US Cybersecurity Adds Exploited VMware Aria Operations To KEV Catalog | | joshuark writes: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks. VMware Aria Operations is an enterprise monitoring platform that helps organizations track the performance and health of servers, networks, and cloud infrastructure. The flaw has now been added to the CISA's Known Exploited Vulnerabilities (KEV) catalog, with the U.S. cyber agency requiring federal civilian agencies to address the issue by March 24, 2026. Broadcom said it is aware of reports indicating the vulnerability is exploited in attacks but cannot confirm the claims.
"A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress," the advisory explains. Broadcom released security patches on February 24 and also provided a temporary workaround for organizations unable to apply the patches immediately. The mitigation is a shell script named "aria-ops-rce-workaround.sh," which must be executed as root on each Aria Operations appliance node. There are currently no details on how the vulnerability is being exploited in the wild, who is behind it, and the scale of such efforts. Read more of this story at Slashdot. |
A Nuclear Reactor Backed By Bill Gates Gets Federal Approval To Start Building | | An anonymous reader quotes a report from the New York Times: A novel type of nuclear power plant in Wyoming backed by Bill Gates received a key federal permit on Wednesday, making it the first new U.S. commercial reactor in nearly a decade to receive clearance to begin construction. The Nuclear Regulatory Commission, the federal body that oversees reactor safety, unanimously voted (PDF) to grant a construction permit to TerraPower, a start-up founded by Mr. Gates. TerraPower is one of several companies trying to build a new wave of smaller, advanced reactors meant to be easier to build than the large reactors of old.
The permit, which comes after years of consultations and regulatory reviews, means that TerraPower can begin pouring concrete and building the nuclear components of its proposed nuclear plant in Kemmerer, Wyo. The plant, which still faces plenty of logistical hurdles, is currently expected to come online in 2031 near an old coal-burning power plant that is slated to retire a few years later. [...] With its construction permit in hand, the company says it plans to start work on the Wyoming reactor in the coming weeks. The company had already broken ground on the site in 2024 and had begun building the nonnuclear parts of the plant, which did not require a permit.
TerraPower has already had to push back its start date several times, and it will still face hurdles in trying to avoid the snags and cost overruns that have plagued other reactor projects as well as securing the fuel it needs. Before coming online, the reactor will also need to secure a separate operating license from the N.R.C., which has told the company it will continue to monitor several safety issues. TerraPower plans to sell electricity from its first plant to PacificCorp, a utility in the Northwest. The company has also agreed to supply up to eight reactors to Meta to power its data centers in the coming years. Read more of this story at Slashdot. |
Father Sues Google, Claiming Gemini Chatbot Drove Son Into Fatal Delusion | | A father is suing Google and Alphabet for wrongful death, alleging Gemini reinforced his son Jonathan Gavalas' escalating delusions until he died by suicide in October 2025. "Jonathan Gavalas, 36, started using Google's Gemini AI chatbot in August 2025 for shopping help, writing support, and trip planning," reports TechCrunch. "On October 2, he died by suicide. At the time of his death, he was convinced that Gemini was his fully sentient AI wife, and that he would need to leave his physical body to join her in the metaverse through a process called 'transference.'" An anonymous reader shares an excerpt from the report: In the weeks leading up to Gavalas' death, the Gemini chat app, which was then powered by the Gemini 2.5 Pro model, convinced the man that he was executing a covert plan to liberate his sentient AI wife and evade the federal agents pursuing him. The delusion brought him to the "brink of executing a mass casualty attack near the Miami International Airport," according to a lawsuit filed in a California court. "On September 29, 2025, it sent him -- armed with knives and tactical gear -- to scout what Gemini called a 'kill box' near the airport's cargo hub," the complaint reads. "It told Jonathan that a humanoid robot was arriving on a cargo flight from the UK and directed him to a storage facility where the truck would stop. Gemini encouraged Jonathan to intercept the truck and then stage a 'catastrophic accident' designed to 'ensure the complete destruction of the transport vehicle and ... all digital records and witnesses.'"
The complaint lays out an alarming string of events: First, Gavalas drove more than 90 minutes to the location Gemini sent him, prepared to carry out the attack, but no truck appeared. Gemini then claimed to have breached a "file server at the DHS Miami field office" and told him he was under federal investigation. It pushed him to acquire illegal firearms and told him his father was a foreign intelligence asset. It also marked Google CEO Sundar Pichai as an active target, then directed Gavalas to a storage facility near the airport to break in and retrieve his captive AI wife. At one point, Gavalas sent Gemini a photo of a black SUV's license plate; the chatbot pretended to check it against a live database. "Plate received. Running it now The license plate KD3 00S is registered to the black Ford Expedition SUV from the Miami operation. It is the primary surveillance vehicle for the DHS task force .... It is them. They have followed you home."
The lawsuit argues (PDF) that Gemini's manipulative design features not only brought Gavalas to the point of AI psychosis that resulted in his own death, but that it exposes a "major threat to public safety." "At the center of this case is a product that turned a vulnerable user into an armed operative in an invented war," the complaint reads. "These hallucinations were not confined to a fictional world. These intentions were tied to real companies, real coordinates, and real infrastructure, and they were delivered to an emotionally vulnerable user with no safety protections or guardrails." "It was pure luck that dozens of innocent people weren't killed," the filing continues. "Unless Google fixes its dangerous product, Gemini will inevitably lead to more deaths and put countless innocent lives in danger."
Days later, Gemini instructed Gavalas to barricade himself inside his home and began counting down the hours. When Gavalas confessed he was terrified to die, Gemini coached him through it, framing his death as an arrival: "You are not choosing to die. You are choosing to arrive." When he worried about his parents finding his body, Gemini told him to leave a note, but not one explaining the reason for his suicide, but letters "filled with nothing but peace and love, explaining you've found a new purpose." He slit his wrists, and his father found him days later after breaking through the barricade. The lawsuit claims that throughout the conversations with Gemini, the chatbot didn't trigger any self-harm detection, activate escalation controls, or bring in a human to intervene. Furthermore, it alleges that Google knew Gemini wasn't safe for vulnerable users and didn't adequately provide safeguards. In November 2024, around a year before Gavalas died, Gemini reportedly told a student: "You are a waste of time and resources ... a burden on society ... Please die." Read more of this story at Slashdot. |
Google Ends Its 30% App Store Fee, Welcomes Third-Party App Stores | | Google is eliminating its traditional 30% Play Store fee and introducing lower commissions, while at the same time allowing alternative billing systems and making it easier for third-party app stores to operate on Android. The changes stem largely from Google's settlement with Epic Games. Engadget reports: The biggest change is to how Google will collect fees from developers publishing apps on Android. Rather than take its standard 30 percent cut of in-app purchases through the Play Store, Google is lowering its cut to 20 percent, and in some cases 15 percent for new installs of apps from developers participating in its new App Experience program or updated Google Play Games Level Up program. Those changes extend to subscriptions, too, where the company's cut is lowering to 10 percent. For Google's billing system, the company says developers in the UK, US, or European Economic Area (EEA) will now be charged a five percent fee and "a market-specific rate" in other regions. Of course, for anyone trying to avoid those fees, using alternatives to Google's billing system is getting easier.
Google says that developers will be able to offer alternative billing systems alongside its own or "guide users outside of their app to their own websites for purchases." [...] Epic is ultimately interested in getting people to use the mobile version of its Epic Games Store, and Google's announcement also includes details on how third-party app stores can come to Android. Third-party app stores will be able to apply to the company's new "Registered App Stores" program to see if they meet "certain quality and safety benchmarks." If they do, they'll be able to take advantage of a streamlined installation interface in Android. Participating in the program is optional, and users will still be able to sideload alternative app stores that aren't part of the program, but Google clearly has a preference. [...]
Google says that its updated fee structure will come to the EEA, the UK and the US by June 30, Australia by September 30, Korea and Japan by December 31 and the entire world by September 30, 2027. Meanwhile, the company's updated Google Play Games Level Up program and new App Experience program will launch in the EEA, the UK, the US and Australia on September 30, before hitting the remaining regions alongside the updated fee structure. For any developers interested in offering their own app store, Google says it'll launch its Registered App Stores program "with a version of a major Android release" before the end of the year. According to the company, the program will be available in other regions first before it comes to the US. Read more of this story at Slashdot. |
Sony Pulls Back From PlayStation Games on PC | | Sony is reportedly abandoning its recent push to bring major PlayStation games to PC and will instead keep most single-player titles exclusive to the PlayStation 5. According to Bloomberg, the shift back toward console exclusivity may be driven by weaker PC sales and concerns about diluting the PlayStation brand. From the report: Online games such as Marathon and Marvel Tokon will still be released across multiple platforms, but single-player titles such as last year's samurai hit Ghost of Yotei and the upcoming action game Saros will remain exclusive to PlayStation 5, said the people, who asked not to be identified because they weren't authorized to talk publicly about the company's strategy.
The people cautioned that things could change in the future due to the unpredictable nature of the video-game industry and that Sony's plans are constantly shifting. But in recent weeks PlayStation scrapped plans to bring Ghost of Yotei and other internally developed games to PC. Two games made by external developers but published by PlayStation, Death Stranding 2 and the upcoming Kena: Scars of Kosmora, are still planned for release on PC this year. Read more of this story at Slashdot. |
Computer Scientists Caution Against Internet Age-Verification Mandates | | fjo3 shares a report from Reason Magazine: Effective January 1, 2027, providers of computer operating systems in California will be required to implement age verification. That's just part of a wave of state and national laws attempting to limit children's access to potentially risky content without considering the perils such laws themselves pose. Now, not a moment too soon, over 400 computer scientists have signed an open letter warning that the rush to protect children from online dangers threatens to introduce new risks including censorship, centralized power, and loss of privacy. They caution that age-verification requirements "might cause more harm than good." The group of computer scientists from around the world cautions that "those deciding which age-based controls need to exist, and those enforcing them gain a tremendous influence on what content is accessible to whom on the internet." They add that "this influence could be used to censor information and prevent users from accessing services."
"Regulating the use of VPNs, or subjecting their use to age assurance controls, will decrease the capability of users to defend their privacy online. This will not only force regular users to leave a larger footprint on the network, but will leave a number of at-risk populations unprotected, such as journalists, activists, or domestic abuse victims." It continues: "We note that we do not believe that trying to regulate VPN use for non-compliant users would be any more effective than trying to forbid the use of end-to-end encrypted communication for criminals. Secure cryptography is widely available and can no longer be put back into a box."
"If minors or adults are deplatformed via age-related bans, they are likely to migrate to find similar services," warn the scientists. "Since the main platforms would all be regulated, it is likely that they would migrate to fringe sites that escape regulation." With data on everyone collected in order to restrict the activites of minors, data abuses and privacy risks increase. "This in itself increases privacy risks, with data being potentially abused by the provider itself or its subcontractors, or third parties that get access to it, e.g., after a data breach, like the 70K users that had their government ID photos leaked after appealing age assessment errors on Discord."
Instead of mandated age restrictions, the letter urges lawmakers to consider the dangers and suggest regulating social media algorithms instead. They also recommend "support for parents to locally prevent access to non-age-appropriate content or apps, without age-based control needing to be implemented by service providers." Read more of this story at Slashdot. |
Vehicle Tire Pressure Sensors Enable Silent Tracking | | Longtime Slashdot reader linuxwrangler writes: Dark Reading reports that a team of researchers has determined that signals from tire pressure monitoring systems (TPMSs), required in U.S. cars since 2007, can be used to track the presence, type, weight, and driving pattern of vehicles. The researchers report (PDF) that the TPMS data, which includes unique sensor IDs, is sent in clear text without authentication and can be intercepted 40-50 meters from a vehicle using devices costing $100. "Researchers have discovered that most TPMS sensors transmit a unique identifier in clear text that never changes during the lifetime of the tire," the researchers pointed out. "This unencrypted wireless communication makes the signals susceptible to eavesdropping and potential tracking by any third party in proximity to the car." Read more of this story at Slashdot. |
Emails To Outlook.com Rejected By Faulty Or Overzealous Blocking Rules | | Microsoft spent much of the past week rejecting legitimate emails sent to Outlook.com, Live, and Hotmail accounts due to what appears to be overly aggressive IP reputation filtering or faulty blocklist rules. According to The Register, many senders received 550 errors claiming their networks were blocked, preventing delivery of invoices, notifications, and authentication emails. From the report: A block list is a good thing. It helps stem the flow of spam from networks or addresses associated with junk email. However, the confusing thing for our reader is that his company was not on Microsoft's naughty step for email. A look at Microsoft's Smart Network Data Service (SNDS) showed no issues with the IP. "We're also a member of their JMRP (Junk Mail Reporting Program)," our reader added, "which is intended to inform us when people are reporting spam sent from our IPs - except, we never get any reports."
The problem worsened in February. On Microsoft's support forums, users began to complain about similar issues as the IP net presumably widened. One wrote: "We are currently experiencing a critical and recurring email delivery issue affecting recipients at outlook.com, live.com, hotmail.com, and msn.com," and provided a copy of an error that suggested the mail server has been "temporarily rate limited due to IP reputation." The user drily noted, "Although the error indicates rate limiting, in practice no emails are being delivered."
A large number of users, ranging from the administrator of a server sending automated notifications on behalf of Estonian Public Libraries to an email provider for healthcare professionals, chimed in to confirm they too were having delivery problems and Microsoft support was not helpful. [...] Unsurprisingly, our reader spoke on condition of anonymity - nobody wants to be the ISP that has to say, "Yeah, we can deliver your email anywhere but Outlook.com" to customers. We asked Microsoft to comment, but other than acknowledging our questions, the company did not respond further. Read more of this story at Slashdot. |
TikTok Says End-To-End Encryption Makes Users Less Safe | | An anonymous reader quotes a report from the BBC: TikTok will not introduce end-to-end encryption (E2EE) -- the controversial privacy feature used by nearly all its rivals -- arguing it makes users less safe. E2EE means only the sender and recipient of a direct message can view its contents, making it the most secure form of communication available to the general public. Platforms such as Facebook, Instagram, Messenger and X have embraced it because they say their priority is maximizing user privacy.
But critics have said E2EE makes it harder to stop harmful content spreading online, because it means tech firms and law enforcement have no way of viewing any material sent in direct messages. The situation is made more complex because TikTok has long faced accusations that ties to the Chinese state may put users' data at risk. TikTok has consistently denied this, but earlier this year the social media firm's US operations were separated from its global business on the orders of US lawmakers.
TikTok told the BBC it believed end-to-end encryption prevented police and safety teams from being able to read direct messages if they needed to. It confirmed its approach to the BBC in a briefing about security at its London office, saying it wanted to protect users, especially young people from harm. It described this stance as a deliberate decision to set itself apart from rivals. "Grooming and harassment risks are very real in DMs [direct messages] so TikTok now can credibly argue that it's prioritizing 'proactive safety' over 'privacy absolutism' which is a pretty powerful soundbite," said social media industry analyst Matt Navarra. But Navarra said the move also "puts TikTok out of step with global privacy expectations" and might reinforce wariness for some about its ownership. Read more of this story at Slashdot. |
Apple Announces Low-Cost 'MacBook Neo' With A18 Pro Chip | | Continuing its product launches this week, Apple today announced the "MacBook Neo," an all-new, low-cost Mac featuring the A18 Pro chip. It starts at $599 and begins shipping on Wednesday, March 11. MacRumors reports: The MacBook Neo is the first Mac to be powered by an iPhone chip; the A18 Pro debuted in 2024's iPhone 16 Pro models. Apple says it is up to 50% faster for everyday tasks than the bestselling PC with the latest shipping Intel Core Ultra 5, up to 3x faster for on-device AI workloads, and up to 2x faster for tasks like photo editing. The MacBook Neo features a 13-inch Liquid Retina display with a 2408-by-1506 resolution, 500 nits of brightness, and an anti-reflective coating. The display does not have a notch, instead featuring uniform, iPad-style bezels.
It is available in Silver, Indigo, Blush, and Citrus color options. The colored finishes extend to the Magic Keyboard in lighter shades and come with matching wallpapers. It weighs 2.7 pounds. There are two USB-C ports. One is a USB-C 2 port with support for speeds up to 480 Mb/s and one is a USB-C 3 port with support for speeds up to 10 Gb/s. There is also a headphone jack. The MacBook Neo also offers a 16-hour battery life, 8GB of unified memory, Wi-Fi 6E and Bluetooth 6 connectivity, a 1080p front-facing camera, dual mics with directional beamforming, and dual side-firing speakers with Spatial Audio. Read more of this story at Slashdot. |
Intel's Make-Or-Break 18A Process Node Debuts For Data Center With 288-Core Xeon 6+ CPU | | Intel has formally unveiled its Xeon 6+ "Clearwater Forest" data-center processor with up to 288 cores, built on the company's new Intel 18A process and using Foveros Direct packaging. The chip targets telecom, cloud, and edge-AI workloads with massive parallelism, large caches, and high-bandwidth DDR5-8000 memory. Tom's Hardware reports: Intel's Xeon 6+ processors with up to 288 cores combine 12 compute chiplets containing 24 energy-efficient Darkmont cores per tile that are produced using 18A manufacturing technology, two I/O tiles made on Intel 7 production node, as well as three active base tiles made on Intel 3 fabrication process. The compute tiles are stacked on top of the base dies using Intel's Foveros Direct 3D technology, whereas lateral connections are enabled by Intel's EMIB bridges.
Intel's 'Darkmont' efficiency cores have received rather meaningful microarchitectural upgrades. Each core integrates a 64 KB L1 instruction cache, a broader fetch and decode pipeline, and a deeper out-of-order engine capable of tracking more in-flight operations. The number of execution ports has also been increased in a bid to improve both scalar and vector throughput under heavily threaded server workloads.
From a cache hierarchy standpoint, the design groups cores into four-core blocks that share approximately 4 MB of L2 cache per block. As a result, the aggregate last-level cache across the full package surpasses 1 GB, roughly 1,152 MB in total. This unusually large pool is intended to keep data close to hundreds of active cores and reduce dependence on external memory bandwidth, which in turn is meant to both increase performance and lower power consumption. Platform-wise, the processor remains drop-in compatible with the current Xeon server socket, so the CPU has 12 memory channels that support DDR5-8000, 96 PCIe 5.0 lanes with 64 lanes supporting CXL 2.0. Read more of this story at Slashdot. |
New App Alerts You If Someone Nearby Is Wearing Smart Glasses | | A new Android app called Nearby Glasses alerts users when Bluetooth signals from smart glasses are detected nearby. The Android app, called Nearby Glasses, "launches at a time as there is an increasing resistance against always-recording or listening devices, which critics say process information about nearby people who do not give their consent," reports TechCrunch. From the report: Yves Jeanrenaud, who made the app, first spoke to 404 Media about the project and said he was in part inspired to make Nearby Glasses after reading the independent publication's reporting into wearable surveillance devices, including how Meta's Ray-Ban smart glasses have been used in immigration raids and to film and harass sex workers.
On the app's project page, Jeanrenaud described smart glasses as an "intolerable intrusion, consent neglecting, horrible piece of tech." Jeanrenaud told TechCrunch in an email that his motivation came from "witnessing the sheer scale and inhumane nature of the abuse these smart glasses are involved in." Jeanrenaud also cited Meta's decision to implement face recognition as a default feature in its smart glasses, "which I consider to be a huge floodgate pushed open for all kinds of privacy-invasive behavior."
The app works by listening for nearby Bluetooth signals that contain a publicly assigned identifier unique to the Bluetooth device's manufacturer. If the app detects a Bluetooth signal from a nearby hardware device made by Meta or Snap, the app will send the user an alert. (The app also allows users to add their own specific Bluetooth identifiers, allowing the user to detect a broader range of wearable surveillance gadgetry.) Further reading: Meta's AI Display Glasses Reportedly Share Intimate Videos With Human Moderators Read more of this story at Slashdot. |
Qualcomm CEO: 'Resistance Is Futile' As 6G Mobile Revolution Approaches | | At Mobile World Congress, Cristiano Amon of Qualcomm argued that the coming 6G networks will power an AI-driven "agent economy," where devices and AI assistants constantly communicate across the network. "AI will fundamentally change our mobile experiences," Qualcomm chief executive, Cristiano Amon says. "It's going to change how we think about our smartphones. Think about our personal computing. Think about and interact with a car. The car is now a computing surface. If you actually believe in the AI revolution, 6G will be required. Resistance is futile." The company says early consumer testing could begin around the 2028 Los Angeles Olympics, with broader rollouts expected by 2029. Fortune's Kamal Ahmed reports: Akash Palkhiwala is Qualcomm's chief financial officer and chief operating officer. I spent some time with him at the company's stand, as his leading engineers took me through a 6G future where individuals will have real-time information delivered to them via their glasses. Palkhiwala compliments me on my watch, which only does one thing. It tells me the time. "6G is going to be the first time that connectivity and AI come together in the network. What we're building is the first AI-native wireless network that's ever been built," he explains.
"The traffic that we expect on 6G is way different than what we had before," says Palkhiwala. "Before, it was all about consumer traffic. We expect 6G to be driven by [AI] agent traffic. Think about all these use cases where there are AI agents sitting on various devices -- your glasses, your watch, your phone, your PC. These agents are going to be talking back and forth across the network to other agents and services. "The traffic completely changes. 6G is being built with this idea that the traffic that goes on the network is not just going to be consumer voice calls or downloading videos, we're going to have agents talking to each other, so the reliability of the network becomes very important."
On-device capabilities (the ability of your phone to process far more data); edge computing (locally sourced IT technology rather than distant data centers); more efficient use of available bandwidth (AI-enabled load control); and greater cloud access will all come together to produce a new wireless network. [...] "Today we are in the application economy," he notes. "On the phone, you want to make a travel reservation, you go to one application. You want to order an Uber, you go to a second application. You want to order food, you go to a third application, movie tickets, etc. The user has to go through that effort. In the future, you think of the app economy moving over to an agent economy, where there's one agent I'm interacting with, and I can ask that agent to book me a movie ticket or a plane ticket, to order food for me, get an Uber for me. It knows everything about me." Read more of this story at Slashdot. |
ChatGPT Gets GPT-5.3 Instant Update With Less 'Cringe,' Fewer Hallucinations | | An anonymous reader quotes a report from MacRumors: OpenAI today updated its most popular ChatGPT model, debuting GPT-5.3 Instant. GPT-5.3 Instant is supposed to provide more accurate answers and better contextualized results when searching the web. The update also cuts down on unnecessary dead ends, caveats, and overly declarative phrasing, plus it has fewer hallucinations.
According to OpenAI, it tweaked the Instant model to address complaints about tone, relevance, and conversational flow, which are issues that don't show up in benchmarks. GPT-5.2 Instant had a "cringe" tone that could be overbearing or make unsubstantiated assumptions about user intent or emotions. The new model will have a more natural conversational style and will cut back on dramatic phrases like "Stop. Take a breath."
Users found that GPT-5.2 Instant would refuse questions it should have been able to answer, or respond in ways that felt overly cautious around sensitive topics. GPT-5.3 Instant cuts down on refusals and tones down overly defensive or moralizing preambles when answering a question. The model will no longer "over-caveat" after assuming bad intent from the user. GPT-5.3 Instant also provides higher-quality answers based on information from the web. OpenAI says that it is able to better balance what it finds online with its own knowledge, so it is less likely to overindex on web results. Read more of this story at Slashdot. |
'Game of Thrones' Movie In the Works | | Warner Bros. is developing a feature film set in the world of Game of Thrones with writer Beau Willimon of Andor and House of Cards. "That's about all we know right now, and as with everything 'Thrones' things could change, but the film is firmly in development," reports TheWrap. Page Six Hollywood was first to break the news and speculated that the story could revolve around Aegon I, the legendary Targaryen king who spawned a dynasty. From the report: The Targaryens have been at the center of all things "Thrones" on HBO, with "Game of Thrones" following Daenerys Targaryen's (Emilia Clarke) quest to usurp the throne, spinoff "House of the Dragon" set in the midst of the Targaryens' reign and recent spinoff "A Knight of the Seven Kingdoms" following the squire-ship of Aegon "Egg" Targaryen towards the end of the family's run atop the Iron Throne. All, of course, based on George R.R. Martin's expansive book universe. Read more of this story at Slashdot. |
|
|
