An anonymous reader quotes a report from Ars Technica: Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers. The framework, referred to as VoidLink by its source code, features more than 30 modules that can be used to customize capabilities to meet attackers' needs for each infected machine. These modules can provide additional stealth and specific tools for reconnaissance, privilege escalation, and lateral movement inside a compromised network. The components can be easily added or removed as objectives change over the course of a campaign.

VoidLink can target machines within popular cloud services by detecting if an infected machine is hosted inside AWS, GCP, Azure, Alibaba, and Tencent, and there are indications that developers plan to add detections for Huawei, DigitalOcean, and Vultr in future releases. To detect which cloud service hosts the machine, VoidLink examines metadata using the respective vendor's API. Similar frameworks targeting Windows servers have flourished for years. They are less common on Linux machines. The feature set is unusually broad and is "far more advanced than typical Linux malware," said researchers from Checkpoint, the security firm that discovered VoidLink. Its creation may indicate that the attacker's focus is increasingly expanding to include Linux systems, cloud infrastructure, and application deployment environments, as organizations increasingly move workloads to these environments. "VoidLink is a comprehensive ecosystem designed to maintain long-term, stealthy access to compromised Linux systems, particularly those running on public cloud platforms and in containerized environments," the researchers said in a separate post. "Its design reflects a level of planning and investment typically associated with professional threat actors rather than opportunistic attackers, raising the stakes for defenders who may never realize their infrastructure has been quietly taken over."

The researchers note that VoidLink poses no immediate threat or required action since it's not actively targeting systems. However, defenders should remain vigilant.

"Since the United States reopened its embassy in Cuba in 2015, a number of personnel have reported a series of debilitating medical ailments which include dizziness, fatigue, problems with memory, and impaired vision," writes longtime Slashdot reader smooth wombat. "For ten years, these sudden and unexplained onsets have been studied with no conclusive evidence one way or the other. Now comes word that a device, purchased by the Pentagon, has been tested which may be linked to what is known as Havana Syndrome." From a report: A division of the Department of Homeland Security, Homeland Security Investigations, purchased the device for millions of dollars in the waning days of the Biden administration, using funding provided by the Defense Department, according to two of the sources. Officials paid âoeeight figuresâ for the device, these people said, declining to offer a more specific number. [...]

The device acquired by HSI produces pulsed radio waves, one of the sources said, which some officials and academics have speculated for years could be the cause of the incidents. Although the device is not entirely Russian in origin, it contains Russian components, this person added. Officials have long struggled to understand how a device powerful enough to cause the kind of damage some victims have reported could be made portable; that remains a core question, according to one of the sources briefed on the device. The device could fit in a backpack, this person said.

[...] One key concern now for some officials is that if the technology proves viable it may have proliferated, several of the sources said, meaning that more than one country could now have access to a device that may be capable of causing career-ending injuries to US officials. Further reading: 'Havana Syndrome' Debate Rises Again in US Government

Prosecutors in Taiwan issued an arrest warrant [non-paywalled source] for the chief executive officer of the Chinese smartphone company OnePlus, stepping up the island's efforts to block China's tech players from recruiting Taiwanese talent. From a report: The Shilin district prosecutors office issued the warrant for CEO and co-founder Pete Lau and indicted two Taiwanese citizens who worked for him, according to an indictment by the office. OnePlus, a niche player whose phones run on a customized version of Android, is suspected of illegally recruiting more than 70 engineers in Taiwan.

The autonomous territory has stepped up its efforts to stop Chinese companies from raiding workers, who are often coveted because of their technical knowledge and experience. The Taiwanese officials put such limitations in place because they say recruiting from the semiconductor sector and other tech operations could jeopardize national security.

Python Software Foundation: We are thrilled to announce that Anthropic has entered into a two-year partnership with the Python Software Foundation (PSF) to contribute a landmark total of $1.5 million to support the foundation's work, with an emphasis on Python ecosystem security. This investment will enable the PSF to make crucial security advances to CPython and the Python Package Index (PyPI) benefiting all users, and it will also sustain the foundation's core work supporting the Python language, ecosystem, and global community.

Anthropic's funds will enable the PSF to make progress on our security roadmap, including work designed to protect millions of PyPI users from attempted supply-chain attacks. Planned projects include creating new tools for automated proactive review of all packages uploaded to PyPI, improving on the current process of reactive-only review. We intend to create a new dataset of known malware that will allow us to design these novel tools, relying on capability analysis. One of the advantages of this project is that we expect the outputs we develop to be transferable to all open source package repositories. As a result, this work has the potential to ultimately improve security across multiple open source ecosystems, starting with the Python ecosystem.

Moxie Marlinspike, the engineer who created Signal Messenger and set a new standard for private communications, is now trialing Confer, an open source AI assistant designed to make user data unreadable to platform operators, hackers, and law enforcement alike. Confer relies on two core technologies: passkeys that generate a 32-byte encryption keypair stored only on user devices, and trusted execution environments on servers that prevent even administrators from accessing data. The code is open source and cryptographically verifiable through remote attestation and transparency logs.

Marlinspike likens current AI interactions to confessing into a "data lake." A court order last May required OpenAI to preserve all ChatGPT user logs including deleted chats, and CEO Sam Altman has acknowledged that even psychotherapy sessions on the platform may not stay private.

Microsoft has abruptly retired the Microsoft Deployment Toolkit, a free platform that IT administrators have relied on to deploy Windows operating systems and applications for more than two decades. The retirement, reports the Register, came with "immediate" notice, meaning no more fixes, support, security patches, or updates, and the download packages may be removed from official distribution channels.

Scifi author/tech activist Cory Doctorow has decried the "enshittification" of our technologies to extract more profit. But Saturday he also described what could be "the beginning of the end for enshittification" in a new article for the Guardian — "our chance to make tech good again". There is only one reason the world isn't bursting with wildly profitable products and projects that disenshittify the US's defective products: its (former) trading partners were bullied into passing an "anti-circumvention" law that bans the kind of reverse-engineering that is the necessary prelude to modifying an existing product to make it work better for its users (at the expense of its manufacturer)...

Post-Brexit, the UK is uniquely able to seize this moment. Unlike our European cousins, we needn't wait for the copyright directive to be repealed before we can strike article 6 off our own law books and thereby salvage something good out of Brexit... Until we repeal the anti-circumvention law, we can't reverse-engineer the US's cloud software, whether it's a database, a word processor or a tractor, in order to swap out proprietary, American code for robust, open, auditable alternatives that will safeguard our digital sovereignty. The same goes for any technology tethered to servers operated by any government that might have interests adverse to ours — say, the solar inverters and batteries we buy from China.

This is the state of play at the dawn of 2026. The digital rights movement has two powerful potential coalition partners in the fight to reclaim the right of people to change how their devices work, to claw back privacy and a fair deal from tech: investors and national security hawks. Admittedly, the door is only open a crack, but it's been locked tight since the turn of the century. When it comes to a better technology future, "open a crack" is the most exciting proposition I've heard in decades.
Thanks to Slashdot reader Bruce66423 for sharing the article.

An R&D lab under America's Energy Department annnounced this week that "Neuromorphic computers, inspired by the architecture of the human brain, are proving surprisingly adept at solving complex mathematical problems that underpin scientific and engineering challenges."

Phys.org publishes the announcement from Sandia National Lab: In a paper published in Nature Machine Intelligence, Sandia National Laboratories computational neuroscientists Brad Theilman and Brad Aimone describe a novel algorithm that enables neuromorphic hardware to tackle partial differential equations, or PDEs — the mathematical foundation for modeling phenomena such as fluid dynamics, electromagnetic fields and structural mechanics. The findings show that neuromorphic computing can not only handle these equations, but do so with remarkable efficiency. The work could pave the way for the world's first neuromorphic supercomputer, potentially revolutionizing energy-efficient computing for national security applications and beyond...

"We're just starting to have computational systems that can exhibit intelligent-like behavior. But they look nothing like the brain, and the amount of resources that they require is ridiculous, frankly," Theilman said.For decades, experts have believed that neuromorphic computers were best suited for tasks like recognizing patterns or accelerating artificial neural networks. These systems weren't expected to excel at solving rigorous mathematical problems like PDEs, which are typically tackled by traditional supercomputers. But for Aimone and Theilman, the results weren't surprising. The researchers believe the brain itself performs complex computations constantly, even if we don't consciously realize it. "Pick any sort of motor control task — like hitting a tennis ball or swinging a bat at a baseball," Aimone said. "These are very sophisticated computations. They are exascale-level problems that our brains are capable of doing very cheaply..."

Their research also raises intriguing questions about the nature of intelligence and computation. The algorithm developed by Theilman and Aimone retains strong similarities to the structure and dynamics of cortical networks in the brain. "We based our circuit on a relatively well-known model in the computational neuroscience world," Theilman said. "We've shown the model has a natural but non-obvious link to PDEs, and that link hasn't been made until now — 12 years after the model was introduced." The researchers believe that neuromorphic computing could help bridge the gap between neuroscience and applied mathematics, offering new insights into how the brain processes information. "Diseases of the brain could be diseases of computation," Aimone said. "But we don't have a solid grasp on how the brain performs computations yet." If their hunch is correct, neuromorphic computing could offer clues to better understand and treat neurological conditions like Alzheimer's and Parkinson's.

Longtime Slashdot reader chicksdaddy writes: CES, the Consumer Electronics Show, isn't just about shiny new gadgets. As AP reports, this year brought back the fifth annual Worst in Show anti-awards, calling out the most harmful, wasteful, invasive, and unfixable tech at the Las Vegas show. The coalition behind the awards -- including Repair.org, iFixit, EFF, PIRG, Secure Repairs, and others -- put the spotlight on products that miss the point of innovation and make life worse for users.

2026 Worst in Show winners include:

Overall (and Repairability): Samsung's AI-packed Family Hub Fridge -- over-engineered, hard to fix, and trying to do everything but keep food cold.
Privacy: Amazon Ring AI -- expanding surveillance with features like facial recognition and mobile towers.
Security: Merach UltraTread treadmill -- an AI fitness coach that also hoovers up sensitive data with weak security guarantees, including a privacy policy that declares the company "cannot guarantee the security of your personal information" (!!).
Environmental Impact: Lollipop Star -- a single-use, music-playing electronic lollipop that epitomizes needless e-waste.
Enshittification: Bosch eBike Flow App -- pushing lock-in and digital restrictions that make gear worse over time.
"Who Asked For This?": Bosch Personal AI Barista -- a voice-assistant coffee maker that nobody really wanted.
People's Choice: Lepro Ami AI Companion -- an overhyped "soulmate" cam that creeps more than it comforts.

The message? Not all tech is progress. Some products add needless complexity, threaten privacy, or throw sustainability out the window -- and the industry's watchdogs are calling them out.

China has hacked the emails used by congressional staff on powerful committees in the US House of Representatives, as part of a massive cyber espionage campaign known as Salt Typhoon. An anonymous reader shares a report: Chinese intelligence accessed email systems used by some staffers [non-paywalled source] on the House China committee in addition to aides on the foreign affairs committee, intelligence committee and armed services committee, according to people familiar with the attack. The intrusions were detected in December.

The attacks are the latest element of an ongoing cyber campaign against US communication networks by the Ministry of State Security, China's intelligence service. One person familiar with the attack said it was unclear if the MSS had accessed lawmakers' emails. The MSS has been operating Salt Typhoon for several years. It allows China to access the unencrypted phone calls, texts and voicemails of almost every American, and in some cases enables access to email accounts. Salt Typhoon has also intercepted the calls of senior US officials over the past couple of years, said people familiar with the campaign.

Bose is end-of-lifing its SoundTouch smart speakers but softened the blow by open-sourcing the SoundTouch API and preserving limited local features, AirPlay, and Spotify Connect. Ars Technica reports: In October, Bose announced that its SoundTouch Wi-Fi speakers and soundbars would become dumb speakers on February 18. At the time, Bose said that the speakers would only work if a device was connected via AUX, HDMI, or Bluetooth (which has higher latency than Wi-Fi). After that date, the speakers would stop receiving security and software updates and lose cloud connectivity and their companion app, the Framingham, Massachusetts-based company said. Without the app, users would no longer be able to integrate the device with music services, such as Spotify, have multiple SoundTouch devices play the same audio simultaneously, or use or edit saved presets.

The announcement frustrated some of Bose's long-time customers, some of whom own multiple SoundTouch devices that still function properly. Many questioned companies' increasingly common practice of bricking expensive products to focus on new devices or to minimize costs, or because they've gone through acquisitions or bankruptcy. SoundTouch speakers released in 2013 and 2015 with prices ranging from $399 to $1,500.

Today, Bose had better news. In an email to customers, Bose announced that AirPlay and Spotify Connect will still work with SoundTouch speakers after EoL, expanding the wireless capabilities that people will still be able to access. Additionally, SoundTouch devices that support AirPlay 2 can play the same audio simultaneously. The SoundTouch app will also live on, albeit stripped of some functionality. "On May 6, 2026, the app will update to a version that supports the functions that can operate locally without the cloud. No action will be required on your part. Opening the app will apply the update automatically," Bose said. Bose also provided instructions (PDF) for a workaround for saving presets that uses the favorites options in music service apps.

An anonymous reader quotes a report from TechCrunch: The founder of a U.S.-based spyware company, whose surveillance products allowed customers to spy on the phones and computers of unsuspecting victims, pleaded guilty to federal charges linked to his long-running operation. pcTattletale founder Bryan Fleming entered a guilty plea in a San Diego federal court on Tuesday to charges of computer hacking, the sale and advertising of surveillance software for unlawful uses, and conspiracy.

The plea follows a multi-year investigation by agents with Homeland Security Investigations (HSI), a unit within U.S. Immigration and Customs Enforcement. HSI began investigating pcTattletale in mid-2021 as part of a wider probe into the industry of consumer-grade surveillance software, also known as "stalkerware."

This is the first successful U.S. federal prosecution of a stalkerware operator in more than a decade, following the 2014 indictment and subsequent guilty plea of the creator of a phone surveillance app called StealthGenie. Fleming's conviction could pave the way for further federal investigations and prosecutions against those operating spyware, but also those who simply advertise and sell covert surveillance software. HSI said that pcTattletale is one of several stalkerware websites under investigation.

schwit1 shares a report from Gothamist: Wegmans in New York City has begun collecting biometric data from anyone who enters its supermarkets, according to new signage posted at the chain's Manhattan and Brooklyn locations earlier this month. Anyone entering the store could have data on their face, eyes and voices collected and stored by the Rochester-headquartered supermarket chain. The information is used to "protect the safety and security of our patrons and employees," according to the signage. The new scanning policy is an expansion of a 2024 pilot.

The chain had initially said that the scanning system was only for a small group of employees and promised to delete any biometric data it collected from shoppers during the pilot rollout. The new notice makes no such assurances. Wegmans representatives did not reply to questions about how the data would be stored, why it changed its policy or if it would share the data with law enforcement.

Google will begin releasing Android Open Source Project (AOSP) source code only twice a year starting in 2026. "In the past, Google would release the source code for every quarterly Android release, of which there are four each year," notes Android Authority. From the report: Google told Android Authority that, effective 2026, Google will publish new source code to AOSP in Q2 and Q4. The reason is to ensure platform stability for the Android ecosystem and better align with Android's trunk-stable development model.

Developers navigating to source.android.com today will see a banner confirming the change that reads as follows: "Effective in 2026, to align with our trunk-stable development model and ensure platform stability for the ecosystem, we will publish source code to AOSP in Q2 and Q4. For building and contributing to AOSP, we recommend utilizing android-latest-release instead of aosp-main. The aosp-latest-release manifest branch will always reference the most recent release pushed to AOSP. For more information, see Changes to AOSP."

A spokesperson for Google offered some additional context on this decision, stating that it helps simplify development, eliminates the complexity of managing multiple code branches, and allows them to deliver more stable and secure code to Android platform developers. The spokesperson also reiterated that Google's commitment to AOSP is unchanged and that this new release schedule helps the company build a more robust and secure foundation for the Android ecosystem. Finally, Google told us that its process for security patch releases will not change and that the company will keep publishing security patches each month on a dedicated security-only branch for relevant OS releases just as it does today.

Vietnam will begin enforcing new online advertising rules in February 2026 that ban forced video ads longer than five seconds and must allow users to close ads with just one tap. "Furthermore, platforms must provide clear icons and instructions for users to report advertisements that violate the law, and allow them to opt out, turn off, or stop viewing inappropriate ads," reports a local news outlet (translated to English). "These reports must be received and processed promptly, and the results communicated to users as required." From the report: In cases where the entity posting the infringing advertisement cannot be identified or where specialized laws do not have specific regulations, the Ministry of Culture, Sports and Tourism is the focal agency to receive notifications and send requests to block or remove the advertisement to organizations and businesses providing online advertising services in Vietnam.

Advertisers, advertising service providers, and advertising transmission and distribution units are responsible for blocking and removing infringing advertisements within 24 hours of receiving a request from the competent authority. For advertisements that infringe on national security, the blocking and removal must be carried out immediately, no later than 24 hours.

In case of non-compliance, the Ministry of Culture, Sports and Tourism, in coordination with the Ministry of Public Security, will apply technical measures to block infringing advertisements and services and handle the matter according to the law. Telecommunications companies and Internet service providers must also implement technical measures to block access to infringing advertisements within 24 hours of receiving a request.

An anonymous reader shares a report: Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions that are non-existent in the OpenVSX registry, allowing threat actors to claim the namespace and upload malicious extensions.

These AI-assisted IDEs are forked from Microsoft VSCode, but cannot use the extensions in the official store due to licensing restrictions. Instead, they are supported by OpenVSX, an open-source marketplace alternative for VSCode-compatible extensions. As a result of forking, the IDEs inherit the list of officially recommended extensions, hardcoded in the configuration files, which point to Microsoft's Visual Studio Marketplace.

America's tech companies and data center developers "are increasingly losing fights in communities where people don't want to live next to them, or even near them," reports the Associated Press: Communities across the United States are reading about — and learning from — each other's battles against data center proposals that are fast multiplying in number and size to meet steep demand as developers branch out in search of faster connections to power sources... [A]s more people hear about a data center coming to their community, once-sleepy municipal board meetings in farming towns and growing suburbs now feature crowded rooms of angry residents pressuring local officials to reject the requests...

A growing number of proposals are going down in defeat, sounding alarms across the data center constellation of Big Tech firms, real estate developers, electric utilities, labor unions and more. Andy Cvengros, who helps lead the data center practice at commercial real estate giant JLL, counted seven or eight deals he'd worked on in recent months that saw opponents going door-to-door, handing out shirts or putting signs in people's yards. "It's becoming a huge problem," Cvengros said. Data Center Watch, a project of 10a Labs, an AI security consultancy, said it is seeing a sharp escalation in community, political and regulatory disruptions to data center development. Between April and June alone, its latest reporting period, it counted 20 proposals valued at $98 billion in 11 states that were blocked or delayed amid local opposition and state-level pushback. That amounts to two-thirds of the projects it was tracking...

For some people angry over steep increases in electric bills, their patience is thin for data centers that could bring still-higher increases. Losing open space, farmland, forest or rural character is a big concern. So is the damage to quality of life, property values or health by on-site diesel generators kicking on or the constant hum of servers. Others worry that wells and aquifers could run dry...

While California's residents have had the right to demand companies stop collecting/selling their data since 2020, doing so used to require a laborious opting out with each individual company," reports TechCrunch. But now Californians can make "a single request that more than 500 registered data brokers delete their information" — using the Delete Requests and Opt-Out Platform (or DROP): Once DROP users verify that they are California residents, they can submit a deletion request that will go to all current and future data brokers registered with the state...

Brokers are supposed to start processing requests in August 2026, then they have 90 days to actually process requests and report back. If they don't delete your data, you'll have the option to submit additional information that may help them locate your records. Companies will also be able to keep first-party data that they've collected from users. It's only brokers who seek to buy or sell that data — which can include your social security number, browsing history, email address, phone number, and more — who will be required to delete it...

The California Privacy Protection Agency says that in addition to giving residents more control over their data, the tool could result in fewer "unwanted texts, calls, or emails" and also decrease the "risk of identity theft, fraud, AI impersonations, or that your data is leaked or hacked."

North Dakota passed a law last May to promote development of rare earth minerals in the state. But the law's language apparently also includes two fake mineral names, according to the Bismarck Tribune, "that appear to be inspired by coal company lawyers who worked on the bill." The inclusion of fictional substances is being called an embarrassment by one state official, a possible practical joke by coal industry leaders and mystifying by the lawmakers who worked on the bill, the North Dakota Monitor reported.

The fake minerals are friezium and stralium, apparent references to Christopher Friez and David Straley, attorneys for North American Coal who were closely involved in drafting the bill and its amendments. Straley said they were not responsible for adding the fake names. "I assume it was put in to embarrass us, or to make light of it, or have a practical joke," Straley said, adding it could have been a clerical error.

Agriculture Commissioner Doug Goehring questioned the two substances listed in state law during a recent meeting of the North Dakota Industrial Commission, which is poised to adopt rules based on the legislation... Friezium and stralium first appeared in the bill on the last afternoon of the legislative session as lawmakers hurried to pass several final bills... The amended bill is labeled as prepared by Legislative Council for Rep. Dick Anderson, R-Willow City, the prime sponsor and chair of the conference committee. Anderson said the amendments were prepared by a group of attorneys and legislators, including representatives from the coal industry...

Jonathan Fortner, president of the Lignite Energy Council that represents the coal industry, said it's unfortunate this happened in such an important bill. "From the president on down, everyone's interested in developing domestic critical minerals for national security reasons," Fortner said. "While this may have been a legislative joke between some people that somehow got through, the bigger picture is one that is important and is a very serious matter."

"Microsoft is hoping that Windows can once again serve as the platform where it all takes off," reports GeekWire: A new framework called Agent Launchers, introduced in December as a preview in the latest Windows Insider build, lets developers register agents directly with the operating system. They can describe an agent through what's known as a manifest, which then lets the agent show up in the Windows taskbar, inside Microsoft Copilot, and across other apps... "We are now entering a phase where we build rich scaffolds that orchestrate multiple models and agents; account for memory and entitlements; enable rich and safe tools use," Microsoft CEO Satya Nadella wrote in a blog post this week looking ahead to 2026. "This is the engineering sophistication we must continue to build to get value out of AI in the real world...." [The article notes Google's Gemini and Anthropic's Claude will also offer desktop-style agentsthrough browsers and native apps, while Amazon is developing "frontier agents" for automating business processes in the cloud.]

But Microsoft's Windows team is betting that agents tightly linked to the operating system will win out over ones that merely run on top of it, just as a new class of Windows apps replaced a patchwork of DOS programs in the early days of the graphical operating system. Microsoft 365 Copilot is using the Agent Launchers framework for first-party agents like Analyst, which helps users dig into data, and Researcher, which builds detailed reports. Software developers will be able to register their own agents when an app is installed, or on the fly based on things like whether a user is signed in or paying for a subscription...

Agents are meant to maintain this context across apps, ask follow-up questions, and take actions on a user's behalf. That requires a different level of trust than Windows has ever had to manage, which is already raising difficult questions for the company. Microsoft acknowledges that agents introduce unique security risks. In a support document, the company warned that malicious content embedded in files or interface elements could override an agent's instructions — potentially leading to stolen data or malware installation. To address this, Microsoft says it has built a security framework that runs agents in their own contained workspace, with a dedicated user account that has limited access to user folders. The idea is to create a boundary between the agent and what the rest of the system can access. The agentic features are off by default, and Microsoft is advising users to "understand the security implications of enabling an agent on your computer" before turning them on...

There is a business reality driving all of this. In Microsoft's most recent fiscal year, Windows and Devices generated $17.3 billion in revenue — essentially flat for the past three years. That's less than Gaming ($23.5 billion) and LinkedIn ($17.8 billion), and a fraction of the $98 billion in revenue from Azure and cloud services or the nearly $88 billion from Microsoft 365 commercial.