Figma has confidentially filed for an IPO with the SEC, marking a major move more than a year after scrapping its $20 billion acquisition deal with Adobe due to regulatory pushback. CNBC reports: Figma's software is popular among designers inside companies who need to collaborate on prototypes for websites and apps. The company was valued at $12.5 billion in a 2024 tender offer. "There are two paths that venture-funded startups go down," Dylan Field, Figma's co-founder and CEO, said in an interview with The Verge last year. "You either get acquired or you go public. And we explored thoroughly the acquisition route." The announcement lands at a precarious moment for the tech IPO market, which has been largely dormant since late 2021. The Trump presidency was expected to revive new offerings due to promises of less burdensome regulations.

Read more of this story at Slashdot.

The CVE and CWE programs are at risk of shutdown as MITRE's DHS contract expires on April 16, 2025, with no confirmed renewal. Without continued funding, the ability to standardize, track, and respond to software vulnerabilities could collapse, leaving the cybersecurity community scrambling in a fragmented and dangerously opaque environment. Forbes reports: "Failure to renew MITRE's contract for the CVE program, seemingly set to expire on April 16, 2025, risks significant disruption," said Jason Soroko, Senior Fellow at Sectigo. "A service break would likely degrade national vulnerability databases and advisories. This lapse could negatively affect tool vendors, incident response operations, and critical infrastructure broadly. MITRE emphasizes its continued commitment but warns of these potential impacts if the contracting pathway is not maintained." MITRE has indicated that historical CVE records will remain accessible via GitHub, but without continued funding, the operational side of the program -- including assignment of new CVEs -- will effectively go dark. That's not a minor inconvenience. It could upend how the global cybersecurity community identifies, communicates, and responds to new threats. [...] MITRE has said that discussions with the U.S. government are active and that it remains committed to the CVE mission. But with the expiration date looming, time is running short -- and the consequences of even a temporary gap are severe.

Read more of this story at Slashdot.

Limited Run Games is releasing physical editions of Doom and Doom II, including a $666 "Will it Run Edition" that features a literal game box capable of playing Doom. Engadget reports: It costs $666, which is a nod to the devilish source material, and is being kept to a limited run of 666 copies. It comes with the aforementioned screen-enabled game box that runs Doom, but that's just the beginning. The combo pack ships with the soundtrack on cassette, a certificate of authenticity and a trading card park with five cards. It comes with a couple of toys based on one of the franchise's most iconic enemies. There's a detailed three-inch Cacodemon that connects to a five-inch base, which looks pretty nifty. There's a smaller handheld Cacodemon that, you'll never guess, also runs Doom. This edition is available for Switch, PS5, Xbox Series X/S and PC. The PC version, however, ships with a download code and not physical copies of both games. Preorders start on April 18 and end on May 18, with a release sometime after that.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: Fears that smartphones, tablets and other devices could drive dementia in later life have been challenged by research that found lower rates of cognitive decline in older people who used the technology. An analysis of published studies that looked at technology use and mental skills in more than 400,000 older adults found that over-50s who routinely used digital devices had lower rates of cognitive decline than those who used them less. It is unclear whether the technology staves off mental decline, or whether people with better cognitive skills simply use them more, but the scientists say the findings question the claim that screen time drives what has been called "digital dementia". "For the first generation that was exposed to digital tools, their use is associated with better cognitive functioning," said Dr Jared Benge, a clinical neuropsychologist in UT Health Austin's Comprehensive Memory Center. "This is a more hopeful message than one might expect given concerns about brain rot, brain drain, and digital dementia." Benge and his colleague Dr Michael Scullin, a cognitive neuroscientist at Baylor University in Texas, analysed 57 published studies that examined the use of digital technology in 411,430 adults around the world. The average age was 69 years old and all had a cognitive test or diagnosis. The scientists found no evidence for the digital dementia hypothesis, which suggests that a lifetime of using digital technology drives mental decline. Rather, they found that using a computer, smartphone, the internet or some combination of these was associated with a lower risk of cognitive impairment. The details have been published in Nature Human Behaviour. "Using digital devices in the way that we use televisions -- passive and sedentary, both physically and mentally -- is not likely to be beneficial," said Scullin. "But, our computers and smartphones also can be mentally stimulating, afford social connections, and provide compensation for cognitive abilities that are declining with ageing. These latter types of uses have long been regarded as beneficial for cognitive ageing."

Read more of this story at Slashdot.

American Airlines announced today that it will add free in-flight Wi-Fi starting in 2026. However, Axios notes you'll need to be an AAdvantage member (American's loyalty program) to access it. From the report: American is partnering with AT&T to introduce free WiFi in January. It will be available on about 90% of the airlines' fleet, which will be planes equipped with Viasat and Intelsat high-speed satellite connectivity, per a press release. More than 500 of the airlines regional planes are expected to have high-speed WiFi capabilities by the end of the year.

Read more of this story at Slashdot.

Google is rolling out Veo 2 video generation in the Gemini app for Advanced subscribers, allowing users to create eight-second, 720p cinematic-style videos from text prompts. 9to5Google reports: Announced at the end of last year, Veo 2 touts "fluid character movement, lifelike scenes, and finer visual details across diverse subjects and styles," as well as "cinematic realism," thanks to an understanding of real-world physics and human motion. In Gemini, Veo 2 can create eight-second video clips at 720p resolution. Specifically, you'll get an MP4 download in a 16:9 landscape format. There's also the ability to share via a g.co/gemini/share/ link. To enter your prompt, select Veo 2 from the model dropdown on the web and mobile apps. Just describe the scene you want to create: "The more detailed your description, the more control you have over the final video." It takes 1-2 minutes for the clip to generate. [...] On the safety front, each frame features a SynthID digital watermark. Only available to Gemini Advanced subscribers ($19.99 per month), there is a "monthly limit" on how many videos you can generate, with Google notifying users when they're close. It is rolling out globally -- in all languages supported by Gemini -- starting today and will be fully available in the coming weeks.

Read more of this story at Slashdot.

4chan was reportedly hacked Monday night, with rival imageboard Soyjack Party claiming responsibility and sharing screenshots suggesting deep access to 4chan's databases and admin tools. Ars Technica reports: Security researcher Kevin Beaumont described the hack as "a pretty comprehensive own" that included "SQL databases, source, and shell access." 404Media reports that the site used an outdated version of PHP that could have been used to gain access, including the phpMyAdmin tool, a common attack vector that is frequently patched for security vulnerabilities. Ars staffers pointed to the presence of long-deprecated and removed functions like mysql_real_escape_string in the screenshots as possible signs of an old, unpatched PHP version. In other words, there's a possibility that the hackers have gained pretty deep access to all of 4chan's data, including site source code and user data.

Read more of this story at Slashdot.

An anonymous reader quotes a report from SecurityWeek: Insurance firm Lemonade is notifying roughly 190,000 individuals that their driver's license numbers were likely exposed due to a technical glitch. Copies of the notification letter that were submitted to regulators in several states show that the incident involved an online application that enables individuals to obtain car insurance quotes and purchase policies. According to the company, a vulnerability in the car insurance quote flow resulted in the exposure of certain driver's license numbers for identifiable individuals. The vulnerability has been addressed, Lemonade says. Between April 2023 and September 2024, the platform transmitted the information unencrypted, which the company says allowed driver's license numbers to be accessed without authorization. "We have no evidence to suggest that your driver's license number has been misused but we are providing this notice as a precaution to inform potentially affected individuals and share some steps you can take to help protect yourself," the company's notification letter reads. The insurer is providing the impacted individuals with 12 months of free credit monitoring and identity protection services.

Read more of this story at Slashdot.

A Canadian math prodigy is accused of stealing over $65 million through complex exploits on decentralized finance platforms and is currently a fugitive from U.S. authorities. Despite facing criminal charges for fraud and money laundering, he has evaded capture by moving internationally, embracing the controversial "Code is Law" philosophy, and maintaining that his actions were legal under the platforms' open-source rules. The Globe and Mail reports: Andean Medjedovic was 18 years old when he made a decision that would irrevocably alter the course of his life. In the fall of 2021, shortly after completing a master's degree at the University of Waterloo, the math prodigy and cryptocurrency trader from Hamilton had conducted a complex series of transactions designed to exploit a vulnerability in the code of a decentralized finance platform. The maneuver had allegedly allowed him to siphon approximately $16.5-million in digital tokens out of two liquidity pools operated by the platform, Indexed Finance, according to a U.S. court document. Indexed Finance's leaders traced the attack back to Mr. Medjedovic, and made him an offer: Return 90 per cent of the funds, keep the rest as a so-called "bug bounty" -- a reward for having identified an error in the code -- and all would be forgiven. Mr. Medjedovic would then be free to launch his career as a white hat, or ethical, hacker. Mr. Medjedovic didn't take the deal. His social media posts hinted, without overtly stating, that he believed that because he had operated within the confines of the code, he was entitled to the funds -- a controversial philosophy in the world of decentralized finance known as "Code is Law." But instead of testing that argument in court, Mr. Medjedovic went into hiding. By the time authorities arrived on a quiet residential street in Hamilton to search his parents' townhouse less than two months later, Mr. Medjedovic had moved out, taking his electronic devices with him. Then, roughly two years later, he struck again, netting an even larger sum -- approximately $48.4-million -- by conducting a similar exploit on another decentralized finance platform, U.S. authorities allege. Mr. Medjedovic, now 22, faces five criminal charges -- including wire fraud, attempted extortion and money laundering -- according to a U.S. federal court document that was unsealed earlier this year. If convicted, he could be facing decades in prison. First, authorities will have to find him.

Read more of this story at Slashdot.

Apple has officially designated all Intel-based Mac minis as "vintage" or "obsolete," marking the end of an era. This means Apple no longer guarantees parts or service for these devices, as they've surpassed the 5- to 7-year support window. 9to5Mac reports: Apple periodically adds devices to its ever-growing list of vintage and obsolete products. That happened today, as spotted by MacRumors, with two noteworthy "vintage" additions: iPhone 6s and Mac mini (2018). The latter product is especially significant, because the 2018 Mac mini was the last remaining Intel model that was not yet labeled either vintage or obsolete. So what are those timelines exactly? Per Apple's definitions: Vintage: "Apple stopped distributing them for sale more than 5 and less than 7 years ago." Obsolete: "Apple stopped distributing them for sale more than 7 years ago." [...] Since these products are now considered vintage, Apple no longer guarantees that parts for repairs will be readily available.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Figma has sent a cease-and-desist letter to popular no-code AI startup Lovable, Figma confirmed to TechCrunch. The letter tells Lovable to stop using the term "Dev Mode" for a new product feature. Figma, which also has a feature called Dev Mode, successfully trademarked that term last year, according to the U.S. Patent and Trademark office. What's wild is that "dev mode" is a common term used in many products that cater to software programmers. It's like an edit mode. Software products from giant companies like Apple's iOS, Google's Chrome, Microsoft's Xbox have features formally called "developer mode" that then get nicknamed "dev mode" in reference materials. Even "dev mode" itself is commonly used. For instance Atlassian used it in products that pre-date Figma's copyright by years. And it's a common feature name in countless open source software projects. Figma tells TechCrunch that its trademark refers only to the shortcut "Dev Mode" -- not the full term "developer mode." Still, it's a bit like trademarking the term "bug" to refer to "debugging." Since Figma wants to own the term, it has little choice but send cease-and-desist letters. (The letter, as many on X pointed out, was very polite, too.) If Figma doesn't defend the term, it could be absorbed as a generic term and the trademarked becomes unenforceable.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Car rental giant Hertz has begun notifying its customers of a data breach that included their personal information and driver's licenses. The rental company, which also owns the Dollar and Thrifty brands, said in notices on its website that the breach relates to a cyberattack on one of its vendors between October 2024 and December 2024. The stolen data varies by region, but largely includes Hertz customer names, dates of birth, contact information, driver's licenses, payment card information, and workers' compensation claims. Hertz said a smaller number of customers had their Social Security numbers taken in the breach, along with other government-issued identification numbers. Notices on Hertz's websites disclosed the breach to customers in Australia, Canada, the European Union, New Zealand, and the United Kingdom. Hertz also disclosed the breach with several U.S. states, including California and Maine. Hertz said at least 3,400 customers in Maine were affected but did not list the total number of affected individuals, which is likely to be significantly higher. Emily Spencer, a spokesperson for Hertz, would not provide TechCrunch with a specific number of individuals affected by the breach but said it would be "inaccurate to say millions" of customers are affected. The company attributed the breach to a vendor, software maker Cleo, which last year was at the center of a mass-hacking campaign by a prolific Russia-linked ransomware gang.

Read more of this story at Slashdot.

Longtime Slashdot reader AmiMoJo shares the news that China has halted all rare earth exports globally -- including to the U.S., Japan, and Germany. Fortune reports: After Trump unveiled his "Liberation Day" tariffs on April 2, China retaliated on April 4 with its own duties as well as export controls on several rare earth minerals and magnets made from them. So far, those export controls have translated to a halt across the board, cutting off the U.S. and other countries, according to the New York Times. That's because any exports of the minerals and magnets now require special licenses, but Beijing has yet to fully establish a system for issuing them, the report said. In the meantime, shipments of rare earths have been halted at many ports, with customs officials blocking exports to any country, including to the U.S. as well as Japan and Germany, sources told theÂTimes. China's Ministry of Commerce issued export restrictions alongside the General Administration of Customs, prohibiting Chinese businesses from any engagement with U.S. firms, especially defense contractors. While the Trump administration unveiled tariff exemptions on a range of key tech imports late Friday night, China's magnet exports were still halted through the weekend, industry sources told the Times. Beijing's export halt is notable because China has a stranglehold on global supplies of rare earths and magnets derived from them. They also represent an asymmetric advantage in that rare earths constitute a small share of China's exports but have an outsize impact on trade partners like the U.S., which relies on them as critical inputs for the auto, chip, aerospace, and defense industries.

Read more of this story at Slashdot.

A new study projects that CT scans conducted in 2023 may result in around 103,000 future cancer cases in the U.S. due to low-dose ionizing radiation. "[I]t would put CT scans on par with other significant risk factors for cancer, like alcohol consumption, at least at a population level," reports ScienceAlert. From the report: At an individual level, the theoretical chance of developing cancer from a CT scan is thought to be very minimal, if it exists at all, and patients should not be scared of undergoing these tests if they are deemed medically necessary. However, the number of CT examinations performed each year in the US has increased by more than 30 percent since 2007, and researchers suggest that unwarranted tests are exposing the population to unnecessary radiation. [...] The anonymous data comes from 143 hospitals and outpatient facilities across the US, catalogued in the UCSF International CT Dose Registry. Using statistics from 2016 to 2022, researchers predicted 93 million CT examinations were carried out in 2023, on roughly 62 million patients. Based on the associated radiation risks, the team estimates that CT scans in 2023 may be tied to 103,000 future cancers. The findings have been published in JAMA Internal Medicine.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Forbes: Robotaxi development is speeding at a fast pace in China, but we don't hear much about it in the USA, where the news focuses mostly on Waymo, with a bit about Zoox, Motional, May, trucking projects and other domestic players. China has 4 main players with robotaxi service, dominated by Baidu (the Chinese Google.) A recent session at last week's Ride AI conference in Los Angeles revealed some details about the different regulatory regime in China, and featured a report from a Chinese-American YouTuber who has taken on a mission to ride in the different vehicles. Zion Maffeo, deputy general counsel for Pony.AI, provided some details on regulations in China. While Pony began with U.S. operations, its public operations are entirely in China, and it does only testing in the USA. Famously it was one of the few companies to get a California "no safety driver" test permit, but then lost it after a crash, and later regained it. Chinese authorities at many levels keep a close watch over Chinese robotaxi companies. They must get approval for all levels of operation which control where they can test and operate, and how much supervision is needed. Operation begins with testing with a safety driver behind the wheel (as almost everywhere in the world,) with eventual graduation to having the safety driver in the passenger seat but with an emergency stop. Then they move to having a supervisor in the back seat before they can test with nobody in the vehicle, usually limited to an area with simpler streets. The big jump can then come to allow testing with nobody in the vehicle, but with full time monitoring by a remote employee who can stop the vehicle. From there they can graduate to taking passengers, and then expanding the service to more complex areas. Later they can go further, and not have full time remote monitoring, though there do need to be remote employees able to monitor and assist part time. Pony has a permit allowing it to have 3 vehicles per remote operator, and has one for 15 vehicles in process, but they declined comment on just how many vehicles they actually have per operator. Baidu also did not respond to queries on this. [...] In addition, Chinese jurisdictions require that the system in a car independently log any "interventions" by safety drivers in a sort of "black box" system. These reports are regularly given to regulators, though they are not made public. In California, companies must file an annual disengagement report, but they have considerable leeway on what they consider a disengagement so the numbers can't be readily compared. Chinese companies have no discretion on what is reported, and they may notify authorities of a specific objection if they wish to declare that an intervention logged in their black box should not be counted. On her first trip, YouTuber Sophia Tung found Baidu's 5th generation robotaxi to offer a poor experience in ride quality, wait time, and overall service. However, during a return trip she tried Baidu's 6th generation vehicle in Wuhan and rated it as the best among Chinese robotaxis, approaching the quality of Waymo.

Read more of this story at Slashdot.

Samsung has paused the global rollout of its One UI 7 update after a serious bug was reported that prevented some Galaxy S24 owners from unlocking their phones. The Verge reports: While the complaints seem to have specifically come from South Korean owners of Galaxy S24 series handsets, Samsung has played it safe and paused the rollout across all models worldwide. While some users will have already downloaded the update to One UI 7, using the app CheckFirm we've confirmed that the update is no longer listed on Samsung's servers as the latest firmware version across several Galaxy devices, with older patches appearing instead. Samsung hasn't confirmed the pause in the rollout, nor plans to issue a fix for users who have already downloaded the One UI 7 update. We've reached out to the company for comment.

Read more of this story at Slashdot.

A new investigation reveals that children as young as five can easily access inappropriate content and interact unsupervised with adults on Roblox, despite the platform's child-friendly image and recent safety updates. The Guardian reports: Describing itself as "the ultimate virtual universe," Roblox features millions of games and interactive environments, known collectively as "experiences." Some of the content is developed by Roblox, but much of it is user-generated. In 2024, the platform had more than 85 million daily active users, an estimated 40% of whom are under 13. While the company said it "deeply sympathized" with parents whose children came to harm on the platform, it said "tens of millions of people have a positive, enriching and safe experience on Roblox every day." However, in an investigation shared with the Guardian, the digital-behavior experts Revealing Reality discovered "something deeply disturbing ... a troubling disconnect between Roblox's child-friendly appearance and the reality of what children experience on the platform." [...] Despite new tools launched last week aimed at giving parents more control over their children's accounts, the researchers concluded: "Safety controls that exist are limited in their effectiveness and there are still significant risks for children on the platform."

Read more of this story at Slashdot.

Intel will sell a 51% stake in its Altera programmable chip unit to private equity firm Silver Lake for $4.46 billion, aiming to cut costs, raise cash, and streamline the company's focus as it shifts toward becoming a contract chip manufacturer. CNBC reports: The deal, announced on Monday, values Altera at $8.75 billion, a sharp decline from the $17 billion Intel paid in 2015. [...] Since last year, Intel has taken steps to spin Altera out as a separate unit and said it planned to sell a portion of its stake. "Today's announcement reflects our commitment to sharpening our focus, lowering our expense structure and strengthening our balance sheet," [CEO Lip-Bu Tan], who took the helm after former top boss Pat Gelsinger's ouster, said. Altera makes programmable chips that can be used for various purposes from telecom equipment to military. Reuters had first reported in November that Silver Lake was among potential suitors competing for a minority stake in Altera. The deal is expected to close in the second half of 2025, after which Intel expects to deconsolidate Altera's financial results from Intel's financial statements, the company said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: British laws restricting what the police can say about criminal cases are "not fit for the social media age (source paywalled; alternative source)," a government committee said in a report released Monday in Britain that highlighted how unchecked misinformation stoked riots last summer. Violent disorder, fueled by the far right, affected several towns and cities for days after a teenager killed three girls on July 29 at a Taylor Swift-themed dance class in Southport, England. In the hours after the stabbings, false claims that the attacker was an undocumented Muslim immigrant spread rapidly online. In a report looking into the riots, a parliamentary committee said a lack of information from the authorities after the attack "created a vacuum where misinformation was able to grow." The report blamed decades-old British laws, aimed at preventing jury bias, that stopped the police from correcting false claims. By the time the police announced the suspect was British-born, those false claims had reached millions. The Home Affairs Committee, which brings together lawmakers from across the political spectrum, published its report after questioning police chiefs, government officials and emergency workers over four months of hearings. Axel Rudakubana, who was sentenced to life in prison for the attack, was born and raised in Britain by a Christian family from Rwanda. A judge later found there was no evidence he was driven by a single political or religious ideology, but was obsessed with violence. [...] The committee's report acknowledged that it was impossible to determine "whether the disorder could have been prevented had more information been published." But it concluded that the lack of information after the stabbing "created a vacuum where misinformation was able to grow, further undermining public confidence," and that the law on contempt was not "fit for the social media age."

Read more of this story at Slashdot.

Several crosswalk buttons in Palo Alto and nearby cities were hacked over the weekend to play deepfake-style satirical audio clips mimicking Elon Musk and Mark Zuckerberg. Authorities have disabled the altered systems, but the identity of the prankster remains unknown. SFGATE reports: Videos of the altered crosswalks began circulating on social media throughout Saturday and Sunday. [...] A city employee was the first to report an issue with one of the signals at University Avenue and High Street in downtown Palo Alto, Horrigan-Taylor told SFGATE via email. Officials later discovered that as many as 12 intersections in downtown Palo Alto had been affected. "The impact is isolated," Horrigan-Taylor said. "Signal operations are otherwise unaffected, and motorists are reminded to always exercise caution around pedestrians." Officials told the outlet they've removed any devices that were tampered with and the compromised voice-over systems have since been disabled, with footage obtained by SFGATE showing several were covered in caution tape, blinking constantly and unpressable.

Read more of this story at Slashdot.