Google is the latest company to suffer a data breach in an ongoing wave of Salesforce CRM data theft attacks conducted by the ShinyHunters extortion group. BleepingComputer: In June, Google warned that a threat actor they classify as 'UNC6040' is targeting companies' employees in voice phishing (vishing) social engineering attacks to breach Salesforce instances and download customer data. This data is then used to extort companies into paying a ransom to prevent the data from being leaked.

In a brief update to the article last night, Google said that it too fell victim to the same attack in June after one of its Salesforce CRM instances was breached and customer data was stolen. "In June, one of Google's corporate Salesforce instances was impacted by similar UNC6040 activity described in this post. Google responded to the activity, performed an impact analysis and began mitigations," reads Google's update.

Nvidia's chief security officer has published a blog post insisting that its GPUs "do not and should not have kill switches and backdoors." From a report: It comes amid pressure from both sides of the Pacific, with some US lawmakers pushing Nvidia to grant the government backdoors to AI chips, while Chinese officials have alleged that they already exist.

David Reber Jr.'s post seems pointedly directed at US lawmakers. In May a bipartisan group introduced the Chip Security Act, a bill that would require Nvidia and other manufacturers to include tracking technology to identify when chips are illegally transported internationally, and leaves the door open for further security measures including remote kill switches. While Nvidia is expecting to be granted permits to once again sell certain AI chips in China, its most powerful hardware is still under strict US export controls there and elsewhere.

An anonymous reader quotes a report from the New York Times: China's automakers have teamed up with software companies togo global with their driverless cars, which are poised to claim a big share of a growing market as Western manufacturers are still preparing to compete. The industry in China is expanding despite tariffs imposed last year by the European Union on electric cars, and despite some worries in Europe about the security implications of relying on Chinese suppliers. Baidu, one of China's biggest software companies, said on Monday that it would supply Lyft, an American ride-hailing service, with self-driving cars assembled by Jiangling Motors of China (source paywalled; alternative source). Lyft is expected to begin operating them next year in Germany and Britain, subject to regulatory approval, the companies said.

The announcement comes three months after Uber and Momenta, a Chinese autonomous driving company, announced their own plans to begin offering self-driving cars in an unspecified European city early next year. Momenta will soon provide assisted driving technology to the Chinese company IM Motors for its cars sold in Britain. While Momenta has not specified the model that Uber will be using, it has already signaled it will choose a Chinese model. In China, "the pace of development and the pressure to deliver at scale push companies to improve quickly," said Gerhard Steiger, the chairman of Momenta Europe. China's state-controlled banking system has been lending money at low interest rates to the country's electric car industry in a bid for global leadership. [...]

Expanding robotaxi services to new cities, not to mention new countries, is not easy. While the individual cars do not have drivers, they typically require one controller for every several cars to handle difficulties and answer questions from users. And the cars often need to be specially programmed for traffic conditions unique to each city. Lyft and Baidu nonetheless said that they had plans for "the fleet scaling to thousands of vehicles across Europe in the following years."

Sweden's Prime Minister Ulf Kristersson has come under fire after admitting that he frequently uses AI tools like ChatGPT for second opinions on political matters. The Guardian reports: ... Kristersson, whose Moderate party leads Sweden's center-right coalition government, said he used tools including ChatGPT and the French service LeChat. His colleagues also used AI in their daily work, he said. Kristersson told the Swedish business newspaper Dagens industri: "I use it myself quite often. If for nothing else than for a second opinion. What have others done? And should we think the complete opposite? Those types of questions."

Tech experts, however, have raised concerns about politicians using AI tools in such a way, and the Aftonbladet newspaper accused Kristersson in a editorial of having "fallen for the oligarchs' AI psychosis." Kristersson's spokesperson, Tom Samuelsson, later said the prime minister did not take risks in his use of AI. "Naturally it is not security sensitive information that ends up there. It is used more as a ballpark," he said.

But Virginia Dignum, a professor of responsible artificial intelligence at Umea University, said AI was not capable of giving a meaningful opinion on political ideas, and that it simply reflects the views of those who built it. "The more he relies on AI for simple things, the bigger the risk of an overconfidence in the system. It is a slippery slope," she told the Dagens Nyheter newspaper. "We must demand that reliability can be guaranteed. We didn't vote for ChatGPT."

The Government Accountability Office has issued reports criticizing the Department of Homeland Security, Environmental Protection Agency, and General Services Administration for failing to implement critical IT and cybersecurity recommendations.

DHS leads with 43 unresolved recommendations dating to 2018, including seven priority matters. The EPA has 11 outstanding items, including failures to submit FedRAMP documentation and conduct organization-wide cybersecurity risk assessments. GSA has four pending recommendations.

All three agencies failed to properly log cybersecurity events and conduct required annual IT portfolio reviews. The DHS' HART biometric program remains behind schedule without proper cost accounting or privacy controls, with all nine 2023 recommendations still open.

An anonymous reader shares a report: Microsoft has published a new video that appears to be the first in an upcoming series of videos dubbed "Windows 2030 Vision," where the company outlines its vision for the future of Windows over the next five years. It curiously makes references to some potentially major changes on the horizon, in the wake of AI.

This first episode features David Weston, Microsoft's Corporate Vice President of Enterprise & Security, who opens the video by saying "the world of mousing and keyboarding around will feel as alien as it does to Gen Z [using] MS-DOS."

Right out of the gate, it sounds like he's teasing the potential for a radical new desktop UX made possible by agentic AI. Weston later continues, "I truly believe the future version of Windows and other Microsoft operating systems will interact in a multimodal way. The computer will be able to see what we see, hear what we hear, and we can talk to it and ask it to do much more sophisticated things."

An anonymous reader quotes a report from CyberScoop: North Korean operatives seeking and gaining technical jobs with foreign companies kept CrowdStrike busy, accounting for almost one incident response case or investigation per day in the past year, the company said in its annual threat hunting report released Monday. "We saw a 220% year-over-year increase in the last 12 months of Famous Chollima activity," Adam Meyers, senior vice president of counter adversary operations, said during a media briefing about the report. "We see them almost every day now," he said, referring to the North Korean state-sponsored group of North Korean technical specialists that has crept into the workforce of Fortune 500 companies and small-to-midsized organizations across the globe.

CrowdStrike's threat-hunting team investigated more than 320 incidents involving North Korean operatives gaining remote employment as IT workers during the one-year period ending June 30. CrowdStrike researchers found that Famous Chollima fueled that pace of activity with an assist from generative artificial intelligence tools that helped North Korean operatives maneuver workflows and evade detection during the hiring process. "They use generative AI across all stages of their operation," Meyers said. The insider threat group used generative AI to draft resumes, create false identities, build tools for job research, mask their identity during video interviews and answer questions or complete technical coding assignments, the report found. CrowdStrike said North Korean tech workers also used generative AI on the job to help with daily tasks and manage various communications across multiple jobs -- sometimes three to four -- they worked simultaneously.

Threat hunters observed other significant shifts in malicious activity during the past year, including a 27% year-over-year increase in hands-on-keyboard intrusions -- 81% of which involved no malware. Cybercrime accounted for 73% of all interactive intrusions during the one-year period. CrowdStrike continues to find and add more threat groups and clusters of activity to its matrix of cybercriminals, nation-state attackers and hacktivists. The company identified 14 new threat groups or individuals in the past six months, Meyers said. "We're up to over 265 named adversary groups that we track, and then 150 what we call malicious activity clusters," otherwise unnamed threat groups or individuals under development, Meyers said.

Microsoft announced last month that Chinese state-sponsored hackers exploited vulnerabilities in SharePoint to breach hundreds of companies and government agencies, including the National Nuclear Security Administration and Department of Homeland Security. The company omitted that SharePoint support is handled by China-based engineers who have maintained the software for years.

ProPublica reviewed screenshots of Microsoft's internal systems showing China-based employees recently fixing bugs for SharePoint "OnPrem," the version targeted in the attacks. Microsoft told the publication that the China-based team operates under U.S. supervision and the company is relocating this work.

Disney "cloned" Dwayne Johnson when filming a live-action Moana, reports the Wall Street Journal, using an AI process that they were ultimately afraid to use: Under the plan they devised, Johnson's similarly buff cousin Tanoai Reed — who is 6-foot-3 and 250 pounds — would fill in as a body double for a small number of shots. Disney would work with AI company Metaphysic to create deepfakes of Johnson's face that could be layered on top of Reed's performance in the footage — a "digital double" that effectively allowed Johnson to be in two places at once... Johnson approved the plan, but the use of a new technology had Disney attorneys hammering out details over how it could be deployed, what security precautions would protect the data and a host of other concerns. They also worried that the studio ultimately couldn't claim ownership over every element of the film if AI generated parts of it, people involved in the negotiations said. Disney and Metaphysic spent 18 months negotiating on and off over the terms of the contract and work on the digital double. But none of the footage will be in the final film when it's released next summer...

Interviews with more than 20 current and former employees and partners present an entertainment giant torn between the inevitability of AI's advance and concerns about how to use it. Progress has at times been slowed by bureaucracy and hand-wringing over the company's social contract with its fans, not to mention its legal contract with unions representing actors, writers and other creative partners... For Disney, protecting its characters and stories while also embracing new AI technology is key. "We have been around for 100 years and we intend to be around for the next 100 years," said the company's legal chief, Horacio Gutierrez, in an interview. "AI will be transformative, but it doesn't need to be lawless...." [As recently as June, a Disney/Comcast Universal lawsuit had argued that Midjourney "is the quintessential copyright free-rider and a bottomless pit of plagiarism."]

Concerns about bad publicity were a big reason that Disney scrapped a plan to use AI in Tron: Ares — a movie set for release in October about an AI-generated soldier entering the real world. Since the movie is about artificial intelligence, executives pitched the idea of actually incorporating AI into one of the characters... as a buzzy marketing strategy, according to people familiar with the matter. A writer would provide context on the animated character — a sidekick to Jeff Bridges' lead role named Bit — to a generative AI program. Then on screen, the AI program, voiced by an actor, would respond to questions as Bit as cameras rolled. But with negotiations with unions representing writers and actors over contracts happening at the same time, Disney dismissed the idea, and executives internally were told that the company couldn't risk the bad publicity, the people said...

Disney's own history speaks to how studios have navigated technological crossroads before. When Disney hired Pixar to produce a handful of graphic images for its 1989 hit The Little Mermaid, executives kept the incorporation a secret, fearing backlash from fans if they learned that not every frame of the animated film had been hand-drawn. Such knowledge, executives feared, might "take away the magic."
Disney invested $1.5 billion in Fortnite creator Epic Games, acccording to the article, and is planning a world in Fortnite where gamers can interact with Marvel superheroes and creatures from Avatar. But "an experiment to allow gamers to interact with an AI-generated Darth Vader was fraught. Within minutes of launching the AI bot, gamers had figured out a way to make it curse in James Earl Jones's signature baritone." (Though Epic patched the workaround within 30 minutes.)

But the article spells out another concern for Disney executives. "If a Fortnite gamer creates a Darth Vader and Spider-Man dance that goes viral on YouTube, who owns that dance?

Established in 1943 to coordinate America's building of the first atomic bomb, the Los Alamos National Lab in New Mexico is still "one of the world's largest and most advanced scientific institutions" notes Wikipedia.

And it now has a "National Security AI Office," where senior director Jason Pruet is working to help "prepare for a future in which AI will reshape the landscape of science and security," according to the lab's science and technology magazine 1663. "This year, the Lab invested more in AI-related work than at any point in history..." Pruet: AI is starting to feel like the next great foundation for scientific progress. Big companies are spending billions on large machines, but the buy-in costs of working at the frontiers of AI are so high that no university has the exascale-class machines needed to run the latest AI models. We're at a place now where we, meaning the government, can revitalize that pact by investing in the infrastructure to study AI for the public good... Part of what we're doing with the Lab's machines, like Venado — which has 2500 GPUs — is giving universities access to that scale of computing. The scale is just completely different. A typical university might have 50 or 100 GPUs.

Right now, for example, we have partnerships with the University of California, the University of Michigan, and many other universities where researchers can tap into this infrastructure. That's something we want to expand on. Having university collaboration will be critical if the Department of Energy is going to have a comprehensive AI program at scale that is focused on national security and energy dominance...

There was a time when I wouldn't have advocated for government investment in AI at the scale we're seeing now. But the weight of the evidence has become overwhelming. Large models — "frontier models" — have shown such extraordinary capabilities with recent advances in areas as diverse as hypothesis generation, mathematics, biological design, and complex multiphysics simulations. The potential for transformative impact is too significant to ignore.
"He no longer views the technology as just a tool, but as a fundamental shift in how scientists approach problems and make discoveries," the article concludes.

"The global race humanity is now in... is about how to harness the technology's potential while mitigating its harms."

Thanks to Slashdot reader rabbitface25 — also a Los Alamo Lab science writer — for sharing his article.

The women-only app Tea now "faces two class action lawsuits filed in California" in response to a recent breach," reports NPR — even as the company is now boasting it has more than 6.2 million users.

A spokesperson for Tea told the CBC it's "working to identify any users whose personal information was involved" in a breach of 72,000 images (including 13,000 verification photos and images of government IDs) and a later breach of 1.1 million private messages. Tea said they will be offering those users "free identity protection services." The company said it removed the ID requirement in 2023, but data that was stored before February 2024, when Tea migrated to a more secure system, was accessed in the breach... [Several sites have pointed out Tea's current privacy policy is telling users selfies are "deleted immediately."]

Tea was reportedly intended to launch in Canada on Friday, according to information previously posted on the App Store, but as of this week the launch date is now in February 2026. Tea didn't respond to CBC's questions about the apparent delay. Yet even amid the current turmoil, Tea's waitlist has ballooned to 1.5 million women, all eager to join, the company posted on Wednesday. A day later, Tea posted in its Instagram stories that it had approved "well over" 800,000 women into the app that day alone.

So, why is it so popular, despite the drama and risks?
Tea tapped into a perceived weakness of ther dating apps, according to an associate health studies professor at Ontario's Western University interviewed by the CBC, who thinks users should avoid Tea, at least until its security is restored.

Tech blogger John Gruber called the incident "yet another data point for the argument that any 'private messaging' feature that doesn't use E2EE isn't actually private at all." (And later Gruber notes Tea's apparent absence at the top of the charts in Google's Play Store. "I strongly suspect that, although Google hasn't removed Tea from the Play Store, they've delisted it from discovery other than by searching for it by name or following a direct link to its listing.")

Besides anonymous discussions about specific men, Tea also allows its users to perform background and criminal record checks, according to NPR, as well as reverse image searches. But the recent breach, besides threatening the safety of its users, also "laid bare the anonymous, one-sided accusations against the men in their dating pools." The CBC points out there's a men's rights group on Reddit now urging civil lawsuits against tea as part of a plan to get the app shut down. And "Cleveland lawyer Aaron Minc, who specializes in cases involving online defamation and harassment, told The Associated Press that his firm has received hundreds of calls from people upset about what's been posted about them on Tea."

Yet in response to Tea's latest Instagram post, "The comments were almost entirely from people asking Tea to approve them, so they could join the app."

In Shanghai at the World Artificial Intelligence Conference (which ran until Tuesday), the Chinese government "announced an international organization for AI regulation and a 13-point action plan aimed at fostering global cooperation to ensure the technology's beneficial and responsible development," reports the Washington Post.

The theme of the conference was "Global Solidarity in the AI Era," the article notes, and "the expo is one part of Beijing's bid to establish itself as a responsible AI leader for the international community."

CNN points out that China's announcement comes "just days after the United States unveiled its own plan to promote U.S. dominance." Chinese Premier Li Qiang unveiled China's vision for future AI oversight at the World AI Conference, an annual gathering in Shanghai of tech titans from more than 40 countries... While Li did not directly refer to the U.S. in his speech, he alluded to the ongoing trade tensions between the two superpowers, which include American restrictions on advanced semiconductor exports — a component vital for powering and training AI, which is currently causing a shortage in China. "Key resources and capabilities are concentrated in a few countries and a few enterprises," said Li in his speech on Saturday. "If we engage in technological monopoly, controls and restrictions, AI will become an exclusive game for a small number of countries and enterprises...."

Secretary-General of the Association of Southeast Asian Nations, Dr. Kao Kim Hourn, also called for "robust governance" of artificial intelligence to mitigate potential threats, including misinformation, deepfakes, and cybersecurity threats... Former Google CEO Eric Schmidt reiterated the call for international collaboration, explicitly calling on the U.S. and China to work together... "We have a vested interest to keep the world stable, keep the world not at war, to keep things peaceful, to make sure we have human control of these tools."
China's plan "called for establishing an international open-source community," reports the Wall Street Journal, "through which AI models can be freely deployed and improved by users." Industry participants said that plan "showed China's ambition to set global standards for AI and could undermine the U.S., whose leading models aren't open-source... While the world's best large language model is still American, the best model that everyone can use free is now Chinese."

"The U.S. should commit to ensuring that powerful models remain openly available," argues an opinion piece in The Hill by Stability AI's former head of public policy. Ubiquity is a matter of national security: retreating behind paywalls will leave a vacuum filled by strategic adversaries. Washington should treat open technology not as a vector for Chinese Communist Party propaganda but as a vessel to transmit U.S. influence abroad, molding the global ecosystem around U.S. industry. If DeepSeek is China's open-source "Sputnik moment," we need a legislative environment that supports — not criminalizes — an American open-source Moon landing.

An anonymous reader quotes a report from Wired: An airline leaving all of its passengers' travel records vulnerable to hackers would make an attractive target for espionage. Less obvious, but perhaps even more useful for those spies, would be access to a premium travel service that spans 10 different airlines, left its own detailed flight information accessible to data thieves, and seems to be favored by international diplomats. That's what one team of cybersecurity researchers found in the form of Airportr, a UK-based luggage service that partners with airlines to let its largely UK- and Europe-based users pay to have their bags picked up, checked, and delivered to their destination. Researchers at the firm CyberX9 found that simple bugs in Airportr's website allowed them to access virtually all of those users' personal information, including travel plans, or even gain administrator privileges that would have allowed a hacker to redirect or steal luggage in transit. Among even the small sample of user data that the researchers reviewed and shared with WIRED they found what appear to be the personal information and travel records of multiple government officials and diplomats from the UK, Switzerland, and the US.

Airportr's CEO Randel Darby confirmed CyberX9's findings in a written statement provided to WIRED but noted that Airportr had disabled the vulnerable part of its site's backend very shortly after the researchers made the company aware of the issues last April and fixed the problems within a few day. "The data was accessed solely by the ethical hackers for the purpose of recommending improvements to Airportr's security, and our prompt response and mitigation ensured no further risk," Darby wrote in a statement. "We take our responsibilities to protect customer data very seriously." CyberX9's researchers, for their part, counter that the simplicity of the vulnerabilities they found mean that there's no guarantee other hackers didn't access Airportr's data first. They found that a relatively basic web vulnerability allowed them to change the password of any user to gain access to their account if they had just the user's email address -- and they were also able to brute-force guess email addresses with no rate limitations on the site. As a result, they could access data including all customers' names, phone numbers, home addresses, detailed travel plans and history, airline tickets, boarding passes and flight details, passport images, and signatures.

By gaining access to an administrator account, CyberX9's researchers say, a hacker could also have used the vulnerabilities it found to redirect luggage, steal luggage, or even cancel flights on airline websites by using Airportr's data to gain access to customer accounts on those sites. The researchers say they could also have used their access to send emails and text messages as Airportr, a potential phishing risk. Airportr tells WIRED that it has 92,000 users and claims on its website that it has handled more than 800,000 bags for customers. [...] The researchers found that they could monitor their browser's communications as they signed up for Airportr and created a new password, and then reuse an API key intercepted from those communications to instead change another user's password to anything they chose. The site also lacked a "rate limiting" security measure that would prevent automated guesses of email addresses to rapidly change the password of every user's account. And the researchers were also able to find email addresses of Airportr administrators that allowed them to take over their accounts and gain their privileges over the company's data and operations. "Anyone would have been able to gain or might have gained absolute super-admin access to all the operations and data of this company," says Himanshu Pathak, CyberX9's founder and CEO. "The vulnerabilities resulted in complete confidential private information exposure of all airline customers in all countries who used the service of this company, including full control over all the bookings and baggage. Because once you are the super-admin of their most sensitive systems, you have have the ability to do anything."

Microsoft has discontinued Windows 11 SE, its education-focused operating system designed for low-cost school PCs. The company confirmed that Windows 11 SE will not receive the upcoming version 25H2 update and support will end in October 2026, including security updates and technical assistance.

Launched in 2021 as a Chrome OS competitor, Windows 11 SE featured artificial limitations like reduced multitasking capabilities and restricted app installation to create a simplified experience for students. The discontinuation leaves Microsoft without a dedicated lightweight Windows edition for the education market, where Chromebooks have gained significant popularity over the past decade.

Australia's spy chief has warned that defense workers are exposing themselves to foreign intelligence services through LinkedIn profiles that detail classified projects and security clearances. Director-General Mike Burgess said over 35,000 Australians on the platform indicate access to sensitive information, with 7,000 mentioning defense work and 400 listing involvement in the AUKUS nuclear submarine program. Foreign spies routinely scour professional networking sites posing as consultants and recruiters, Burgess said.

Hackers from the group UNC2891 attempted a high-tech bank heist by physically planting a 4G-enabled Raspberry Pi inside a bank's ATM network, using advanced malware hidden with a never-before-seen Linux bind mount technique to evade detection. "The trick allowed the malware to operate similarly to a rootkit, which uses advanced techniques to hide itself from the operating system it runs on," reports Ars Technica. Although the plot was uncovered before the hackers could hijack the ATM switching server, the tactic showcased a new level of sophistication in cyber-physical attacks on financial institutions. The security firm Group-IB, which detailed the attack in a report on Wednesday, didn't say where the compromised switching equipment was located or how attackers managed to plant the Raspberry Pi. Ars Technica reports: To maintain persistence, UNC2891 also compromised a mail server because it had constant Internet connectivity. The Raspberry Pi and the mail server backdoor would then communicate by using the bank's monitoring server as an intermediary. The monitoring server was chosen because it had access to almost every server within the data center. As Group-IB was initially investigating the bank's network, researchers noticed some unusual behaviors on the monitoring server, including an outbound beaconing signal every 10 minutes and repeated connection attempts to an unknown device. The researchers then used a forensic tool to analyze the communications. The tool identified the endpoints as a Raspberry Pi and the mail server but was unable to identify the process names responsible for the beaconing.

The researchers then captured the system memory as the beacons were sent. The review identified the process as lightdm, a process associated with an open source LightDM display manager. The process appeared to be legitimate, but the researchers found it suspicious because the LightDM binary was installed in an unusual location. After further investigation, the researchers discovered that the processes of the custom backdoor had been deliberately disguised in an attempt to throw researchers off the scent.

[Group-IB Senior Digital Forensics and Incident Response Specialist Nam Le Phuong] explained: "The backdoor process is deliberately obfuscated by the threat actor through the use of process masquerading. Specifically, the binary is named "lightdm", mimicking the legitimate LightDM display manager commonly found on Linux systems. To enhance the deception, the process is executed with command-line arguments resembling legitimate parameters -- for example, lightdm -- session child 11 19 -- in an effort to evade detection and mislead forensic analysts during post-compromise investigations. These backdoors were actively establishing connections to both the Raspberry Pi and the internal Mail Server."

CISA has publicly released Thorium, a powerful open-source platform developed with Sandia National Labs that automates malware and forensic analysis at massive scale. According to BleepingComputer, the platform can "schedule over 1,700 jobs per second and ingest over 10 million files per hour per permission group." From the report: Security teams can use Thorium for automating and speeding up various file analysis workflows, including but not limited to:

- Easily import and export tools to facilitate sharing across cyber defense teams,
- Integrate command-line tools as Docker images, including open-source, commercial, and custom software,
- Filter results using tags and full-text search,
- Control access to submissions, tools, and results with strict group-based permissions,
- Scale with Kubernetes and ScyllaDB to meet workload demands.

Defenders can find installation instructions and get their own copy of Thorium from CISA's official GitHub repository.

An anonymous reader quotes a report from Ars Technica: E-commerce giants everywhere felt the sting Wednesday when President Donald Trump announced that the US will be "suspending duty-free de minimis treatment for low-value shipments" worth $800 or less from anywhere in the world. Americans will likely soon feel the crunch, with one recent study estimating that the cost of eliminating the trade loophole overall to US consumers could fall between $10.9 billion and $13 billion while "disproportionately" hurting "lower-income and minority consumers" who buy a higher percentage of cheap imports.

Price hikes will likely come this fall, as the trade loophole will be closed starting on August 29, with Amazon emerging as perhaps the biggest question mark for US consumers wondering how hard their wallets may be hit by the major trade policy change ahead of the holiday shopping season. In February, Trump temporarily ended the de minimis exemption for all imports from China, prompting China-based retailers Temu and Shein to raise their prices.

Beijing has summoned Nvidia over alleged security issues with its chips, in a blow to the US company's push to revive sales in the country after Washington granted approval for the export of a made-for-China chip. From a report: China's cyber regulator on Thursday said it had held a meeting with Nvidia over what it called "serious security issues" with the company's artificial intelligence chips.

It said US AI experts had "revealed that Nvidia's computing chips have location tracking and can remotely shut down the technology." The Cyberspace Administration of China requested that Nvidia explain the security problems associated with the H20 chip, which was designed for the Chinese market to comply with US export restrictions, and submit documentation to support their case.

Earlier this month, Hewlett-Packard Enterprise settled its antitrust case with the U.S. Justice Department, "paving the way for its acquisition of rival kit maker Juniper Networks" for $14 billion. According to Axios, the deal was heavily influenced by national security concerns and a desire to bolster American competition against China's Huawei. The outlet reports that the U.S. intelligence community "intervened to persuade the Justice Department that allowing the merger to proceed was essential to helping U.S. business compete with China's Huawei Technologies, among other national-security issues." From the report: "In light of significant national security concerns, a settlement ... serves the interests of the United States by strengthening domestic capabilities and is critical to countering Huawei and China." The official said blocking the deal would have "hindered American companies and empowered" Chinese competitors. A Justice Department spokesman added that DOJ "works very closely with our partners in the IC [intelligence community] and always considers their views when deciding how best to proceed with a case."

The merger was back in the news this week with reports that two senior enforcers in the DOJ's antitrust division were fired Monday amid infighting over the department's settlement greenlighting HPE's $14 billion acquisition of Juniper. Attorney General Pam Bondi had conversations with top intelligence officials that convinced her there was a strong national interest in not driving allies to Chinese technology, a senior administration official tells us.