An anonymous reader quotes a report from Ars Technica: A new hacking group has been rampaging the Internet in a persistent campaign that spreads a self-propagating and never-before-seen backdoor -- and curiously a data wiper that targets Iranian machines. The group, tracked under the name TeamPCP, first gained visibility in December, when researchers from security firm Flare observed it unleashing a worm that targeted cloud-hosted platforms that weren't properly secured. The objective was to build a distributed proxy and scanning infrastructure and then use it to compromise servers for exfiltrating data, deploying ransomware, conducting extortion, and mining cryptocurrency. The group is notable for its skill in large-scale automation and integration of well-known attack techniques. More recently, TeamPCP has waged a relentless campaign that uses continuously evolving malware to bring ever more systems under its control. Late last week, it compromised virtually all versions of the widely used Trivy vulnerability scanner in a supply-chain attack after gaining privileged access to the GitHub account of Aqua Security, the Trivy creator. Over the weekend, researchers said they observed TeamPCP spreading potent malware that was also worm-enabled, meaning it had the potential to spread to new machines automatically, with no interaction required of victims behind the keyboard. [...] As the weekend progressed, CanisterWorm [as Aikido has named the malware] was updated to add an additional payload: a wiper that targets machines exclusively in Iran. When the updated worm infects machines, it checks if the machine is in the Iranian timezone or is configured for use in that country. When either condition was met, the malware no longer activated the credential stealer and instead triggered a novel wiper that TeamPCP developers named Kamikaze. Eriksen said in an email that there's no indication yet that the worm caused actual damage to Iranian machines, but that there was "clear potential for large-scale impact if it achieves active spread." It's unclear what the motive is for TeamPCP. Aikido researcher Charlie Eriksen wrote: "While there may be an ideological component, it could just as easily be a deliberate attempt to draw attention to the group. Historically, TeamPCP has appeared to be financially motivated, but there are signs that visibility is becoming a goal in itself. By going after security tools and open-source projects, including Checkmarx as of today, they are sending a clear and deliberate signal."

Read more of this story at Slashdot.

Longtime Slashdot reader internet-redstar writes: Nearly a trillion dollars has been wiped from software stocks in 2026, with hedge funds making billions shorting Salesforce, HubSpot, and Atlassian. At FOSDEM 2026, cURL maintainer Daniel Stenberg shut down his bug bounty program after AI-generated slop overwhelmed his team. A new article on HackerNoon argues that most commercial SaaS could inevitably become OpenSource, not out of ideology but economics. The author points to Proxmox replacing VMware at enterprise scale and startups like Holosign replicating DocuSign at $19/month flat as evidence. The catch, the article claims, is that maintainers who refuse to embrace AI tools risk being forked, or simply replicated from scratch, by those who do.

Read more of this story at Slashdot.

During today's Nvidia GTC keynote, the company introduced NemoClaw, a security-focused stack designed to make the autonomous AI agent platform OpenClaw safer. ZDNet explains how it works: NemoClaw installs Nvidia's OpenShell, a new open-source runtime that keeps agents safer to use by enforcing an organization's policy-based guardrails. OpenShell keeps models sandboxed, adds data privacy protections and additional security for agents, and makes them more scalable. "This provides the missing infrastructure layer beneath claws to give them the access they need to be productive, while enforcing policy-based security, network, and privacy guardrails," Nvidia said in the announcement. The company built OpenShell with security companies like CrowdStrike, Cisco, and Microsoft Security to ensure it is compatible with other cybersecurity tools. Nvidia said NemoClaw can be installed in a single command, runs on any platform, and can use any coding agent, including Nvidia's own Nemotron open model family, on a local system. Through a privacy router, it allows agents to access frontier models in the cloud, which unites local and cloud models to help teach agents how to complete tasks within privacy guardrails, Nvidia explained. Nvidia seems to be hoping that the additional security can make OpenClaw agents more popular and accessible, with less risk than they currently carry. The bigger picture here is how NemoClaw could give companies the added peace of mind to let AI agents complete actions for their employees, where they wouldn't have previously. Nvidia did not specify when NemoClaw would be available.

Read more of this story at Slashdot.

"A few developers found a way, for now, to turn a few of these increasingly mediocre Amazon Show devices into friendly, useful, open computers," writes the co-founder of the gaming/tech news site Aftermath. For under $50 each, he bought some used versions of the devices and tested their instructions, partly to escape the full-screen ads Amazon began showing late last year, and also to overwrite Amazon's locked down Android fork "Fire OS" (and "a similarly neutered version of Linux called Vega OS") Customers who bought these devices and used them for several years were not used to them showing full screen ads, and now they do. People were justifiably pissed. So what do you do when an already evil device gets shittier...? I wiped Fire OS from the device and used ADB sideload to directly load two packages on the device: LineageOS and MindTheGapps. MindTheGapps lets you turn the device into something resembling a traditional Android device, for both good and bad.... It took a few times of wiping the device, but after a few tries it finally worked as intended... I immediately installed the Home Assistant app... Not only can the hacked Echo Show 8 control my entire smart home, it now plays back my entire local music library as well as any internet radio channels like The Lot Radio and NTS. It can also synchronize with any additional Echo Show running LineageOS in my house using the SendSpin protocol... I would gladly take it any day of the week over most of the devices these companies offer, especially Amazon. It may not be as intuitive as out-of-the-box smart home products, but I don't need my devices to be intuitive, I need them to behave. I had finally found a smart display that wasn't a cop... The hardware is old and creaky, and after the hack it can only use 1GB of the 2GB of ram. And yet it still manages to feel snappier than the stock hardware. "The amount of telemetry, ads, and general bloat Amazon shoves down our throats definitely doesn't help performance," [XDA Devs Forum user] Rortiz2 told me. "That's actually another reason why we did LineageOS, it kind of gives the device a second life. Even though it's still a bit buggy, it feels way better to use than the stock firmware...." If you want a smart speaker with a display that just runs a stripped-down version of Android that you have full control over, you're going to have a hard time finding it outside of these three specific models unless you cobble something together yourself. It is a deceptively simple thing to desire — the kiosk computer from science fiction that isn't a narc — yet few companies really offer it. "It should be against the law to not give an end user the ability to consensually load whatever OS or program they want on their device..." the article concludes, arguing that "If we budge on the inalienable right to modify our hardware then we forsake a key part about what makes computers special." And in the mean time, "There are so many devices that could be put to use rotting in e-waste facilities and thrift stores..."

Read more of this story at Slashdot.

The Norwegian Consumer Council, a government funded organization advocating for consumer's rights, released a report on the trend of "enshittification" in digital consumer goods and services, suggesting ways consumers for consumers to resist. But they've also dramatized the problem with a funny four-minute video about the man whose calls for him to make things shitty for people. "It's not just your imagination. Digital services are getting worse," the video concludes — before adding that "Luckily, it doesn't have to be this way." The Consumer Council's announcement recommends: Stronger rights for consumers to control, adapt, repair, and alter their products and services, Interoperability, data portability, and decentralisation as the norm, so the threshold for moving to different services becomes as low as possible, Deterrent and vigorous enforcement of competition law, so that Big Tech companies are not allowed to indiscriminately acquire start-ups, competitors or otherwise steer the market to their advantage, Better financing of initiatives to build, maintain or improve alternative digital services and infrastructure based on open source code and open protocols, Reduce public sector dependence on big tech, to regain control and to contribute to a functioning market for service providers that respect fundamental rights, Deterrent and consistent enforcement of other laws, including consumer and data protection law. The Norwegian Consumer Council is also joining 58 organisations and experts in a letter asking the Norwegian government to rebalance power with enforcement resources and by prioritizing the procurement of services based on open source code. And "Our sister organisations are sending similar letters to their own governments in 12 countries." They're also sending a second letter to the European Commission with 29 civil society organisations (including the EFF and Amnesty International) warning about the risks of deregulation and calling for reducing dependency on big tech. Thanks to Slashdot reader DeanonymizedCoward for sharing the news.

Read more of this story at Slashdot.

Slashdot reader darwinmac writes: The Document Foundation (TDF), the organization behind LibreOffice, has decided to bring back its LibreOffice Online project which been inactive since 2022. Collabora, a company that was a major contributor to the original LibreOffice Online, is not pleased with this development. After the original project went dormant, Collabora forked the code and created its own product, Collabora Online. Collaboras Michael Meeks, who also sits on the TDF board, reacted to the TDFs decision by saying that a fully supported, free online version already exists in the form of Collabora Online, and that resurrecting a dead repository makes little sense when an active, open community around the online suite already exists. For now, The Document Foundation plans to reopen the old repository for new contributions. The organization has issued a warning that the code is not ready for live deployment and users should wait until the development team confirms it is stable.

Read more of this story at Slashdot.