An anonymous reader quotes a report from Decrypt: The founder of online news publication TechCrunch has claimed that Coinbase's recent data breach "will lead to people dying," amid a wave of kidnap attempts targeting high-net-worth crypto holders. TechCrunch founder and venture capitalist Michael Arrington added that this should be a point of reflection for regulators to re-think the importance of know-your-customer (KYC), a process that requires users to confirm their identity to a platform. He also called for prison time for executives that fail to "adequately protect" customer information.

"This hack -- which includes home addresses and account balances -- will lead to people dying. It probably has already," he tweeted. "The human cost, denominated in misery, is much larger than the $400 million or so they think it will actually cost the company to reimburse people." [...] He believes that people are in immediate physical danger following the breach, which exposed data including names, addresses, phone numbers, emails, government-ID images, and more.

Arrington believes that in the wake of these attacks, crypto companies that handle user data need to be much more careful than they currently are. "Combining these KYC laws with corporate profit maximization and lax laws on penalties for hacks like these means these issues will continue to happen," he tweeted. "Both governments and corporations need to step up to stop this. As I said, the cost can only be measured in human suffering." Former Coinbase chief technology officer Balaji Srinivasan pushed back on Arrington's position that executives should be punished, arguing that regulators are forcing KYC onto unwilling companies. "When enough people die, the laws may change," Arrington hit back.

Microsoft is starting to integrate AI shortcuts, or what it calls AI actions, into the File Explorer in Windows 11. From a report: These shortcuts let you right-click on a file and quickly get to Windows AI features like blurring the background of a photo, erasing objects, or even summarizing content from Office files.

Four image actions are currently being tested in the latest Dev Channel builds of Windows 11, including Bing visual search to find similar images on the web, the blur background and erase objects features found in the Photos app, and the remove background option in Paint. Similar AI actions will soon be tested with Office files, The Verge added.

Microsoft unveiled "Edit on Windows," a new command-line text editor, at its Build conference today. The open-source tool allows developers to edit files directly in the command line without switching to another app, similar to vim but designed to be more user-friendly.

Accessible by typing "edit" in a command prompt, the lightweight editor (less than 250KB) includes features like multiple file support via ctrl + P shortcuts, find and replace functionality, and regular expression support. "What motivated us to build Edit was the need for a default CLI text editor in 64-bit versions of Windows," said Christopher Nguyen, product manager of Windows Terminal, noting that 32-bit Windows versions already ship with MS-DOS Edit.

Microsoft also wanted to avoid the notorious "how do I exit vim?" problem by creating a modeless editor, The Verge writes. The tool will be available to Windows Insiders in the coming months.

IBM laid off "a couple hundred" HR workers and replaced them with AI agents. "It's becoming a huge thing," says Mike Peditto, a Chicago-area consultant with 15 years of experience advising companies on hiring practices. He tells Slate "I do think we're heading to where this will be pretty commonplace." Although A.I. job interviews have been happening since at least 2023, the trend has received a surge of attention in recent weeks thanks to several viral TikTok videos in which users share videos of their A.I. bots glitching. Although some of the videos were fakes posted by a creator whose bio warns that his content is "all satire," some are authentic — like that of Kendiana Colin, a 20-year-old student at Ohio State University who had to interact with an A.I. bot after she applied for a summer job at a stretching studio outside Columbus. In a clip she posted online earlier this month, Colin can be seen conducting a video interview with a smiling white brunette named Alex, who can't seem to stop saying the phrase "vertical-bar Pilates" in an endless loop...

Representatives at Apriora, the startup company founded in 2023 whose software Colin was forced to engage with, did not respond to a request for comment. But founder Aaron Wang told Forbes last year that the software allowed companies to screen more talent for less money... (Apriora's website claims that the technology can help companies "hire 87 percent faster" and "interview 93 percent cheaper," but it's not clear where those stats come from or what they actually mean.)
Colin (first interviewed by 404 Media) calls the experience dehumanizing — wondering why they were told dress professionally, since "They had me going the extra mile just to talk to a robot." And after the interview, the robot — and the company — then ghosted them with no future contact. "It was very disrespectful and a waste of time."

Houston resident Leo Humphries also "donned a suit and tie in anticipation for an interview" in which the virtual recruiter immediately got stuck repeating the same phrase. Although Humphries tried in vain to alert the bot that it was broken, the interview ended only when the A.I. program thanked him for "answering the questions" and offering "great information" — despite his not being able to provide a single response. In a subsequent video, Humphries said that within an hour he had received an email, addressed to someone else, that thanked him for sharing his "wonderful energy and personality" but let him know that the company would be moving forward with other candidates.

During this year's annual Pwn2Own contest, two researchers from Palo Alto Networks demonstrated an out-of-bounds write vulnerability in Mozilla Firefox, reports Cyber Security News, "earning $50,000 and 5 Master of Pwn points." And the next day another participant used an integer overflow to exploit Mozilla Firefox (renderer only).

But Mozilla's security blog reminds users that a sandbox escape would be required to break out from a tab to gain wider system access "due to Firefox's robust security architecture" — and that "neither participating group was able to escape our sandbox..." We have verbal confirmation that this is attributed to the recent architectural improvements to our Firefox sandbox which have neutered a wide range of such attacks. This continues to build confidence in Firefox's strong security posture.
Even though neither attack could escape their sandbox, "Out of abundance of caution, we just released new Firefox versions... all within the same day of the second exploit announcement." (Last year Mozilla responded to an exploitable security bug within 21 hours, they point out, even winning an award as the fastest to patch.)

The new updated versions are Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ESR 115.23.1 and Firefox for Android. "Despite the limited impact of these attacks, all users and administrators are advised to update Firefox as soon as possible...." To review and fix the reported exploits a diverse team of people from all across the world and in various roles (engineering, QA, release management, security and many more) rushed to work. We tested and released a new version of Firefox for all of our supported platforms, operating systems, and configurations with rapid speed....

Our work does not end here. We continue to use opportunities like this to improve our incident response. We will also continue to study the reports to identify new hardening features and security improvements to keep all of our Firefox users across the globe protected.

A Curl contributor replaced an ASCII letter with a Unicode alternative in a pull request, writes Curl lead developer/founder Daniel Stenberg. And not a single human reviewer on the team (or any of their CI jobs) noticed.

The change "looked identical to the ASCII version, so it was not possible to visually spot this..." The impact of changing one or more letters in a URL can of course be devastating depending on conditions... [W]e have implemented checks to help us poor humans spot things like this. To detect malicious Unicode. We have added a CI job that scans all files and validates every UTF-8 sequence in the git repository.

In the curl git repository most files and most content are plain old ASCII so we can "easily" whitelist a small set of UTF-8 sequences and some specific files, the rest of the files are simply not allowed to use UTF-8 at all as they will then fail the CI job and turn up red. In order to drive this change home, we went through all the test files in the curl repository and made sure that all the UTF-8 occurrences were instead replaced by other kind of escape sequences and similar. Some of them were also used more or less by mistake and could easily be replaced by their ASCII counterparts.

The next time someone tries this stunt on us it could be someone with less good intentions, but now ideally our CI will tell us... We want and strive to be proactive and tighten everything before malicious people exploit some weakness somewhere but security remains this never-ending race where we can only do the best we can and while the other side is working in silence and might at some future point attack us in new creative ways we had not anticipated. That future unknown attack is a tricky thing.
In the original blog post Stenberg complained he got "barely no responses" from GitHub (joking "perhaps they are all just too busy implementing the next AI feature we don't want.") But hours later he posted an update.

"GitHub has told me they have raised this as a security issue internally and they are working on a fix."

Microsoft has released Command Palette, an enhanced version of its PowerToys Run launcher introduced five years ago. The utility, aimed at power users and developers, provides quick access to applications, files, calculations, and system commands through a Spotlight-like interface.

Command Palette integrates the previously separate Window Walker functionality for switching between open windows and supports launching command prompts, executing web searches, and navigating folder structures. Unlike its predecessor, the new launcher offers full customization via extensions, allowing users to implement additional commands beyond default capabilities. Available through the PowerToys application since early April, Command Palette can be triggered using Win+Alt+Space after installation

Broadcom employees have had their personal data compromised following a September 2024 ransomware attack on Business Systems House (BSH).

The breach, claimed by the Russian-speaking El Dorado ransomware group, wasn't fully identified until December when stolen data appeared online, according to The Register. Broadcom only received details of affected employees on May 12, 2025. Compromised information potentially includes national ID numbers, financial account numbers, health insurance details, dates of birth, salary information, and contact details.

Five employee accounts were initially compromised, ultimately affecting 560 users. ADP has distanced itself from the incident, stating only "a small subset of ADP clients" in "certain countries in the Middle East" were affected.

Editor's note: This story was updated shortly after publication to correctly state that BSH is a business partner of payroll company ADP, and not a subsidiary of ADP as first reported.

The FBI has issued a warning that cybercriminals have started using AI-generated voice deepfakes in phishing attacks impersonating senior U.S. officials. These attacks, involving smishing and vishing tactics, aim to compromise personal accounts and contacts for further social engineering and financial fraud. BleepingComputer reports: "Since April 2025, malicious actors have impersonated senior U.S. officials to target individuals, many of whom are current or former senior U.S. federal or state government officials and their contacts. If you receive a message claiming to be from a senior U.S. official, do not assume it is authentic," the FBI warned. "The malicious actors have sent text messages and AI-generated voice messages -- techniques known as smishing and vishing, respectively -- that claim to come from a senior U.S. official in an effort to establish rapport before gaining access to personal accounts."

The attackers can gain access to the accounts of U.S. officials by sending malicious links disguised as links designed to move the discussion to another messaging platform. By compromising their accounts, the threat actors can gain access to other government officials' contact information. Next, they can use social engineering to impersonate the compromised U.S. officials to steal further sensitive information and trick targeted contacts into transferring funds. Today's PSA follows a March 2021 FBI Private Industry Notification (PIN) [PDF] warning that deepfakes (including AI-generated or manipulated audio, text, images, or video) would likely be widely employed in "cyber and foreign influence operations" after becoming increasingly sophisticated.

Cryptocurrency exchange Coinbase said Thursday it is offering a $20 million reward for information leading to the arrest and conviction of criminals who attempted to extort the company for the same amount after stealing customer data.

The criminals bribed customer support agents in overseas markets to access records containing addresses, phone numbers, government IDs, and partial bank and Social Security details of more than 80,000 customers. "It sucks but when we see a problem like this we want to own it and make it right," Coinbase Chief Security Officer Philip Martin told Fortune.

The company will reimburse customers who fell victim to subsequent social engineering scams. No login credentials or wallet access were compromised in the breach. The extortionists had threatened to publish the stolen information unless paid $20 million in Bitcoin.

Google has warned that the hacker group known as "Scattered Spider," which recently disrupted UK retailer Marks & Spencer, is now targeting U.S. retailers with aggressive and sophisticated cyberattacks. "U.S. retailers should take note. These actors are aggressive, creative, and particularly effective at circumventing mature security programs," John Hultquist, an analyst at Google's cybersecurity arm, said in an email sent on Wednesday. The Guardian reports: Scattered Spider is widely reported to have been behind the particularly disruptive hack at M&S, one of the best-known names in British business, whose online operations have been frozen since 25 April. It has a history of focusing on a single sector at a time and is likely to target retail for a while longer, Hultquist said. Just a day before Google's warning, M&S announced that some customer data had been accessed, but this did not include usable payment or card details, or any account passwords. The Guardian understands the details taken are names, addresses and order histories. M&S said personal information had been accessed because of the "sophisticated nature of the incident."

"Today, we are writing to customers informing them that due to the sophisticated nature of the incident, some of their personal customer data has been taken," the company said. Hackers from the Scattered Spider ecosystem have been behind a slew of disruptive break-ins on both sides of the Atlantic. In 2023, hackers tied to the group made headlines for hacking the casino operators MGM Resorts International and Caesars Entertainment. Law enforcement has struggled to get a handle on the Scattered Spider hacking groups, in part because of their amorphousness, the hackers' youth, and a lack of cooperation from cybercrime victims.

Gilmoure shares a report: U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical role in renewable energy infrastructure after unexplained communication equipment was found inside some of them, two people familiar with the matter said. Power inverters, which are predominantly produced in China, are used throughout the world to connect solar panels and wind turbines to electricity grids. They are also found in batteries, heat pumps and electric vehicle chargers.

[...] Using the rogue communication devices to skirt firewalls and switch off inverters remotely, or change their settings, could destabilise power grids, damage energy infrastructure, and trigger widespread blackouts, experts said. "That effectively means there is a built-in way to physically destroy the grid," one of the people said, The two people declined to name the Chinese manufacturers of the inverters and batteries with extra communication devices, nor say how many they had found in total.

An anonymous reader shares a report: U.K. retail giant Marks & Spencer has confirmed hackers stole its customers' personal information during a cyberattack last month. In a brief statement with London's stock exchange on Tuesday, the retailer said an unspecified amount of customer information was taken in the data breach.

The BBC, which first reported the company's filing, cited a Marks & Spencer online letter as saying that the stolen data includes customer names, dates of birth, home and email addresses, phone numbers, household information, and online order histories. The company also said it was resetting the online account passwords of its customers. FT adds: Marks and Spencer could claim for losses of as much as $133 million from its cyber insurers following a sustained hack where some customer data was stolen. The UK retailer's cyber policy allows it to claim up to $133 million, according to people familiar with the situation.

Allianz is the first insurer on the hook for M&S's losses, the people added, and is expected to pay at least the initial $13.3 million. Cyber specialist Beazley is also among the insurers exposed to losses at the FTSE 100 retailer, according to the people familiar with the situation.

Qatar is gifting Trump a $400 million luxury 747 to serve as a temporary Air Force One, but experts warn that retrofitting it to meet presidential security standards could take years, cost hundreds of millions more, and risk national security due to potential embedded surveillance. The Register's Iain Thomson reports: The current VC-25s aren't just repainted 747s. They're a pair of flying fortresses that must be capable of allowing the president to run the country, survive wartime conditions (even nuclear), and be totally secure from outside influence or intrusion. While the precise details of the current airframe are a tightly guarded secret, some details are included on government fact sheets or have been revealed in various media reports. For a start, it must have an in-flight refueling capability so the president can go anywhere in the world and stay up as long as needed. Retrofitting this to an existing 747 would be very expensive, as the feds would need to strengthen portions of the hull to handle the refueling system and reconfigure the fuel tanks to handle trim issues.

Then there's the hull, which is known to be armored, and the windows are also thicker than you'd find on a normal flight. The government would also need to build in weapons systems like the chaff rockets used against radar-guided missiles, flares against heat seekers, and AN/ALQ-204 Matador Infrared Countermeasure systems, or similar to try and confuse incoming missiles. Next up, the engines and electrical systems would have to be replaced. The electronics in the current VC-25s are hardened as much as possible against an electromagnetic pulse that would be generated by a nuclear detonation. There are also claims that the aircraft have extra shielding in the engines to help against missile fragments should a physical attack happen.

Next up are communications. Air Force One has air-to-ground, air-to-air, and satellite comms systems that are thought to be the equal of what's in the White House. There are at least two separate internal phone systems - one open and the other highly secure - that would need to be installed and checked as well. Then there are incidentals. Contrary to what films will tell you, there is no escape capsule on the current Air Force One, nor a rear parachute ramp, but there is a medical suite with emergency equipment and space for a physician which would already need to be installed, as well as a secured cargo area designed to prevent tampering or unauthorized access. As for the threat of embedded surveillance devices, Richard Aboulafia, managing director of aircraft consultancy AeroDynamic Advisory, said: "You'd have to take it apart piece by piece to stop a professional operator putting in lots of equipment to confuse things, like spare sensors and wiring."

"It wouldn't be in the air before 2030 at the earliest, long after he's left office and probably later than the existing planned replacements," said Aboulafia. "It makes no sense on any level, except that he wants a free 747 for himself. Nothing else makes any sense."

"What's sort of annoying about the whole thing is I'm not sure what's wrong with the current Air Force One," Aboulafia said. "Maybe if they gave it a gold makeover, he'd like it more."

Google is enhancing Android's Factory Reset Protection (FRP) to make stolen phones virtually unusable by detecting setup wizard bypasses and requiring a second factory reset until ownership is verified. Android Authority reports: You can factory reset an Android phone in several ways. However, triggering a reset through the Android recovery menu or Google's Find My Device service activates Factory Reset Protection (FRP). During setup after such a reset, the wizard requires you to verify ownership by either signing into the previously associated Google account or entering the device's former lock screen PIN, password, or pattern. Failing this verification step blocks setup completion, rendering the device unusable. [...]

Factory Reset Protection (FRP) is a valuable feature that discourages theft by rendering stolen Android phones useless to potential buyers if wiped improperly. However, FRP isn't foolproof; thieves have discovered numerous methods over the years to circumvent it. These bypasses typically involve skipping the setup wizard, allowing someone to use the phone without entering the previous owner's Google account details or screen lock.

During The Android Show: I/O Edition, Google announced plans to "further harden Factory Reset protections, which will restrict all functionalities on devices that are reset without the owner's authorization." While the company didn't elaborate much, a screenshot it shared suggests that Android will likely detect if someone bypasses the setup wizard and then force another factory reset, preventing unauthorized use until the user proves ownership. [...] Google stated this FRP improvement is coming "later this year." Since the stable Android 16 release is coming soon, this timeline suggests the feature won't be part of the initial launch. It might arrive later in one of Android 16's Quarterly Platform Releases (QPRs), but that remains to be seen.

New submitter Synonymous Homonym writes: This year's USENIX ATC will be the last, but other USENIX conferences will keep happening.

Since USENIX's inception in 1975, it has been a key gathering place for innovators in the advanced computing systems community. The early days of meetings evolved into the two annual conferences, the USENIX Summer and Winter Conferences, which in 1995 merged into the single Annual Technical Conference that has continued to evolve and serve thousands of our constituents for 30 years.

USENIX recognizes the pivotal role that USENIX ATC has played in the shaping of the Association itself as well as the lives and careers of its many attendees and members. We also realize that change is inevitable, and all good things must come to an end:

The last ATC will include both a celebration of USENIX's 50th anniversary on the evening of Monday, July 7, and a tribute to USENIX ATC on the evening of Tuesday, July 8.

Microsoft has quietly extended support for Office applications running on Windows 10 well beyond the operating system's October 14, 2025 end-of-support deadline. Microsoft 365 subscribers will now receive updates through October 2028, while perpetual license versions will follow their standard lifecycle policies -- Office 2021 until October 2026 and Office 2024 until October 2029.

Windows Defender malware definitions will also continue "through at least October 2028" despite Windows 10's imminent retirement. This reverses Microsoft's previous stance that all Office applications would become unsupported when Windows 10 reaches end-of-life.

Intel has certified Shell's lubricant-based method for cooling servers more efficiently within data centers used for AI. From a report: The announcement on Tuesday, which follows the chipmaker's two-year trial of the technology, offers a way to use less energy at AI facilities, which are booming and are expected to double their electricity demand globally by 2030, consuming as much power then as all of Japan today, according to the International Energy Agency.

So far, companies have largely used giant fans to reduce temperatures inside AI data centers, which generate more heat in order to run at a higher power. Increasingly, these fans consume electricity at a rate that rivals the computers themselves, something the facilities' operators would prefer to avoid, Intel Principal Engineer Samantha Yates said in an interview.

Linux creator Linus Torvalds has abandoned his six-month experiment with a quieter low-profile keyboard in favor of his old mechanical one with Cherry MX Blue switches. In a post about Linux 6.15-rc6 on LKML.org, Torvalds explained that his typing accuracy suffered without the tactile feedback.

"It seems I need the audible (or perhaps tactile) feedback to avoid the typing mistakes that I just kept doing," Torvalds wrote. The famously outspoken developer couldn't recall why he initially switched to the quieter keyboard, as he doesn't work in a shared office where the noise would disturb others. After the failed experiment with the unnamed quiet keyboard, Torvalds has now returned to what he describes as a "noisy clackety-clack" input device. He joked that since he can no longer blame his keyboard for typos, "going forward, I will now conveniently blame autocorrect."

Gaming pioneer John Carmack believes we're not nearly as dependent on cutting-edge silicon as most assume -- we just lack the economic incentive to prove it. Responding to a "CPU apocalypse" thought experiment on X, the id Software founder and former Oculus CTO suggested that software inefficiency, not hardware limitations, is our greatest vulnerability. "More of the world than many might imagine could run on outdated hardware if software optimization was truly a priority," Carmack wrote, arguing that market pressures would drive dramatic efficiency improvements if new chips stopped arriving.

His solution? "Rebuild all the interpreted microservice based products into monolithic native codebases!" -- essentially abandoning modern development patterns for the more efficient approaches of earlier computing eras. The veteran programmer noted that such changes would come with significant tradeoffs: "Innovative new products would get much rarer without super cheap and scalable compute."