The Internet

GoDaddy Warns India's Crackdown on Fake Site Registrars Could Upend Internet Privacy Everywhere (reuters.com) 19

"The internet is filled with fakes," writes Gizmodo. "A court in India is setting out to address the problem by requiring more transparency from domain registrars to make it easier to crack down on fraud. And while the intentions might be good, Reuters is reporting that major American domain registrar GoDaddy is sounding the warning bells that the court's decision could fundamentally reshape the internet well beyond India's borders."

GoDaddy argues the move would even make the internet less safe, reports Reuters : [Online fraud] is a key challenge for Prime Minister Narendra Modi's government, which last year received 2.4 million complaints of alleged cyber fraud amounting to $2.4 billion. Starting in 2019, lawsuits were brought by dozens of Indian and global firms — Amazon against fake shopping sites trading on its name and McDonald's complaining against bogus sites offering franchises. [More than 20 companies filed a complaint, the article notes, including Microsoft.] In December, an Indian court blocked more than 1,100 such websites. The New Delhi judge however went further, ordering sweeping new measures that tech experts say have rewritten rules of internet governance: Domain sellers should not offer buyers free privacy protection by default, the buyer's details should be released to anyone with a "legitimate interest" within 72 hours, and website addresses that are variations of protected brand names must be prohibited.

U.S.-based GoDaddy has challenged the directives before a larger bench of judges at the Delhi High Court, according to a Reuters review of non-public filings. It says the ruling will affect legitimate businesses that have names similar to big brands. Stopping privacy-by-default features, GoDaddy said, will result in public disclosure of name, address, telephone and email of legitimate website owners, exposing them to "foreseeable privacy and security risks" such as stalking and harassment.

As domain names operate globally, not locally, the order could force GoDaddy to regulate website addresses across the world, it said. On the court's order imposing a 72-hour deadline on companies to provide registration details to anyone with "legitimate interest", GoDaddy argues it has no wherewithal to assess who has legitimate interest or not. The "commercially destabilising" directives may force domain name companies to "exit India", said one of GoDaddy's appeal documents that ran into 5,121 pages... GoDaddy rivals, Arizona-based Namecheap and Netherlands-based Hosting Concepts, have also challenged the New Delhi ruling, court records show, although Reuters could not ascertain details of their appeals...

GoDaddy argues that diluting the privacy feature will run contrary to India's data protection law and the European Union GDPR law which mandates a "privacy by default" approach. Farzaneh Badii, a New York-based researcher on internet governance, criticised the New Delhi ruling, noting that Europe redacted such details because publishing them had been abused by harassment and targeted phishing. "The people exposed will be journalists, activists, small business owners, and private individuals. The brand impersonators will not," she said...

While the sweeping December directives were issued by a court, they followed government's submissions, documents showed... The judges will hear the appeals on July 16.

GoDaddy manages 80 million domains and serves over 20 million users, the article points out, with annual revenue over $5 billion.
Government

Are Wars Blurring Lines Between Corporate and National Security? (msn.com) 45

Subsea cables. Ukrainian power stations. Russian oil refineries. Even airports, water-desalination plants and Amazon data centers.

They've all become targets in wartime, notes the Wall Street Journal, and around the world now arguments "are already brewing between companies and governments over new regulations and potential costs." In Germany, powerful associations representing private companies and municipal utilities have pushed back against new standards for physical protection, warning they could spell financial ruin. New Zealand's government has faced resistance from industry groups over a proposal to fine critical-infrastructure companies and their directors for cybersecurity breaches... A sign of how lines are blurring: The North Atlantic Treaty Organization's 32 countries last year agreed that as part of a pact to spend 5% of economic output on defense and security, 1.5% would go to military-adjacent needs including protecting critical infrastructure and networks. Spending targets range from cybersecurity and industrial capacity to railroads, bridges and ports needed for military logistics... "We need a wide concept of defense — defense is no longer just military," said Italian Adm. Giuseppe Cavo Dragone, NATO's top military adviser.

Adding to the complexity, companies now need to protect the data networks that serve as gateways to critical infrastructure. Hackers increasingly target not just computer files to steal information but also systems managing vital functions like building access and factory control, remotely causing physical damage or enabling espionage. U.S. authorities in April warned that Iranian hackers were trying to disrupt American drinking-water systems by targeting computer equipment that connects hardware with software. A year earlier, suspected Russian hackers remotely manipulated valves on a Norwegian hydroelectric dam...

Another challenge will be parsing jurisdictions and liability for assets that cross international waters or are damaged in combat — such as subsea data cables or energy pipelines. Turf battles between law enforcement and militaries are already complicating efforts... "The private owner can invest in redundancy, monitoring, and repair capacity, but only governments and militaries can really deter, patrol, attribute, or respond to hostile state activity," said Marc Glasser, who worked on cybersecurity and infrastructure security for three decades at the U.S. Department of Transportation and the Department of Homeland Security.... Companies say they need greater clarity from governments on what protections they will provide and subsidies to help them defend privately owned assets that provide a public good. Most governments don't provide incentives for companies to invest more than the minimum legal resilience requirements.

The article notes that in May the chief executive of California's Port of Long Beach "launched a cyber-defense operations center to thwart tens of thousands of cyberattacks daily, which jeopardize computer systems and all equipment connected to them."

The article also points out that the EU adopted new regulations requiring countries to reduce vulnerabilities, and new laws proposed in the U.K. now "seek to increase penalties for subsea sabotage, updating codes that date to when telegraph cables were first laid in the 19th century."
Television

EchoStar's US Satellite Pay-TV Provider Dish DBS Files for Bankruptcy (deadline.com) 23

EchoStar's satellite pay-TV unit Dish DBS has filed for Chapter 11 bankruptcy protection, reports Reuters. The move also applies to its wireless subsidiaries, according to the article, and "facilitates the wind-down of Dish Wireless's 5G network operations following an unexpected delay in a spectrum license sale to AT&T... under which EchoStar agreed to sell about 50 megahertz of its nationwide spectrum for $23 billion."

Some context from Deadline.com: Charlie Ergen, who co-founded EchoStar and Dish, recently returned as chairman and CEO to steer the company through its recent challenges... Even prior to the merger, Ergen had been working to pivot from the pay-TV business, where Dish now has just 5 million subscribers and streaming sibling Sling TV has another 2 million, toward wireless telecom. With wireless spectrum hitting the market due to the Sprint-T-Mobile merger and then Elon Musk's Starlink looking to ramp up in the sector, it seemed more attractive than the cord-cutting-ravaged pay-TV business. But it is still entails plenty of risk, especially given how tightly regulated the spectrum is due to security concerns.
Thanks to long-time Slashdot reader schwit1 for sharing the news.
AI

Decades-Old Bash Tricks Expose AI Coding Agents To Supply Chain Attacks (securityweek.com) 26

Slashdot reader wiredmikey writes: AI security researchers have uncovered a structural security flaw dubbed GuardFall that allows decades-old Bash shell tricks to bypass safeguards in most open source AI coding agents. By exploiting shell behaviors such as quote removal and variable expansion, attackers can hide malicious commands in repositories, README files, Makefiles, or other content consumed by AI agents. If executed — particularly in auto-approve or CI environments—the commands can steal credentials, compromise developer systems, or enable software supply chain attacks. According to researchers at Adversa AI, the 11 popular open source AI coding agents tested, only one successfully blocked all of the Bash trick techniques.
Desktops (Apple)

New PamStealer macOS Malware Uses Clever Tradecraft To Remain Stealthy (arstechnica.com) 38

An anonymous reader quotes a report from Ars Technica: Researchers have found a never-before-seen piece of macOS malware that combines a series of clever tradecraft to infect Macs with stealthy, custom-developed credential-stealing code. The malware is delivered in two stages. The first is distributed in a disk image that masquerades as Maccy, a clipboard manager for Macs. It's compiled as AppleScript that is notable for the way it delivers the second stage. The malware is named PamStealer because the Rust-written infostealer uses the Pluggable Authentication Modules interface built into macOS to validate the target's login password before sending it to an attacker-controlled server.

[...] PamStealer shows a native password prompt designed to resemble a system authorization request. Text that appears with the prompt says: "Maccy wants to make changes. Enter your password to allow this." As noted earlier, once a target complies, the malware validates it locally through the PAM API. "This check is done entirely through PAM: there is no call out to dscl, security, osascript or any spawned process to verify the password, as many commodity macOS stealers do," [said Jamf, a security firm for macOS users]. "The result is a quieter routine that keeps only a verified password, and one fewer process chain for defenders to detect on."

If the validation fails, PamStealer displays the prompts again until it receives the correct one. Once the target enters the correct password, PamStealer displays a message stating that the file is damaged and can't be installed. This is designed to be a decoy to prevent the target from suspecting anything is amiss. The malware uses tactics to maximize the information it can steal. One tactic is to request the target grant full disk access to the fake Maccy app. It also contains code designed to access ethereum accounts. The various techniques -- particularly the Script Editor lure, a self-contained JXA dropper, a Rust-based second stage, and local validation of credentials through PAM are all noteworthy.

Security

AI Agent Executes 'First' End-To-End Ransomware Attack 36

Sysdig says it has documented the first ransomware attack carried out end to end by an AI agent, which autonomously exploited exposed systems, stole credentials, established persistence, compromised a production database, and destroyed data. The research team named the attacker "JadePuffer" and said it gained initial access to an internet-facing Langflow instance by exploiting CVE-2025-3248. "The most striking characteristic, however, was the LLM's behavior," Sysdig director of threat research Michael Clark said in a blog post. An anonymous reader quotes an excerpt from The Register: JadePuffer's "self-narrating" payloads "contained natural language reasoning, target prioritization, and the kind of detailed annotations that human operators don't often write but LLM-generated code produces reflexively," Clark added. "The operation also adapted in real time, retrying failed steps within refined parameters. In one sequence, it went from a failed login to a working fix in 31 seconds." After exploiting CVE-2025-3248, a missing authentication vulnerability in Langflow that allows remote, unauthenticated attackers to execute arbitrary Python on the host, the AI agent began scanning for and collecting secrets, including LLM provider API keys, cloud credentials "with explicit coverage of Chinese providers" including Alibaba, Aliyun, Tencent, and Huawei, while also scanning for AWS, Azure and Google Cloud Platform, cryptocurrency wallets, and database credentials.

The AI also installed a crontab entry on the Langflow server to maintain persistence and call back to the attacker's infrastructure every 30 minutes. JadePuffer's intended target was a separate internet-exposed production server running a MySQL database and an Alibaba Nacos configuration service, we're told. Nacos is an open-source service-discovery and dynamic configuration platform developed by Alibaba and used in the cloud provider's microservices applications. The agent connected to the server's exposed MySQL port using root credentials, although Sysdig doesn't know how the attacker obtained them. These credentials weren't stolen from the victim's environment.

JadePuffer then attacked Nacos via multiple vectors including an authorization bypass flaw (CVE-2021-29441) and forging a valid JSON web token (JWT) using Nacos's default signing key. Additionally, using its root database access, the LLM injected a backdoor administrator into the Nacos backing database. It ultimately encrypted all 1,342 Nacos service configuration items using MySQL's built-in AES encryption function, and created an extortion demand, ransom note, Bitcoin payment address, and a Proton Mail contact [...]. However, according to the threat hunters, the victim can't recover the encrypted data, even if they paid the ransom demand, because the agent escalated "from row-level deletion to dropping entire database schemas, narrating its own targeting rationale," without backing up any of the encrypted data.
Privacy

WhatsApp Usernames Are Already Raising Impersonation Red Flags (techcrunch.com) 30

An anonymous reader quotes a report from TechCrunch: WhatsApp this week started rolling out username reservations ahead of the broader launch planned later this year. The feature -- which lets people find and message each other by handle instead of phone number -- is already raising impersonation concerns, drawing scrutiny from security experts and regulators in India, the app's largest market, with more than 500 million users. The rollout marks a shift in how people identify one another on WhatsApp. Instead of relying on phone numbers as the primary identifier, users will increasingly interact through platform-managed usernames, a change that Meta says improves privacy but that critics argue could create new opportunities for impersonation.

[...] Asked about how it protects against impersonation, Meta told TechCrunch it reserves usernames for public figures, government entities, and "some variations" of those names so only the legitimate owner can claim them. The company did not explain, however, how it decides which lookalike usernames get proactively reserved and which don't. The concerns have already reached regulators in India, where cyber fraud schemes frequently exploit messaging platforms to impersonate police, banks, and government officials. [...] Rachel Tobac, chief executive of SocialProof Security, called usernames a net privacy gain because they reduce the need to share phone numbers, which can expose users to SIM-swap attacks, phishing, and account takeovers. Still, she said, lookalike usernames still create opportunities for impersonation. "Ultimately, usernames are a great idea to avoid leaking your phone number to folks you don't know, but it's important to verify identity with the username function too," Tobac told TechCrunch. Her advice for most users: Pick a username that isn't easily guessable, so it's harder for attackers to find you, message you cold, or harass and spam you.

[...] The Mozilla Foundation said the introduction of usernames is likely to bring new tradeoffs. "Increased scams and impersonation from fake handles are potentially a big one," it told TechCrunch. "Checking a phone number can be a useful verification tool, but these harms are also permitted by the platform's fundamental design choices." Mozilla also flagged a broader interoperability question -- one worth logging if you're building on top of, or competing with, Meta's ecosystem. While letting users claim their existing Facebook and Instagram usernames may cut down on impersonation, it also shows how easily Meta can stitch identity together across its own apps, even as users still can't take that identity, or their contacts, to a rival platform. For now, WhatsApp says it is taking a gradual approach to the rollout. "We're taking our time and listening to feedback so that when it rolls out later this year we get it right," the company said in its FAQ.

Social Networks

Reddit Will Require You To Log In To Use Old Reddit (arstechnica.com) 89

An anonymous reader quotes a report from Ars Technica: Reddit will start requiring people to be logged into Reddit to use old.reddit.com. The new requirement will take effect "over the next month," a Reddit employee going by the username boat-botany announced on the social media platform today. The person claimed that the change is part of an ongoing effort to "tighten how automated systems access Reddit."

The Reddit employee wrote: "Old Reddit's logged-out experience is a significant source of abusive scraping and automated traffic on the platform. It's also an important interface for many long-time mods and Redditors. To strike the right balance between preserving your access to Old Reddit while preventing abusive scraping and automated traffic, over the next month we will start requiring everyone to log in."

In a follow-up comment, boat-botany defined abusive behavior as that which violates Reddit's rule prohibiting activity that interferes with the platform's "normal use" or that "create[s] programs or applications" that break Reddit's (controversial) API rules. "By logging in, we get a lot more signal that allows us to detect whether an account is breaking the rules, and then we can block that traffic or enforce those accounts," boat-botany said.
Asked why boat-botany scrapes New Reddit less frequently than Old Reddit, the Reddit employee pointed to another commenter's explanation. "[T]he shape of malicious traffic is always changing," the user, Nestramutat, wrote. "It's going to be a constant cat and mouse game[.] As you ban one method, a new one gets developed. It's easy to see abusive traffic in hindsight, but it's harder to pre-emptively block it. Given that they're claiming Old Reddit doesn't have the modern security stack, this is likely proving to be an even greater challenge."

Nestramutat said that the login requirement will add a barrier against threat actors. "You're also now attaching an account ID to every malicious request, plus account creation is only available on New Reddit (with the enhanced security stack)."

As for how long Old Reddit will exist, boat-botany left the door open for its retirement. "We can't promise it will be around forever, but [Reddit CEO Steve Huffman] himself has said we'll keep supporting it while folks are still using it," boat-botany wrote. "That said, it doesn't have the same modern security tech stack reddit.com has, so we need to tighten security on old reddit to keep it viable."
AI

Trump Drops Restrictions On Anthropic's Mythos and Fable Models 68

The Trump administration has lifted export restrictions that forced Anthropic to shut off public access to its Mythos and Fable models. After weeks of talks, Secretary of Commerce Howard Lutnick said Anthropic "has agreed to proactively detect and address security risks associated with the models; to work diligently with the U.S. government on protocols and standards and releases for Mythos, Fable and future models; and to inform the US government of any malicious activity." Access is set to begin returning July 1. TechCrunch reports: Anthropic had already publicly pledged to do much of this voluntarily, months before the export rule existed. That's part of why cybersecurity experts were skeptical of the restrictions in the first place. To them, the ban looked less like a security fix and more like leverage, a way for the Trump administration to punish Anthropic for its executives' public criticism of how the government, and the president's political opponents, might use the technology.

Mythos was originally made available to a select group of organizations beginning in April to allay concerns about its ability to identify and exploit vulnerabilities in software, while a version called Fable was released to the public in June with additional security guardrails. However, with Asian AI companies beginning to release their own AI models approaching Mythos-level capabilities -- among them Fugu and Tulonfeng -- the US government was under pressure to ease its restrictions on Anthropic to ensure that American AI could compete globally.

Last week, Lutnick cleared Mythos to be released to select customers approved by the White House. OpenAI's latest models were also released to a group of organizations approved by the Trump team, instead of the public. The Trump administration's erratic approach to AI policymaking has left companies across the industry with little clarity about what will govern future model releases. An executive order issued in June that signaled a desire to review models ahead of release was criticized by influential analysts like Dean W. Ball, who recently started a policy position at OpenAI.
Government

New Florida Law Bans Local Net-Zero Emissions Policies 126

An anonymous reader quotes a report from Inside Climate News: A new state law limits Florida communities' aims to offset greenhouse gas emissions that are warming the global climate and intensifying disasters such as hurricanes. Specifically, HB 1217 prohibits local governments from pursuing net-zero emissions goals. At least 10 cities and counties have implemented such policies, including Fort Lauderdale, Miami, Orlando and Leon County, where Tallahassee, the state capital, is located. But the new law will not necessarily upend these policies, said Bradley Marshall, senior attorney at Earthjustice, an advocacy group. "It's certainly meant to scare municipalities and local governments from trying to do things to further net-zero policies," he said. "Now, its exact impact and what it exactly prohibits is probably up for some debate. Things that are adjacent to it -- emissions reductions and even climate change reduction policies -- on their face will not run afoul at all of a ban on adopting a net zero policy."

The measure requires local governments to submit an affidavit annually to the state Department of Revenue verifying compliance. Gov. Ron DeSantis, a Republican, signed the measure on April 22, Earth Day, and the law will take effect July 1. It states that "net zero policies, carbon taxes and assessments, and emission trading programs are detrimental to this state's energy security and economic interests and inconsistent with the energy policy and the environmental policy of this state." [...] HB 1217 also prevents local governments from purchasing items such as vehicles or appliances based on the fuels they use or production of the items. Local governments may not participate in carbon-trading programs or use public funds to support other organizations with net-zero policies. Cities and counties also may not charge a tax or fee tied with carbon emissions.
"This bill is definitely part of a larger coordinated push by the political enablers of the fossil fuel industry to obstruct any tools -- legal or legislative tools -- to hold the industry accountable for its contributions to climate change," said Laura Peterson, senior analyst at the Union for Concerned Scientists, an advocacy group. "Florida is really on the front lines. So I imagine the governor is taking this step because he sees what's coming down the pike. It's not getting better. So I can only assume that this is an effort to satisfy some of the pressures that he's getting from donors and from his party to protect the industry. And he's doing it at the expense of his constituents."
Piracy

Amazon Blames Piracy Apps With Malware For Killing New Fire Stick Sideloading (arstechnica.com) 32

Amazon says it is ending sideloading on new Fire Sticks because "apps that facilitate piracy, and other apps, can carry malware," adding that there is "a good amount of evidence" that sideloaded apps may contain unwanted code or behavior. However, the company did not provide specific examples of Fire Stick users being harmed. Ars Technica reports: Amazon has released two Fire Stick models that use its proprietary, Linux-based operating system, Vega OS. Previous Fire Sticks ran Fire OS, which is an Android fork based on the Android Open Source Project. One of the biggest differences between Vega OS and Fire OS is that the former doesn't support sideloading. [...] In a recent interview, Or Goren, editor-in-chief of Cord Busters, a UK-based streaming news outlet, noted the negative reaction to Vega being a closed OS. [Aidan Marcuss, VP of Fire TV, advertising, and Appstore] responded, per the publication, by saying that Vega OS was Amazon's opportunity to "innovate and deliver more capabilities, even on the least expensive devices."

He also said that making a platform around security and privacy was "sort of utmost in my mind." The statement is somewhat ironic, considering Vega OS blocks custom launchers and other third-party apps that helped users avoid Amazon tracking and ads. Goren asked whether Amazon had evidence that sideloaded devices caused users harm. "Apps that facilitate piracy, and other apps, can carry malware," Marcuss responded. Marcuss also said that there is "a good amount of evidence that apps can carry unwanted code and behavior on them when they're sideloaded."

Marcuss didn't provide specific examples of Fire Stick users being hurt by sideloaded apps. There are some potential examples, though. In 2025, Amazon claimed to blacklist (which blocked the apps from being sideloaded to Fire Sticks) four video streaming apps for malicious behavior. At the time, AFTVnews reported that two of the apps served as residential proxy providers and were considered riskware, and that the other two had APK files that were flagged by virus-scanning tools. Safari and Chrome also flagged one of the apps' official websites, the publication reported. And in 2018, a botnet that infected Android devices with cryptocurrency-mining malware appeared on some Fire Sticks, per discussion on XDA Forums. That said, Amazon also has a history of disabling apps that let users circumnavigate its home screen that Fire devices, including Fire Sticks and Fire TVs, have increasingly used for ads.
Worth noting: developers can continue sideloading apps onto Vega OS devices if they register them with Amazon.
Security

Apple iPhone 18 Details Leaked In Tata Data Breach (yahoo.com) 13

"Another breach at Tata has leaked details about Apple's iPhone 18, along with documents belonging to several other Tata clients," writes Longtime Slashdot reader Ritz_Just_Ritz. "It's becoming a recurring theme for the company." Reuters reports: Reuters has previously reported the Tata Electronics leak of more than 200,000 files on the dark web by World Leaks had files with purported component design papers of older iPhones and some parts of Tesla -- both Tata clients. They also included documents of Taiwan Semiconductor Manufacturing Co and Qualcomm, both of which make parts used in iPhones. New documents reviewed by Reuters show there are at least six files that map many components in the iPhone 18 Pro models to the specific company that supplies them. These include details of chips on its main circuit board and parts of the battery and cameras.

Apple considers this detail sensitive and is concerned about the documents being shared on the dark web as they relate to unreleased models, according to the person familiar with the matter. The data maps suppliers to iPhone parts, which Apple does not disclose in its public database of suppliers, the person added. In all, the documents detail hundreds of parts to be on the upcoming iPhone 18 Pro models. The records also show where Apple draws a part from several suppliers and where it relies on just a few, laying bare both its bargaining leverage and its vulnerabilities.
More broadly, the leak threatens Apple's trust in Tata just as Tata is becoming central to its effort to shift iPhone production away from China. With India expected to produce roughly a quarter of the world's iPhones in 2026, any deterioration in that relationship could complicate Apple's diversification strategy and force tighter security controls across its suppliers.
Microsoft

Microsoft Previews Linux Containers That Run In Windows (theregister.com) 93

Microsoft has released a public preview of Windows Subsystem for Linux (WSL) containers, adding a built-in command-line tool and API for running Linux containers directly inside Windows applications without third-party software. The update also introduces faster file access, improved networking and memory management, plus integration with Defender, Intune, and VS Code. The Register reports: WSL has always been a handy way to run Linux workloads from Windows, and is particularly convenient for Linux developers who must comply with corporate edicts to use a Windows device. The CLI for end-to-end container workflows furthers this. Microsoft stated, "WSL containers make it easier for developers and organizations to build, test, and run containerized workloads while benefiting from the security, manageability, and integration of the Windows platform."

Alternatively, you could run your preferred Linux distribution natively, but that might not be an option, particularly if an organization is keen on the "security, manageability, and integration of the Windows platform." And this is an important point. WSL's existing Microsoft Defender for Endpoint (MDE) has been updated (in private preview) to be aware of Linux container events, and there are settings in Intune for managing WSL containers. Support is also in a pre-release version of VS Code, where the Docker path in the dev container settings can be changed to wslc.

There is also a new default file system for WSL container that Microsoft claims makes Windows file access twice the speed. So, going from terribly slow to just slow? We'll wait until general availability is reached before passing judgment. There's a new default networking mode to improve compatibility and better memory reclaim techniques. However, none of these tweaks will be enabled by default in WSL. Microsoft wrote, "Since these changes touch mission critical paths like file system access and network, for now they are enabled just in WSL container."

Transportation

South Korea Plans To Train Entire Military As 'Drone Warriors' (arstechnica.com) 84

"South Korea plans to train every single member of its nearly half-million-strong military to operate drones as easily as they handle personal firearms," reports Ars Technica: The goal is to make drones a "universal combat tool" for all troops by training them to use drones like a "second personal weapon," said Ahn Gyu-back, South Korea's Minister of National Defense, in a June 26 briefing reported by Reuters and other media outlets. The announcement coincides with broader plans to equip individual military units with more cheap and expendable drones for surveillance and strike missions, along with deploying more counter-drone lasers and microwave weapons.

Meanwhile, South Korea's former drone operations command headquarters that used to have direct command authority over combat units will be reorganized to focus on collaborating with South Korean industry on developing and procuring commercial drone technology, according to The Korea Times. The South Korean defense minister specifically cited the conflicts in Ukraine and the Middle East as inspiring such military reforms with a focus on drone technologies... Ukraine's use of drones and military robots as a force multiplier to offset its numerical disadvantage on the battlefield versus Russia's larger military may carry special resonance for South Korea, given that the South Korean military's current active-duty strength of 450,000 personnel faces a numerical disadvantage against North Korea's active-duty military consisting of more than 1.2 million soldiers...

The defense ministry is starting out by providing 11,000 "training drones" to military personnel this year, with the goal of eventually deploying 60,000 drones across the military by 2029. An additional complication comes from the South Korean military looking to procure drones with 100 percent domestically produced components and no Chinese components due to security concerns, according to the defense minister's comments reported by Reuters... South Korean companies are building new military attack drones, but the defense ministry may struggle to find enough commercial drones made without Chinese components to train hundreds of thousands of military conscripts, said Min-Cheol Jung, a cofounder of the Team Retriever counter-drone red team based in South Korea, in a War on the Rocks article.

Space

Spain-Backed Fund Joins FOSSA's Sovereign Satellite Communications Push (spacenews.com) 11

Spanish startup FOSSA Systems "has raised about $10.5 million to expand its connectivity constellation," reports Space News, noting some funding is backed by Spain's government: The support from the Spanish Society for Technological Transformation (SETT) comes a year after the fund injected 14 million euros into Spain's Sateliot , which is also developing a satellite connectivity network with security and defense applications. Spanish private investment firm Kibo Ventures led FOSSA's funding round, the six-year-old venture announced June 24, bringing its total raised to date to nearly 20 million euros.

The proceeds will help fuel FOSSA's push beyond the tiny picosatellites it once used to connect low-power monitoring devices toward larger cubesats in low Earth orbit, enabling additional sovereign communications and space-based intelligence capabilities... The company's funding round follows a wave of investments this year in European ventures planning to develop sovereign space capabilities, including Austrian propulsion startup Gate Space, which secured 6.3 million euros earlier this month from a European Commission-backed accelerator program.
"Our goal is to establish FOSSA as a European benchmark in sovereign space infrastructure," said Julián Fernández, FOSSA's CEO and cofounder.

China

China's AI Matches Anthropic in Cybersecurity, Causing Worry Over US Restrictions (msn.com) 57

Chinese AI systems "have matched the performance of Anthropic's powerful model Mythos in some cybersecurity scenarios," reports the Wall Street Journal.

They call it "a development poised to reset the global tech race and pressure the White House in its overhaul of U.S. AI policy." Security researchers said that a new AI model, released this month by China's Zhipu AI, also known as Z.ai, can match the latest U.S. models when it comes to finding security bugs, although it still lags behind Anthropic's and OpenAI's products in other tasks. Overall, the capability gap between top U.S. models and those built by Chinese companies has narrowed significantly, and use of Chinese AI systems has surged as businesses seek to rein in runaway costs. A host of companies, including Microsoft, are weighing how they can offer Chinese models on their platforms, a development that is set to alter the balance of power among tech companies...

Unlike models from Anthropic or OpenAI, Zhipu's GLM-5.2 is open-weight. That means it can be downloaded and run on hardware operated by anybody and can be modified and used without supervision. Open-weight models are ideal for users who want unfettered access to systems they control, but they are also ideal for hackers, who can run them in the shadows. GLM-5.2 has ranked as one of the 10 most-used AI models, according to data from OpenRouter, a company that provides access to more than 400 AI models. In some benchmarking tests, according to the cybersecurity company Semgrep, GLM-5.2 bested Anthropic's Claude Opus 4.8 model, which was released in May. When given further instructions, Opus 4.8 and GLM-5.2 can match Mythos in bug-finding ability, according to researchers...

"Banning Fable while selling chips China needs to develop its own version is a gift to China," said Saif Khan, a distinguished technology fellow at the Institute for Progress think tank who worked on export restrictions in the Biden administration. The U.S. needs to maximize the use of Mythos and comparable models to harden its cyber defenses while it can, he added. Among the Mythos 5 and Fable 5 users that had lost access before Friday's decision to restore Mythos 5 access for some trusted entities: the National Security Agency, which had been testing the tools and found them impressive in trials, according to people familiar with the matter... "It is incentivizing companies across the globe to use cheaper but very capable Chinese open-weight models, while at the same time undermining the U.S. AI industry," said Niels Provos, a researcher who led security teams at Google and Stripe. "I don't understand it."

Thanks to long-time Slashdot reader schwit1 for sharing the article.
The Almighty Buck

Are Checks Sent Through the Mail Vulnerable to Theft? (nytimes.com) 183

The New York Times tells the story of a 63-year-old retiree who wrote a check for several thousand dollaras to pay her taxes. But she discovered much later that her taxes were never paid because that check had been intercepted and then altered to be payable to someone else: In some cases, thieves may pilfer one or more checks from local mailboxes. Adam Rust, director of financial services for the Consumer Federation of America, said thieves sometimes "fish" for checks at free-standing drop boxes, using long tools with sticky pads on the ends to grab letters. In other cases, more sophisticated criminals may steal large batches of checks, copy them and then sell them on the internet. Often, the purloined checks are chemically altered in what's known as "check washing" to remove the name of the recipient. The thief replaces it with a fraudulent name, and often increases the amount of the check, before cashing or depositing it.
The 63-year-old retiree's bank told her she'd waited too long to recover the funds: Schwab's "security guarantee," outlined on its website , says that "Schwab will cover losses in any of your Schwab accounts due to unauthorized activity." But fine print at the bottom of the page notes that reimbursement "requires your timely reporting of unauthorized activity to Schwab," and that Schwab "will not be liable for additional or increased losses resulting from a failure to report unauthorized activity in a timely manner." It notes that more details are available in account agreements... Notify your bank as soon as possible, said Scott Anchin, senior vice president of strategic initiatives and policy at the independent bankers association. Banks generally allow at least 30 days and sometimes up to 90 days from the time your statement is made available to you to report suspected check fraud, he said.
So how can you avoid check fraud? Adam Rust, director of financial services for the Consumer Federation of America, just suggests that "No one should ever mail a check." If you must write a check, he said, try to deliver it in person or take it inside a post office to mail rather than relying on your own mailbox or public drop boxes. The American Bankers Association recommends using permanent "gel" ink pens when you do write checks to reduce the risk of tampering... And if you don't already, consider using your bank's online bill payment service.
The article notes that even the U.S. federal government "has been moving away from paper checks for things like benefit payments and income tax refunds, saying digital payment methods are more secure."
United States

US Agency Cancels Contract For Warrantless Tracking of Mobile Devices (apnews.com) 18

America's Bureau of Alcohol, Tobacco, Firearms and Explosives has "canceled its contract for a surveillance tool that enables warrantless tracking of mobile devices," reports the Associated Press.

They note the move comes "after lawmakers, a prosecutor and a judge raised concerns about the legality of the tool in criminal investigations." ATF, the federal agency responsible for enforcing the nation's gun laws, told The Associated Press that it discontinued what it called a "pilot" program using a tool called Webloc after Rep. Michael Cloud, a Republican from Texas, and Sen. Ron Wyden, a Democrat from Oregon, expressed reservations about the agency's use of bulk commercial location data. Webloc, which is made by a vendor called Penlink, sources data from consumer apps and advertising networks, which collect the location of mobile devices from consumers who download apps or browse the web...

The U.S. Supreme Court ruled in 2018 that police needed a warrant to obtain historic movement data from cellphone companies on a criminal suspect. But it has never addressed the growing practice of commercially acquired data.

Other users of Webloc include the U.S. military and U.S. Immigration and Customs Enforcement but also local law enforcement agencies such as police in places like Elk Grove, Calif. and Durham, N.C. The technology has also expanded around the world, with the national police in El Salvador and Hungarian intelligence agencies as customers, according to a report from earlier this year from Citizen Lab, a group of researchers at the University of Toronto who investigate digital threats to civil society.

The article notes that other U.S. law enforcement agencies continue to buy commercial geolocation data, "including the FBI and the Department of Homeland Security."
AI

How a Seemingly Harmless Image Can Jailbreak Vision-Language AI Models (nerds.xyz) 59

Slashdot reader BrianFagioli writes: Florida International University researchers have developed a technique called JaiLIP (Jailbreaking with Loss-guided Image Perturbation) that uses subtle image modifications to bypass AI safety guardrails. Unlike traditional jailbreaks that rely on carefully crafted prompts, the attack works through images that appear normal to human viewers.

The researchers tested the technique against BLIP-2, a multimodal AI model, and found that manipulated images significantly increased the likelihood of harmful responses. According to the study, the approach outperformed previous image-based jailbreak methods and nearly doubled the number of unsafe outputs generated during testing.

The findings highlight a potential security risk for businesses deploying AI systems that process both images and text. While most discussions about AI safety focus on prompts, the research suggests that seemingly harmless images may also serve as an attack vector.

AI

US Government Allows Anthropic Limited Release of 'Mythos' AI Model, Saying 'Appropriate Safeguards are in Place" (cnn.com) 23

"The US government has allowed Anthropic to release its powerful Mythos AI model to select companies and organizations," reports CNN, "revising license requirements after ordering an export block earlier this month in the wake of national security fears." Since the export ban earlier in June, "Anthropic has worked with the US government to address risks associated with the Covered Models," Commerce Secretary Howard Lutnick wrote to the company in a letter dated Friday. In light of progress in that work, Lutnick wrote, "I have determined that appropriate safeguards are in place to permit certain trusted partners to access the Claude Mythos 5 Model."

The letter does not include permission for Anthropic to release Fable, a less powerful version of Mythos. "We received notice from the US government that Mythos 5, our strongest cybersecurity model, can be redeployed to a small group of cyber defenders and infrastructure providers," Anthropic said in a statement...

Conversations between Anthropic and the government are expected to continue into the weekend, with an eye to restoring access to Fable, as well, a source familiar with the discussions told CNN.

Slashdot Top Deals