IT

Switzerland To Hold Referendum on Introducing Electronic ID (swissinfo.ch) 38

Switzerland will hold a national referendum on the introduction of electronic identity cards after opponents of the legislation secured enough signatures to force a public vote. The Federal Chancellery confirmed Wednesday that 55,344 valid signatures were submitted against the Federal Act on Electronic Identity passed last December.

The proposed e-ID would enable citizens to apply online for criminal record extracts, driving licenses, and age verification when purchasing alcohol. This marks the second referendum on e-ID implementation, after voters rejected a previous version in 2021. The government has revised its approach, making the new system free, optional, and fully state-operated rather than privately managed. If approved, the e-ID would come into force no earlier than 2026, though the collection effort suggests privacy concerns remain paramount for many Swiss voters.
AI

Curl Battles Wave of AI-Generated False Vulnerability Reports (arstechnica.com) 26

The curl open source project is fighting against a flood of AI-generated false security reports. Daniel Stenberg, curl's original author and lead developer, declared on LinkedIn that they are "effectively being DDoSed" by these submissions.

"We still have not seen a single valid security report done with AI help," Stenberg wrote. This week alone, four AI-generated vulnerability reports arrived seeking reputation or bounties, ArsTechnica writes. One particularly frustrating May 4 report claiming "stream dependency cycles in the HTTP/3 protocol stack" pushed Stenberg "over the limit." The submission referenced non-existent functions and failed to apply to current versions.

Some AI reports are comically obvious. One accidentally included its prompt instruction: "and make it sound alarming." Stenberg has asked HackerOne, which manages vulnerability reporting, for "more tools to strike down this behavior." He plans to ban reporters whose submissions are deemed "AI slop."
Government

CISA Budget Faces Possible $500 Million Cut (theregister.com) 48

President Trump's proposed 2026 budget seeks to cut nearly $500 million from CISA, accusing the agency of prioritizing censorship over cybersecurity and election protection. "The proposed cuts -- which are largely symbolic at this stage as they need to be approved by Congress -- are framed as a purge of the so-called 'censorship industrial complex,' a term the White House uses to describe CISA's work countering misinformation," reports The Register. From the report: In its fiscal 2024 budget request, the agency had asked [PDF] for a total of just over $3 billion to safeguard the nation's online security across both government and private sectors. The enacted budget that year was about $34 million lower than the previous year's. Now, a deep cut has been proposed [PDF], as the Trump administration decries the agency's past work tackling the spread of misinformation on the web by America's enemies, as well as the agency's efforts safeguarding election security. [...]

"The budget eliminates programs focused on so-called misinformation and propaganda as well as external engagement offices such as international affairs," it reads [PDF]. "These programs and offices were used as a hub in the censorship industrial complex to violate the First Amendment, target Americans for protected speech, and target the President. CISA was more focused on censorship than on protecting the nation's critical systems, and put them at risk due to poor management and inefficiency, as well as a focus on self-promotion."

Microsoft

Microsoft Labels Some Fired Staff as 'Good Attrition', Imposes Two-Year Rehiring Ban (businessinsider.com) 57

Microsoft has instituted a stringent new performance management system that places ousted employees on a two-year rehiring block list and categorizes their departures as "good attrition," Business Insider reported Tuesday, citing internal documents. The company now tracks staff departures it considers beneficial, mirroring Amazon's "unregretted attrition" metric, though no specific targets have been established yet.

Microsoft recently terminated 2,000 underperforming employees without severance and implemented a new performance improvement plan (PIP). Employees facing performance issues now must choose between entering the PIP or accepting a "Global Voluntary Separation Agreement" with 16 weeks of pay.

Further reading: Microsoft Offers Underperformers Cash To Quit.
IT

Open Document Format Turns 20 (theregister.com) 33

The Open Document Format reached its 20th anniversary on May 1, marking two decades since OASIS approved the XML-based standard originally developed by Sun Microsystems from StarOffice code. Even as the format has seen adoption by several governments including the UK, India, and Brazil, plus organizations like NATO, Microsoft Office's proprietary formats remain the de facto standard.

Microsoft countered ODF by developing Office Open XML, eventually getting it standardized through Ecma International. "ODF is much more than a technical specification: it is a symbol of freedom of choice, support for interoperability and protection of users from the commercial strategies of Big Tech," said Eliane Domingos, Chair of the Document Foundation, which oversees LibreOffice -- a fork created after Oracle acquired Sun.
Games

How Riot Games is Fighting the War Against Video Game Hackers (techcrunch.com) 55

Riot Games has reduced cheating in Valorant to under 1% of ranked games through its controversial kernel-level anti-cheat system Vanguard, according to the company's anti-cheat director Phillip Koskinas. The system enforces Windows security features like Trusted Platform Module and Secure Boot while preventing code execution in kernel memory.

Beyond technical measures, Riot deploys undercover operatives who have infiltrated cheat development communities for years. "We've even gone as far as giving anti-cheat information to establish credibility," Koskinas told TechCrunch, describing how they target even "premium" cheats costing thousands of dollars.

Riot faces increasingly sophisticated threats, including direct memory access attacks using specialized PCI Express hardware and screen reader cheats that use separate computers to analyze gameplay and control mouse movements. To combat repeat offenders, Vanguard fingerprints cheaters' hardware. Koskinas admits to deliberately slowing some enforcement: "To keep cheating dumb, we ban slower." The team also employs psychological warfare, publicly discrediting cheat developers and trolling known cheaters to undermine their credibility in gaming communities.
Privacy

Messaging App Used by Mike Waltz, Trump Deportation Airline GlobalX Both Hacked in Separate Breaches (reuters.com) 40

TeleMessage, a communications app used by former Trump national security adviser Mike Waltz, has suspended services after a reported hack exposed some user messages. The breach follows controversy over Waltz's use of the app to coordinate military updates, including accidentally adding a journalist to a sensitive Signal group chat. From the report: In an email, Portland, Oregon-based Smarsh, which runs the TeleMessage app, said it was "investigating a potential security incident" and was suspending all its services "out of an abundance of caution." A Reuters photograph showed Waltz using TeleMessage, an unofficial version of the popular encrypted messaging app Signal, on his phone during a cabinet meeting on Wednesday. A separate report from 404 Media says hackers have also targeted GlobalX Air -- one of the main airlines the Trump administration is using as part of its deportation efforts -- and claim to have stolen flight records and passenger manifests for all its flights, including those for deportation. From the report: The data, which the hackers contacted 404 Media and other journalists about unprompted, could provide granular insight into who exactly has been deported on GlobalX flights, when, and to where, with GlobalX being the charter company that facilitated the deportation of hundreds of Venezuelans to El Salvador. "Anonymous has decided to enforce the Judge's order since you and your sycophant staff ignore lawful orders that go against your fascist plans," a defacement message posted to GlobalX's website reads. Anonymous, well-known for its use of the Guy Fawkes mask, is an umbrella some hackers operate under when performing what they see as hacktivism.
Security

Hundreds of E-Commerce Sites Hacked In Supply-Chain Attack (arstechnica.com) 16

An anonymous reader quotes a report from Ars Technica: Hundreds of e-commerce sites, at least one owned by a large multinational company, were backdoored by malware that executes malicious code inside the browsers of visitors, where it can steal payment card information and other sensitive data, security researchers said Monday. The infections are the result of a supply-chain attack that compromised at least three software providers with malware that remained dormant for six years and became active only in the last few weeks. At least 500 e-commerce sites that rely on the backdoored software were infected, and it's possible that the true number is double that, researchers from security firm Sansec said. Among the compromised customers was a $40 billion multinational company, which Sansec didn't name. In an email Monday, a Sansec representative said that "global remediation [on the infected customers] remains limited."

"Since the backdoor allows uploading and executing arbitrary PHP code, the attackers have full remote code execution (RCE) and can do essentially anything they want," the representative wrote. "In nearly all Adobe Commerce/Magento breaches we observe, the backdoor is then used to inject skimming software that runs in the user's browser and steals payment information (Magecart)." The three software suppliers identified by Sansec were Tigren, Magesolution (MGS), and Meetanshi. All three supply software that's based on Magento, an open source e-commerce platform used by thousands of online stores. A software version sold by a fourth provider named Weltpixel has been infected with similar code on some of its customers' stores, but Sansec so far has been unable to confirm whether it was the stores or Weltpixel that were hacked. Adobe has owned Megento since 2018.

Microsoft

Microsoft Cracks Down On Bulk Email With Strict New Outlook Rules (betanews.com) 54

BrianFagioli writes: Microsoft has officially begun rejecting high-volume emails that don't meet its new authentication rules.

Here's the deal. If you send more than 5,000 messages per day to Outlook.com addresses (including hotmail.com and live.com) and you're not properly set up with SPF, DKIM, and DMARC, your emails may never arrive.

Open Source

May is 'Maintainer Month'. Open Source Initiative Joins GitHub to Celebrate Open Source Security (opensource.org) 6

The Open Source Initiative is joining "a global community of contributors" for GitHub's annual event "honoring the individuals who steward and sustain Open Source projects."

And the theme of the 4th Annual "Maintainer Month" will be: securing Open Source: Throughout the month, OSI and our affiliates will be highlighting maintainers who prioritize security in their projects, sharing their stories, and providing a platform for collaboration and learning... Maintainer Month is a time to gather, share knowledge, and express appreciation for the people who keep Open Source projects running. These maintainers not only review issues and merge pull requests — they also navigate community dynamics, mentor new contributors, and increasingly, adopt security best practices to protect their code and users....

- OSI will publish a series of articles on Opensource.net highlighting maintainers whose work centers around security...

- As part of our programming for May, OSI will host a virtual Town Hall [May 21st] with our affiliate organizations and invite the broader Open Source community to join....

- Maintainer Month is also a time to tell the stories of those who often work behind the scenes. OSI will be amplifying voices from across our affiliate network and encouraging communities to recognize the people whose efforts are often invisible, yet essential.

"These efforts are not just celebrations — they are opportunities to recognize the essential role maintainers play in safeguarding the Open Source infrastructure that underpins so much of our digital world," according to the OSI's announcement. And this year they're focusing on three key areas of open source security:
  • Adopting security best practices in projects and communities
  • Recognizing contributors who improve project security
  • Collaborating to strengthen the ecosystem as a whole

United States

US National Security Official Caught Using 'Less-Secure Signal App Knockoff' (theguardian.com) 101

Remember when U.S. National Security Adviser Mike Waltz mistakenly included a journalist in an encrypted chatroom to discuss looming U.S. military action against Yemen's Houthis?

A recent photo of a high-level cabinet meeting caught Waltz using a "less-secure Signal app knockoff," reports the Guardian: The chat app Waltz was using appears to be a modified version of Signal called TM SGNL, made by a company that copies messaging apps but adds an ability to retain messages and archive them. The White House officials may be using the modified Signal in order to comply with the legal requirement that presidential records be preserved... That function suggests the end-to-end encryption that makes Signal trusted for sharing private communications is possibly "not maintained, because the messages can be later retrieved after being stored somewhere else", according to 404 Media.
Thursday the national security adviser was removed from his position, the article points out.

He was instead named America's ambassador to the United Nations.
Crime

Man Pleads Guilty To Stealing 1.1 Terabytes of Disney's Slack Data (variety.com) 32

A 25-year-old from Santa Clarita has pleaded guilty to hacking a Disney employee's computer using malware disguised as an AI art tool, stealing over 1 terabyte of confidential Disney data and threatening to leak it under the guise of a fake Russian hacktivist group. Variety reports: Santa Clarita resident Ryan Mitchell Kramer, 25, pleaded guilty to two felony charges, including one count of accessing a computer and obtaining information and one count of threatening to damage a protected computer. Each charge carries a maximum sentence of five years in federal prison. According to the plea agreement, in early 2024 Kramer posted a computer program on various online platforms that appeared to be used to create AI-generated art, when it really contained a malicious file to gain access to victims' computers.

Between April and May 2024, a Disney employee downloaded the program, and Kramer gained access to the victim's personal and work accounts, including a non-public Disney Slack channel. Kramer dowloaded approximately 1.1 terabytes of confidential data from thousands of Disney Slack channels. In July, Kramer contacted the victim by pretending to be a member of a fake Russian hacktivist group called "Nullbulge" and threatened to leak their personal information and Disney Slack data. On July 12, Kramer publicly released the data, including the victim's bank, medical, and personal information on multiple online platforms.

Security

Microsoft Appoints Deputy CISO For Europe To Reassure European IT leaders (csoonline.com) 19

Microsoft has appointed a Deputy CISO for Europe to address growing regulatory pressure and reassure EU leaders about its cybersecurity commitment. "The move also highlights strong fears from European IT execs and government officials that the Trump administration may exert significant influence on cybersecurity companies," reports CSO Online. From the report: Who that Deputy CISO will ultimately be is unclear. Wednesday's statement simply said that Microsoft CISO Igor Tsyganskiy is "appointing a new Deputy CISO for Europe as part of the Microsoft Cybersecurity Governance Council," but the phrasing made it unclear when that would happen. However, Tsyganskiy made a separate announcement on LinkedIn that he has given the role to current Deputy CISO Ann Johnson. But he then said that Johnson, who is based at Microsoft's head office in Redmond, Washington, will hold that post "temporarily."

In his LinkedIn post, Tsyganskiy explained that the Cybersecurity Governance Council, which was created in 2024, consists of "our Global CISO and Deputy Chief Information Security Officers (Deputy CISOs) representing each of our technology services. This Council oversees the company's cyber risks, defenses, and compliance across regions and domains." "The Deputy CISO for Europe will be accountable for compliance with current and emerging cybersecurity regulations in Europe, including the Digital Operational Resilience Act (DORA), the NIS 2 Directive, and the Cyber Resilience Act (CRA)," Tsyganskiy wrote. "These laws will prove transformative not only in EU markets, but worldwide, and Microsoft is actively engaged in preparing for what lies ahead."
Microsoft said in Wednesday's statement: "the appointment of a Deputy CISO for Europe reflects the importance and global influence of EU cybersecurity regulations and the company's commitment to meeting and exceeding those expectations to prioritize cybersecurity across the region. This new position will report directly to Microsoft's CISO."

Michela Menting, France-based digital security research director at ABI Research, said when she heard on Wednesday that Microsoft was creating such a role, "I was mostly surprised that they don't already have one."

"GDPR has been in place for quite some time now and the fact they are only now putting in a European deputy CISO is concerning," Menting added. "They are playing catch up."
IT

Pinterest Users Left Confused By Mass Account Suspensions (theverge.com) 24

An anonymous reader shares a report: Pinterest is having some weird moderation issues. Reports of sweeping pin removals and account suspensions have appeared across social media platforms like Instagram, TikTok, and X, with many users saying they received no warning or explanation about the ban before being locked out of their accounts.

The r/Pinterest subreddit is also currently dominated by posts from confused users who claim their accounts have been suspended without evidence explaining how they violated the platform's guidelines. Users are also reporting they're experiencing an unusually high quantity of pins being deleted by Pinterest with absurd explanations, such as quilting magazines, cross-stitch art, and Minecraft bunk bed builds all being flagged for "adult content."

It's funny.  Laugh.

Federal Judge Orders Lawyer to Remove Dragon Watermark from Court Filings 67

A Michigan federal magistrate judge has banned a lawyer from using a cartoon dragon watermark on legal filings, calling the practice "juvenile and impertinent." Judge Ray Kent of the Western District of Michigan issued the order on April 28 after receiving a complaint featuring a purple, suit-wearing dragon on every page.

"Each page of plaintiff's complaint appears on an e-filing which is dominated by a large multi-colored cartoon dragon dressed in a suit," Kent wrote. "The Court is not a cartoon." The watermark belongs to Jacob A. Perrone of Dragon Lawyers, who told The New York Times he purchased the image online for $20 because "people like dragons."

Perrone said it plans to continue using the logo in his practice but will tone it down in future court submissions.

Slashdot Top Deals