An anonymous reader shares a report: Relations between Russia and Germany were already tense, with Germany providing military support to Ukraine in its ongoing war with Russia. German Foreign Minister Annalena Baerbock said Russian state hackers were behind a cyberattack last year that targeted the Social Democrats, the leading party in the governing coalition. "Russian state hackers attacked Germany in cyberspace," she said at a news conference in the Australian city of Adelaide. "We can attribute this attack to the group called APT28, which is steered by the military intelligence service of Russia." "This is absolutely intolerable and unacceptable and will have consequences," she said. The Russian Embassy in Germany on Friday denied Moscow was involved in a 2023 cyberattack. In a statement the embassy said its envoy "categorically rejected the accusations that Russian state structures were involved in the given incident ... as unsubstantiated and groundless." The Council of the EU later said that Czechia's institutions have also been a target of the cyber campaign. In a statement by the EU's top diplomat, Josep Borrell, the bloc's nations said they "strongly condemn the malicious cyber campaign conducted by the Russia-controlled Advanced Persistent Threat Actor 28 (APT28) against Germany and Czechia." Further reading: EU and NATO Condemn Russian Cyber Attacks Against Germany and Czechia.

Read more of this story at Slashdot.

Florida Gov. Ron DeSantis signed a bill this week banning and criminalizing the manufacture and sale of lab-grown meat in the state. From a report: The legislation joins similar efforts from three other states -- Alabama, Arizona and Tennessee -- that have also looked to stop the sale of lab-grown meat, which is believed to still be years away from commercial viability. "Florida is fighting back against the global elite's plan to force the world to eat meat grown in a petri dish or bugs to achieve their authoritarian goals," DeSantis said. "We will save our beef." Lab-grown meat, also known as cultivated meat, has attracted considerable attention in recent years as startups have raised millions of dollars to improve the technology meant to create a climate-friendly alternative to traditional meat sources. Cultivated meat is usually grown in a metal vessel from a sample of animal cells. They multiply in a container called a bioreactor while being fed with water, amino acids, vitamins and lipids -- a process that can be difficult to do at scales large enough to create enough food for commercial sale. Still, some companies have made strides, with two California startups receiving approval from U.S. regulators last year to sell lab-grown chicken. Those companies said Florida's bill stifles innovation in a space that is becoming competitive globally.

Read more of this story at Slashdot.

The UK government's climate action plan is unlawful, the high court has ruled, as there is not enough evidence that there are sufficient policies in place to reduce greenhouse gas emissions. From a report: The energy secretary, Claire Coutinho, will now be expected to draw up a revised plan within 12 months. This must ensure that the UK achieves its legally binding carbon budgets and its pledge to cut emissions by more than two-thirds by 2030, both of which the government is off track to meet. The environmental charities Friends of the Earth and ClientEarth took joint legal action with the Good Law Project against the Department for Energy Security and Net Zero (DESNZ) over its decision to approve the carbon budget delivery plan (CBDP) in March 2023. In a ruling on Friday, Mr Justice Sheldon upheld four of the five grounds of the groups' legal challenge, stating that the decision by the former energy security and net zero secretary Grant Shapps was "simply not justified by the evidence." He said: "If, as I have found, the secretary of state did make his decision on the assumption that each of the proposals and policies would be delivered in full, then the secretary of state's decision was taken on the basis of a mistaken understanding of the true factual position." The judge agreed with ClientEarth and Friends of the Earth that the secretary of state was given "incomplete" information about the likelihood that proposed policies would achieve their intended emissions cuts. This breached section 13 of the Climate Change Act, which requires the secretary of state to adopt plans and proposals that they consider will enable upcoming carbon budgets to be delivered. Sheldon also agreed with the environment groups that the central assumption that all the department's policies would achieve 100% of their intended emissions cuts was wrong. The judge said the secretary of state had acted irrationally, and on the basis of an incorrect understanding of the facts. This comes after the Guardian revealed the government would be allowing oil and gas drilling under offshore wind turbines, a decision criticised by climate experts as "deeply irresponsible."

Read more of this story at Slashdot.

China launched an uncrewed lunar mission Friday that aims to bring back samples from the far side of the moon for the first time, in a potentially major step forward for the country's ambitious space program. From a report: The Chang'e-6 probe -- China's most complex robotic lunar mission to date -- blasted off on a Long March-5 rocket from the Wenchang Space Launch Center in south China's Hainan island, where space fans had gathered to watch the historic moment. The country's National Space Administration said the launch was a success. The launch marks the start of a mission that aims to be a key milestone in China's push to become a dominant space power with plans to land astronauts on the moon by 2030 and build a research base on its south pole. It comes as a growing number of countries, including the United States, eye the strategic and scientific benefits of expanded lunar exploration in an increasingly competitive field. China's planned 53-day mission would see the Chang'e-6 lander touch down in a gaping crater on the moon's far side, which never faces Earth. China became the first and only country to land on the moon's far side during its 2019 Chang'e-4 mission. Any far-side samples retrieved by the Chang'e-6 lander could help scientists peer back into the evolution of the moon and the solar system itself -- and provide important data to advance China's lunar ambitions.

Read more of this story at Slashdot.

An anonymous reader shares a report: A software engineer has been keeping nearly 7,500 Firefox tabs open on her Mac computer for over two years -- and doesn't plan on closing them anytime soon. The Firefox power user, who goes by the pseudonym "Hazel" online, posted a screenshot showing 7,470 tabs open earlier this week after finding the browser initially unable to restore all the tabs. Hazel was able to bring the tabs back to life via a Firefox profile cache, however, and tells PCMag that reloading the full session took "no more than a minute." "I feel like a part of me is restored," Hazel wrote on X once the Firefox tabs had returned. The Firefox fan tells PCMag in a message that she keeps so many tabs open for nostalgia reasons. "I like to scroll back and see clusters of tabs from months ago -- it's like a trip down memory lane on whatever I was doing/learning about/thinking about," she says. Surprisingly, all those tabs haven't impacted the computer's performance. "Firefox is quite memory efficient and isn't actually loading the websites unless I click on the tab -- so it's not very resource intensive," Hazel says.

Read more of this story at Slashdot.

Microsoft is making security its number one priority for every employee, following years of security issues and mounting criticisms. The Verge: After a scathing report from the US Cyber Safety Review Board recently concluded that "Microsoft's security culture was inadequate and requires an overhaul," it's doing just that by outlining a set of security principles and goals that are tied to compensation packages for Microsoft's senior leadership team. Last November, Microsoft announced a Secure Future Initiative (SFI) in response to mounting pressure on the company to respond to attacks that allowed Chinese hackers to breach US government email accounts. Just days after announcing this initiative, Russian hackers managed to breach Microsoft's defenses and spy on the email accounts of some members of Microsoft's senior leadership team. Microsoft only discovered the attack nearly two months later in January, and the same group even went on to steal source code. These recent attacks have been damaging, and the Cyber Safety Review Board report added fuel to Microsoft's security fire recently by concluding that the company could have prevented the 2023 breach of US government email accounts and that a "cascade of security failures" led to that incident. "We are making security our top priority at Microsoft, above all else -- over all other features," explains Charlie Bell, executive vice president for Microsoft security, in a blog post today. "We will instill accountability by basing part of the compensation of the company's Senior Leadership Team on our progress in meeting our security plans and milestones."

Read more of this story at Slashdot.

Plumpaquatsch writes: Investigators teamed up with colleagues from the Balkans and Lebanon in raids set up by months of intense surveillance. Authorities say the operation thwarted over 10 million euro in damages and led to 21 arrests. Dubbed 'Operation Pandora,' the sting began in Germany in December 2023, after a suspicious bank teller contacted police when a 76-year-old customer from Freiburg sought to hurriedly withdraw 120,000 euro ($128,232) from her savings account to hand over to a fake police officer. When real police investigators tracked the internet-based telephone number that had been used to lure the woman, they discovered a veritable goldmine. Rather than shutting down the number, authorities instead went on the offensive, setting up their own call center in which hundreds of officers from Baden-Wurttemberg, Bavaria, Berlin and Saxony worked around the clock monitoring some 1.3 million calls in real time, as the number from the initial scam was tied to an entire network of fraud call centers. Police were able to trace and record data from the calls, as well as warn potential victims of what was in fact happening, in turn winning valuable time to put together the April 18 sting. Police say their efforts allowed them to thwart some 10 million euro in damages in roughly 6,000 cases of attempted fraud.

Read more of this story at Slashdot.

samleecole writes: Utah set up an online form for people to accuse other citizens and public establishments of violating the state's recently-enacted transphobic "bathroom bill." The submission form is being flooded with memes and troll comments, and the auditor also left the submissions database open to the public -- without a password, authentication, or any other protections that would keep anyone from viewing other people's submissions. After 404 Media contacted the auditor's office for comment, they changed the permissions to require authentication. The form link has been posted to Twitter, and people have repeatedly posted screenshots of themselves uploading memes. In the database, those included photos of Barry Wood, characters from Bee Movie, and Shutterstock images of bull testicles. Twitter users have also found a link to the database that the form is connected to, which is hosted on a public Google cloud console bucket that as of Thursday, required no authentication to view. I tested the form, and found that my submission -- a photo of the yelling table cat meme -- appeared instantly in the Google Console bucket. The submission form offers anonymity with the option for the state auditor to contact submitters for more details. I haven't seen names and contact information shared in the database, but comments and image attachments were easily viewable.

Read more of this story at Slashdot.

Google has asked a U.S. judge not to impose sweeping changes to the Alphabet unit's app store Play that were proposed by "Fortnite" maker Epic Games in the companies' closely-watched antitrust fight. From a report: Google made its filing late on Thursday in San Francisco federal court, where Epic last year persuaded a jury that the tech giant unlawfully stifled competition with its controls over apps downloads on Android devices and payments to developers for in-app transactions. Epic's proposal "would make it nearly impossible for Google to compete," Google's filing said. The gaming company in March asked U.S. District Judge James Donato in San Francisco to force Google to make it easier for users to download apps from other sources and to allow developers more flexibility in offering and charging for purchases. The Cary, North Carolina-based company also said it should be allowed to bring its Epic Games Store to Android "without delays and barriers." Google agreed in December to pay $700 million to resolve the states' case and, among other reforms, will allow more alternative billing options for in-app purchases.

Read more of this story at Slashdot.

A Miami-based CEO will serve over six years in prison for selling counterfeit Cisco equipment to numerous buyers on Amazon and eBay, with some of the shoddy hardware ending up in sensitive US government systems. From a report: On Wednesday, 40-year-old Onur Aksoy was sentenced to six years and six months in prison for raking in at least $100 million from the counterfeit sales. Aksoy committed the fraud from at least 2013 to 2022 -- the year he was arrested -- by buying the fake Cisco equipment from suppliers in China. The counterfeits were then resold as legitimate Cisco products for an estimated retail value of over $1 billion. "Aksoy sold hundreds of millions of dollars' worth of counterfeit computer networking equipment that ended up in US hospitals, schools, and highly sensitive military and other governmental systems, including platforms supporting sophisticated US fighter jets and military aircraft," Principal Deputy Assistant Attorney General Nicole Argentieri said in a statement.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Hyundai has agreed to spend nearly $1 billion on Motional, an investment that will give the automaker a majority stake while providing the self-driving startup with the necessary capital to keep operating. The Korean automaker invested $475 million directly into Motional as part of a broader deal that includes buying out joint venture partner Aptiv. As part of the deal, Hyundai will spend another $448 million to buy 11% of Aptiv's common equity interest in Motional, according to information revealed Thursday in Aptiv's first-quarter earnings report. Aptiv also shared that it expects to reduce its common equity interest in Motional from 50% as of March 31 to about 15%, leaving Hyundai with the remaining 85% control. Aptiv Chairman and CEO Kevin Clark flagged in January that the company would reduce its ownership interest in Motional. The company said at the time that it would stop allocating capital towards Motional due to the high cost of commercializing a robotaxi business and the long road ahead to profits. Aptiv on Thursday reduced its full-year net sales forecast for 2024 to be between $20.85 billion and $21.45 billion, down from between $21.3 billion to $21.9 billion. Motional confirmed the new funding round and increased stake from Hyundai, but didn't confirm Aptiv's numbers. Hyundai, however, said the amounts listed in Aptiv's earnings report were accurate. "Motional started as Boston-based autonomous vehicle startup nuTonomy in 2013, before being acquired by Delphi for $450 million," reports TechCrunch. "Delphi would later split it's business with the Aptiv unit absorbing nuTonomy. The entity became Motional under a $4 billion Hyundai-Aptiv joint venture in 2019." "While it's clear from Aptiv's earnings report that the company is trying to manage risks and optimize finances amid a less positive outlook, the company's retreat, and Hyundai's step forward, raises questions about Motional's future."

Read more of this story at Slashdot.

"Aamrok 3.0, ported to Qt5/KDE Frameworks 5, has been released," writes Slashdot reader serafean. "With the heavy lifting being done, the Qt6/KF6 version is expected later in the year." Originally developed for Linux as part of the KDE desktop environment, Amarok is a free, cross-platform music player that supports various audio formats and a user interface that can be tailored to individual preferences. These are the main features/changes, as highlighted in a KDE blog post: FEATURES: - Added a visual hint that context view applets can be resized in edit mode. - Display missing metadata errors in Wikipedia applet UI. - Add a button to stop automatic Wikipedia page updating. (BR 485813) CHANGES: - Replace defunct lyricwiki with lyrics.ovh as lyrics provider for now. (BR 455937) - Show only relevant items in wikipedia applet right click menu (BR 323941), use monobook skin for opened links and silently ignore non-wikipedia links. - Don't show non-functional play mode controls in dynamic mode (BR 287055) The changelog is available here. You can find the package on download.kde.org.

Read more of this story at Slashdot.

Aria Alamalhodaei reports via TechCrunch: Hubble Network has become the first company in history to establish a Bluetooth connection directly to a satellite -- a critical technology validation for the company, potentially opening the door to connecting millions more devices anywhere in the world. The Seattle-based startup launched its first two satellites to orbit on SpaceX's Transporter-10 ride-share mission in March; since that time, the company confirmed that it has received signals from the onboard 3.5mm Bluetooth chips from over 600 kilometers away. The sky is truly the limit for space-enabled Bluetooth devices: the startup says its technology can be used in markets including logistics, cattle tracking, smart collars for pets, GPS watches for kids, car inventory, construction sites, and soil temperature monitoring. Haro said the low-hanging fruit is those industries that are desperate for network coverage even once per day, like remote asset monitoring for the oil and gas industry. As the constellation scales, Hubble will turn its attention to sectors that may need more frequent updates, like soil monitoring, to continuous coverage use cases like fall monitoring for the elderly. Once its up and running, a customer would simply need to integrate their devices' chipsets with a piece of firmware to enable connection to Hubble's network.

Read more of this story at Slashdot.

In a first for "digital health technology," the Apple Watch's atrial fibrillation (AFib) history feature has been approved by the FDA to join the FDA's Medical Device Development Tools (MDDT) program. This means the wearable is now usable in clinical studies. The Verge reports: The FDA announcement describes using it as a noninvasive way to collect the data both before and after treatment: "Designed to be used as a biomarker test to help evaluate estimates of AFib burden as a secondary effectiveness endpoint within clinical studies intended to evaluate the safety and effectiveness of cardiac ablation devices to treat."

Read more of this story at Slashdot.

When given the choice, pet parrots prefer to video-call each other instead of watch pre-recorded videos of other birds. Those are the findings from a new paper (PDF) set to appear next week at a conference on Human Factors in Computing Systems in Hawaii. Phys.Org reports: The study, led by animal-computer interaction specialists at the University of Glasgow, gave tablet devices to nine parrots and their owners to explore the potential of the video chats to expand the birds' social lives. Their results suggest that the clever birds, who often suffer from loneliness in captivity, may be able to tell the difference between live and pre-recorded content on digital devices, and strongly prefer interacting with other birds in real time. Over the course of the six-month study, the parrots chose to initiate calls to other birds significantly more often than they opted to watch pre-recorded footage. They also seemed more engaged in the live chats, spending much longer on calls with other birds than they did watching videos from a library of options. The findings could help steer the future course of the emerging "animal internet," which uses digital technology to empower animals to interact with humans and each other in new ways.

Read more of this story at Slashdot.

Several users on Reddit have noticed that Spotify has started hiding song lyrics behind a paywall. "This means you won't be able to sing along unless you know the lyrics already, or are willing to look them up in another app," reports Android Police. From the report: Still, you lose the convenience of real-time sync with the track and automatic scrolling. Like skips per hour, it appears Spotify will implement a limit system and accessing lyrics will count against the user's limit, which should ideally reset after a stipulated time. Spotify usually requests lyrics from songwriters, publishers, and independent artists. However, in most other cases, the company has a working relationship with MusixMatch to provide lyrics, and perhaps Spotify isn't willing to absorb the costs of this partnership. That would explain why lyrics are now paywalled, but as a free-tier user, such changes are chipping away at the service's appeal.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Techdirt: Last week, hundreds of nurses protested the implementation of sloppy AI into hospital systems in front of Kaiser Permanente. Their primary concern: that systems incapable of empathy are being integrated into an already dysfunctional sector without much thought toward patient care: "No computer, no AI can replace a human touch," said Amy Grewal, a registered nurse. "It cannot hold your loved one's hand. You cannot teach a computer how to have empathy." There are certainly roles automation can play in easing strain on a sector full of burnout after COVID, particularly when it comes to administrative tasks. The concern, as with other industries dominated by executives with poor judgement, is that this is being used as a justification by for-profit hospital systems to cut corners further. From a National Nurses United blog post (spotted by 404 Media): "Nurses are not against scientific or technological advancement, but we will not accept algorithms replacing the expertise, experience, holistic, and hands-on approach we bring to patient care," they added. Kaiser Permanente, for its part, insists it's simply leveraging "state-of-the-art tools and technologies that support our mission of providing high-quality, affordable health care to best meet our members' and patients' needs." The company claims its "Advance Alert" AI monitoring system -- which algorithmically analyzes patient data every hour -- has the potential to save upwards of 500 lives a year. The problem is that healthcare giants' primary obligation no longer appears to reside with patients, but with their financial results. And, that's even true in non-profit healthcare providers. That is seen in the form of cut corners, worse service, and an assault on already over-taxed labor via lower pay and higher workload (curiously, it never seems to impact outsized high-level executive compensation).

Read more of this story at Slashdot.

Sony Pictures Entertainment and Apollo Global Management have made a bid to acquire Paramount for $26 billion and take it private. Variety reports: Sony and private-equity giant Apollo submitted a letter with the non-binding offer Wednesday to Paramount Global, as first reported by the Wall Street Journal. The bid, which would include the assumption of debt and could be negotiated, would be a premium over the company's current $22 billion enterprise value. Shares of Paramount Global jumped 13% on news of the offer from Apollo and Sony Entertainment, closing at $13.86 per share Thursday. It's not clear how Paramount's board will proceed on the Sony-Apollo proposal, having rejected previous overtures from the private-equity firm. The company has an exclusive negotiating window with Skydance that ends Friday (May 3), but discussions among the parties could extend beyond that. If it happens, the combination of Sony Pictures with Paramount Pictures would likely result in mass layoffs -- and knock the number of major Hollywood studios from five to four, after Disney took over 20th Century. Sony Corp., which acquired Columbia Pictures in 1990 for $3.5 billion, is the largest studio operator in the industry that does not have a broad-scale direct-to-consumer streaming play. Under the proposed bid with Apollo, Sony would be the majority owner of the combined company. Sony Corp. would merge Sony Pictures Entertainment into a joint venture with Paramount Global. Sony and Apollo would both contribute cash to finance the deal. What's unclear is what would happen to the 28 local TV stations CBS owns; FCC rules bar foreign entities (i.e. Tokyo-based Sony) from having majority ownership control of broadcast TV stations, so Sony would need to carve out a separate U.S. ownership structure for the station group. In the Skydance scenario, Redstone would sell her stake in National Amusements, which holds 77% of the voting shares in Paramount Global, to Skydance, whereupon Skydance would merge with Paramount Global in an all-stock deal that would value Skydance at roughly $5 billion. Paramount Global would remain a publicly traded company. Redstone would receive up to $2 billion from the Skydance-NAI transaction; in addition, Skydance would pay a premium for Paramount Global shares and pay $3 billion to the company to help pay down debt. Ellison would serve as CEO of the merged Paramount-Skydance, while Jeff Shell, the former NBCUniversal CEO who is chairman of sports and media at RedBird and works under founder and managing partner Gerry Cardinale, would take on a key management role.

Read more of this story at Slashdot.

Dan Goodin reports via Ars Technica: A maximum severity vulnerability that allows hackers to hijack GitLab accounts with no user interaction required is now under active exploitation, federal government officials warned as data showed that thousands of users had yet to install a patch released in January. A change GitLab implemented in May 2023 made it possible for users to initiate password changes through links sent to secondary email addresses. The move was designed to permit resets when users didn't have access to the email address used to establish the account. In January, GitLab disclosed that the feature allowed attackers to send reset emails to accounts they controlled and from there click on the embedded link and take over the account. While exploits required no user interaction, hijackings worked only against accounts that weren't configured to use multi-factor authentication. Even with MFA, accounts remained vulnerable to password resets. The vulnerability, tracked as CVE-2023-7028, carries a severity rating of 10 out of a possible 10. The vulnerability, classified as an improper access control flaw, could pose a grave threat. GitLab software typically has access to multiple development environments belonging to users. With the ability to access them and surreptitiously introduce changes, attackers could sabotage projects or plant backdoors that could infect anyone using software built in the compromised environment. An example of a similar supply chain attack is the one that hit SolarWinds in 2021, infecting more than 18,000 of its customers. Other recent examples of supply chain attacks are here, here, and here. These sorts of attacks are powerful. By hacking a single, carefully selected target, attackers gain the means to infect thousands of downstream users, often without requiring them to take any action at all. According to Internet scans performed by security organization Shadowserver, more than 2,100 IP addresses showed they were hosting one or more vulnerable GitLab instances. In order to protect your system, you should enable MFA and install the latest patch. "GitLab users should also remember that patching does nothing to secure systems that have already been breached through exploits," notes Goodin.

Read more of this story at Slashdot.