An anonymous reader shared this article from the blog Linuxiac In a blog post, Alan Pope, a longtime Ubuntu community figure and former Canonical employee who remains an active Snap publisher... [warns of] a persistent campaign of malicious snaps impersonating cryptocurrency wallet applications. These fake apps typically mimic well-known projects such as Exodus, Ledger Live, or Trust Wallet, prompting users to enter wallet recovery phrases, which are then transmitted to attackers, resulting in drained funds.
The perpetrators had originally used similar-looking characters from other alphabets to mimic other app listings, then began uploading "revisions" to other innocuous-seeming (approved) apps that would transform their original listing into that of a fake crypto wallet app.

But now they're re-registering expired domains to take over existing Snap Store accounts, which Pope calls "a significant escalation..." I worked for Canonical between 2011 and 2021 as an Engineering Manager, Community Manager, and Developer Advocate. I was a strong advocate for snap packages and the Snap Store. While I left the company nearly five years ago, I still maintain nearly 50 packages in the Snap Store, with thousands of users... Personally, I want the Snap Store to be successful, and for users to be confident that the packages they install are trustworthy and safe.

Currently, that confidence isn't warranted, which is a problem for desktop Linux users who install snap packages. I report every bad snap I encounter, and I know other security professionals do the same — even though doing so results in no action for days sometimes... To be clear: none of this should be seen as an attack on the Snap Store, Canonical, or the engineers working on these problems. I'm raising awareness of an issue that exists, because I want it fixed... But pretending there isn't a problem helps nobody.

Trend Micro's Zero Day Initiative sponsored its third annual Pwn2Own Automotive competition in Tokyo this week, receiving 73 entries, the most ever for a Pwn2Own event.

"Under Pwn2Own rules, all disclosed vulnerabilities are reported to affected vendors through ZDI," reports Help Net Security, "with public disclosure delayed to allow time for patches." Infotainment platforms from Tesla, Sony, and Alpine were among the systems compromised during demonstrations. Researchers achieved code execution using techniques that included buffer overflows, information leaks, and logic flaws. One Tesla infotainment unit was compromised through a USB-based attack, resulting in root-level access. Electric vehicle charging infrastructure also received significant attention. Teams successfully demonstrated exploits against chargers from Autel, Phoenix Contact, ChargePoint, Grizzl-E, Alpitronic, and EMPORIA. Several attacks involved chaining multiple vulnerabilities to manipulate charging behavior or execute code on the device. These demonstrations highlighted how charging stations operate as network-connected systems with direct interaction with vehicles.
There's video recaps on the ZDI YouTube channel — apparently the Fuzzware.io researchers "were able to take over a Phoenix Contact EV charger over bluetooth."

Three researchers also exploited the Alpitronic's HYC50 fast-charging with a classic TOCTOU bug, according to the event's site, "and installed a playable version of Doom to boot." They earned $20,000 — part of $1,047,000 USD was awarded during the three-day event.

More coverage from SecurityWeek: The winner of the event, the Fuzzware.io team, earned a total of $215,500 for its exploits. The team received the highest individual reward: $60,000 for an Alpitronic HYC50 EV charger exploit delivered through the charging gun. ZDI described it as "the first public exploit of a supercharger".

"NASA remains confident it has a handle on the problem and the vehicle can bring the crew home safely," reports CNN.

But "When four astronauts begin a historic trip around the moon as soon as February 6, they'll climb aboard NASA's 16.5-foot-wide Orion spacecraft with the understanding that it has a known flaw — one that has some experts urging the space agency not to fly the mission with humans on board..."

The issue relates to a special coating applied to the bottom part of the spacecraft, called the heat shield... This vital part of the Orion spacecraft is nearly identical to the heat shield flown on Artemis I, an uncrewed 2022 test flight. That prior mission's Orion vehicle returned from space with a heat shield pockmarked by unexpected damage — prompting NASA to investigate the issue. And while NASA is poised to clear the heat shield for flight, even those who believe the mission is safe acknowledge there is unknown risk involved. "This is a deviant heat shield," said Dr. Danny Olivas, a former NASA astronaut who served on a space agency-appointed independent review team that investigated the incident. "There's no doubt about it: This is not the heat shield that NASA would want to give its astronauts." Still, Olivas said he believes after spending years analyzing what went wrong with the heat shield, NASA "has its arms around the problem..."

"I think in my mind, there's no flight that ever takes off where you don't have a lingering doubt," Olivas said. "But NASA really does understand what they have. They know the importance of the heat shield to crew safety, and I do believe that they've done the job." Lakiesha Hawkins, the acting deputy associate administrator for NASA's Exploration Systems Development Mission Directorate, echoed that sentiment in September, saying, "from a risk perspective, we feel very confident." And Reid Wiseman, the astronaut set to command the Artemis II mission, has expressed his confidence. "The investigators discovered the root cause, which was the key" to understanding and solving the heat shield issue, Wiseman told reporters last July. "If we stick to the new reentry path that NASA has planned, then this heat shield will be safe to fly."

Others aren't so sure. "What they're talking about doing is crazy," said Dr. Charlie Camarda, a heat shield expert, research scientist and former NASA astronaut. Camarda — who was also a member of the first space shuttle crew to launch after the 2003 Columbia disaster — is among a group of former NASA employees who do not believe that the space agency should put astronauts on board the upcoming lunar excursion. He said he has spent months trying to get agency leadership to heed his warnings to no avail... Camarda also emphasized that his opposition to Artemis II isn't driven by a belief it will end with a catastrophic failure. He thinks it's likely the mission will return home safely. More than anything, Camarda told CNN, he fears that a safe flight for Artemis II will serve as validation for NASA leadership that its decision-making processes are sound. And that's bound to lull the agency into a false sense of security, Camarda warned.
CNN adds that Dr. Dan Rasky, an expert on advanced entry systems and thermal protection materials who worked at NASA for more than 30 years, also does not believe NASA should allow astronauts to fly on board the Artemis II Orion capsule.

And "a crucial milestone could be days away as Artemis program leaders gather for final risk assessments and the flight readiness review," when top NASA brass determine whether the Artemis II rocket and spacecraft are ready to take off with a human crew.

TechCrunch reports: On Wednesday, Anthropic released a revised version of Claude's Constitution, a living document that provides a "holistic" explanation of the "context in which Claude operates and the kind of entity we would like Claude to be...." For years, Anthropic has sought to distinguish itself from its competitors via what it calls "Constitutional AI," a system whereby its chatbot, Claude, is trained using a specific set of ethical principles rather than human feedback... The 80-page document has four separate parts, which, according to Anthropic, represent the chatbot's "core values." Those values are:

1. Being "broadly safe."
2. Being "broadly ethical."
3. Being compliant with Anthropic's guidelines.
4. Being "genuinely helpful..."

In the safety section, Anthropic notes that its chatbot has been designed to avoid the kinds of problems that have plagued other chatbots and, when evidence of mental health issues arises, direct the user to appropriate services...

Anthropic's Constitution ends on a decidedly dramatic note, with its authors taking a fairly big swing and questioning whether the company's chatbot does, indeed, have consciousness. "Claude's moral status is deeply uncertain," the document states. "We believe that the moral status of AI models is a serious question worth considering. This view is not unique to us: some of the most eminent philosophers on the theory of mind take this question very seriously."
Gizmodo reports: The company also said that it dedicated a section of the constitution to Claude's nature because of "our uncertainty about whether Claude might have some kind of consciousness or moral status (either now or in the future)." The company is apparently hoping that by defining this within its foundational documents, it can protect "Claude's psychological security, sense of self, and well-being."

The White House doubled down after posting a digitally altered photo of Minnesota protester Nekima Levy Armstrong, dismissing it as a "meme" despite objections from her attorney and comparisons to reality-distorting propaganda. "YET AGAIN to the people who feel the need to reflexively defend perpetrators of heinous crimes in our country I share with you this message: Enforcement of the law will continue. The memes will continue. Thank you for your attention to this matter," White House spokesperson Kaelan Dorr wrote in a post on X. The Hill reports: The statement came after Homeland Security Secretary Kristi Noem posted a photo of Armstrong's arrest Thursday showing Armstrong with what appears to be a blank facial expression. However, the White House later posted an altered version of the same photo that shows Armstrong crying.

Armstrong's attorney Jordan Kushner said in an interview with CNN that an agent was recording Armstrong's arrest on their cellphone. "I've never seen anything like it. It's so unprofessional," Kushner said. "He was ordered to do it because the government was looking to make a spectacle of this case. I observed the whole thing. She was dignified, calm, rational the whole time." Kushner went on to call the move to alter the photo "a hallmark of a fascist regime where they actually alter reality."

An anonymous reader quotes a report from NPR: TikTok has finalized a deal to create a new American entity, avoiding the looming threat of a ban in the United States that has been in discussion for years. The social video platform company signed agreements with major investors including Oracle, Silver Lake and MGX to form the new TikTok U.S. joint venture. The new version will operate under "defined safeguards that protect national security through comprehensive data protections, algorithm security, content moderation and software assurances for U.S. users," the company said in a statement Thursday. American TikTok users can continue using the same app. [...] Adam Presser, who previously worked as TikTok's head of operations and trust and safety, will lead the new venture as its CEO. He will work alongside a seven-member, majority-American board of directors that includes TikTok's CEO Shou Chew.

[...] In addition to an emphasis on data protection, with U.S. user data being stored locally in a system run by Oracle, the joint venture will also focus on TikTok's algorithm. The content recommendation formula, which feeds users specific videos tailored to their preferences and interests, will be retrained, tested and updated on U.S. user data, the company said in its announcement. The algorithm has been a central issue in the security debate over TikTok. China previously maintained the algorithm must remain under Chinese control by law. But the U.S. regulation passed with bipartisan support said any divestment of TikTok must mean the platform cuts ties -- specifically the algorithm -- with ByteDance. Under the terms of this deal, ByteDance would license the algorithm to the U.S. entity for retraining.

The law prohibits "any cooperation with respect to the operation of a content recommendation algorithm" between ByteDance and a new potential American ownership group, so it is unclear how ByteDance's continued involvement in this arrangement will play out. Oracle, Silver Lake and the Emirati investment firm MGX are the three managing investors, who each hold a 15% share. Other investors include the investment firm of Michael Dell, the billionaire founder of Dell Technologies. ByteDance retains 19.9% of the joint venture.

The European Parliament is calling on the European Commission to reduce dependence on U.S. tech giants by prioritizing EU-based cloud, AI, and open-source infrastructure. The report frames "European Tech First," public procurement reform, and Public Money, Public Code as necessary self-defense against growing U.S. control over critical digital infrastructure. Heise reports: In terms of content, the report focuses on a strategic reorientation of public procurement and infrastructure. The compromise line adopted stipulates that member states can favor European tech providers in strategic sectors to systematically strengthen the technological capacity of the Community. The Greens even called for a stricter regulation here, where the use of products "Made in EU" should become the rule and exceptions would have to be explicitly justified. They also pushed for a definition for cloud infrastructure that provides for full EU jurisdiction without dependencies on third countries.

With the decision, the MEPs want to lay the foundation for a European digital public infrastructure based on open standards and interoperability. The principle of Public Money, Public Code is anchored as a strategic foundation to reduce dependence on individual providers. Software specifically developed for administration with tax money should therefore be made available to everyone under free licenses. For financing, the Parliament relies on the expansion of public-private investments. A "European Sovereign Tech Fund" endowed with ten billion euros was discussed beforehand, for example, to specifically build strategic infrastructures that the market does not provide on its own. The shadow rapporteur for the Greens, Alexandra Geese, sees Europe ready to take control of its digital future with the vote. As long as European data is held by US providers subject to laws such as the Cloud Act, security in Europe is not guaranteed.

Half the world's 100 largest cities are experiencing high levels of water stress, with 38 of these sitting in regions of "extremely high water stress," new analysis and mapping has shown. The Guardian: Water stress means that water withdrawals for public water supply and industry are close to exceeding available supplies, often caused by poor management of water resources exacerbated by climate breakdown. Watershed Investigations and the Guardian mapped cities on to stressed catchments revealing that Beijing, New York, Los Angeles, Rio de Janeiro and Delhi are among those facing extreme stress, while London, Bangkok and Jakarta are classed as being highly stressed.

Separate analysis of NASA satellite data, compiled by scientists at University College London, shows which of the largest 100 cities have been drying or getting wetter over two decades with places such as Chennai, Tehran and Zhengzhou showing strong drying trends and Tokyo, Lagos and Kampala showing strong wetting trends. All 100 cities and their trends can be viewed on a new interactive water security atlas.

The Irish government is planning to bolster its police's ability to intercept communications, including encrypted messages, and provide a legal basis for spyware use. From a report: The Communications (Interception and Lawful Access) Bill is being framed as a replacement for the current legislation that governs digital communication interception. The Department of Justice, Home Affairs, and Migration said in an announcement this week the existing Postal Packets and Telecommunications Messages (Regulation) Act 1993 "predates the telecoms revolution of the last 20 years."

As well as updating laws passed more than two decades ago, the government was keen to emphasize that a key ambition for the bill is to empower law enforcement to intercept of all forms of communications. The Bill will bring communications from IoT devices, email services, and electronic messaging platforms into scope, "whether encrypted or not."

In a similar way to how certain other governments want to compel encrypted messaging services to unscramble packets of interest, Ireland's announcement also failed to explain exactly how it plans to do this. However, it promised to implement a robust legal framework, alongside all necessary privacy and security safeguards, if these proposals do ultimately become law. It also vowed to establish structures to ensure "the maximum possible degree of technical cooperation between state agencies and communication service providers."/i

A former Bank of England analyst has urged contingency planning for a potential financial shock if the U.S. government were to confirm the existence of extraterrestrial intelligence. The argument is that "ontological shock" alone could destabilize confidence and trigger crisis dynamics. The Independent reports: [Helen McCaw, who served as a senior analyst in financial security at the UK's central bank and worked for the Bank of England for 10 years until 2012] said politicians and bankers can no longer afford to dismiss talk of alien life, and warned a declaration of this nature could trigger bank collapses. She reportedly said: "The United States government appears to be partway through a multi-year process to declassify and disclose information on the existence of a technologically advanced non-human intelligence responsible for Unidentified Anomalous Phenomena (UAPs)."

"If the UAP proves to be of non-human origin, we may have to acknowledge the existence of a power or intelligence greater than any government and with potentially unknown intentions." Her warning comes as senior American officials have recently indicated their belief in the possibility of alien life. [...] Ms McCaw said: "UAP disclosure is likely to induce ontological shock and provoke psychological responses with material consequences ... There might be extreme price volatility in financial markets due to catastrophising or euphoria, and a collapse in confidence if market participants feel uncertain on how to price assets using any of the familiar methods."

The former Bank of England worker explained there might be a rush towards assets such as gold or other precious metals, and government bonds, which are perceived as "safe." Alternatively, she said precious metals might lose their status as perceived safe assets if people speculate that new space-faring technologies will soon increase the supply of precious metals. The article cites a recent UFO documentary, The Age of Disclosure, where 34 U.S. government insiders, including those from the military and intelligence community officials, share insights about the governments work with UAP. Per the film's description, the documentary "reveals an 80-year global cover-up of non-human intelligent life and a secret war among major nations to reverse-engineer advanced technology of non-human origin."

The European Commission "has opened a public call for evidence on European open digital ecosystems," writes Help Net Security, part of preparations for an upcoming Communication "that will examine the role of open source in EU's digital infrastructure." The consultation runs from January 6 to February 3, 2026. Submissions will be used to shape a Commission Communication addressed to the European Parliament, the Council, and other EU bodies, which is scheduled for publication in the first quarter of 2026... The call for evidence links Europe's reliance on digital technologies developed outside the EU to concerns over long term control of infrastructure and software supply chains... Open digital ecosystems are discussed in the context of technological sovereignty and the use of technologies that can be inspected, adapted, and shared.
Long-time Slashdot reader Elektroschock describes it as the European Commission "stepping up its efforts behind open-source software" Building on President von der Leyen's political guidelines, the initiative will review the Commission's 2020-2023 open-source approach and set out concrete actions to strengthen Europe's open-source ecosystem across key areas such as cloud, AI, cybersecurity and industrial technologies. The strategy will be presented alongside the upcoming Cloud and AI Development Act, forming a broader policy package aimed at reducing strategic dependencies and boosting Europe's digital resilience.
And "In just a few days, over 370 submissions have already been filed, indicating that the issue is touching a nerve across the EU," writes CyberNews.com: "Europe must regain control over its software supply chain to safeguard freedom, security, and innovation," suggests an individual from Slovakia. Similar perspectives appear to be widely shared among respondents...

The document doesn't mention US tech giants specifically, but rather aims to support tech sovereignty and seek "digital solutions that are valid alternatives to proprietary ones...."

"This is not a legislative initiative. The strategy will take the form of a Commission communication. The initiative will set out a general approach and will propose: actions relying on further commitments and an implementation process," the EC explains. Policymakers expect the strategy to help EU member states identify the necessary steps to support national open-source companies and communities.

Ars Technica reports: Security firm Mandiant [part of Google Cloud] has released a database that allows any administrative password protected by Microsoft's NTLM.v1 hash algorithm to be hacked in an attempt to nudge users who continue using the deprecated function despite known weaknesses.... a precomputed table of hash values linked to their corresponding plaintext. These generic tables, which work against multiple hashing schemes, allow hackers to take over accounts by quickly mapping a stolen hash to its password counterpart... Mandiant said it had released an NTLMv1 rainbow table that will allow defenders and researchers (and, of course, malicious hackers, too) to recover passwords in under 12 hours using consumer hardware costing less than $600 USD. The table is hosted in Google Cloud. The database works against Net-NTLMv1 passwords, which are used in network authentication for accessing resources such as SMB network sharing.

Despite its long- and well-known susceptibility to easy cracking, NTLMv1 remains in use in some of the world's more sensitive networks. One reason for the lack of action is that utilities and organizations in industries, including health care and industrial control, often rely on legacy apps that are incompatible with more recently released hashing algorithms. Another reason is that organizations relying on mission-critical systems can't afford the downtime required to migrate. Of course, inertia and penny-pinching are also causes.

"By releasing these tables, Mandiant aims to lower the barrier for security professionals to demonstrate the insecurity of Net-NTLMv1," Mandiant said. "While tools to exploit this protocol have existed for years, they often required uploading sensitive data to third-party services or expensive hardware to brute-force keys."
"Organizations that rely on Windows networking aren't the only laggards," the article points out. "Microsoft only announced plans to deprecate NTLMv1 last August."

Thanks to Slashdot reader joshuark for sharing the news.

A couple months ago, YouTuber Benn Jordan "found vulnerabilities in some of Flock's license plate reader cameras," reports 404 Media's Jason Koebler. "He reached out to me to tell me he had learned that some of Flock's Condor cameras were left live-streaming to the open internet."

This led to a remarkable article where Koebler confirmed the breach by visiting a Flock surveillance camera mounted on a California traffic signal. ("On my phone, I am watching myself in real time as the camera records and livestreams me — without any password or login — to the open internet... Hundreds of miles away, my colleagues are remotely watching me too through the exposed feed.") Flock left livestreams and administrator control panels for at least 60 of its AI-enabled Condor cameras around the country exposed to the open internet, where anyone could watch them, download 30 days worth of video archive, and change settings, see log files, and run diagnostics. Unlike many of Flock's cameras, which are designed to capture license plates as people drive by, Flock's Condor cameras are pan-tilt-zoom (PTZ) cameras designed to record and track people, not vehicles. Condor cameras can be set to automatically zoom in on people's faces... The exposure was initially discovered by YouTuber and technologist Benn Jordan and was shared with security researcher Jon "GainSec" Gaines, who recently found numerous vulnerabilities in several other models of Flock's automated license plate reader (ALPR) cameras.
Jordan appeared this week as a guest on Koebler's own YouTube channel, while Jordan released a video of his own about the experience. titled "We Hacked Flock Safety Cameras in under 30 Seconds." (Thanks to Slashdot reader beadon for sharing the link.) But together Jordan and 404 Media also created another video three weeks ago titled "The Flock Camera Leak is Like Netflix for Stalkers" which includes footage he says was "completely accessible at the time Flock Safety was telling cities that the devices are secure after they're deployed."

The video decries cities "too lazy to conduct their own security audit or research the efficacy versus risk," but also calls weak security "an industry-wide problem." Jordan explains in the video how he "very easily found the administration interfaces for dozens of Flock safety cameras..." — but also what happened next: None of the data or video footage was encrypted. There was no username or password required. These were all completely public-facing, for the world to see.... Making any modification to the cameras is illegal, so I didn't do this. But I had the ability to delete any of the video footage or evidence by simply pressing a button. I could see the paths where all of the evidence files were located on the file system...

During and after the process of conducting that research and making that video, I was visited by the police and had what I believed to be private investigators outside my home photographing me and my property and bothering my neighbors. John Gaines or GainSec, the brains behind most of this research, lost employment within 48 hours of the video being released. And the sad reality is that I don't view these things as consequences or punishment for researching security vulnerabilities. I view these as consequences and punishment for doing it ethically and transparently.

I've been contacted by people on or communicating with civic councils who found my videos concerning, and they shared Flock Safety's response with me. The company claimed that the devices in my video did not reflect the security standards of the ones being publicly deployed. The CEO even posted on LinkedIn and boasted about Flock Safety's security policies. So, I formally and publicly offered to personally fund security research into Flock Safety's deployed ecosystem. But the law prevents me from touching their live devices. So, all I needed was their permission so I wouldn't get arrested. And I was even willing to let them supervise this research.

I got no response.
So instead, he read Flock's official response to a security/surveillance industry research group — while standing in front of one of their security cameras, streaming his reading to the public internet.

"Might as well. It's my tax dollars that paid for it."

" 'Flock is committed to continuously improving security...'"

A recent Microsoft Patch Tuesday update has introduced a bug in Windows 11 23H2 that causes some PCs to refuse to shut down or hibernate, "no matter how many times you try," reports The Register. From the report: In a notice on its Windows release health dashboard, Microsoft confirmed that some PCs running Windows 11 23H2 might fail to power down properly after installing the latest security updates. Instead of slipping into shutdown or hibernation, affected machines stay stubbornly awake, draining batteries and ignoring shutdown like they have a mind of their own and don't want to experience temporary non-existence.

The bug appears to be tied to Secure Launch, a security feature that uses virtualization-based protections to ensure only trusted components load during boot. On systems with Secure Launch enabled, attempts to shut down, restart, or hibernate after applying the January patches may fail to complete. From the user's perspective, everything looks normal -- until the PC keeps running anyway, refusing to be denied life.

Microsoft says that entering the command "shutdown /s /t 0" at the command prompt will, in fact, force your PC to turn off, whether it wants to or not. "Until this issue is resolved, please ensure you save all your work, and shut down when you are done working on your device to avoid the device running out of power instead of hibernating," Microsoft said.

Games Workshop, the owner and operator of a number of hugely popular tabletop war games, including Warhammer 40,000 and Age of Sigmar, has banned the use of generative AI in its content and design processes. IGN reports: Delivering the UK company's impressive financial results, CEO Kevin Rountree addressed the issue of AI and how Games Workshop is handling it. He said GW staff are barred from using it to actually produce anything, but admitted a "few" senior managers are experimenting with it. Rountree said AI was "a very broad topic and to be honest I'm not an expert on it," then went on to lay down the company line:

"We do have a few senior managers that are [experts on AI]: none are that excited about it yet. We have agreed an internal policy to guide us all, which is currently very cautious e.g. we do not allow AI generated content or AI to be used in our design processes or its unauthorized use outside of GW including in any of our competitions. We also have to monitor and protect ourselves from a data compliance, security and governance perspective, the AI or machine learning engines seem to be automatically included on our phones or laptops whether we like it or not.

We are allowing those few senior managers to continue to be inquisitive about the technology. We have also agreed we will be maintaining a strong commitment to protect our intellectual property and respect our human creators. In the period reported, we continued to invest in our Warhammer Studio -- hiring more creatives in multiple disciplines from concepting and art to writing and sculpting. Talented and passionate individuals that make Warhammer the rich, evocative IP that our hobbyists and we all love."

The U.S. has approved limited sales of Nvidia's H200 AI chips to China, the Department of Commerce said on Tuesday. Exports will be allowed to "approved customers" with security safeguards and a 25% U.S. government cut. The company's most advanced Blackwell chips will remain restricted. The BBC reports: The H200, Nvidia's second-most-advanced semiconductor, had been restricted by Washington over concerns that it would give China's technology industry and military an edge over the U.S. The Commerce Department said the chips can be shipped to China granted that there is sufficient supply of the processors in the U.S.

Nvidia's spokesperson told the BBC that the company welcomed the move, saying it will benefit manufacturing and jobs in the U.S. The Commerce Department's Bureau of Industry and Security said its revised export policy applies to Nvidia's H200 chips, as well as less advanced processors. Chinese customers must also show "sufficient security procedures" and cannot use the chips for military uses.

Chinese embassy spokesman Liu Pengyu told the BBC on Wednesday that Beijing has consistently opposed the "politicization and weaponization of tech and trade issues." "We oppose blocking and restricting China, which disrupts the stability of industrial and supply chains," he said. "This approach does not serve the common interests of both sides."

An anonymous reader shares a report: Chinese authorities have told domestic companies to stop using cybersecurity software made by roughly a dozen firms from the U.S. and Israel due to national security concerns, two people briefed on the matter said.

As trade and diplomatic tensions flare between China and the U.S. and both sides vie for tech supremacy, Beijing has been keen to replace Western-made technology with domestic alternatives. The U.S. companies whose cybersecurity software has been banned include Broadcom-owned VMware, Palo Alto Networks and Fortinet, while the Israeli companies include Check Point Software Technologies, the sources said.

An anonymous reader quotes a report from Ars Technica: Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers. The framework, referred to as VoidLink by its source code, features more than 30 modules that can be used to customize capabilities to meet attackers' needs for each infected machine. These modules can provide additional stealth and specific tools for reconnaissance, privilege escalation, and lateral movement inside a compromised network. The components can be easily added or removed as objectives change over the course of a campaign.

VoidLink can target machines within popular cloud services by detecting if an infected machine is hosted inside AWS, GCP, Azure, Alibaba, and Tencent, and there are indications that developers plan to add detections for Huawei, DigitalOcean, and Vultr in future releases. To detect which cloud service hosts the machine, VoidLink examines metadata using the respective vendor's API. Similar frameworks targeting Windows servers have flourished for years. They are less common on Linux machines. The feature set is unusually broad and is "far more advanced than typical Linux malware," said researchers from Checkpoint, the security firm that discovered VoidLink. Its creation may indicate that the attacker's focus is increasingly expanding to include Linux systems, cloud infrastructure, and application deployment environments, as organizations increasingly move workloads to these environments. "VoidLink is a comprehensive ecosystem designed to maintain long-term, stealthy access to compromised Linux systems, particularly those running on public cloud platforms and in containerized environments," the researchers said in a separate post. "Its design reflects a level of planning and investment typically associated with professional threat actors rather than opportunistic attackers, raising the stakes for defenders who may never realize their infrastructure has been quietly taken over."

The researchers note that VoidLink poses no immediate threat or required action since it's not actively targeting systems. However, defenders should remain vigilant.

"Since the United States reopened its embassy in Cuba in 2015, a number of personnel have reported a series of debilitating medical ailments which include dizziness, fatigue, problems with memory, and impaired vision," writes longtime Slashdot reader smooth wombat. "For ten years, these sudden and unexplained onsets have been studied with no conclusive evidence one way or the other. Now comes word that a device, purchased by the Pentagon, has been tested which may be linked to what is known as Havana Syndrome." From a report: A division of the Department of Homeland Security, Homeland Security Investigations, purchased the device for millions of dollars in the waning days of the Biden administration, using funding provided by the Defense Department, according to two of the sources. Officials paid âoeeight figuresâ for the device, these people said, declining to offer a more specific number. [...]

The device acquired by HSI produces pulsed radio waves, one of the sources said, which some officials and academics have speculated for years could be the cause of the incidents. Although the device is not entirely Russian in origin, it contains Russian components, this person added. Officials have long struggled to understand how a device powerful enough to cause the kind of damage some victims have reported could be made portable; that remains a core question, according to one of the sources briefed on the device. The device could fit in a backpack, this person said.

[...] One key concern now for some officials is that if the technology proves viable it may have proliferated, several of the sources said, meaning that more than one country could now have access to a device that may be capable of causing career-ending injuries to US officials. Further reading: 'Havana Syndrome' Debate Rises Again in US Government

Prosecutors in Taiwan issued an arrest warrant [non-paywalled source] for the chief executive officer of the Chinese smartphone company OnePlus, stepping up the island's efforts to block China's tech players from recruiting Taiwanese talent. From a report: The Shilin district prosecutors office issued the warrant for CEO and co-founder Pete Lau and indicted two Taiwanese citizens who worked for him, according to an indictment by the office. OnePlus, a niche player whose phones run on a customized version of Android, is suspected of illegally recruiting more than 70 engineers in Taiwan.

The autonomous territory has stepped up its efforts to stop Chinese companies from raiding workers, who are often coveted because of their technical knowledge and experience. The Taiwanese officials put such limitations in place because they say recruiting from the semiconductor sector and other tech operations could jeopardize national security.