Davis Lu, a former Eaton Corporation developer, has been sentenced to four years in prison for sabotaging his ex-employer's Windows network with malware and a custom kill switch that locked out thousands of employees once his account was disabled. The attack caused significant operational disruption and financial losses, with Lu also attempting to cover his tracks by deleting data and researching privilege escalation techniques. BleepingComputer reports: After a corporate restructuring and subsequent demotion in 2018, the DOJ says that Lu retaliated by embedding malicious code throughout the company's Windows production environment. The malicious code included an infinite Java thread loop designed to overwhelm servers and crash production systems. Lu also created a kill switch named "IsDLEnabledinAD" ("Is Davis Lu enabled in Active Directory") that would automatically lock all users out of their accounts if his account was disabled in Active Directory. When his employment was terminated on September 9, 2019, and his account disabled, the kill switch activated, causing thousands of users to be locked out of their systems.

"The defendant breached his employer's trust by using his access and technical knowledge to sabotage company networks, wreaking havoc and causing hundreds of thousands of dollars in losses for a U.S. company," said Acting Assistant Attorney General Matthew R. Galeotti. When he was instructed to return his laptop, Lu reportedly deleted encrypted data from his device. Investigators later discovered search queries on the device researching how to elevate privileges, hide processes, and quickly delete files. Lu was found guilty earlier this year of intentionally causing damage to protected computers. After his four-year sentence, Lu will also serve three years of supervised release following his prison term.

A federal appeals court rejected T-Mobile's attempt to overturn $92 million in fines for selling customer location information to third-party firms. From a report: The Federal Communications Commission last year fined T-Mobile, AT&T, and Verizon, saying the carriers illegally shared access to customers' location information without consent and did not take reasonable measures to protect that sensitive data against unauthorized disclosure. The fines relate to sharing of real-time location data that was revealed in 2018, but it took years for the FCC to finalize the penalties.

The three carriers appealed the rulings in three different courts, and the first major decision was handed down Friday. A three-judge panel at the US Court of Appeals for the District of Columbia Circuit ruled unanimously against T-Mobile and its subsidiary Sprint. "Every cell phone is a tracking device," the ruling begins. "To receive service, a cell phone must periodically connect with the nearest tower in a wireless carrier's network. Each time it does, it sends the carrier a record of the phone's location and, by extension, the location of the customer who owns it. Over time, this information becomes an exhaustive history of a customer's whereabouts and 'provides an intimate window into [that] person's life.'"

An anonymous reader quotes a report from Reuters: Serbian scientists have been experimenting with mealworms as a way to break down polystyrene. Larisa Ilijin, a principal research fellow at Belgrade's Institute for Biology, said the scientists had discovered that mealworms can digest various plastics, including polystyrene, which is used in packaging, insulation and food containers. In the project endorsed by the government and the United Nations' agency for international development, UNDP, and other international donors, they have been including the polystyrene in the regular food of the larval form of the yellow mealworm beetle, or Tenebrio molitor.

They habitually eat more or less anything, but need the training to eat the plastic products. "We have larvae that have been adapted over a long time to biodegrade plastic, to be as efficient as possible in the process," Ilijin told Reuters. She said the bacteria living in their guts break down the plastic into carbon dioxide and water, and showed no evidence of leaving microplastic residue in their innards or faeces. The work builds on similar research projects in the U.S. and Africa. [...]

The institute has given Belgrade-based Belinda Animals several containers of the mealworms. It is now breeding them and hoping to attract a network of similar farms. "When breaking down 1 kg of Styrofoam, larvae emit one to two grams of carbon dioxide ... If we incinerate it ... (Styrofoam) emits over 4,000 times more," owner Boris Vasiljev said. He also envisages the larvae being used as animal feed, should it reach a large commercial scale. The use of mealworms is still in its infancy, Ilijin said, as Serbia still needs to adopt regulations that would allow the use and sale of insect products for animal fodder. "Styrofoam takes over 500 years to decompose in nature ... this would be one of the good ways for solving the problem of plastic waste in nature," Ilijin said.

A 22-year-old Oregon man has been charged with operating one of the most powerful botnets ever recorded. The network, known as Rapper Bot, launched over 370,000 DDoS attacks worldwide, including against X, DeepSeek, U.S. tech firms, and even Defense Department systems. It was allegedly operated by Ethan Foltz of Eugene, Oregon. The Wall Street Journal reports: Foltz faces a maximum of 10 years in prison on a charge of abetting computer intrusions, the Justice Department said in a news release. Rapper Bot was made up of tens of thousands of hacked devices and was capable of flooding victims' websites with enough junk internet traffic to knock them offline, an attack known as a distributed denial of service, or DDoS.

In February, the networking company Nokia measured a Rapper Bot attack against a gaming platform at 6.5 trillion bits per second, well above the several hundred million bits a second of the average high-speed internet connection. "This would place Rapper Bot among the most powerful DDoS botnets to have ever existed," said a criminal complaint that the prosecutors filed Tuesday in a federal court in Alaska. Investigators said Rapper Bot's attacks were so powerful that they were able to overwhelm all but the most robust networks.

Foltz allegedly rented out Rapper Bot to paying customers, including gambling website operators who would use the network in extortion attempts, according to the complaint. The botnet was used to launch more than 370,000 attacks in 80 countries, including China, Japan and the U.S., prosecutors said. It launched its attacks from hacked routers, digital video recorders and cameras, not from computers. [...] "At its height, it mobilized tens of thousands of devices, many with no prior role in DDoS," said Jerome Meyer, a researcher with Nokia's Deepfield network-analysis division. "Taking it down removes a major source of the largest attacks we see."

Puerto Rico expects 93 different power outages this summer, reports the Washington Post.

But they also note that "roughly 1 in 10 Puerto Rican homes now have a battery and solar array for backup power" which have also "become a crucial source of backup power for the entire island grid." A network of 69,000 home batteries can generate as much electricity as a small natural gas turbine during an emergency, temporarily covering about 2 percent of the island's energy needs when things go wrong... "It has very, very certainly prevented more widespread outages," said Daniel Haughton, [transmission and distribution planning director for Puerto Rico's grid operator]. "In the instances that we had to [cut power], it was for a much shorter duration: A four-hour outage became a one- or two-hour outage."

Puerto Rico's experience offers a glimpse into the future for the rest of the United States, where batteries are starting to play a big role in keeping the lights on. Authorities in Texas, California and New England have credited home batteries with preventing blackouts during summer energy crunches. As power grids across the country groan under the increasing strain of new data centers, factories and EVs, batteries offer a way for homeowners to protect themselves — and all of their neighbors — from the threat of outages. Batteries have been booming in the U.S. since 2022, when Congress created generous installation tax credits for homeowners and power companies.

Home batteries generally come as an option alongside rooftop solar panels, according to Christopher Rauscher, head of grid services and electrification for Sunrun, a company that installs both. More than 70 percent of the people who hire Sunrun to put up solar panels also get a battery. With the tax credits — and the money saved on rising electricity costs — solar panels and batteries make financial sense for most American homes, according to a study Stanford University scientists published Aug. 1. About 60 percent of homes would save money in the long run with solar panels and batteries...

Those batteries can have broader benefits, too. Utilities pay customers hundreds of dollars a year to sign their batteries up to form "virtual power plants," which send electricity to the grid whenever power plants can't keep up with demand. California's network of home batteries can now add 535 megawatts of electricity in an emergency — about half as much energy as a nuclear power plant... [H]omeowners can make thousands of dollars a year lowering their energy bills, selling solar power back to the grid or enrolling their batteries in a virtual power plant, depending on their power company's policies and state regulations. "Over time, you would get the full payback for your system and basically get your backup for free," said Ram Rajagopal, an associate professor of civil and environmental engineering who co-authored the Stanford study.

An anonymous reader writes: Kaisen Linux, a Debian-based distro packed with tools for sysadmins, system rescue, and network diagnostics, is shutting down. This comes not long after Intel's Clear Linux also reached the end of the road.

Kaisen offered multiple desktop environments like KDE Plasma, LXQt, MATE, and Xfce, plus a "toram" mode that could load the whole OS into RAM so you could free up your USB port. The final release, Rolling 3.0, updates the base to Debian 13, defaults to KDE Plasma 6, replaces LightDM with SDDM, drops some packages like neofetch and hping3, and adds things like faster BTRFS snapshot restores, full ZFS support, and safer partitioning behavior.

Unlike Clear Linux, Kaisen will still get security updates for the next two years, giving current users time to migrate without rushing.

An anonymous reader shares a report: Manufacturer to the stars Foxconn is building so many AI servers that they're now bringing in more cash than consumer electronics -- even counting the colossal quantity of iPhones it creates for Apple.

The Taiwanese company revealed the shift in its Thursday announcement of Q2 results, which saw revenue grow 16% to NT$1.79 trillion ($59.73 billion) and operating profit rise 27% to NT$56.6 billion ($1.9 billion). CEO Kathy Yang told investors the company's Cloud and Networking Products division delivered 41% of total revenue, up nine percent compared to Q2 2024, and surpassing the company's Smart Consumer Electronics unit for the first time. The latter business includes Foxconn's work for Apple.

Rising subscription costs, shrinking content libraries, and regional restrictions are pushing viewers back toward piracy. Once seen as nearly dead, piracy has resurged through illicit streaming platforms as the fractured, ad-laden streaming market struggles to deliver convenience and value. The Guardian reports: According to London-based piracy monitoring and content-protection firm MUSO, unlicensed streaming is the predominant source of TV and film piracy, accounting for 96% in 2023 (PDF). Piracy reached a low in 2020, with 130bn website visits. But by 2024 that number had risen to 216bn (PDF). In Sweden, 25% of people surveyed (PDF) reported pirating in 2024, a trend mostly driven by those aged 15 to 24. Piracy is back, just sailing under a different flag.

"Piracy is not a pricing issue," Gabe Newell, the co-founder of Valve, the company behind the world's largest PC gaming platform, Steam, observed in 2011. "It's a service issue." Today, the crisis in streaming makes this clearer than ever. With titles scattered, prices on the rise, and bitrates throttled depending on your browser, it is little wonder some viewers are raising the jolly roger again. Studios carve out fiefdoms, build walls and levy tolls for those who wish to visit. The result is artificial scarcity in a digital world that promised abundance.

Whether piracy today is rebellion or resignation is almost irrelevant; the sails are hoisted either way. As the streaming landscape fractures into feudal territories, more viewers are turning to the high seas. The Medici understood the value linked to access. [The 2016 historical drama series tells of the rise of the powerful Florentine banking dynasty, and with it, the story of the Renaissance.] A client could travel from Rome to London and still draw on their credit, thanks to a network built on trust and interoperability. If today's studios want to survive the storm, they may need to rediscover that truth.

New York Attorney General Letitia James has sued Zelle's parent company, Early Warning Services, alleging it knowingly enabled over $1 billion in fraud from 2017 to 2023 by failing to implement basic safeguards. CNBC reports: "EWS knew from the beginning that key features of the Zelle network made it uniquely susceptible to fraud, and yet it failed to adopt basic safeguards to address these glaring flaws or enforce any meaningful anti-fraud rules on its partner banks," James' office said in the release. The lawsuit alleges that Zelle became a "hub for fraudulent activity" because the registration process lacked verification steps and that EWS and its partner banks knew "for years" that fraud was spreading and did not take actionable steps to resolve it, according to the press release.

James is seeking restitution and damages, in addition to a court order mandating that Zelle puts anti-fraud measures in place. "No one should be left to fend for themselves after falling victim to a scam," James said in the release. "I look forward to getting justice for the New Yorkers who suffered because of Zelle's security failures." A Zelle spokesperson called the lawsuit a "political stunt to generate press" and a "copycat" of the CFPB lawsuit, which was dropped in March.

"Despite the Attorney General's assertions, they did not conduct an investigation of Zelle," the spokesperson said. "Had they conducted an investigation, they would have learned that more than 99.95 percent of all Zelle transactions are completed without any report of scam or fraud -- which leads the industry."

Meta's Threads has surpassed 400 million monthly active users, adding 50 million in the last quarter and closing the gap with rival X in mobile daily usage. "As of a few weeks ago [there are] more than 400 million people active on Threads every month," said Instagram head Adam Mosseri. "It's been quite the ride over the last two years. This started as a zany idea to compete with Twitter, and has evolved into a meaningful platform that fosters the open exchange of perspectives. I'm grateful to all of you for making this place what it is today. There's so much work to do from our side, more to come." TechCrunch reports: X, meanwhile, has north of 600 million monthly active users, according to previous statements made by its former CEO, Linda Yaccarino. Recent data from market intelligence provider Similarweb showed that Threads is nearing X's daily app users on mobile devices. In June 2025, Threads' mobile app for iOS and Android saw 115.1 million daily active users, marking a 127.8% increase compared to the previous year. On the other hand, X reached 132 million daily active users, reflecting a 15.2% year-over-year decline.

However, Similarweb found that X's worldwide daily web visits are well ahead of Threads, as the [...] social network saw 145.8 million average daily web visits worldwide in June, while Threads had just 6.9 million.

China has begun construction of a $167 billion hydropower facility on Tibet's Yarlung Tsangpo River that would generate triple the output of the Three Gorges Dam. The project employs a run-of-the-river design, drilling deep tunnels through mountains to bypass the Yarlung Tsangpo Grand Canyon, where the river drops nearly two vertical miles over 300 miles. Water diverted through the tunnels will drive turbines at both ends without creating a large reservoir. The river currently produces just 2% of its hydropower potential. A $7 billion transmission network will deliver electricity to Guangdong province, Hong Kong, and Macau. China imported nearly a quarter of its energy supply in 2023.

"What happens when cybercriminals stop thinking small and start thinking like a Fortune 500 company?" asks a blog post from Koi Security. "You get GreedyBear, the attack group that just redefined industrial-scale crypto theft."

"150 weaponized Firefox extensions [impersonating popular cryptocurrency wallets like MetaMask and TronLink]. Nearly 500 malicious executables. Dozens of phishing websites. One coordinated attack infrastructure. According to user reports, over $1 million stolen." They upload 5-7 innocuous-looking extensions like link sanitizers, YouTube downloaders, and other common utilities with no actual functionality... They post dozens of fake positive reviews for these generic extensions to build credibility. After establishing trust, they "hollow out" the extensions — changing names, icons, and injecting malicious code while keeping the positive review history. This approach allows GreedyBear to bypass marketplace security by appearing legitimate during the initial review process, then weaponizing established extensions that already have user trust and positive ratings. The weaponized extensions captures wallet credentials directly from user input fields within the extension's own popup interface, and exfiltrate them to a remote server controlled by the group...

Alongside malware and extensions, the threat group has also launched a network of scam websites posing as crypto-related products and services. These aren't typical phishing pages mimicking login portals — instead, they appear as slick, fake product landing pages advertising digital wallets, hardware devices, or wallet repair services... While these sites vary in design, their purpose appears to be the same: to deceive users into entering personal information, wallet credentials, or payment details — possibly resulting in credential theft, credit card fraud, or both. Some of these domains are active and fully functional, while others may be staged for future activation or targeted scams...

A striking aspect of the campaign is its infrastructure consolidation: Almost all domains — across extensions, EXE payloads, and phishing sites — resolve to a single IP address: 185.208.156.66 — this server acts as a central hub for command-and-control, credential collection, ransomware coordination, and scam websites, allowing the attackers to streamline operations across multiple channels... Our analysis of the campaign's code shows clear signs of AI-generated artifacts. This makes it faster and easier than ever for attackers to scale operations, diversify payloads, and evade detection.

This isn't a passing trend — it's the new normal.
The researchers believe the group "is likely testing or preparing parallel operations in other marketplaces."

AOL (now a Yahoo subsidiary) just announced its dial-up internet service will be discontinued at the end of September.

"The change also means the retirement of the AOL Dialer software and the AOL Shield browser, both designed for older operating systems and slow connections that relied on the familiar screech of a modem handshake," remembers Slashdot reader BrianFagioli (noting that dial-up Internet "was once the gateway to the web for millions of households, back when speeds were measured in kilobits and waiting for a picture to load could feel like an eternity.")

AOL's dial-up service "has been publicly available for 34 years," writes Tom's Hardware. But AppleInsider notes the move comes more than 40 years after AOL started "as a very early Apple service." AOL itself started back in 1983 under the name Control Video Corporation, offering online services for the Atari 2600 console. After failing, it became Quantum Computer Services in 1985, eventually launching AppleLink in 1988 to connect Macintosh computers together... With the launch of PC Link for IBM-compatible PCs in 1988 and parting from Apple in October 1989, the company rebranded itself as America Online, or AOL... Even at its height, dial-up connections could get up to 56 kilobits per second under ideal conditions, while modern connections are measured in megabits and gigabits. Most of the service was also what's considered a "walled garden," with features that were only available through AOL itself and that it wasn't the actual, untamed Internet.
In the 1990s AOL "was how millions of people were introduced to the Internet," the article remembers, adding that "Even after the AOL Time Warner acquisition and the 2015 acquisition by Verizon, AOL was still a popular service. Astoundingly, it counted about two million dial-up subscribers at the time." In the 2021 acquisition of assets from Verizon by Apollo Global Management, AOL was said to have 1.5 million people paying for services. However, this was more for technical support and software, rather than for actual Internet access. A CNBC report at the time reports that the dial-up user count was "in the low thousands".... While it dies off, not with a bang but a whimper, AOL's dial-up is still remembered as one of the most transformative services in the Internet age.
"This change does not impact the numerous other valued products and services that these subscribers are able to access and enjoy as part of their plans," a Yahoo spokesperson told PC Magazine this week. "There is also no impact to our users' free AOL email accounts." AOL's disastrous 2001 merger with Time Warner and ongoing inability to deliver broadband to its customers... left it on a path to decline that acquiring such widely read sites as Engadget [2005] and TechCrunch [2010] did not stem. By 2014, the number of dial-up AOL customers had collapsed to 2.34 million. A year later, Verizon bought the company for $4.4 billion in an internet-content play that turned out to be as doomed as the Time Warner transaction. In 2021, Verizon unloaded both AOL and Yahoo, which it had separately purchased in 2017, to the private-equity firm Apollo Global Management....

The demise of AOL's dial-up service does not mean the extinction of the oldest form of consumer online access. Estimates from the Census Bureau's 2023 American Community Survey show 163,401 Americans connected to the internet via dial-up that year.

That was by far the smallest segment of the internet-using population, dwarfed by 100,166,949 subscribing to such forms of broadband as "cable, fiber optic, or DSL"; 8,628,648 using satellite; 3,318,901 using "Internet access without a subscription" (which suggests Wi-Fi from coffee shops or public libraries); and 1,445,135 via "other service."

The remaining AOL dial-up subscribers will need to find some sort of replacement, which in rural areas may be limited to fixed wireless or SpaceX's considerably more expensive Starlink. Or they may wind up joining the ranks of Americans with no internet access: 6,866,059, in those 2023 estimates.

"California's biggest electric utilities pulled off a record-breaking test..." reports Semafor, "during the 7pm-9pm window that is typically its time of peak demand as people come home from work." Pacific Gas & Electric and other top California power companies switched on residential batteries in more than 100,000 homes and drew power from them into the broader statewide grid. The purpose of the test — the largest ever in the state, which has by far the most home battery capacity in the U.S. — was to see just how much power is really there for the utility to tap, and to ensure it could be switched on, effectively running the grid in reverse, without causing a crash.

The result, which the research firm Brattle published this week, was 535 megawatts, equal to adding a big hydro dam or a half-sized nuclear reactor at a fraction of the cost. "Four years ago this capacity didn't even exist," Kendrick Li, PG&E's director of clean energy programs, told Semafor. "Now it's a really attractive option for us. It would be silly not to harness what our customers have installed...." Last week's test proved that in times of peak demand, PG&E can lean on its customers' batteries rather than turn on a gas-fired peaker plant or risk a blackout, Li said.

Virtual power plants (VPPs) also facilitate the addition of more solar energy on the grid: At the moment, California has so much solar generation at peak hours that it can push the wholesale power price close to or even below zero, a headache for grid managers and a disincentive for renewable project developers. The careful manipulation of networked residential batteries smooths out the timing disparity between peak sunshine at midday and peak demand in the evening, allowing the excess to be soaked up and redeployed when it's actually needed, and making power cheaper for everyone. The expanded use of VPPs shouldn't be noticeable to battery owners, Li said, except for the money back on their power bill; nothing about the process prevents them from running their AC or dishwasher while their battery is being tapped. The network can also run in reverse, with the utility taking excess power from the grid at times of low demand and sending it into home batteries for storage.

California could easily reach over a gigawatt of VPP capacity within five years, Li said. Nationwide, a Department of Energy study during the Biden administration forecast that VPP capacity could reach up to 160 gigawatts by 2030, essentially negating the need for dozens of new fossil fuel power plants, with no emissions and at a far lower cost. In 2024, utilities in 34 states moved to initiate or expand VPP networks, according to the advocacy group VP3.
Even with a reduction in federal credits, virtual power plants "offer a way for residential solar-plus-storage systems to remain economically attractive for homeowners — who get paid for the withdrawn power," the article points out — and "a way to make better use of clean energy resources that have already been built."

Sunrun's distributed battery fleet "delivered more than two-thirds of the energy," notes Electrek, "In total, the event pumped an average of 535 megawatts (MW) onto the grid — enough to power over half of San Francisco... This isn't a one-off. Sunrun's fleet already helped drop peak demand earlier this summer, delivering 325 MW during a similar event on June 24.

"The company compensates customers up to $150 per battery per season for participating."

Computer scientists at Tsinghua University and Stanford have developed an algorithm that surpasses a fundamental speed limit that has constrained network pathfinding calculations since 1984. The team's approach to the shortest-path problem -- finding optimal routes from one point to all others in a network -- runs faster than Dijkstra's 1956 algorithm and its improvements by avoiding the sorting process that created the decades-old computational barrier.

Led by Ran Duan at Tsinghua, the researchers combined clustering techniques with selective application of the Bellman-Ford algorithm to identify influential nodes without sorting all paths by distance. The algorithm divides graphs into layers and uses Bellman-Ford to locate key intersection points before calculating paths to other nodes. The technique works on both directed and undirected graphs with arbitrary weights, solving a problem that stymied researchers after partial breakthroughs in the late 1990s and early 2000s applied only to specific weight conditions.

AI startup Perplexity is deploying undeclared web crawlers that masquerade as regular Chrome browsers to access content from websites that have explicitly blocked its official bots, according to a Cloudflare report published Monday. When Perplexity's declared crawlers encounter robots.txt restrictions or network blocks, the company switches to a generic Mozilla user agent that impersonates "Chrome/124.0.0.0 Safari/537.36" running on macOS, the web infrastructure firm reported.

Cloudflare engineers tested the behavior by creating new domains with robots.txt files prohibiting all automated access. Despite the restrictions, Perplexity provided detailed information about the protected content when queried, while the stealth crawler generated 3-6 million daily requests across tens of thousands of domains. The undeclared crawler rotated through multiple IP addresses and network providers to evade detection.

"Digital storefront Itch.io is reindexing its free adult games," reports Engadget, "and is talking to its partnered payment processors about plans to gradually reintroduce paid NSFW content..." In a statement included in the Itch.io update, Stripe said it hasn't closed the door on the possibility of being able to support adult content again in the future. In the meantime, Itch.io says it is talking to its other payment partners about accepting the card payments Stripe is currently no longer able to process.
Itch's founder told the gaming news site Aftermath that it was a notice from Visa that led to the sudden deindexing of so many games. But Aftermath notes that Visa and Mastercard have now "both released statements effectively washing their hands of the situation but also, paradoxically, justifying any actions they might have taken."

- Visa: "When a legally operating merchant faces an elevated risk of illegal activity, we require enhanced safeguards for the banks supporting those merchants..."

- Mastercard: "Our payment network follows standards based on the rule of law. Put simply, we allow all lawful purchases on our network. At the same time, we require merchants to have appropriate controls to ensure Mastercard cards cannot be used for unlawful purchases, including illegal adult content."

Aftermath's take? The part where the two companies act as though their hands have been tied by the long arm of the law is, frankly, bullshit. None of the games removed from Steam or Itch were illegal. They depict actions that are perfectly legal in other mediums. To re-quote Mike Stabile, director of policy at the Free Speech Coalition: "The stuff [companies] are talking about is entirely legal. It's legal to have in a book, it's legal to have in a game. They are making decisions based on their brand, based on public pressure from anti-porn groups, and that can be reversed."
Meanwhile, gamers are still pushing back: It's difficult to say just how many people have spent the past several days tying up the lines of card companies and payment processors, but the movement has made itself visible enough to gain support from larger industry bodies like the Communications Workers of America [the largest communications/media labor union in America] and the International Game Developers Association.

Aurora Innovation has expanded its autonomous trucking operations with nighttime driverless runs between Dallas and Houston and a new Phoenix terminal. "Efficiency, uptime, and reliability are important for our customers, and Aurora is showing we can deliver," said Chris Urmson, co-founder and CEO of Aurora, in a press release. "Just three months after launch, we're running driverless operations day and night and we've expanded our terminal network to Phoenix. Our rapid progress is beginning to unlock the full value of self-driving trucks for our customers, which has the potential to transform the trillion-dollar trucking industry." FreightWaves reports: The expansion allows for continuous utilization, shortening delivery times and serving as part of its path to autonomous trucking profitability. Aurora notes that the unlocking of nighttime autonomous operations can also improve road safety. It cited a 2021 Federal Motor Carrier Safety Administration report on large truck and bus crashes that noted a disproportionate 37% of fatal crashes involving large trucks occurred at night. This comes despite trucks traveling fewer miles during those hours.

Aurora's SAE L4 autonomous driving system, called the Aurora Driver, can detect objects in the dark more than 450 meters away via its proprietary, long-range FirstLight Lidar. The lidar can identify pedestrians, vehicles, and debris up to 11 seconds sooner than a traditional driver, according to the company. In addition to the fleet and operations expansion, the new terminal in Phoenix, which opened in June, is part of an infrastructure-light approach. Aurora notes this design will closely resemble how the company plans to integrate with future customer endpoints, optimized for speed to market.

This expansion of the more than 15-hour Fort Worth to Phoenix route opens up opportunities to showcase the autonomous truck's ability to cut transit time in half compared to a single driver, who is limited to the 11-hour hours-of-service limitation. Aurora is piloting the autonomous trucking Phoenix lane with two customers, Hirschbach and Werner.

Hackers from the group UNC2891 attempted a high-tech bank heist by physically planting a 4G-enabled Raspberry Pi inside a bank's ATM network, using advanced malware hidden with a never-before-seen Linux bind mount technique to evade detection. "The trick allowed the malware to operate similarly to a rootkit, which uses advanced techniques to hide itself from the operating system it runs on," reports Ars Technica. Although the plot was uncovered before the hackers could hijack the ATM switching server, the tactic showcased a new level of sophistication in cyber-physical attacks on financial institutions. The security firm Group-IB, which detailed the attack in a report on Wednesday, didn't say where the compromised switching equipment was located or how attackers managed to plant the Raspberry Pi. Ars Technica reports: To maintain persistence, UNC2891 also compromised a mail server because it had constant Internet connectivity. The Raspberry Pi and the mail server backdoor would then communicate by using the bank's monitoring server as an intermediary. The monitoring server was chosen because it had access to almost every server within the data center. As Group-IB was initially investigating the bank's network, researchers noticed some unusual behaviors on the monitoring server, including an outbound beaconing signal every 10 minutes and repeated connection attempts to an unknown device. The researchers then used a forensic tool to analyze the communications. The tool identified the endpoints as a Raspberry Pi and the mail server but was unable to identify the process names responsible for the beaconing.

The researchers then captured the system memory as the beacons were sent. The review identified the process as lightdm, a process associated with an open source LightDM display manager. The process appeared to be legitimate, but the researchers found it suspicious because the LightDM binary was installed in an unusual location. After further investigation, the researchers discovered that the processes of the custom backdoor had been deliberately disguised in an attempt to throw researchers off the scent.

[Group-IB Senior Digital Forensics and Incident Response Specialist Nam Le Phuong] explained: "The backdoor process is deliberately obfuscated by the threat actor through the use of process masquerading. Specifically, the binary is named "lightdm", mimicking the legitimate LightDM display manager commonly found on Linux systems. To enhance the deception, the process is executed with command-line arguments resembling legitimate parameters -- for example, lightdm -- session child 11 19 -- in an effort to evade detection and mislead forensic analysts during post-compromise investigations. These backdoors were actively establishing connections to both the Raspberry Pi and the internal Mail Server."

Voice actors and industry associations are sounding the alarm over the growing use of AI in dubbing, calling for increased regulations to protect quality, jobs and artists' back catalogues from being used to create future dubbed work. "We need legislation: Just as after the car, which replaced the horse-drawn carriage, we need a highway code," said Boris Rehlinger, a voice actor known as the French voice of Ben Affleck, Joaquin Phoenix, and Puss in Boots. "I feel threatened even though my voice hasn't been replaced by AI yet," he said. Reuters reports: In Germany, 12 well-known dubbing actors went viral on TikTok in March, garnering 8.7 million views, for their campaign saying "Let's protect artistic, not artificial, intelligence." A petition from the VDS voice actors' association calling on German and EU lawmakers to push AI companies to obtain explicit consent when training the technology on artists' voices and fairly compensate them, as well as transparently label AI-generated content, gained more than 75,500 signatures.

When intellectual property is no longer protected, no one will produce anything anymore "because they think 'tomorrow it will be stolen from me anyway'," said Cedric Cavatore, a VDS member who has dubbed films and video games including the PlayStation game "Final Fantasy VII Remake." VDS collaborates with United Voice Artists, a global network of over 20,000 voice actors advocating for ethical AI use and fair contracts. In the United States, Hollywood video game voice and motion capture actors this month signed a new contract with video game studios focused on AI that SAG-AFTRA said represented important progress on protections against the tech.