three men wrestled him to the ground to hold him for the police. 

The medical examiner determined that he died of a brain injury from asphyxiation after a “violent struggle with multiple individuals.” The manner of death: homicide. 

When prosecutors chose not to charge anyone, Stingley waged a legal campaign of his own that forced the case to be reexamined. A 2023 ProPublica investigation pieced together a detailed timeline of what happened inside the store, recounted what witnesses saw and examined the backgrounds of the three customers involved in the altercation.

Finally, this week, in an extraordinary turn of events, Stingley will see a measure of accountability. On Monday, a criminal complaint filed in Milwaukee County Circuit Court charged the surviving patrons — Robert W. Beringer and Jesse R. Cole — with felony murder. The defendants are set to appear in court on Thursday. 

Beringer’s attorney, Tony Cotton, described the broad outlines of a deferred prosecution agreement that can lead to the charges being dismissed after the two men plead guilty or no contest. The men may be required by the court to make a contribution to a charity in honor of Corey Stingley and to perform community service, avoiding prison time, according to Cotton and Craig Stingley.

In Wisconsin, felony murder is a special category for incidents in which the commission of a serious crime — in this case, false imprisonment — causes the death of another person. The prosecutor’s office in Dane County, which is handling the matter, declined to comment. Cole’s attorney said his client had no comment. Previously, the three men have argued that their actions were justified, citing self-defense and their need to respond to an emergency. 

For Stingley, a key part of the accountability process already has taken place. Last year, as part of a restorative justice program and under the supervision of a retired judge, Stingley and the two men interacted face to face in separate meetings.

There, inside an office on a Milwaukee college campus, they confronted the traumatic events that led to Corey Stingley’s death and the still-roiling feelings of resentment, sorrow and pain. 

Craig Stingley said he felt that, after years of downplaying their role, the men showed regret and a deeper understanding of what had happened. For instance, Stingley said, he and Cole aired out their different perspectives on what occurred and even reviewed store surveillance video together. 

“I have never been able to breathe as clearly and as deeply and feel as free as I have after that meeting was over,” Stingley said. 

Restorative justice programs bring together survivors and offenders — via meetings or letters or through community panels — to try to deepen understanding, promote healing and discuss how best to make amends for a wide range of harms. The approach has been used by schools and juvenile and criminal justice systems, as well as nations grappling with large-scale atrocities.

Situations where restorative justice and deferred prosecution are employed for such serious charges are rare, Cotton said. But, he said, the whole case is rare — from the prosecution declining to issue charges initially to holding it open for multiple reviews over a decade. 

“Our hearts go out to the Stingley family, and we believe that the restorative justice process has allowed all sides to express their feelings openly,” Cotton said. “We are glad that a fair and just outcome has been achieved.”

The Legal Quest

Milwaukee’s district attorney at the time of Corey Stingley’s death, John Chisholm, announced there would be no charges 13 months later, in January 2014. Cole, Beringer and a third man, Mario Laumann, now deceased, were not culpable because they did not intend to injure or kill the teen and weren’t trained in proper restraint techniques, Chisholm determined. 

Craig Stingley, who is Black, and others in the community protested the decision, claiming the three men — all white — were not good Samaritans but had acted violently to kill a Black youth with impunity. “When a person loses his life at the hands of others, it would seem that a ‘chargeable’ offense has occurred,” the Milwaukee branch of the NAACP said in a statement at the time.

Looking for a way to reopen the case, Stingley reexamined the evidence, including security video. In a painful exercise, he watched the takedown of his son, by his estimation hundreds of times, analyzing who did what, frame by frame. What he saw only reinforced his view that his son’s death was unnecessary and his right to due process denied.

Corey Stingley and his father lived only blocks from VJ’s Food Mart, in West Allis, Wisconsin. That December day, Stingley made his way to the back of the store and stuck six bottles of Smirnoff Ice into his backpack. At the front counter, the teenager provided his debit card to pay for an energy drink, but the clerk demanded the stolen items. Stingley surrendered the backpack, reached toward the cash register to recover his debit card, then turned to exit.

Cole told police he extended his hand to stop Stingley and claimed that the teen punched him in the face, though it is not evident on the video. The three men grabbed the youth. During a struggle, the men pinned Stingley to the floor. 

Laumann kept Stingley in a chokehold, several witnesses told investigators. ProPublica later discovered that Laumann had been a Marine. His brother told ProPublica he likely learned how to apply chokeholds as part of his military service decades ago. 

Beringer had Stingley by the hair and was pressing on the teen’s head, a witness told authorities. Cole helped to hold Stingley down. Eventually, Stingley stopped resisting. The police report states that Cole thought the teen was “playing limp” to trick them into loosening their grip.

“Get up, you punk!” Laumann told the motionless teen when an officer finally arrived, according to a police report. Stingley was foaming at the mouth and had urinated through his clothes. The officer couldn’t find a pulse. Stingley never regained consciousness, dying at a hospital two weeks later.

Craig Stingley unsuccessfully sought a meeting with Chisholm in 2015 to discuss the lack of charges. “Feel free to seek legal advice in the private sector regarding your Constitutional Rights,” an assistant to Chisholm replied to Stingley in an email. “I extend my deepest sympathy to you and your family!”

Stingley’s review of the video, however, did bring about another legal opportunity in 2017, after he notified West Allis police that there was footage showing Laumann with his arm around the teen’s throat. (Laumann had denied putting him in a headlock.) A Racine County district attorney was appointed to review the evidence again. She issued no report for three years, until pressed by the court, then concluded that no charges were warranted. 

Finally, Stingley discovered an obscure Wisconsin “John Doe” statute. It allows private citizens to petition a judge to consider whether a crime had been committed if a district attorney refuses to issue a criminal complaint.

A former process engineer for an electrical transformer manufacturer, Stingley had no legal training. Still, in November 2020, he filed a 14-page petition with the then-chief judge of the Milwaukee County Circuit Court, Mary Triggiano. It cited legal authority and “material facts,” including excerpts from police reports, witness statements and stills from the surveillance video. Stingley quoted former U.S. Supreme Court Justice Louis Brandeis in the petition and the British statesman William Gladstone: “Justice delayed is justice denied.”

That led to the appointment in July 2022 of Dane County District Attorney Ismael Ozanne to review the case. But that process was slowed by procedural hurdles. Stingley took the delays in stride, saying he trusted that Ozanne and his staff were treating the matter seriously and acting appropriately.

In 2024, Stingley said, Ozanne’s office advised him that they had found sufficient evidence to issue charges against Cole and Beringer but could not guarantee that a jury would deliver a guilty verdict. Stingley, researching the family’s options, said he inquired about the restorative justice process. The DA’s office supported the idea, arranging for him and the two men to meet under the supervision of the Andrew Center for Restorative Justice, part of the law school at Milwaukee’s Marquette University. The program is run by Triggiano, who’d retired from the court.

The concept of restorative justice can be traced back to indigenous cultures, where people sat together to talk through conflict and solve problems. It emerged in the United States in criminal justice systems in the 1970s as a way to provide alternatives to prison and restitution to victims. Elsewhere, it has notably been used to address the aftermath of genocide in Rwanda, where beginning in 2002 truth-telling forums led to forgiveness and reconciliation.

Stingley, who has three remaining grown children and four grandchildren, desperately wanted “balance restored” for his family. He decided the best path forward was to meet with the men he considered responsible for his son’s death.

The Quest for Closure

Stingley brought photos of Corey to the restorative justice meeting with Berringer in April.

The goal: to respectfully share their perspectives on the tragedy and how it impacted each of them personally. What was said was not recorded or transcribed. It was not for use in any court proceeding. 

The sessions began with the Stingley family sharing heartfelt stories about Corey as a son, brother, student and friend. They spoke of their great bond, Corey’s love of sports and their struggle to cope with his absence. 

When discussion turned to what happened in the store, Stingley said, Berringer described having only faint memories of the fatal encounter. He recalled a brief struggle and grabbing the teen by his jacket, not his hair. 

Before departing the meeting, a tearful Beringer told Stingley he was looking for peace, Stingley recalled.

Cotton, Beringer’s attorney, told ProPublica that the incident and the legal steps affected his client in profound ways. “He’s had anxiety really from this from day one,” Cotton said.

The result, he said: “Sleeplessness. Horrible anxiety. Fearful because he has to go to court.”

Does the resolution ease Beringer’s mind? “I don’t know,” Cotton said, adding that the hope is that the Stingley family finds solace in the resolution process.

Cole, in a meeting in May with Stingley and some of his family, brought a gift: a pair of angel wings on a gold chain with a small “C” charm and several clear reflective orbs. With it came a handwritten note, saying: “I hope this sun catcher brings a gentle reflection of the love & light of Corey’s memory and that you feel his presence shining on you each day.” 

“I told him I appreciate the gesture,” Stingley said.

Cole, according to Stingley, told him that he felt something other than the altercation — perhaps some health ailment — led to Corey’s demise.

Stingley invited Cole to watch the surveillance video together at a second session. As that day neared, in July, Stingley considered backing out. “It was almost as if I had to drag myself up out of the car,” he said. But he said he realized that he’d been preparing for such an event for 13 years: to come to some honest reckoning with the men involved. 

After watching the video, he and Cole reviewed the death certificate, showing the medical examiner’s conclusions. Stingley said Cole stressed that he did not choke Corey but came to realize that what happened in the store caused the teen to lose his life, not any preexisting condition. The acknowledgment eased Stingley’s burden.

“I felt like I was reaching a place where I was finally going to get the justice that I’ve been pursuing,” Stingley said, “and this is one of the steps I had to go through to get that completed.”

Triggiano commended each of the participants for their courage in meeting and the Stingley family for “seeking the humanity of their son as opposed to vengeance.” She said Beringer and Cole “keenly listened, reflected and really acknowledged their connection to the events that led to Corey’s death.” 

“The conversations were emotional and difficult but deeply human,” she said.

After the loss of his son, Stingley wanted to see the three men imprisoned. But so many years later, justice now looks different. Now Laumann is dead. Beringer is changed by the experience. And Cole is a father eager to protect his own children. 

Now, in Stingley’s eyes, prison is beside the point. Criminal charges will stand instead as a strong signal of accountability, of justice — and of a father’s unyielding love.

The post A Father’s Quest for Justice Finds Resolution After 13 Years appeared first on ProPublica.

Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that's capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on the platform. The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is still

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade detection and gain trust.

BreachForums, one of the most well-known English-language cybercrime forums, has reportedly suffered a data breach, exposing user information after the site was taken offline once again.

As reported by The Register, a database linked to the forum was leaked online, potentially revealing account details, private messages and metadata on close to 325,000 accounts. However, security researchers caution that while the leak may attract attention, its intelligence value and authenticity remain uncertain.

Michael Tigges, Senior Security Operations Analyst at Huntress, said the dataset should be treated with caution.

“This data leak, while potentially useful for authorities and security professionals researching adversarial activities, is ultimately of limited forensics use,” he said.

“While the database leak may be legitimate, the integrity is called into question as it was derived from another cybercrime group, ShinyHunters.”

He added that such leaks are sometimes used to infer links between threat actors, but warned that datasets may be incomplete, selectively modified, or deliberately misleading.

“The reliability of the information must be highly scrutinised, as it may not be legitimate data or could be altered to disguise or prevent disclosure of information,” Tigges said.

Criminal trust continues to erode

The breach is likely to further undermine confidence in BreachForums among cybercriminals, following a series of takedowns and reappearances over recent years.

Gavin Knapp, Cyber Threat Intelligence Principal Lead at Bridewell, said the platform’s turbulent history has already damaged its credibility.

“Criminals are likely questioning its credibility and losing trust in it, and it’s often referred to as a potential honeypot for law enforcement,” Knapp said.

Knapp noted that the real-world impact of the leak depends largely on the operational security (OPSEC) practices of individual users.

“The data leak is obviously a problem for legitimate accounts used for crime, as opposed to sock-puppet accounts used by researchers or law enforcement,” he said.

“However, the impact depends on whether users exposed information that could be linked back to a real-world identity, such as unique email addresses or reused passwords.”

He added that the same risks apply to investigators and researchers who may also face exposure if poor OPSEC was used, and that it remains unclear how current or complete the leaked data is.

Limited underground reaction

Despite the publicity surrounding the breach, reaction within cybercrime communities appears muted.

Michele Campobasso, Senior Security Researcher at Forescout, said responses across underground forums have been limited or dismissive.

“On one of the XSS forum forks following the takedown, some users responded with sarcasm,” he said.

“In other underground forums and communities where we have access, we found no reaction on the topic.”

This lack of engagement may reflect growing scepticism among threat actors toward long-running forums, many of which are viewed as compromised or unreliable.

Disputed links to ShinyHunters

The breach has also prompted speculation around the involvement of the ShinyHunters extortion group, although responsibility remains disputed.

Campobasso said that while there is no conclusive evidence linking ShinyHunters to the leak, the claim is not implausible given recurring references to a figure known as “James” across multiple iterations of the shinyhunte[.]rs website.

Cached versions of the site show repeated mentions of “James”, including defacement messages, accusations from other group members, and a manifesto attributed to the same pseudonym. Linguistic patterns in the text suggest possible French influence, although Campobasso cautioned against drawing firm conclusions.

“It is possible that either the data leak was performed by James, or that someone is attempting to frame them in order to disrupt their reputation within the cybercriminal ecosystem,” he said.

A familiar pattern

Ultimately, the BreachForums incident highlights a recurring issue within cybercrime communities: instability, internal conflict and declining trust.

For defenders, the breach reminds them that leaked criminal datasets should be treated carefully, validated rigorously and never assumed to be complete or accurate, even when they appear to offer rare insight into adversary activity.

The post BreachForums Data Leak Raises Fresh Questions Over Credibility appeared first on IT Security Guru.

Bonjour,

Je souhaitais intégrer un framadate à notre site associatif WordPress avec un iframe. L’ancienne version framadate ne pose pas de problème, mais la nouvelle version bêta me fait une erreur lorsqu’on valide ses disponibilités sur le sondage.

Voilà mon iframe :

Et voilà l’erreur lors de la validation du formulaire : Une erreur est survenue, veuillez valider le formulaire à nouveau (jeton CSRF invalide).

Est-ce qu’il y a une solution pour intégrer la nouvelle version du Framadate sur une page web ?

Mise à part ce bug, l’affichage mobile de la bêta est très apprécié pas notre communauté de bénévoles, merci !

Et merci pour votre aide !

1 message - 1 participant(e)

Lire le sujet en entier

Bonjour à tous .

Une question me taraude autour de l’IA , dans le cadre de mon travail de médiation technique je suis en recherche de document autour de l’IA. Mon travail de médaition m’as permis de me former sur les differentes techniques autour de l’ia mais maintenant avec un peu de recul j’essyae de faire en sorte que mes contenus soit plus éthiques. En gros je cherche a vulgariser l’IA pour la rendre moins incomprehensible pour le grand public et j’y arrive par contre il est difficile de faire comprendre l’IA sans l’experimenter et les solutions pour cella sont assez gourmande , si je souhaite faire comprendre l’es biais de l’IA il me faut des exemples de biais generer par une IA , donc j’utilise beuacoup de ressources environnementales juste pour montrer que ca sert a rien .

D’ou ma question avez vous des idées de contenus que je peux présenter lors de mes ateliers pour faire comprendre l’IA mais sans “trop” contribuer à l’impact négatif de l’IA ?

Merci pour vos idées et tres bonne journée

4 messages - 3 participant(e)s

Lire le sujet en entier

Me voici pour me présenter sur ce forum , j’aimerais vous dire pourquoi j’ai choisi ce pseudo ou encore pourquoi je suis venu ici mais je vais plutôt vous transmettre ma recette du gateau au yaourt , elle est inrattable et feras même la joie de votre belle mère :

on verse le contenu d’1 yaourt ( celui que vous voulez et meme un sans sucre si ca vous dit )

dans le meme pot on compte 3 pots de farine , et on melange yaourt et farine , ca fait bizarre mais je vous rassure vous etes dans la bonne direction

ensuite on ajoute dans l’ordre

2 pot de sucre ( attention on se souviens d’avoir garder notre pot de yaourt )

1 sachet de levure

on melange et on passe aux liquides

on ajoute 3 oeufs et on melange bien

on ajoute 3/4 de pot d’huile de tournesol et on met dans un plat et direction le four 180 degre pendant 35 minutes .

Et voila vous voici avec , a la place de ma présentation , une magnifique recette de gateau au yaourt inratable . et rappelez vous qu’il y a autant de recette de gateau aux yaourts que de participants a ce forum donc soyons tous à l’ecoute de la meilleure recette de notre voisin .

1 message - 1 participant(e)

Lire le sujet en entier

AI agents are no longer just writing code. They are executing it. Tools like Copilot, Claude Code, and Codex can now build, test, and deploy software end-to-end in minutes. That speed is reshaping engineering—but it’s also creating a security gap most teams don’t see until something breaks. Behind every agentic workflow sits a layer few organizations are actively securing: Machine Control

Bonjour,

Je viens de créer une liste de diffusion dans framagroupes. J’ai voulu paramétrer l’envoi et la réception des messages mais je ne comprends pas complètement, j’ai l’impression que je vais devoir modérer et accepter les messages avant qu’ils ne soient diffuser aux abonnés.

Ce que j’aimerais c’est que les messages soient envoyés aux abonnés sans avoir besoin de les modérer pour laisser l’autonomie des usagers de cette liste.

Quel paramétrage dois-je faire ? J’ai plusieurs framalistes et je ne suis pas obligée de modérer les messages, j’aimerais qu’il en soit autant.

Je vous remercie pour vos retours !

Harmony

1 message - 1 participant(e)

Lire le sujet en entier

Cybersecurity researchers have disclosed details of a previously undocumented and feature-rich malware framework codenamed VoidLink that's specifically designed for long-term, stealthy access to Linux-based cloud environments According to a new report from Check Point Research, the cloud-native Linux malware framework comprises an array of custom loaders, implants, rootkits, and modular

Old Playbook, New Scale: While defenders are chasing trends, attackers are optimizing the basics The security industry loves talking about "new" threats. AI-powered attacks. Quantum-resistant encryption. Zero-trust architectures. But looking around, it seems like the most effective attacks in 2025 are pretty much the same as they were in 2015. Attackers are exploiting the same entry points that

ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow artificial intelligence (AI) Platform that could enable an unauthenticated user to impersonate another user and perform arbitrary actions as that user. The vulnerability, tracked as CVE-2025-12420, carries a CVSS score of 9.3 out of 10.0. It has been codenamed BodySnatcher by AppOmni. "This issue [.

Immigration agents have put civilians’ lives at risk using more than their guns.

An agent in Houston put a teenage citizen into a chokehold, wrapping his arm around the boy’s neck, choking him so hard that his neck had red welts hours later. A black-masked agent in Los Angeles pressed his knee into a woman’s neck while she was handcuffed; she then appeared to pass out. An agent in Massachusetts jabbed his finger and thumb into the neck and arteries of a young father who refused to be separated from his wife and 1-year-old daughter. The man’s eyes rolled back in his head and he started convulsing.

After George Floyd’s murder by a police officer six years ago in Minneapolis — less than a mile from where an Immigration and Customs Enforcement agent shot and killed Renee Good last week — police departments and federal agencies banned chokeholds and other moves that can restrict breathing or blood flow.

But those tactics are back, now at the hands of agents conducting President Donald Trump’s mass deportation campaign.

Examples are scattered across social media. ProPublica found more than 40 cases over the past year of immigration agents using these life-threatening maneuvers on immigrants, citizens and protesters. The agents are usually masked, their identities secret. The government won’t say if any of them have been punished.

In nearly 20 cases, agents appeared to use chokeholds and other neck restraints that the Department of Homeland Security prohibits “unless deadly force is authorized.”

About two dozen videos show officers kneeling on people’s necks or backs or keeping them face down on the ground while already handcuffed. Such tactics are not prohibited outright but are often discouraged, including by federal trainers, in part because using them for a prolonged time risks asphyxiation.

We reviewed footage with a panel of eight former police officers and law enforcement experts. They were appalled.

This is what bad policing looks like, they said. And it puts everyone at risk.

“I arrested dozens upon dozens of drug traffickers, human smugglers, child molesters — some of them will resist,” said Eric Balliet, who spent more than two decades working at Homeland Security Investigations and Border Patrol, including in the first Trump administration. “I don’t remember putting anybody in a chokehold. Period.”

“If this was one of my officers, he or she would be facing discipline,” said Gil Kerlikowske, a longtime police chief in Seattle who also served as Customs and Border Protection commissioner under President Barack Obama. “You have these guys running around in fatigues, with masks, with ‘Police’ on their uniform,” but they aren’t acting like professional police.

Over the past week, the conduct of agents has come under intense scrutiny after an ICE officer in Minneapolis killed Good, a mother of three. The next day, a Border Patrol agent in Portland, Oregon, shot a man and woman in a hospital parking lot.

Top administration officials rushed to defend the officers. Speaking about the agent who shot Good, DHS Secretary Kristi Noem said, “This is an experienced officer who followed his training.”

Officials said the same thing to us after we showed them footage of officers using prohibited chokeholds. Federal agents have “followed their training to use the least amount of force necessary,” department spokesperson Tricia McLaughlin said.

“Officers act heroically to enforce the law and protect American communities,” White House spokesperson Abigail Jackson said.

Both DHS and the White House lauded the “utmost professionalism” of their agents.

Our compilation of incidents is far from complete. Just as the government does not count how often it detains citizens or smashes through vehicle windows during immigration arrests, it does not publicly track how many times agents have choked civilians or otherwise inhibited their breathing or blood flow. We gathered cases by searching legal filings, social media posts and local press reports in English and Spanish.

Given the lack of any count over time, it’s impossible to know for certain how agents’ current use of the banned and dangerous tactics compares with earlier periods.

But former immigration officials told us they rarely heard of such incidents during their long tenures. They also recalled little pushback when DHS formally banned chokeholds and other tactics in 2023; it was merely codifying the norm.

That norm has now been broken.

One of the citizens whom agents put in a chokehold was 16 years old.

Tenth grader Arnoldo Bazan and his father were getting McDonald’s before school when their car was pulled over by unmarked vehicles. Masked immigration agents started banging on their windows. As Arnoldo’s undocumented father, Arnulfo Bazan Carrillo, drove off, the terrified teenager began filming on his phone. The video shows the agents repeatedly ramming the Bazans’ car during a slow chase through the city.

Bazan Carrillo eventually parked and ran into a restaurant supply store. When Arnoldo saw agents taking his father violently to the ground, Arnoldo went inside too, yelling at the agents to stop.

One agent put Arnoldo in a chokehold while another pressed a knee into his father’s neck. “I was going to school!” the boy pleaded. He said later that when he told the agent he was a citizen and a minor, the agent didn’t stop.

“I started screaming with everything I had, because I couldn’t even breathe,” Arnoldo told ProPublica, showing where the agent’s hands had closed around his throat. “I felt like I was going to pass out and die.”

DHS’ McLaughlin accused Arnoldo’s dad of ramming his car “into a federal law enforcement vehicle,” but he was never charged for that, and the videos we reviewed do not support this claim. Our examination of his criminal history — separate from any immigration violations — found only that Bazan Carrillo pleaded guilty a decade ago to misdemeanor driving while intoxicated.

McLaughlin also said the younger Bazan elbowed an officer in the face as he was detained, which the teen denies. She said that Arnoldo was taken into custody to confirm his identity and make sure he didn’t have any weapons. McLaughlin did not answer whether the agent’s conduct was justified.

Experts who reviewed video of the Bazans’ arrests could make no sense of the agents’ actions.

“Why are you in the middle of a store trying to grab somebody?” said Marc Brown, a former police officer turned instructor who taught ICE and Border Patrol officers at the Federal Law Enforcement Training Centers. “Your arm underneath the neck, like a choking motion? No! The knee on the neck? Absolutely not.”

DHS revamped its training curriculum after George Floyd’s murder to underscore those tactics were out of bounds, Brown said. “DHS specifically was very big on no choking,” he said. “We don’t teach that. They were, like, hardcore against it. They didn’t want to see anything with the word ‘choke.’”

After agents used another banned neck restraint — a carotid hold — a man started convulsing and passed out.

In early November, ICE agents in Fitchburg, Massachusetts, stopped a young father, Carlos Sebastian Zapata Rivera, as he drove with his family. They had come for his undocumented wife, whom they targeted after she was charged with assault for allegedly stabbing a co-worker in the hand with scissors.

Body camera footage from the local police, obtained by ProPublica, captured much of what happened. The couple’s 1-year-old daughter began crying. Agents surrounded the car, looking in through open doors.

According to the footage, an agent told Zapata Rivera that if his wife wouldn’t come out, they would have to arrest him, too — and their daughter would be sent into the foster system. The agent recounted the conversation to a local cop: “Technically, I can arrest both of you,” he said. “If you no longer have a child, because the child is now in state custody, you’re both gonna be arrested. Do you want to give your child to the state?”

Zapata Rivera, who has a pending asylum claim, clung to his family. His wife kept saying she wouldn’t go anywhere without her daughter, whom she said was still breastfeeding. Zapata Rivera wouldn’t let go of either of them.

Federal agents seemed conflicted on how to proceed. “I refuse to have us videotaped throwing someone to the ground while they have a child in their hands,” one ICE agent told a police officer at the scene.

But after more than an hour, agents held down Zapata Rivera’s arms. One, who Zapata Rivera’s lawyer says wore a baseball cap reading “Ne Quis Effugiat” — Latin for “So That None Will Escape” — pressed his thumbs into the arteries on Zapata Rivera’s neck. The young man then appeared to pass out as bystanders screamed.

The technique is known as a carotid restraint. The two carotid arteries carry 70% of the brain’s blood flow; block them, and a person can quickly lose consciousness. The tactic can cause strokes, seizures, brain damage — and death.

“Even milliseconds or seconds of interrupted blood flow to the brain can have serious consequences,” Dr. Altaf Saadi, a neurologist and associate professor at Harvard Medical School, told us. Saadi said she couldn’t comment on specific cases, “but there is no amount of training or method of applying pressure on the neck that is foolproof in terms of avoiding neurologic damage.”

In a bystander video of Zapata Rivera’s arrest, his eyes roll back in his head and he suffers an apparent seizure, convulsing so violently that his daughter, seated in his lap, shakes with him.

“Carotid restraints are prohibited unless deadly force is authorized,” DHS’ use-of-force policy states. Deadly force is authorized only when an officer believes there’s an “imminent threat of death or serious bodily injury” and there is “no alternative.”

In a social media post after the incident and in its statement to ProPublica, DHS did not cite a deadly threat. Instead, it referenced the charges against Zapata Rivera’s wife and suggested he had only pretended to have a medical crisis while refusing help from paramedics. “Imagine FAKING a seizure to help a criminal escape justice,” the post said.

“These statements were lies,” Zapata Rivera alleges in an ongoing civil rights lawsuit he filed against the ICE agent who used the carotid restraint. His lawyer told ProPublica that Zapata Rivera was disoriented after regaining consciousness; the lawsuit says he was denied medical attention. (Representatives for Zapata Rivera declined our requests for an interview with him. His wife has been released on bond, and her assault case awaits trial.)

A police report and bodycam footage from Fitchburg officers at the scene, obtained via a public records request, back up Zapata Rivera’s account of being denied assistance. “He’s fine,” an agent told paramedics, according to footage. The police report says Zapata Rivera wanted medical attention but “agents continued without stopping.”

Saadi, the Harvard neurologist, said that as a general matter, determining whether someone had a seizure is “not something even neurologists can do accurately just by looking at it.”

DHS policy bars using chokeholds and carotid restraints just because someone is resisting arrest. Agents are doing it anyway.

When DHS issued restrictions on chokeholds and carotid restraints, it stated that the moves “must not be used as a means to control non-compliant subjects or persons resisting arrest.” Deadly force “shall not be used solely to prevent the escape of a fleeing subject.”

But videos reviewed by ProPublica show that agents have been using these restraints to do just that.

In Los Angeles in June, masked officers from ICE, Border Patrol and other federal agencies pepper-sprayed and then tackled another citizen, Luis Hipolito. As Hipolito struggled to get away, one of the agents put him in a chokehold. Another pointed a Taser at bystanders filming.

Then Hipolito’s body began to convulse — a possible seizure. An onlooker warned the agents, “You gonna let him die.”

When officers make a mistake in the heat of the moment, said Danny Murphy, a former deputy commissioner of the Baltimore Police Department, they need to “correct it as quickly as possible.”

That didn’t happen in Hipolito’s case. The footage shows the immigration agent not only wrapping his arm around Hipolito’s neck as he takes him down but also sticking with the chokehold after Hipolito is pinned on the ground.

The agent’s actions are “dangerous and unreasonable,” Murphy said.

Asked about the case, McLaughlin, the DHS spokesperson, said that Hipolito was arrested for assaulting an ICE officer. Hipolito’s lawyers did not respond to ProPublica’s requests for comment.

According to the Los Angeles Times, Hipolito limped into court days after the incident. Another citizen who was with him the day of the incident was also charged, but her case was dropped. Hipolito pleaded not guilty and goes to trial in February.

Some of the conduct in the footage isn’t banned — but it’s discouraged and dangerous.

A video from Los Angeles shows a Colombian-born TikTokker who often filmed ICE apparently passed out after officers pulled her from her Tesla and knelt on her neck. Another video shows a DoorDash driver in Portland, Oregon, screaming for air as four officers pin him face down in the street. “Aire, aire, aire,” he says. “No puedo respirar” — I can’t breathe. Then: “Estoy muriendo” — I’m dying. A third video, from Chicago, shows an agent straddling a citizen and repeatedly pressing his face into the asphalt. Onlookers yell that the man can’t breathe.

Placing a knee on a prone subject’s neck or weight on their back isn’t banned under DHS’ use-of-force policy, but it can be dangerous — and the longer it goes on, the higher the risk that the person won’t be able to breathe.

“You really don’t want to spend that amount of time just trying to get somebody handcuffed,” said Kerlikowske, the former CPB commissioner, of the video of the arrest in Portland.

Brown, the former federal instructor and now a lead police trainer at the University of South Carolina, echoed that. “Once you get them handcuffed, you get them up, get them out of there,” he said. “If they’re saying they can’t breathe, hurry up.”

Taking a person down to the ground and restraining them there can be an appropriate way to get them in handcuffs, said Seth Stoughton, a former police officer turned law professor who also works at the University of South Carolina. But officers have long known to make it quick. By the mid-1990s, the federal government was advising officers against keeping people prolongedly in a prone position.

When a federal agent kneeled on the neck of an intensive care nurse in August, she said she understood the danger she was in and tried to scream.

“I knew that the amount of pressure being placed on the back of my neck could definitely hurt me,” said Amanda Trebach, a citizen and activist who was arrested in Los Angeles while monitoring immigration agents. “I was having a hard time breathing because my chest was on the ground.”

McLaughlin, the DHS spokesperson, said Trebach impeded agents’ vehicles and struck them with her signs and fists.

Trebach denies this. She was released without any charges.

Protesters have also been choked and strangled.

In the fall, a protester in Chicago refused to stand back after a federal agent told him to do so. Suddenly, the agent grabbed the man by the throat and slammed him to the ground.

“No, no!” one bystander exclaims. “He’s not doing anything!”

DHS’ McLaughlin did not respond to questions about the incident.

Along with two similar choking incidents at protests outside of ICE facilities, this is one of the few videos in which the run-up to the violence is clear. And the experts were aghast.

“Without anything I could see as even remotely a deadly force threat, he immediately goes for the throat,” said Ashley Heiberger, a retired police captain from Pennsylvania who frequently testifies in use-of-force cases. Balliet, the former immigration official, said the agent turned the scene into a “pissing contest” that was “explicitly out of control.”

“It’s so clearly excessive and ridiculous,” Murphy said. “That’s the kind of action which should get you fired.”

“How big a threat did you think he was?” Brown said, noting that the officer slung his rifle around his back before grabbing and body-slamming the protester. “You can’t go grab someone just because they say, ‘F the police.’”

Roving patrols + unplanned arrests = unsafe tactics.

In November, Border Patrol agents rushed into the construction site of a future Panda Express in Charlotte, North Carolina, to check workers’ papers. When one man tried to run, an officer put him in a chokehold and later marched him out, bloodied, to a waiting SUV.

The Charlotte operation was one of Border Patrol’s many forays into American cities, as agents led by commander-at-large Gregory Bovino claimed to target “criminal illegal aliens” but frequently chased down landscapers, construction workers and U.S. citizens in roving patrols through predominantly immigrant or Latino communities.

Freelance photographer Ryan Murphy, who had been following Border Patrol’s convoys around Charlotte, documented the Panda Express arrest.

“Their tactics are less sophisticated than you would think,” he told ProPublica. “They sort of drive along the streets, and if they see somebody who looks to them like they could potentially be undocumented, they pull over.”

Experts told ProPublica that if officers are targeting a specific individual, they can minimize risks by deciding when, where and how to take them into custody. But when they don’t know their target in advance, chaos — and abuse — can follow.

“They are encountering people they don’t know anything about,” said Scott Shuchart, a former assistant director at ICE.

“The stuff that I’ve been seeing in the videos,” Kerlikowske said, “has been just ragtag, random.”

There may be other factors, too, our experts said, including quotas and a lack of consequences amid gutted oversight. With officers wearing masks, Shuchart said, “even if they punch grandma in the face, they won’t be identified.”

As they sweep into American cities, immigration officers are unconstrained — and, the experts said, unprepared. Even well-trained officers may not be trained for the environments where they now operate. Patrolling a little-populated border region takes one set of skills. Working in urban areas, where citizens — and protesters — abound, takes another.

DHS and Bovino did not respond to questions about their agents’ preparation or about the chokehold in Charlotte.

Experts may think there’s abuse. But holding officers to account? That’s another matter.

Back in Houston, immigration officers dropped 16-year-old Arnoldo off at the doorstep of his family home a few hours after the arrest. His neck was bruised, and his new shirt was shredded. Videos taken by his older sisters show the soccer star struggling to speak through sobs.

Uncertain what exactly had happened to him, his sister Maria Bazan took him to Texas Children’s Hospital, where staff identified signs of the chokehold and moved him to the trauma unit. Hospital records show he was given morphine for pain and that doctors ordered a dozen CT scans and X-rays, including of his neck, spine and head.

From the hospital, Maria called the Houston Police Department and tried to file a report, the family said. After several unsuccessful attempts, she took Arnoldo to the department in person, where she says officers were skeptical of the account and their own ability to investigate federal agents.

Arnoldo had filmed much of the incident, but agents had taken his phone. He used Find My to locate the phone — at a vending machine for used electronics miles away, close to an ICE detention center. The footage, which ProPublica has reviewed, backed the family’s account of the chase.

The family says Houston police still haven’t interviewed them. A department spokesperson told ProPublica it was not investigating the case, referring questions to DHS. But the police have also not released bodycam footage and case files aside from a top sheet, citing an open investigation.

“We can’t do anything,” Maria said one officer told her. “What can HPD do to federal agents?”

Elsewhere in the country, some officials are trying to hold federal immigration officers to account.

In California, the state Legislature passed bills prohibiting immigration officers from wearing masks and requiring them to display identification during operations.

In Illinois, Gov. JB Pritzker signed a law that allows residents to sue any officer who violates state or federal constitutional rights. (The Trump administration quickly filed legal challenges against California and Illinois, claiming their new laws are unconstitutional.)

In Colorado, Durango’s police chief saw a recent video of an immigration officer using a chokehold on a protester and reported it to the Colorado Bureau of Investigation, which announced it was looking into the incident.

In Minnesota, state and local leaders are collecting evidence in Renee Good’s killing even as the federal government cut the state out of its investigation.

Arnoldo is still waiting for Houston authorities to help him, still terrified that a masked agent will come first. Amid soccer practice and making up schoolwork he missed while recovering, he watches and rewatches the videos from that day. The car chase, the chokehold, his own screams at the officers to leave his dad alone. His father in the driver’s seat, calmly handing Arnoldo his wallet and phone while stopping mid-chase for red lights.

The Bazan family said agents threatened to charge Arnoldo if his dad didn’t agree to be deported. DHS spokesperson McLaughlin did not respond when asked about the alleged threat. Arnoldo’s dad is now in Mexico. 

Asked why an officer choked Arnoldo, McLaughlin pointed to the boy’s alleged assault with his elbow, adding, “The federal law enforcement officer graciously chose not to press charges.”

How We Did It

ProPublica journalists Nicole Foy, McKenzie Funk, Joanna Shan, Haley Clark and Cengiz Yar gathered videos via Spanish and English social media posts, local press reports and court records. We then sent a selection of these videos to eight police experts and former immigration officials, along with as much information as we could gather about the lead-up to and context of each incident. The experts analyzed the videos with us, explaining when and how officers used dangerous tactics that appeared to go against their training or that have been banned under the Department of Homeland Security’s use-of-force policy.

We also tried to contact every person we could identify being choked or kneeled on. In some cases, we also reached out to bystanders.

Research reporter Mariam Elba conducted criminal record searches of every person we featured in this story. She also attempted to fact-check the allegations that DHS made about the civilians and their arrests. Our findings are not comprehensive because there is no universal criminal record database.

We also sent every video cited in this story to the White House, DHS, CBP, ICE, border czar Tom Homan and Border Patrol’s Gregory Bovino. DHS spokesperson Tricia McLaughlin provided a statement responding to some of the incidents we found but she did not explain why agents used banned tactics or whether any of the agents have been disciplined for doing so.

The post We Found More Than 40 Cases of Immigration Agents Using Banned Chokeholds and Other Moves That Can Cut Off Breathing appeared first on ProPublica.

L'atteso aggiornamento di Android Auto con Gemini sta per diventare realtà, come anticipato dal rilascio della versione beta 16.0 della piattaforma. Non si tratta di un semplice update di routine, ma di una vera e propria rivoluzione che promette di cambiare l'interazione con il sistema di infotainment dell'auto. Google introduce novità basate sull'intelligenza artificiale e un'interfaccia utente più flessibile.

Scopriamo insieme come cambierà il modo di guidare.

Android Auto dice addio a Google Assistant, e benvenuto Gemini

La novità principale è l'abbandono del familiare "Hey Google". Google Assistant viene sostituito da Gemini, il nuovo assistente AI conversazionale di Google, che si integra come sistema predefinito sulla piattaforma.

Ma cosa cambia a livello pratico? L'aggiornamento introduce un modo di interagire completamente nuovo. Grazie a funzioni come Gemini Live, sarà possibile avere conversazioni vocali più naturali e fluide, senza la necessità di usare comandi rigidi e precisi. In più il sistema sarà in grado di comprendere il linguaggio contestuale, rendendo ogni richiesta più semplice e intuitiva, quasi come parlare con un passeggero. Si tratta di un passo avanti importante per la sicurezza e la comodità durante la guida.

Un'interfaccia più tua con la nuova personalizzazione

Un altro cambiamento chiave riguarda la schermata iniziale. La versione beta 16.0 introduce una gestione dei widget molto più personalizzabile rispetto al passato, offrendo un maggiore controllo sull'aspetto delle informazioni sul display. Le nuove opzioni permetteranno di: Modificare la disposizione degli elementi nella schermata principale. Scegliere l'allineamento dei widget lungo la barra laterale. Decidere quanto spazio deve occupare ogni singolo widget. L'obiettivo di Google è chiaro: creare un'interfaccia più modulare e meno rigida, che possa adattarsi perfettamente alle preferenze dell'utente e alle dimensioni dello schermo del veicolo.

Cosa si nasconde nel codice di Gemini in Android Auto?

Come spesso accade, la versione beta nasconde indizi sulle funzionalità future. Gli sviluppatori hanno già individuato nel codice di Android Auto 16.0 diverse stringhe che suggeriscono novità ancora in fase di sviluppo.

Tra le più interessanti troviamo:

• Gestione notifiche migliorata: un sistema più intelligente per ridurre le distrazioni.
• Riconnessione più chiara: un'indicazione precisa del tipo di collegamento attivo (wireless o via cavo) tra smartphone e auto.
• Adattamento automatico: l'interfaccia potrebbe modificarsi in base al lato di guida del veicolo (destra o sinistra).
• Scorciatoia per Gemini: un riferimento a un comando rapido per attivare l'assistente AI.

Tutti questi elementi indicano che il lavoro di Google è solo all'inizio e che possiamo aspettarci un'evoluzione costante della piattaforma nei prossimi mesi.

Quando arriverà l'aggiornamento di Android Auto con Gemini?

È importante sottolineare che la versione 16.0 è attualmente in beta. Questo significa che è disponibile solo per un gruppo ristretto di tester e non si trova ancora sul Play Store ufficiale. Tuttavia il rilascio in beta è il segnale che il debutto ufficiale non è lontano. Solitamente dopo alcune settimane di test e correzioni, le novità vengono integrate nella versione stabile. Possiamo quindi aspettarci l'aggiornamento di Android Auto con Gemini per tutti gli utenti nei prossimi mesi.

In conclusione, questo update si preannuncia come uno dei più significativi degli ultimi anni, portando l'intelligenza artificiale conversazionale al centro dell'esperienza di guida.

L'articolo Android Auto si aggiorna con Gemini proviene da sicurezza.net.

La diffusione di deepfake intimi nel Regno Unito ha ora una risposta legale chiara e decisa. Con l'entrata in vigore di una nuova e severa normativa, il paese lancia un messaggio inequivocabile: creare e condividere immagini intime false generate dall'intelligenza artificiale è un reato.

Ma cosa significa questa legge e perché piattaforme come X (ex Twitter) e la sua IA, Grok, sono già nel mirino delle autorità? Analizziamo i punti fondamentali.

Cosa cambia con la nuova legge sui deepfake intimi in Regno Unito

Fino a poco tempo fa, il panorama legale britannico era incerto. Le vittime di questa forma di abuso digitale si trovavano spesso in un limbo, senza strumenti concreti per difendersi. Ora, grazie all'Online Safety Act, la situazione è radicalmente cambiata.

La nuova legge rende reato la condivisione di immagini intime false generate con l'IA. Questo è valido anche se il creatore non aveva l'intento esplicito di causare sofferenza alla vittima. In precedenza era necessario dimostrare la "volontà di nuocere", un ostacolo legale spesso difficile da superare. Adesso, invece, il semplice atto di creare e distribuire tale materiale senza il consenso della persona raffigurata è sufficiente per essere perseguiti.

Le pene previste sono severe: si parla di multe illimitate e persino del carcere.

Perché X e l'IA Grok sono sotto indagine in UK

Subito dopo l'entrata in vigore della legge, l'autorità di regolamentazione britannica, l'Ofcom, ha avviato un'indagine. I riflettori sono puntati su X e sulla sua intelligenza artificiale generativa, Grok. La ragione è duplice e mette in luce la complessità del problema.

Da un lato X è sotto esame per la gestione di questi contenuti sulla piattaforma. Le autorità vogliono assicurarsi che il social network abbia implementato misure di sicurezza adeguate per impedire che i deepfake intimi diventino virali. Dall'altro, l'indagine si concentra su Grok, l'IA sviluppata da xAI di Elon Musk. La preoccupazione è che questi strumenti possano essere usati per generare facilmente il materiale illegale.

Non si tratta quindi solo di punire chi condivide, ma anche di responsabilizzare chi fornisce la tecnologia.

Conseguenze della normativa sui deepfake intimi nel Regno Unito

L'impatto di questa legge va ben oltre le aule di tribunale. Stiamo assistendo a un cambiamento culturale e tecnologico con effetti a catena per tutti gli attori coinvolti.

Una vittoria per le vittime di deepfake intimi

Per troppo tempo le vittime di questa violenza digitale si sono sentite impotenti. Questa legge rappresenta una vittoria cruciale, offrendo loro uno strumento legale concreto per chiedere giustizia. È un passo avanti enorme per il riconoscimento della gravità di un abuso che lascia ferite psicologiche profonde e durature.

Maggiori responsabilità per le piattaforme

Per i giganti della tecnologia, le regole sono cambiate. Infatti la normativa li obbliga a prendere una posizione più attiva e a non nascondersi dietro il ruolo di semplici "contenitori". Ora sono chiamati a investire in sistemi di moderazione, a rispondere rapidamente alle segnalazioni e a collaborare con le autorità. La loro responsabilità legale è ora chiaramente definita.

Un rischio concreto nel Regno Unito per i creatori di deepfake intimi

Chiunque pensi di poter creare un deepfake intimo per scherzo o per vendetta ora deve pensarci due volte. Le conseguenze non sono più ipotetiche. Con il rischio di una fedina penale sporca, multe salate e carcere, l'atto di creare e condividere questi contenuti diventa ciò che è sempre stato: un crimine grave.

Uno sguardo al futuro della regolamentazione in UK

Il Regno Unito ha stabilito un precedente importante, ma la battaglia contro l'uso improprio dell'intelligenza artificiale per creare deepfake è appena iniziata. Questa legge potrebbe diventare un modello per altre nazioni che affrontano lo stesso problema. La sfida ora sarà far rispettare le regole in un mondo digitale senza confini e in continua evoluzione.

Una cosa è certa: la consapevolezza è aumentata e il dibattito sulla regolamentazione dell'IA è più acceso che mai.

L'articolo Nuova legge sui deepfake intimi nel Regno Unito proviene da sicurezza.net.

Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos RAT and establish persistent, covert remote access. "The infection chain follows a tightly orchestrated execution path: an obfuscated VBS launcher executed via wscript.exe invokes a

A massive data dump reveals real identities and details of administrators and members of the notorious hacker forum.

Researchers detailed a souped-up version of the GoBruteforcer botnet that preys on servers with weak credentials and AI-generated configurations.

No matter what new laws or regulations make the cut for 2026, it's clear that compliance challenges will persist and federal legislation will be limited.

A state-sponsored threat group tracked as "Kimsuky" sent QR-code-filled phishing emails to US and foreign government agencies, NGOs, and academic institutions.

Bonjour,

et bonne année à tout le monde.

En tentant de me connecter au compte framaforms de mon asso, je constate que le mot de passe ne fonctionne pas. J’ai donc tenté de le réinitialiser mais là, l’adresse de contact n’est pas reconnue. J’ai tenté les alias, sans plus de succès.

Dans notre boite aux lettres, je ne trouve rien à ce sujet, à part le courriel d’appel au don de décembre, qui confirme que notre compte existait alors encore.

J’ai contacté le support mais n’ai pas encore eu de réponse.

Aurais-je fait une erreur ou y a-t-il eu une perte de comptes récemment ?

8 messages - 3 participant(e)s

Lire le sujet en entier

A total of 91,403 sessions targeted public LLM endpoints to find leaks in organizations' use of AI and map an expanding attack surface.

Hai ricevuto anche tu una strana Instagram reset password email e non sai cosa pensare? Nelle ultime ore, moltissimi utenti hanno segnalato una notifica inaspettata per reimpostare la propria password. Questa ondata anomala ha scatenato il panico generale, facendo pensare a un attacco hacker su larga scala.

Ma cosa sta succedendo davvero? Analizziamo la situazione per fare chiarezza.

Un allarme globale e l'ipotesi della violazione dati

Il primo pensiero di molti utenti è andato a un tentativo di violazione dell'account. È una reazione naturale: ricevere una richiesta di cambio password non sollecitata fa subito pensare al peggio. La paura che i propri dati fossero finiti nelle mani sbagliate si è diffusa rapidamente sui social. Questo ha alimentato l'ipotesi di un massiccio data breach. Quando si tratta della nostra privacy online, la prudenza non è mai troppa. Fortunatamente la realtà si è rivelata diversa.

La smentita ufficiale di Instagram sull'email di reset password

Di fronte al crescente allarmismo, Meta ha deciso di intervenire per fare chiarezza. Un portavoce della società ha ufficialmente smentito qualsiasi violazione dei sistemi di sicurezza.

La causa è stata identificata in un semplice bug interno. Un errore tecnico ha provocato l'invio massivo e automatico delle email per il reset password. Nessun attacco esterno e nessuna password è stata rubata. Si è trattato di un inconveniente che ha generato molta, e comprensibile, preoccupazione.

Guida pratica: cosa fare e come proteggersi

Anche se si è trattato di un falso allarme, l'episodio è un'ottima occasione per rivedere le nostre abitudini di sicurezza. Ecco cosa dovresti fare in questi casi.

Cosa fare se ricevi una email per il reset password da Instagram

La regola principale è: non farti prendere dal panico. Se non hai richiesto tu il cambio password, la scelta più sicura è ignorare l'email. Evita di cliccare su qualsiasi link presente nel messaggio, anche se sembra provenire da una fonte ufficiale. Potrebbe essere un tentativo di phishing, una truffa per rubare le tue credenziali.

Se vuoi cambiare la password per maggiore sicurezza, avvia la procedura direttamente dall'app o dal sito ufficiale di Instagram. Non usare mai i link ricevuti via email: è l'unico modo per essere completamente sicuri.

Rafforza la sicurezza del tuo account

Questo evento ci ricorda quanto sia fondamentale proteggere i nostri profili. Ecco due passaggi che dovresti compiere subito:

• Attiva l'autenticazione a due fattori (2FA). È uno scudo potentissimo. Anche se qualcuno dovesse scoprire la tua password, non potrebbe accedere al tuo account senza il codice inviato sul tuo dispositivo.
• Usa una password complessa e unica. Evita password banali o già utilizzate per altri servizi. Una combinazione di lettere, numeri e simboli è sempre la scelta più efficace.

Un promemoria utile sulla sicurezza digitale

L’episodio dell’email di reset password di Instagram, pur essendo nato da un semplice bug, dimostra quanto sia facile che un’anomalia tecnica generi allarme e confusione. Per questo mantenere la calma e verificare le informazioni ufficiali resta la strategia migliore. Allo stesso tempo questi eventi ci ricordano l’importanza di adottare comportamenti consapevoli e strumenti di protezione adeguati. Essere informati, prudenti e attenti è la vera chiave per vivere i social network in modo più sicuro e sereno.

L'articolo Instagram e l'email di reset password: panico o semplice bug? proviene da sicurezza.net.

Il tema della sorveglianza robotica e privacy sta rapidamente uscendo dai film di fantascienza per entrare nelle nostre case. Ma cosa succederebbe se il tuo amichevole robot domestico, quello che ti aiuta con le pulizie o tiene compagnia a un familiare, fosse obbligato per legge a monitorare le tue interazioni? Sembra uno scenario distopico, eppure una controversa proposta dell'Unione Europea, nota come “Chat Control”, rischia di creare proprio questo paradosso.

Un recente studio accademico ha lanciato l'allarme: una legge pensata per la sicurezza online rischia di avere conseguenze inaspettate e pericolose nel mondo fisico, trasformando i robot in potenziali strumenti di sorveglianza. Scopriamo insieme perché dovremmo prestare molta attenzione.

Cos'è il "chat control" e perché riguarda anche i robot?

Forse hai già sentito parlare del "Chat Control". Si tratta di una proposta legislativa dell'UE nata con il nobile obiettivo di combattere la diffusione online di materiale pedopornografico. L'idea iniziale era semplice: obbligare i fornitori di servizi di comunicazione a scansionare i messaggi degli utenti, anche quelli protetti da crittografia. Questa proposta ha scatenato un'ondata di critiche da parte di oltre 800 esperti di sicurezza, che hanno avvertito sui rischi di un simile approccio. Infatti metodi di questo tipo indeboliscono la crittografia e funzionano come vere e proprie "backdoor", porte di servizio che potrebbero essere sfruttate da malintenzionati.

Di fronte alle proteste, la proposta è stata rivista ma il problema di fondo non è scomparso. Invece di un obbligo esplicito di scansione, la responsabilità di identificare e mitigare i rischi ricade ora sui fornitori. L'incentivo a monitorare su larga scala per dimostrare di essere conformi alla legge rimane fortissimo. Ed è qui che entrano in gioco i robot.

Il cortocircuito legale sulla sorveglianza robotica e la privacy

Qui sta il cuore del problema. Secondo la legge europea un "servizio di comunicazione interpersonale" è qualsiasi sistema che permette uno scambio interattivo di informazioni su una rete. Questa descrizione si adatta perfettamente ai robot di ultima generazione. Infatti i moderni robot non sono più semplici bracci meccanici:

• Un robot per la telepresenza permette a un bambino malato di partecipare alle lezioni da casa, trasmettendo la sua voce, le sue espressioni e le sue emozioni.
• Un robot di assistenza in una casa di cura facilita le conversazioni tra un paziente, i suoi familiari e i medici.

Questi dispositivi sono a tutti gli effetti dei mediatori di comunicazione. Una volta definiti come tali, rientrano automaticamente nel campo di applicazione del Chat Control. Di conseguenza i loro produttori potrebbero sentirsi obbligati a integrare meccanismi di rilevamento e analisi direttamente nell'hardware e nel software del robot. In questo modo la sorveglianza si sposterebbe così dagli schermi ai nostri spazi più privati.

I rischi concreti della sorveglianza robotica e privacy

L'idea di un monitoraggio integrato nei robot apre scenari inquietanti, trasformando un dispositivo nato per aiutare in una potenziale minaccia alla nostra sicurezza.

Dai dati al controllo fisico: un nuovo modello di minaccia

Un robot presente in casa o in un ambiente di cura raccoglie una quantità enorme di dati estremamente sensibili: le nostre routine quotidiane, le conversazioni private, le reazioni emotive e persino informazioni sul nostro stato di salute. Se questi dati vengono costantemente inviati a sistemi di analisi per la "mitigazione del rischio", si crea una vera e propria miniera d'oro per i criminali informatici.

Ogni canale di trasmissione dati diventa un potenziale punto di accesso. Il pericolo, però, non si ferma ai dati. Le "backdoor" create per rispettare la legge non distinguono tra un accesso autorizzato e uno ostile. Un hacker che riuscisse a sfruttarle potrebbe prendere il controllo del robot, manipolando i suoi sensori o impartendo comandi diretti. Le implicazioni per la sicurezza fisica delle persone sono enormi.

L'intelligenza artificiale come arma a doppio taglio

Il rischio è amplificato dall'uso di modelli di Intelligenza Artificiale, come gli LLM (Large Language Models), integrati nei robot. Ricerche hanno dimostrato che questi sistemi possono essere "attivati" da comandi nascosti o specifici contesti per eseguire azioni impreviste. In teoria un aggressore potrebbe usare una semplice frase per reindirizzare il comportamento di un robot, trasformandolo in uno strumento per spiare o per arrecare un danno.

Impatto sulla nostra vita quotidiana

La relazione tra un essere umano e un robot sociale, specialmente in contesti di cura o educazione, si fonda su un pilastro fondamentale: la fiducia. Percepiamo questi dispositivi come compagni, supporti ed estensioni delle nostre capacità. Cosa succede quando questa fiducia viene meno? Un monitoraggio continuo altera radicalmente questa relazione. Il robot non è più solo un assistente, ma diventa un osservatore, un reporter per design.

Ti fideresti di un confidente che sai essere obbligato a registrare ogni tua parola? La consapevolezza di una sorveglianza ambientale ci porta a modificare i nostri comportamenti, a limare la nostra spontaneità e a perdere autonomia proprio negli spazi che consideriamo più sicuri.

Come proteggere il nostro futuro digitale?

La tecnologia non è il nemico. Un robot può migliorare la qualità della vita in modi straordinari. Tuttavia, una legislazione ben intenzionata ma miope rischia di creare un futuro in cui i benefici sono oscurati da gravi rischi per la privacy e la sicurezza. È fondamentale che le normative spingano verso la trasparenza e la protezione dei dati "by design".

Le soluzioni esistono: bisognerebbe, per esempio, incentivare l'elaborazione dei dati direttamente sul dispositivo, senza inviarli a server remoti. È inoltre cruciale istituire meccanismi di supervisione rigorosi per garantire che la nostra privacy rimanga protetta. Solo così potremo costruire un futuro in cui la tecnologia sia veramente al nostro servizio, senza trasformare i nostri aiutanti in guardiani indesiderati.

L'articolo Legge dell'UE sulla sorveglianza robotica e la privacy proviene da sicurezza.net.

The federal government allows livestock grazing across an area of publicly owned land more than twice the size of California, making ranching the largest land use in the West. Billions of dollars of taxpayer subsidies support the system, which often harms the environment.

As President Donald Trump’s administration pushes a pro-ranching agenda, ProPublica and High Country News investigated how public lands ranching has evolved. We filed more than 100 public record requests and sued the Bureau of Land Management to pry free documents and data; we interviewed everyone from ranchers to conservationists; and we toured ranching operations in Arizona, Colorado, Montana and Nevada.

The resulting three-part investigation digs into the subsidies baked into ranching, the environmental impacts from livestock and the political clout that protects this status quo. Here are the takeaways from that work.

The system has evolved into a subsidy program for ranchers.

The public lands grazing system was modernized in the 1930s in response to the rampant use of natural resources that led to the Dust Bowl — the massive dust storms triggered by poor agricultural practices, including overgrazing. Today, the system focuses on subsidizing the continued grazing of these lands.

The BLM and Forest Service, the two largest federal land management agencies, oversee most of the system. Combined, the agencies charged ranchers $21 million in grazing fees in 2024. Our analysis found that to be about a 93% discount, on average, compared with the market rate for forage on private land. We also found that, in 2024 alone, the federal government poured at least $2.5 billion into subsidy programs that public lands ranchers can access. Such subsidies include disaster assistance after droughts and floods as well as compensation for livestock lost to predators.

Ranching is consolidated in the hands of some of the wealthiest Americans.

A small number of wealthy individuals and corporations manage most livestock on public lands. Roughly two-thirds of the grazing on BLM acreage is controlled by just 10% of ranchers, our analysis found. And on Forest Service land, the top 10% of permittees control more than 50% of grazing. Among the largest ranchers are billionaires like Stan Kroenke and Rupert Murdoch, as well as mining companies and public utilities. The financial benefits of holding permits to graze herds on public lands extend beyond cattle sales. Even hobby ranches can qualify for property tax breaks in many areas; ranching business expenses can be deducted from federal taxes; and private property associated with grazing permits is a stable long-term investment. (Representatives of Kroenke did not respond to requests for comment, and Murdoch’s representative declined to comment.)

The Trump administration is supercharging the system, including by further increasing subsidies.

The administration released a “plan to fortify the American Beef Industry” in October that instructed the BLM and Forest Service to amend grazing regulations for the first time since the 1990s. The plan suggested that taxpayers further support ranching by increasing subsidies for drought and wildfire relief, livestock killed by predators and government-backed insurance. The White House referred questions to the U.S. Department of Agriculture, which said in a statement, “Livestock grazing is not only a federally and statutorily recognized appropriate land use, but a proven land management tool, one that reduces invasive species and wildfire risk, enhances ecosystem health, and supports rural stewardship.” Roughly 18,000 permittees graze livestock on BLM or Forest Service land, most of them small operations. These ranchers say they need government support and cheaper grazing fees to avoid insolvency.

The administration is loosening already lax oversight.

Ranchers must renew their permits to use public lands every 10 years, including undergoing an environmental review. But Congress passed a law in 2014 that allows permits to be automatically renewed if federal agencies are unable to complete such reviews. In 2013, the BLM approved grazing on 47% of its land open to livestock without an environmental review, our analysis of agency data showed. (The status of about an additional 10% of BLM land was unclear that year.) A decade later, the BLM authorized grazing on roughly 75% of its acreage without review.

This is in large part because the BLM’s rangeland management staff is shrinking. The number of these employees dropped 39% between 2020 and 2024, according to Office of Personnel Management data, and roughly 1 in 10 rangeland staff left the agency between Trump’s election win and last June, according to BLM records.

The system allows widespread environmental harm in the West.

The BLM oversees 155 million acres of public lands open to grazing, and assessments it conducts on the health of the environment found that grazing had degraded at least 38 million acres, an area about half the size of New Mexico. The agency has no record of land health assessments for an additional 35 million acres. ProPublica and High Country News observed overgrazing in multiple states, including streambeds trampled by cattle, grasslands denuded by grazing and creeks fouled by cow corpses.

Ranchers contend that public lands grazing has ecological benefits, such as preventing nearby private lands from being sold off and paved over. Bill Fales and his family, for example, run cattle in western Colorado and have done so for more than a century. “The wildlife here is dependent on these ranches staying as open ranch land,” he said. While development destroyed habitat nearby, Fales said, the areas his cattle graze are increasingly shared by animals such as elk, bears and mountain lions.

Regulators say that it’s difficult to significantly change the system because of the industry’s political influence.

We interviewed 10 current and former BLM employees, from upper management to rank-and-file rangeland managers, and they all spoke of political pressure to go easy on ranchers. “If we do anything anti-grazing, there’s at least a decent chance of politicians being involved,” one BLM employee told us. “We want to avoid that, so we don’t do anything that would bring that about.” A BLM spokesperson said in a statement that “any policy decisions are made in accordance with federal law and are designed to balance economic opportunity with conservation responsibilities across the nation’s public lands.”

The industry has friends in high places. The Trump administration appointed to a high-level post at the U.S. Department of the Interior a lawyer who has represented ranchers in cases against the government and owns a stake in a Wyoming cattle operation. The administration also named a tech entrepreneur who owns a ranch in Idaho to a post overseeing the Forest Service.

Moreover, politicians from both parties are quick to act if they believe ranchers face onerous oversight. Since 2020, members of Congress on both sides of the aisle have written to the BLM and Forest Service about grazing issues more than 20 times, according to logs of agency communications we obtained via public records requests.

Read our full investigation of the federal public lands grazing system.

The post The Biggest Takeaways From Our Investigation Into Grazing on Public Lands appeared first on ProPublica.

I installed Peertube with Docker, but fast-forwarding doesn’t work on tablets. What could be the reason for this, or can we add buttons to the player to fast-forward and rewind?

1 message - 1 participant(e)

Lire le sujet en entier

Bonjour tout le monde,

Je me posais des questions sur l’édition d’un framaform.
=> Sera-t-il possible d’intégrer des polices de caractères dys ? Par exemple : Open-Dyslexic, Luciole, Lexend…etc.
=> Est-il possible de pouvoir paramétrer les espacements entre les questions dans un framaform ?
=> Existe-t-il des groupes de travail sur les questions d’accessibilité pour les outils frama ?

Merci d’avance pour vos retours !

1 message - 1 participant(e)

Lire le sujet en entier

Bonjour à toustes, je suis ronflex, unx bibliothécaire !

Je suis très intéressæ par les sujets d’accessibilité, de partage d’outils et de queerness. J’aspire à ce que le monde du libre puisse être + agréable pour les minorisé·es et celleux qui débutent dans le code et le libre

J’utilise régulièrement les outils frama dans le cadre de mon travail. Je viens de m’inscrire dans le forum afin de poser des questions sur des usages de frama, et afin de voir comment se co-construisent les outils.

Belle semaine

1 message - 1 participant(e)

Lire le sujet en entier

La météo est maussade ! Et si vous en profitiez pour vous poser et déguster un #KhrysPresso préparé par @Khrys

https://framablog.org/2026/01/12/khryspresso-du-lundi-12-janvier-2026/

(Photo de Mark Morgan - cc-by)

 

Comme chaque lundi, un coup d’œil dans le rétroviseur pour découvrir les informations que vous avez peut-être ratées la semaine dernière.

---

Tous les liens listés ci-dessous sont a priori accessibles librement. Si ce n’est pas le cas, pensez à activer votre bloqueur de javascript favori ou à passer en “mode lecture” (Firefox) ;-)

Brave New World

• Les 1 % les plus riches ont déjà épuisé leur budget carbone 2026 (reporterre.net)
• The oceans just keep getting hotter (arstechnica.com)
  

  What people often don’t grasp is that it’s taken 100 years to get the oceans that warm at depth […] Even if we stopped using fossil fuels today, it’s going to take hundreds of years for that to circulate through the ocean. We’re going to pay this cost for a very, very long time, because we’ve already put the heat in the ocean.

  

• Les orques sont de plus en plus cruel·les et violent·es et ça intrigue les chercheureuses (slate.fr)
  

  Ces derniers mois, les attaques d’épaulards se sont multipliées : enlèvements de bébés globicéphales, offensives contre les requins pour extraire leur foie ou collisions répétées contre des bateaux en vue de les faire couler…Derrière ces comportements belliqueux et violents, les scientifiques lisent un signe d’intelligence.

• Solar to the fore as grid sails through heatwave and record demand (abc.net.au)
  

  On Wednesday, as the temperature soared into the 40s across large parts of southern Australia, the country’s biggest electricity market stayed eerily quiet.

• Câbles sous-marins à Taïwan : la stratégie chinoise du blackout (legrandcontinent.eu)
  

  La bataille de Taïwan a déjà commencé — sous la mer. Alors que la Chine prépare l’invasion de l’île, le sabotage des câbles sous-marins reliant Taïwan au monde pourrait la paralyser.

• Que signifie la chute de Maduro pour la stratégie chinoise en Amérique latine ? (legrandcontinent.eu)
• People are leaving cities to escape toxic air (india.mongabay.com)
  

  There is a growing trend of productive people leaving polluted metros for smaller cities, leaving behind growth prospects and their roots for cleaner air.

• Iran : pour contrer la mobilisation, le régime coupe Internet (humanite.fr)
  

  Le mouvement de contestation, qui a débuté fin décembre en Iran, est marqué par d’imposantes manifestations à Téhéran et d’autres villes du pays. Depuis le 7 janvier, Internet a été coupé par les autorités, qui multiplient les déclarations martiales contre les protestataires, faisant craindre une intense répression à l’abri des regards.

  Voir aussi IRAN. Internet coupé, manifestant·es massacré·es (kurdistan-au-feminin.fr)

  L’accès à Internet reste totalement coupé dans le Rojhelat et en Iran, isolant largement la population du reste du monde. Selon des sources locales, seules quelques zones frontalières permettent à un nombre limité de personnes d’accéder à Internet grâce à des cartes SIM étrangères et aux réseaux de télécommunications des pays voisins. Cet accès demeure extrêmement instable, risqué et insuffisant pour répondre aux besoins de communication de base.

  Et « Des corps empilés » : en Iran, ces témoignages font craindre une répression ultraviolente (huffingtonpost.fr)

  L’organisation Human Rights Activists News Agency a […] fait état de la mort de 116 personnes, dont 37 membres des forces de sécurité ou autres responsables. « Un massacre est en cours en Iran », a averti cette organisation basée aux États-Unis.

• Les États-Unis ont mené des frappes « à grande échelle » contre l’État islamique en Syrie (huffingtonpost.fr)
  

  Pour Washington, il s’agit d’une nouvelle réponse militaire à une attaque jihadiste à Palmyre mi-décembre, qui avait coûté la vie à deux militaires américains.

• Les Massaïs sacrifié·es aux parcs touristiques (afriquexxi.info)
  

  Dans le nord de la Tanzanie, safaris, princes arabes et industrie du tourisme ont pris la place des Massaïs, exproprié·es de leurs terres au nom d’un modèle néocolonial et de la recherche du profit à tout prix.

• UK and France ‘ready to deploy troops’ to Ukraine after ceasefire (theguardian.com)
• Criminalisation de l’asile en Grèce : suites (blogs.mediapart.fr)
• JO d’hiver en Italie : « La montagne a été éventrée » (reporterre.net)
  

  Les Jeux olympiques et paralympiques d’hiver 2026 en Italie étaient promus comme les plus écolos de l’histoire. Mais à un mois de leur lancement, plusieurs chantiers sont lourdement critiqués par des associations et des habitant·es.

• Après l’incendie de Crans-Montana, la télé suisse révèle une vidéo qui pointe un danger connu dans le bar (huffingtonpost.fr)
  

  Sur des images épinglées par la RTS tournées il y a six ans, un employé met en garde des clients qui approchent des feux de Bengale du plafond couvert de mousse isolante.

• Brussels plots open source push to pry Europe off Big Tech (theregister.com)
  

  The European Commission has launched a fresh consultation into open source, setting out its ambitions for Europe’s developer communities to go beyond propping up US tech giants’ platforms.

• En 2026, l’UE permettra aux États-Unis d’accéder aux données biométriques de millions d’Européen·nes (euractiv.fr)
  

  Malgré les relations de plus en plus tendues entre l’UE et les États-Unis, la perspective de communiquer des données sensibles et personnelles concernant des millions d’Européen·nes semble faire l’unanimité au sein du bloc.

  

• Anna’s Archive Loses .Org Domain After Surprise Suspension (torrentfreak.com)
  

  Popular shadow library Anna’s Archive has lost control over its main domain name. Annas-archive.org was suspended and put on serverHold status, which is an action that’s typically taken by the domain name registry. The site’s operator doesn’t believe that the actions are related to its recently announced Spotify backup and stresses that the site remains accessible through alternative domains.

  Voir aussi Anna’s Archive loses .org domain, says suspension likely unrelated to Spotify piracy (arstechnica.com)

• Les États-Unis quittent 66 organisations internationales (courrierinternational.com)
  

  Pour The Guardian, cette décision du président américain pose des questions d’ordre juridique puisque, “le traité de la CCNUCC ayant été ratifié par le Sénat, il n’est pas certain que Trump puisse le dénoncer unilatéralement. Ni qu’un futur président puisse réintégrer la convention-cadre sans un nouveau vote du Sénat.”

  Voir aussi Trump retire les États-Unis de 66 organisations internationales, dont le Giec et la Convention-cadre des Nations unies sur les changements climatiques (humanite.fr)

• Make Colonialism Great Again : la Maison-Blanche fait de la recolonisation sa doctrine globale (legrandcontinent.eu)
• Donald Trump et son clan suggèrent que les États-Unis envisagent d’annexer le Groenland « prochainement » (legrandcontinent.eu)
• Donald Trump et le Groenland : Face aux pressions, Björk exhorte les habitants à déclarer leur indépendance (huffingtonpost.fr)
  

  Pour l’artiste islandaise, l’idée que ses « compatriotes groenlandais puissent passer d’un colonisateur cruel à un autre est trop brutale ».

  

• Au Sénat, cinq élus républicains s’opposent à la prise de contrôle du Groenland par Trump (legrandcontinent.eu)
• U.S. Approves $45M Hellfire Missile Sale to Denmark Despite Active Threats to Seize Greenland (en.defence-ua.com)
• Trump éructe contre les frondeurs Républicains qui lui infligent un camouflet sur le Venezuela (huffingtonpost.fr)
  

  Cinq sénateurs républicains ont rejoint les démocrates pour faire avancer une résolution limitant les pouvoirs militaires de Trump après son action controversée au Venezuela.

• La légalité de l’opération au Venezuela et la capture de Maduro questionnées aux États-Unis (huffingtonpost.fr)
  

  Tandis que les démocrates dénoncent un « acte de guerre », des experts pointent que l’opération a violé la Charte des Nations Unies.« Ils ont pénétré au Venezuela, bombardé des sites aussi bien civils que militaires. Et c’est une violation de la loi de faire ce qu’ils ont fait sans obtenir l’autorisation du Congrès »

• Attaque contre le Venezuela : Delcy Rodriguez, présidente par interim, prête à dialoguer avec Trump (revolutionpermanente.fr)
• Trump ne va pas apprécier la réponse de l’Institut Nobel à Machado, qui n’excluait pas de lui donner son prix (huffingtonpost.fr)
  

  L’Institut Nobel norvégien a opposé un non catégorique à la lauréate du prix Nobel de paix 2025, Maria Corina Machado, après qu’elle a suggéré qu’elle pourrait « partager » voire « remettre » sa prestigieuse distinction au président américain.

• US congressmen ask judge to appoint official to force release of all Epstein files (theguardian.com)
• « QAnon Shaman », le plus célèbre manifestant de l’insurrection du Capitole, acte sa rupture avec Trump (huffingtonpost.fr)
  

  Jake Chansley, condamné pour sa participation à l’attaque du 6 janvier 2021, en veut à Donald Trump pour sa gestion du dossier Epstein.« Le mec refuse de publier la liste de clients d’Epstein, ça a été suffisant pour moi et pour plein d’autres gens de se dire : “Ok, c’est n’importe quoi”. »

• Big Tech’s fast-expanding plans for data centers are running into stiff community opposition (apnews.com)
  

  Communities across the United States are reading about — and learning from — each other’s battles against data center proposals that are fast multiplying in number and size to meet steep demand as developers branch out in search of faster connections to power sources.

• Every data centre is a U.S. military base (policyalternatives.ca)
  

  Understanding how the United States uses its tech companies to serve empire

• Trump administration freezes $10 billion in child, family aid to 5 states over fraud concerns (cnbc.com)
  

  All five states targeted by the freeze — California, Colorado, Illinois, Minnesota and New York — are led by Democrats.

• Measles continues raging in South Carolina ; 99 new cases since Tuesday (arstechnica.com)
  

  Previous measles transmission studies have shown that one measles case can result in up to 20 new infections among unvaccinated contacts.

• L’ISS évacuée à cause d’un astronaute malade, une première (huffingtonpost.fr)
  

  Aucun détail n’a été donné sur la nature de ce problème, mais il a été précisé que l’astronaute, dont on ignore l’identité, se trouve dans un état stable.

• SpaceX gets FCC permission to launch another 7,500 Starlink satellites (arstechnica.com)
• ESA considers righting the wrongs of Ariane 6 by turning it into a Franken-rocket (arstechnica.com)
  

  ArianeGroup proposes replacing the Ariane 6 rocket’s solid-fueled side boosters with new liquid-fueled boosters. The boosters would be developed by MaiaSpace, a French subsidiary of ArianeGroup working on its own partially reusable small satellite launcher. MaiaSpace and ArianeGroup would convert the Maia rocket’s methane-fueled booster for use on the Ariane 6.

• Nature-inspired computers are shockingly good at math (phys.org)

Spécial IA

• Depuis plus d’un an, l’armée ukrainienne teste en condition réelle des drones alimentés par l’IA (legrandcontinent.eu)
  

  un projet confidentiel piloté par l’ancien PDG de Google, Eric Schmidt

• Ford is getting ready to put AI assistants in its cars (arstechnica.com)
• Les PC avec IA n’intéressent personne et c’est Dell qui le dit (kulturegeek.fr)
  

  Malgré l’omniprésence du marketing autour de l’intelligence artificielle, Dell révèle que les fonctions IA ne constituent pas le déclencheur d’achat pour le grand public qui veut un nouveau PC.

• La FDA réduit sa surveillance des dispositifs de santé portables ou s’appuyant sur l’IA (next.ink)
  

  Le directeur de la FDA, Marty Makary, a annoncé au CES assouplir la régulation sur les appareils de santé numériques, notamment concernant les logiciels d’aide à la décision clinique (dont ceux utilisant l’IA générative) et les produits portables pour surveiller les problèmes de santé, tant que ceux-ci ne s’affichent pas comme des dispositifs médicaux.

• AI starts autonomously writing prescription refills in Utah (arstechnica.com)
• OpenAI lance ChatGPT Santé et encourage les utilisateurs à connecter leurs dossiers médicaux (intelligence-artificielle.developpez.com) – voir aussi OpenAI launches ChatGPT Health, encouraging users to connect their medical records (theverge.com)
• Un adolescent meurt par overdose après avoir suivi des conseils de ChatGPT : pourquoi l’usage de l’IA grand public peut poser un problème de santé publique majeur (intelligence-artificielle.developpez.com)
• Un discours généré avec ChatGPT provoque l’annulation d’un mariage aux Pays-Bas (huffingtonpost.fr)
  

  Selon la justice, « le mariage entre l’homme et la femme n’a pas été officialisé », en raison d’une réplique manquante lors de la cérémonie.

• ’Get the f**k off there’ : MPs, Senators call on government to abandon X/Twitter following wave of ‘Grok porn’ (hilltimes.com) – voir aussi The Abuse Factory (thegist.ie)
  

  X, the child abuse imagery app, revealed our state has no red lines.

  Et Elon Musk’s X must be banned (disconnect.blog)

  Let’s be honest with ourselves : if a broadcaster or newspaper had started publishing thousands of non-consensual, sexually explicit images of women or — even worse — of children, politicians and regulators would be out for blood. It would be a front-page, ongoing scandal and the organization responsible would be quickly brought to heel because it would be so outrageous.

• India gives Musk 72 hours as X floods with obscene images generated using Grok (restofworld.org)
  

  France and Malaysia have also launched probes into the viral Grok bikini trend.

• Adobe accusé de pillage d’ebooks : le gardien du droit d’auteur devient suspect (actualitte.com)
  

  Adobe occupe depuis des décennies une place centrale dans l’écosystème logiciel : Photoshop, Illustrator ou InDesign sont devenus des standards professionnels, voire des extensions naturelles. Mais depuis quelques mois, ce statut d’allié des auteurs et des éditeurs se fissure. En cause : des poursuites judiciaires intentées aux États-Unis, accusant le groupe d’avoir entraîné ses modèles d’intelligence artificielle sur des livres protégés par le droit d’auteur, sans autorisation ni compensation.

• Journalistic Malpractice : No LLM Ever ‘Admits’ To Anything, And Reporting Otherwise Is A Lie (techdirt.com)
• Google : Don’t make “bite-sized” content for LLMs if you care about search rank (arstechnica.com)
  

  The idea is that if you split information into smaller paragraphs and sections, it is more likely to be ingested and cited by generative AI bots like Gemini. So you end up with short paragraphs, sometimes with just one or two sentences, and lots of subheds formatted like questions one might ask a chatbot.

• Microsoft CEO Begs Users to Stop Calling It “Slop” (futurism.com)
• Linus Torvalds : Stop making an issue out of AI slop in kernel docs – you’re not changing anybody’s mind (theregister.com)
• AI Fails at Most Remote Work, Researchers Find (slashdot.org)
  

  The AI systems failed on nearly half of the Remote Labor Index projects by producing poor-quality work, and they left more than a third incomplete. Nearly 1 in 5 had basic technical problems such as producing corrupt files

• AI will compromise your cybersecurity posture (rys.io)

Les Facepalm de la semaine

• Furious AI Users Say Their Prompts Are Being Plagiarized (futurism.com)
• S’agrandir le pénis pour gagner ? La folle méthode de triche qui frappe le saut à ski (ladepeche.fr)

Spécial Renée Nicole Good

• À Minneapolis, fureur après la mort d’une Américaine tuée par la police de l’immigration (huffingtonpost.fr)
  

  L’administration Trump accuse la femme d’avoir voulu de se servir de sa voiture comme une arme en fonçant sur la police, mais les vidéos de la scène racontent autre chose.

• “Des tirs en plein visage” : un agent de l’ICE, la police de l’immigration américaine, abat une femme dans sa voiture à Minneapolis, la version des autorités qualifiée de “connerie” par le maire (lindependant.fr)
  

  “Nous exigeons le départ immédiat de l’ICE”, a réagi le maire de la ville, alors que le ministère de la sécurité intérieure parle de légitime défense et évoque un “acte de terrorisme intérieur”.

  

• Abolish ICE Before They Kill Again, Impeach Trump & Noem Before They Incite More Murder (techdirt.com)
  

  Renee Nicole Good was a 37-year-old award-winning poet, a mother of a six-year-old, and a wife who had recently moved to Minneapolis. That all ended yesterday when a masked ICE agent murdered her in broad daylight, shooting her multiple times at close range in the head.

• AOC says ICE has become an “anti-civilian, paramilitary” org after an agent murdered a queer woman (lgbtqnation.com)
• L’ICE de Donald Trump a abattu une citoyenne américaine, elle tente maintenant de salir sa mémoire (slate.fr)
• Trump Isn’t Just Defending ICE for Killing a Woman. He’s Taking It a Chilling Step Further. (slate.com)
  

  The president is blaming his political rivals—and possibly opening the door to more repression.

• Renée Nicole Good – assassinée par l’ICE à Minneapolis le 7 janvier 2026 était une poétesse ayant reçu des prix pour sa poésie. On peut lire l’un de ses poèmes par ici : On Learning to Dissect Fetal Pigs (poets.org).
  Voir aussi Renée Nicole Good abattue par l’ICE : son poème prémonitoire (lundi.am)
• Après la mort de Renée Nicole Good, des foules immenses réunies aux États-Unis contre l’ICE (huffingtonpost.fr)
  

  Plus personne n’empêche désormais l’administration Trump de tuer des citoyens, de voler et d’enlever des êtres humains. Il est temps que ça s’arrête.

  

Spécial femmes dans le monde

• Emprisonnée par son pays depuis 4 ans, la journaliste tunisienne Chadha Haj Mbarek privée de soins vitaux (humanite.fr)
  

  Mercredi 7 janvier, les proches de la journaliste arrêtée en 2021 ont lancé un appel pour exiger sa libération immédiate et sa prise en charge médicale d’urgence : un diagnostic a révélé qu’elle souffre de deux cancers.

• Un #MeToo politique déferle en Espagne, pays pionnier de la lutte contre les violences sexuelles (politis.fr)
  

  Une vague de dénonciations de harcèlement sexuel visant des politiques continue de déferler en Espagne, pays pourtant cité comme exemple dans la lutte contre les violences faites aux femmes. Signe qu’il reste encore du travail à faire ?

• Perpétuité pour Sammy Djedou, peine infinie des femmes yézidies (axellemag.be)
  

  En novembre dernier, la Belgique a condamné le Belge Sammy Djedou pour sa participation au génocide yézidi et pour avoir commis des crimes contre l’humanité envers trois femmes yézidies. Notre pays est ainsi devenu le quatrième membre de l’Union européenne à reconnaître judiciairement le génocide yézidi. Un homme absent, peut-être mort, qu’on juge, des silences qui racontent l’horreur

• Conservative pastor says feminism is a “form of transgenderism” in hateful rant (lgbtqnation.co)
  

  Whether a woman gets a career or transitions, they’re “rejecting their femininity” and “destroying America.”

• Hacktivist deletes white supremacist websites live onstage during hacker conference (techcrunch.com) – voir aussi ‘“Tinder for Nazis” hit by 100GB data leak, thousands of users exposed’ (cybernews.com) et Woman Hacks “Tinder for Nazis,” Tricks the Racist Users Into Falling in Love With AI Chatbots (futurism.com)
  

  Show interest in traditional family roles and heritage, using an approachable tone with a mix of warmth and conviction.

• Indigenous women lead a firefighting brigade in Brazil’s Cerrado (news.mongabay.com)
• New vaginal speculum design might motivate women to go for health checkups (tudelft.nl – article de janvier 2025) – voir aussi Revolutionizing women’s health : New speculum designed to eliminate pain and anxiety (personalcareinsights.com – article de juillet 2025)
• Not Just A ‘Woman’s Hobby’ – Why More Men Are Picking Up Sewing, And Why You Should Too (studyfinds.org)

Spécial Palestine et Israël

• Cisjordanie : Netanyahou attaque l’université de Bir Zeit (humanite.fr)
  

  Le 6 janvier, les forces d’occupation israéliennes ont mené un raid, blessant 41 étudiant·es.

• Génocide à Gaza : le statut de réfugié accordé aux Palestinien·nes de l’enclave étendu à celleux de Cisjordanie (humanite.fr)
  

  La Cour nationale du droit d’asile a non seulement confirmé le statut de réfugié pour les Palestinien·nes de Gaza, mais l’a également étendu à celleux de Cisjordanie, alors que le génocide perpétré par Israël continue, malgré le cessez-le-feu.

• Israel has detained Dr. Hussam Abu Safiya without charges for a year. Why has the New York Times refused to cover his case ? (mondoweiss.net)
  

  One year ago, an iconic photo from Gaza went viral of Dr. Hussam Abu Safiya walking through rubble in Gaza to be detained by Israeli forces. Today, Safiya is still being held without charges, but you wouldn’t know it from reading the New York Times.

  

Spécial France

• Le budget 2026 de retour à l’Assemblée, Eric Coquerel a trouvé une astuce pour reparler taxation des plus aisés (huffingtonpost.fr)
  

  Le président de la « ComFi » entend se baser sur une jurisprudence du Conseil Constitutionnel qui permet de « mettre sur la table des mesures nouvelles à partir du moment où ce sont des mesures nouvelles fiscales brutes : c’est-à-dire qui ne font qu’augmenter les recettes et ne transforment pas les impôts »

• Affaire des assistants parlementaires du FN : le président du tribunal de Paris met en garde contre une éventuelle « ingérence » américaine avant le procès en appel (lemonde.fr) – voir aussi Trump contre « l’Humanité » (humanite.fr)
  

  Voilà une nouvelle leçon de démocratie à la Trump : quand on vous accuse d’ingérence, criez à la désinformation. C’est ce que fait la ministre adjointe des Affaires étrangères américaine, Sarah B. Rogers, qui attaque l’Humanité sur X. Elle affirme que l’information selon laquelle l’administration Trump pourrait sanctionner les juges de Marine Le Pen serait une « fake news ». A partir du 13 janvier et jusqu’à la mi-février, la cheffe de file de l’extrême droite, Marine Le Pen, et onze autres prévenus vont être jugés par la cour d’appel de Paris, soupçonnés d’avoir détourné l’argent du Parlement européen au seul profit du parti.

• Marine Le Pen, le procès d’une vie (mediapart.fr) Dossier en accès libre.
• Fin de l’ADSL : Orange reporte la fermeture commerciale, la fibre n’est pas complètement déployée (01net.com)
• Une fuite de données de santé liée à Doctolib ? Heureusement, non, mais de nombreuses infos de Français·es publiées sur le dark web (clubic.com)
  

  Une fuite de données liée, à tort, à Doctolib vient d’être publiée sur un forum cybercriminel. Plus de 150 000 informations personnelles de patients de deux établissements français circulent désormais en ligne.

• Des infirmières de cancérologie reconnues malades d’avoir soigné (basta.media)
  

  Une ex-soignante de cancérologie de Rennes vient d’obtenir la reconnaissance de son cancer comme maladie professionnelle. Elle avait été exposée à des substances toxiques dans son travail. Cela faisait six ans qu’elle se battait.

• Handicap et accessibilité : 4 grands sites de vente en ligne hors la loi (60millions-mag.com)
  

  Auchan, Carrefour, E.Leclerc et Picard Surgelés ont été épinglés pour accessibilité numérique insuffisante.

• Neige et verglas : Record de bouchons en Île-de-France, avec plus de 1 000 kilomètres d’embouteillages (huffingtonpost.fr)
  

  Alors que la région parisienne est placée en vigilance orange, d’importantes chutes de neige ont provoqué plus de 1 000 kilomètres de bouchons.

• Des salles de classe transformées en chambres : l’école, refuge pour les enfants à la rue (basta.media)
  

  Des dizaines d’enfants sans-abri trouvent refuge chaque nuit avec leur famille dans des écoles de Lyon, grâce à l’engagement d’enseignants et de parents d’élèves.

  

• Le dou détruit des familles en silence, à Saint-Pierre comme ailleurs (parallelesud.com)
  

  Depuis 2023, le dou mène la vie dure à plusieurs familles réunionnaises. Cette drogue de synthèse très addictive, a d’abord été localisée dans le sud de l’île et, en peu de temps, a déjà causé de nombreux dégâts

• Nucléaire : une start-up en redressement judiciaire malgré de fortes subventions publiques (reporterre.net)
• Tempête Goretti : la centrale nucléaire de Flamanville à l’arrêt (reporterre.net)

RIP

• Généalogies féministes et fractures politiques : à la mémoire d’Eleni Varikas (blogs.mediapart.fr)
  

  Le vendredi 9 janvier 2026, Eleni Varikas s’est éteinte à Paris. Son travail s’est concentré sur la théorie féministe, le colonialisme, les origines du racisme et les problématiques de l’exclusion. À travers une lecture exigeante de l’universalisme moderne, Eleni Varikas n’a cessé d’en interroger les angles morts, les exclusions constitutives et les hiérarchies qu’il prétend pourtant abolir.

Spécial femmes en France

• CNews : Le sexisme décomplexé de Ciotti envers Panot (humanite.fr)
  

  Éric Ciotti s’est vautré dans le sexisme crasse envers Mathilde Panot. Une séquence qui a au moins le mérite de rappeler que l’extrême droite et ses alliés ne sont JAMAIS du côté de la lutte pour les droits des femmes.

• Écriture inclusive : l’Académie française « proteste solennellement » après cette décision de justice (huffingtonpost.fr)
  

  Le Conseil d’État a rejeté le pourvoi d’une association qui cherchait à faire retirer deux plaques commémoratives dans un couloir de l’Hôtel de ville de Paris.

• La transparence salariale sera un choc culturel majeur pour les entreprises françaises (slate.fr)
  

  les économistes tchèques Klára Kantová et Michaela Hasíková montrent –à travers une méta-analyse combinant 268 estimations issues de douze études menées dans plusieurs pays de l’Organisation de coopération et de développement économiques (OCDE)– que les lois de transparence salariale entraînent en moyenne une réduction modeste mais significative des différences de salaire entre les hommes et les femmes, de l’ordre de 1,2 % en faveur des femmes. Cet effet provient généralement d’une légère hausse des salaires féminins, mais aussi d’une compression salariale, c’est-à-dire d’un ralentissement de la progression salariale masculine.

• Cyberharcèlement de Brigitte Macron : dix personnes condamnées jusqu’à six mois de prison ferme (huffingtonpost.fr)
  

  Dans cette affaire, dix personnes étaient accusées d’avoir publié sur les réseaux sociaux des insultes et fake news sur le genre et l’âge de l’épouse d’Emmanuel Macron.

  Voir aussi Face aux complotistes, la défense transphobe de Brigitte Macron (politis.fr)

  En allant jusqu’aux États-Unis pour un nouveau procès où elle annonce qu’elle produira des preuves « scientifiques », elle crée un précédent dangereux pour toutes les femmes […] il n’existe scientifiquement pas de « vérité biologique » qu’elle puisse rendre publique et qui annulerait irrévocablement la multiplicité des possibles situations des personnes trans et intersexes.

• Brest : une femme retrouvée morte à son domicile, son compagnon placé en garde à vue (leparisien.fr)
  

  Chaque jour en France, plus de trois femmes sont victimes de féminicide ou tentative de féminicide conjugal, un chiffre en hausse sur un an selon les données 2024 de la Mission interministérielle pour la protection des femmes (Miprof) publiées en novembre.

Spécial médias et pouvoir

• Attaque américaine au Venezuela : ce que révèle le “zéro mort” de franceinfo (arretsurimages.net)
• StreetPress épingle Off Investigation, qui assume puis se contredit (portail.basta.media)
  

  Après une enquête de StreetPress révélant la collaboration d’Off Investigation avec quatre journalistes liés à des médias complotistes, antisémites ou d’extrême droite, le patron du média assume et dénonce une « chasse aux sorcières »… avant d’être désavoué par sa rédaction.

• En Bretagne, des journalistes empêchés d’enquêter : « On ressent une méfiance croissante vis-à-vis de la presse indépendante » (environnementsantepolitique.fr)
  

  En décembre, le site indépendant « Splann ! » s’est vu refuser l’accès à un événement organisé par le conseil départemental du Finistère. Ses journalistes dénoncent une entrave à l’exercice de leur métier et un climat de défiance qui s’aggrave.

• À Perpignan, ville RN, le directeur de la police municipale attaque le média L’Empaillé (basta.media)
  

  Le média du Sud-Ouest « L’Empaillé » comparaît devant le tribunal correctionnel de Perpignan ce 8 janvier après une plainte du directeur de la police municipale de la ville RN pour « injure publique ». Pour le journal, c’est une procédure-bâillon.

Spécial emmerdeurs irresponsables gérant comme des pieds (et à la néolibérale)

• Emmanuel Macron n’imagine pas les États-Unis “violer la souveraineté danoise” au Groenland (franceinfo.fr)
• La DGSI reconduit Palantir : chronique d’une dépendance assumée en pleine tension transatlantique (synthmedia.fr)
• Le ministère de la Culture relaie une « hallucination » générée par IA (next.ink)
  

  le ministère de la Culture vient lui-même de publier un communiqué de presse largement inspiré d’un billet de blog généré par IA, tout en y relayant une erreur « hallucinée » par l’IA.

• « On s’est fait rouler dessus par le privé » : des associations craignent une privatisation de l’Evars (basta.media)
  

  Alors qu’un programme d’éducation à la sexualité est pour la première fois imposé à tous les établissements scolaires depuis la rentrée 2025, des associations, syndicats et enseignants s’inquiètent de l’arrivée d’acteurs privés sur le marché.

• Le débat à l’Assemblée sur la pétition contre la loi Duplomb reporté : « Une baffe dans la tête de plus de deux millions de Françaises » (vert.eco)
• Ces mesures de la loi Duplomb passées inaperçues (mais qui avancent en coulisses) (basta.media)
  

  Cinq mois après sa promulgation, la loi Duplomb commence à être appliquée. Avec des effets très concrets sur le recours aux pesticides ou l’agrandissement des plus grandes exploitations d’élevage. Voici ce à quoi vous n’avez pas échappé.

• Dermatose nodulaire contagieuse : plus qu’une infection, un malaise (blogs.mediapart.fr)
  

  Sous couvert de nécessité sanitaire, l’abattage massif des bovins face à la dermatose nodulaire contagieuse cristallise controverses techniques, fractures économiques et conflits politiques. Loin d’une simple crise cantonnée au monde vétérinaire, la DNC et sa gestion révèlent un modèle d’élevage fragilisé dans un contexte de défiance croissante envers les institutions politiques et scientifiques.

• Decathlon, Shein, Kiabi : les invendus servent à encaisser des millions d’euros d’argent public (reporterre.net)
  

  La loi antigaspillage permet à la fast-fashion d’économiser 60 % d’impôts sur chaque vêtement donné à des associations comme Emmaüs, révèle Disclose avec Reporterre, à partir de documents confidentiels.

Spécial recul des droits et libertés, violences policières, montée de l’extrême-droite…

• Campus IA : quand la concertation démocratique devient un théâtre d’acceptabilité sociale (synthmedia.fr)
• Publicité, surveillance, expropriation : une loi spéciale JO 2030 dérégule à tout va (reporterre.net)
  

  Les députés doivent se prononcer le 6 janvier sur la loi pour l’organisation des Jeux Olympiques d’hiver de 2030. Ce texte vise à créer une longue liste de dérogations et passe-droits sociaux et environnementaux.

• Six élus RN dont trois députés membres d’un groupe Facebook raciste et islamophobe (humanite.fr)
  

  “Qui aurait pu prédire ?” : six élus RN dont trois députés sont membres d’un groupe Facebook raciste et islamophobe, révèle le site Les Jours. Et ce n’est pas la première fois…

• Ardèche – Annonay : exclue depuis 2 mois du lycée car son bonnet de chimio est assimilé à un signe religieux (le-reveil-vivarais.fr)
• Attaque au couteau dans le métro parisien : quand la nationalité devient l’information (politis.fr)
  

  L’attaque du 26 décembre a fait la une de l’actualité… et l’objet de nombreuses récupérations politiques racistes, remettant le débat sur les OQTF au cœur de la machine médiatique.

• L’homme qui avait écrasé un œuf sur Jordan Bardella condamné à de la prison avec sursis (huffingtonpost.fr)
  

  Le prévenu, un agriculteur à la retraite de 74 ans, avait écrasé un œuf sur la tête du président du RN lors d’une séance de dédicace à Moissac en novembre.

Spécial résistances

• C’est TOUJOURS PAS notre guerre ! (cqfd-journal.org)
  

  Que l’État et les réacs fassent feu de tout bois pour faire renaître en nous l’esprit de sacrifice et l’amour de la patrie, on l’avait vu venir. Mais que la gôche arpente à nouveau les sentiers guerriers, ça nous hérisse le crin. Réaction à chaud contre le retour du nationalisme belliqueux.

• De Paris au Kurdistan, une même exigence : vérité, justice et paix (humanite.fr)
  

  Chaque 9 janvier, la mémoire rassemble. Treize ans après les assassinats de militantes kurdes à Paris, la mobilisation, samedi, a affirmé l’exigence de justice et dénoncé les bombardements visant les Kurdes en Syrie.

• « Virage autoritaire sur le système de santé » : pourquoi les médecins font grève (ou pas) (basta.media)
  

  Les médecins ont lancé une grève de dix jours en début de semaine, pour protester contre un contrôle accru des arrêts maladie et des menaces de sanctions. Mais toutes les organisations professionnelles ne sont pas en accord avec ce mouvement.

  

• “Je préférerais plus de soutien politique et de financements” : pourquoi le président de France Nature Environnement refuse la Légion d’honneur (france3-regions.franceinfo.fr)
• Des tracteurs d’agriculteurices ont atteint la tour Eiffel et l’Arc de Triomphe à Paris malgré l’interdiction (huffingtonpost.fr)
• Incidents à répétition et dépassements des normes, le four numéro 2 de l’incinérateur d’ordures ménagères d’Ivry-Paris XIII doit fermer (collectif3r.org)
  

  La publication le 6 janvier 2026 d’un article dans Le Monde révèle de nouveaux accidents et dépassements de polluants émis par l’ancien incinérateur d’Ivry-Paris-XIII et par le nouvel incinérateur de l’Interval.

Spécial outils de résistance

• Data centers : une carte exclusive des sites en projet (reporterre.net)
• Générateur de logo antifa (antifa.s3lph.me)

Spécial GAFAM et cie

• Google verrouille Android : la fin des ROMs customs est programmée (generation-nt.com)
• Google Is Adding an ‘AI Inbox’ to Gmail That Summarizes Emails (wired.com)
• Amazon’s AI assistant comes to the web with Alexa.com (techcrunch.com)
• Meta signs deals with three nuclear companies for 6-plus GW of power (techcrunch.com)
• Countries are outlawing online gambling ads. Meta is selling them anyway (restofworld.org)
  

  A Rest of World analysis found Meta is disregarding local laws and the company’s own guidelines in at least 13 countries.

• An Instagram data breach reportedly exposed the personal info of 17.5 million users (engadget.com)
  

  As spotted by Malwarebytes, the alleged leak includes usernames, email addresses, phone numbers and more.

• Comment le fameux « écran bleu de la mort » de Windows est devenu l’arme des hackers pour pirater des hôtels (numerama.com)
• Microsoft is slowly turning Edge into another Copilot app (windowscentral.com)
• Copilot could soon live inside Windows 11’s File Explorer, as Microsoft tests Chat with Copilot in Explorer, not just in a separate app (windowslatest.com)
• Elon Musk says X’s new algorithm will be made open source next week (engadget.com)
  

  That includes ‘all code used to determine what organic and advertising posts are recommended to users,’ he wrote.

• Tim Cook and Sundar Pichai are cowards (theverge.com)
  

  X’s deepfake porn feature clearly violates app store guidelines. Why won’t Apple and Google pull it ?

Les autres lectures de la semaine

• Vers une fracture numérique : quand la géopolitique redessine l’open source en 2026 (goodtech.info)
• Trump may be the beginning of the end for ‘enshittification’ – this is our chance to make tech good again (theguardian.com)
• Poutine, Trump et un continent dans la tenaille : 10 points sur la défense européenne en 2026 (legrandcontinent.eu)
• Cinq scénarios pour le Venezuela post-Maduro (theconversation.com)
• Trump-Venezuela : le poids du droit, le choc de la légitimité (blogs.mediapart.fr)
• Du Groenland à la Chine, la géopolitique de Donald Trump est structurée par une obsession : les terres rares (legrandcontinent.eu)
• Les systèmes militaro-industriels, noyau totalitaire du capitalisme contemporain (contretemps.eu)
• Des technofascistes aux néolibéraux confus. Analyse internationale de la nouvelle vague réactionnaire (revuepolitique.be)
  

  Alors que la montée des droites radicales bouleverse les équilibres démocratiques aux États-Unis et en Europe, les concepts habituels – « populisme », « post-vérité », voire « libéralisme » – semblent de moins en moins adaptés à décrire les forces à l’œuvre. Dans cet entretien, le philosophe Jean-Yves Pranchère démonte les étiquettes paresseuses, analyse la nouvelle grammaire autoritaire d’une galaxie moins unie qu’on pourrait le croire.

• C’est quoi « l’écosocialisme » ? (frustrationmagazine.fr)
• Communistes, socialistes, anarchistes… Comment nous définir ? (frustrationmagazine.fr)
• What FOI Data Shows About Trans Women in Single Sex Spaces (translucent.org.uk)
  

  TransLucent’s Freedom of Information investigations across 382 public bodies, covering a period of over three years, found only four complaints about trans women using single-sex spaces, conclusively demonstrating that this widely publicised concern as part of the culture war against trans people is not supported by documented evidence from service providers.

• Échelles, cordes et serruriers : voici le récit insolite de la nuit où Napoléon a fait kidnapper… le pape (ouest-france.fr)

Les BDs/graphiques/photos de la semaine

• Stock market
• Médecins
• France
• Words
• Either
• Torch
• Salute
• Kaboum
• Maduro
• Trump
• Vocabulaire
• Ready
• Law
• Breaking
• Resistance
• Sloppy
• Antifa
• Wise
• Langues
• The Greek Mythology Family Tree : A Visual Guide Shows How Zeus, Athena, and the Ancient Gods Are Related (openculture.com)
• Lundi

Les vidéos/podcasts de la semaine

• Watch 50 David Bowie Music Videos Spanning Five Decades of Reinvention : “Space Oddity,” “Life on Mars ?” “ ‘Heroes’,” “Let’s Dance” & More (openculture.com)
• Et même Bowie – Les Goguettes (en trio mais à quatre) (indymotion.fr)
• Alma Dufour met la pâtée à un mec du RN à propos du Venezuela (tube.fdn.fr)
• Le cordon sanitaire médiatique (radiofrance.fr)
  

  Depuis 1988, nos voisins belges francophones ont mis en place une méthodologie médiatique restrictive pour les partis d’extrême droite. Stéphanie Thomas nous explique comment son pays défend un débat sans propos racistes ou discriminatoires.

• Choisir son nouveau fournisseur de messagerie | TUTO N°1 (tube.picasoft.net)

Les trucs chouettes de la semaine

• How the Free Software Foundation Kept a Videoconferencing Software Free (news.slashdot.org)
• Four More Tech Bloggers Are Switching to Linux (slashdot.org)
  

  Is there a trend ? This week four different articles appeared on various tech-news sites with an author bragging about switching to Linux.

• Bose open-sources its SoundTouch home theater smart speakers ahead of end-of-life (arstechnica.com)
  

  If companies insist on bricking gadgets, this is a better way to do it

• Pour retrouver un web douillet (clicetcetera.fr)
• Atlas sonore des langues régionales de France (atlas.lisn.upsaclay.fr)
• Dictionary of the Oldest Written Language–It Took 90 Years to Complete, and It’s Now Free Online (openculture.com)
  

  It took 90 years to com­plete. But, in 2011, schol­ars at the Uni­ver­si­ty of Chica­go final­ly pub­lished a 21-vol­ume dic­tio­nary of Akka­di­an, the lan­guage used in ancient Mesopotamia. Unspo­ken for 2,000 years, Akka­di­an was pre­served on clay tablets and in stone inscrip­tions until schol­ars deci­phered it dur­ing the last two cen­turies.

• Biodiversité : en 2025, un nombre de poulpes « exceptionnel » (humanite.fr)
  

  Les observations du céphalopode, réalisées par des plongeurs dans le cadre d’un programme scientifique participatif, ont révélé 1 500 % d’augmentation du poulpe commun par rapport au précédent pic de 2023.

Retrouvez les revues de web précédentes dans la catégorie Libre Veille du Framablog.

Les articles, commentaires et autres images qui composent ces « Khrys’presso » n’engagent que moi (Khrys).

Bonjour

Je ne sais pas si c’est le lieu pour poster mais je tente

J’ai créé une liste framagroupes en Novembre 2024 qui marchait correctement jusqu’en décembre

Mais maintenant elle ne marche plus, à savoir:

• Les messages envoyés à cette liste ne sont plus reçus par les abonnés et je n’ai pas de message d’erreur en retour
• L’envoi classique par mail à ces personnes fonctionne correctement
• Le parametrage des abonnés de la liste est celui par defaut: Normal(reception directe des messages), et Référencé dans la liste des abonnés
• La seule chose qui fonctionne est la reception quand je poste un message par l’interface web à moi-même) MAIS pour tous les abonnés, ça ne fonctionne pas
• Quand je lance un rappel d’abonnement, je suis le seul à le recevoir (les autres abonnés ne le recoivent pas)

Merci d’avance pour vos suggestions

3 messages - 1 participant(e)

Lire le sujet en entier

Hi everyone, can anyone tell me how to display my channel’s playlists on the homepage? As I see it, a user without logging in to his personal account simply won’t find playlists, this is possible, but you should apply filters, and before that, not everyone will guess. The « Looking for a way to prevent certain channels and playlists from being listed on the homepage » setting doesn’t have this option, and I couldn’t find it in the configuration either.

1 message - 1 participant(e)

Lire le sujet en entier

Bonjour à tous,

J’ai créée un mini-site framalibre via le parcours d’inscription de Scribouilli hier.

J’ai créée deux pages, l’une pour les outils PC et l’autre pour les outils smartphone.

Je constate que la 2e page n’apparait pas et que la 1ère ne se met plus à jour.

Ma question est simple : est-ce que c’est parce que le formatage du mini-site version framalibre empêche la création de plusieurs pages ?

Merci pour votre aide !

5 messages - 2 participant(e)s

Lire le sujet en entier

Bonjour,

Pour une association, nous cherchons un genre d’outils de chat auquel Framateam à l’air de plutot bien répondre jusqu’ici. On essaye de voir les limite de cet interface.

On essayant toutes les fonctionnalités, on s’est rendu compte qu’un membre de l’équipe et membre de canaux privé ou public pouvait intervenir sur la gestion membre d’un canal et aller jusqu’à “Retirer du canal” une personne dont le statut est administrateur du canal, voir de l’équipe.

Ce membre à la possibilité d’exclure tous les autres membres de la discussion. Pour peut qu’elle soit privée, plus personne ne peut y avoir l’accès.

Est ce que c’est un choix de la part de Framasoft pour une question de démocratie ? En effet, ça permet d’évacuer d’un canal, une personne administratrice problèmatique ?

De notre coté, on s’imagine convié des personnes totalement nouvelle à notre équipe, ce qui pose la question de la sécurité des accès aux discussions privées.
Est ce qu’il existe une fonctionnalité qui permet de réguler ce pouvoir des membres ?

Merci pour vos contributions,
Escalibure.

1 message - 1 participant(e)

Lire le sujet en entier

Thank you for sharing. Your sharing is of great help to me.

Bonjour,
je constate que l’édition d’une cellule n’est plus possible depuis un smartphone (browser basé sur chrome) alors que cela fonctionnait bien il y a 2 mois. Est-ce un bug ?

merci d’avance

8 messages - 4 participant(e)s

Lire le sujet en entier

Bonjour à toutes et à tous,

Je m’appelle Romain et je m’intéresse au monde du libre depuis quelques années déjà. Je suis passionné de nouvelles technologies et de musique. J’ai fondé le subreddit r/actutech en 2021 et j’ai récemment sorti un livre sur Mastodon et le Fédivers. Au plaisir de discuter avec vous.

1 message - 1 participant(e)

Lire le sujet en entier

Deepfakes are becoming more realistic and more popular. Luckily, defenders are still ahead in the arms race.

Cybercriminal cryptocurrency transactions totaled billions in 2025, with activity from sanctioned countries like Russia and Iran causing the largest jump.

This week, Keeper Security the launch of its JetBrains extension, offering JetBrains Integrated Development Environment (IDE) users a secure and seamless way to manage secrets within their development workflows. By integrating directly with the Keeper Vault, developers can replace hardcoded secrets with vault references and execute commands using injected credentials, ensuring sensitive data remains protected at every stage of development. 

Secure secrets management protects the credentials, API keys, tokens and certificates that applications rely on to function safely. When these secrets are mishandled, such as being stored in plaintext, hardcoded into source code or shared insecurely, they become easy targets for attackers. The Keeper JetBrains extension eliminates these risks by allowing developers to store, retrieve and generate secrets from the Keeper Vault without leaving their IDE.

Unlike standalone plug-ins or external vault tools that rely on third-party servers, the Keeper JetBrains extension operates within a zero-knowledge architecture, ensuring all encryption and decryption occur locally on the user’s device. Integrated natively with Keeper Secrets Manager and KeeperPAM®, it brings enterprise-grade privilege controls directly into the developer’s workflow to deliver strong security without slowing down development. 

“Modern software development demands security at every layer,” said Craig Lurey, CTO and Co-founder of Keeper Security. “Integrating Keeper into JetBrains ensures developers can apply secure-by-design principles from the start, eliminating hardcoded credentials and strengthening the integrity of the software supply chain.”

The Keeper JetBrains extension provides a range of powerful capabilities, including secrets management that allows users to save, retrieve, and generate secrets directly from the Keeper Vault. It also supports secure command execution by enabling applications to run with secrets safely injected from the vault. In addition, the extension offers logging and debugging tools, giving users access to logs and the ability to enable debug mode for full operational transparency, and it supports cross-platform use across Windows, macOS, and Linux environments.

The JetBrains extension builds on Keeper’s broader KeeperPAM® platform, an AI-enabled, cloud-native privileged access management solution that unifies password, secrets, connection and endpoint management under a zero-trust, zero-knowledge framework. 

 

The post Keeper Security Launches JetBrains Extension appeared first on IT Security Guru.

Linda McMahon, the nation’s secretary of education, says public schools are failing. 

In November, she promised a “hard reset” of the system in which more than 80% of U.S. children learn. But rather than invest in public education, she has been working to dismantle the Department of Education and enact wholesale changes to how public schools operate.

“Our final mission as a department is to fully empower states to carry the torch of our educational renaissance,” she said at a November press conference. 

To help her carry out these and other goals, McMahon has brought at least 20 advisers from ultraconservative think tanks and advocacy groups who share her skepticism of the value of public education and seek deep changes, including instilling Christian values into public schools.

ProPublica reporters Jennifer Smith Richards and Megan O’Matz spent months reporting and reviewing dozens of hours of video to understand the ideals and ambitions of those pulling the levers of power in federal education policy. They found a concerted push to shrink public school systems by steering taxpayer dollars to private, religious and charter schools, as well as options like homeschooling. The Education Department did not respond to a detailed list of questions from ProPublica. 

They also found top officials expressing a vision for the remaining public schools that rejects the separation of church and state and promotes a pro-America vision of history, an “uplifting portrayal of the nation’s founding ideals.” Critics argue the “patriotic” curricula downplay the legacy of slavery and paper over episodes of discrimination. 

Since its establishment in 1979, the Department of Education’s Office for Civil Rights has served as an enforcer of anti-discrimination laws in schools and colleges around the country. It’s the place parents turn to when they believe their schools failed to protect children from discrimination or to provide access to an equal education under the law. 

The Trump administration laid off much of the office’s staff in its first months and prioritized investigations into schools that allegedly discriminated against white and Jewish students and accommodated transgender students. McMahon and the department have framed this as a course correction in line with efforts to be more efficient and curb diversity, equity and inclusion policies from prior administrations. It has left little recourse for those seeking to defend the rights of students with disabilities, students of color and those facing sex discrimination. 

In this video, Smith Richards and O’Matz explain how McMahon and her advisers are reenvisioning the nation’s educational system and what that could mean for the future. 

Watch the video here.

The post Vouchers, Patriotism and Prayer: The Trump Administration’s Plan to Remake Public Education appeared first on ProPublica.

A cyber attack on shared IT systems used by several London councils has resulted in the theft of personal data relating to thousands of residents, raising renewed concerns about the resilience of local government cyber security and the risks posed by interconnected public-sector infrastructure.

Kensington and Chelsea Council confirmed that sensitive personal information was accessed during the incident, which also disrupted services across neighbouring boroughs. The attack prompted swift intervention from the National Cyber Security Centre (NCSC) and the Metropolitan Police, underlining the seriousness of the breach.

Cyber security leaders warn that the incident reflects a broader and accelerating threat to public-sector organisations. Darren Guccione, CEO and co-founder of Keeper Security, noted that this is the second significant cyber incident affecting a UK local authority in less than two months, highlighting how persistently councils are being targeted.

“Councils and other arms of government remain high-value targets for cybercrime because they hold extensive sensitive personal data and operate interconnected, often legacy, systems that are both attractive to attackers and difficult to defend at scale,” Guccione said. He added that the frequency of these attacks suggests adversaries are shifting away from opportunistic intrusion towards sustained and sophisticated campaigns designed to exploit systemic weaknesses and undermine public trust.

The technical characteristics of the attack have also raised alarm among experts. Graeme Stewart, head of public sector at Check Point, said the incident shows “all the signs of a serious intrusion”, citing multiple boroughs being taken offline and internal warnings instructing staff to avoid emails from partner councils.

“That’s classic behaviour when attackers get hold of credentials or move laterally through a shared environment,” Stewart said. “Once they’re inside one part of the network, they can hop through connected systems far faster than most councils can respond.”

Stewart added that the rapid shutdown of services suggests authorities feared escalation into encryption or large-scale data theft. “Councils hold incredibly sensitive material – social-care files, identity documents, housing records. If attackers got near that, the fallout wouldn’t stay local,” he warned.

The incident has also highlighted the risks created by shared and centralised IT platforms across local government. Dray Agha, senior manager of security operations at Huntress, described such environments as a “double-edged sword”.

“While shared systems are efficient, the breach of one council can instantly compromise its partners, crippling essential services for hundreds of thousands of residents,” Agha said. He stressed the need to move beyond purely cost-driven IT strategies and towards segmented, resilient architectures capable of containing attacks before they spread.

For residents affected by the breach, the immediate concern is how their personal information may be misused. Chris Hauk, consumer privacy advocate at Pixel Privacy, urged individuals to remain vigilant for phishing and fraud attempts, while calling on the council to provide tangible support.

“People that have had their data exposed should stay alert for phishing schemes and other scams,” Hauk said. He added that Kensington and Chelsea Council should offer free credit monitoring to affected residents, noting that government bodies frequently expect private-sector organisations to do the same following similar breaches.

Transparency will be critical in limiting long-term harm, according to Paul Bischoff, consumer privacy advocate at Comparitech. He called on the council to clarify what types of personal data were compromised as quickly as possible.

“Until then, victims cannot make informed choices about how to protect their personal information and finances,” Bischoff said. He noted that attackers have already published a proof pack containing sample stolen documents – a common tactic used by ransomware groups to substantiate their claims and apply pressure. “Based on our research into hundreds of ransomware attacks, the vast majority of these claims are legitimate,” he added.

At a policy level, Guccione pointed to the UK Government’s recently launched Cyber Action Plan, which includes more than £210 million in funding and the creation of a new Government Cyber Unit to improve coordination and resilience across public services.

“The plan is a positive development in recognising the cross-government nature of this challenge,” he said, but warned that central initiatives must be matched by action at the organisational level. He urged public-sector bodies to accelerate adoption of identity-centric security models, enforce stronger access controls, segment networks to limit lateral movement and implement continuous monitoring.

“Only by elevating cybersecurity from a technical afterthought to a core governance priority can public services reduce their exposure to increasingly persistent attacks and maintain citizens’ trust in the digital services they rely on,” Guccione said.

As investigations continue, the incident is expected to intensify scrutiny of cyber maturity across UK local authorities, many of which continue to deliver critical digital services under tight budgets and complex operational constraints.

The post London council cyber attack exposes personal data and highlights risks of shared public-sector IT appeared first on IT Security Guru.

Je suis curieux de connaître les expériences des personnes avec des systèmes d’exploitation mobiles dégooglisés comme iodéOS ou Murena, ici à Framasoft. Bien que degooglisons-internet.org soit d’une aide précieuse, j’ai l’impression qu’une grande partie du travail sur mobile reste à faire : la plupart d’entre nous ne se sont jamais réellement éloignés du système Android stock (ou pire encore, d’iOS), et nous continuons donc à partager toutes nos données avec Big Tech de Silicon Valley.

6 messages - 4 participant(e)s

Lire le sujet en entier