Wearable startup Whoop just announced its new Whoop 5.0 fitness tracker yesterday, but some existing users are already calling foul. From a report: Previously, Whoop said people who had been members for at least six months would get free upgrades to next-generation hardware. Now, the company says that members hoping to upgrade from a Whoop 4.0 to 5.0 will have to pay up.

Whoop is a bit different from other fitness trackers in that it runs entirely on a subscription membership model. Most wearable makers that have subscriptions will charge you for the hardware, and then customers have the option of subscribing to get extra data or features. A good example is the Oura Ring, where you buy the ring and then have the option of paying a monthly $6 subscription. Whoop, however, has until now said that you get the hardware for "free" while paying a heftier annual subscription. Previously, Whoop promised users that whenever new hardware was released, existing members would be able to upgrade free of charge so long as they'd been a member for at least six months.

A U.S. senator introduced a bill on Friday that would direct the Commerce Department to require location verification mechanisms for export-controlled AI chips, in an effort to curb China's access to advanced semiconductor technology. From a report: Called the "Chip Security Act," the bill calls for AI chips under export regulations, and products containing those chips, to be fitted with location-tracking systems to help detect diversion, smuggling or other unauthorized use of the product.

"With these enhanced security measures, we can continue to expand access to U.S. technology without compromising our national security," Republican Senator Tom Cotton of Arkansas said. The bill also calls for companies exporting the AI chips to report to the Bureau of Industry and Security if their products have been diverted away from their intended location or subject to tampering attempts.

A comprehensive analysis in Science Advances reveals that humans have explored less than 0.001% of the deep seafloor -- an area equivalent to merely one-tenth the size of Belgium. Oceanographer Katherine Bell and colleagues at the Ocean Discovery League compiled data from approximately 44,000 deep-sea dives conducted between 1958 and 2024, finding that expeditions have concentrated overwhelmingly around waters near the United States, Japan, and New Zealand.

The study exposes significant gaps in ocean exploration, with vast regions -- particularly the Indian Ocean -- remaining virtually untouched by direct observation. Much of the existing dive data remains inaccessible to scientists, locked away by private companies.

An anonymous reader shares a report: Major tech companies lobbying to salvage a tax deduction for research and development are warning they may pull back from high-profile pledges of new US investments if Congress doesn't fully reinstate the break.

Big tech companies have pledged more than $1.6 trillion in investments in the US since Donald Trump took office, promising to build factories and data centers in alignment with Trump's push to build in America. But industry representatives are signaling those promises will be imperiled if Congress doesn't fully reinstate the R&D tax deduction, which was pared back to help offset the massive cost of President Donald Trump's 2017 bill. At the time, it was estimated that limiting the provision would temporarily raise about $120 billion from 2018 to 2027.

"A lot of those announcements are predicated on an expectation the administration and Congress will partner together on reinstating those R&D provisions," said Jason Oxman, president of the Information Technology Industry Council, a trade group that includes among its members Amazon, Apple, Anthropic, Alphabet, and IBM. Lobbyists representing tech companies that announced US investments have made similar claims to congressional aides and lawmakers, according to people familiar with the conversations.

An anonymous reader quotes a report from BleepingComputer: Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned. Pearson is a UK-based education company and one of the world's largest providers of academic publishing, digital learning tools, and standardized assessments. The company works with schools, universities, and individuals in over 70 countries through its print and online services. In a statement to BleepingComputer, Pearson confirmed they suffered a cyberattack and that data was stolen, but stated it was mostly "legacy data."

"We recently discovered that an unauthorized actor gained access to a portion of our systems," a Pearson representative confirmed to BleepingComputer. "Once we identified the activity, we took steps to stop it and investigate what happened and what data was affected with forensics experts. We also supported law enforcement's investigation. We have taken steps to deploy additional safeguards onto our systems, including enhancing security monitoring and authentication. We are continuing to investigate, but at this time we believe the actor downloaded largely legacy data. We will be sharing additional information directly with customers and partners as appropriate." Pearson also confirmed that the stolen data did not include employee information. The education company previously disclosed in January that they were investigating a breach of one of their subsidiaries, PDRI, which is believed to be related to this attack.

BleepingComputer also notes that threat actors breached Pearson's developer environment in January 2025 using an exposed GitLab access token, gaining access to source code and hard-coded credentials. Terabytes of sensitive data was stolen from cloud platforms and internal systems.

Despite the potential impact on millions of individuals, Pearson has declined to answer key questions about the breach or its response.

An anonymous reader quotes a report from CNN: The National Oceanic and Atmospheric Administration announced Thursday its well-known "billion-dollar weather and climate disasters" database "will be retired," a move that will make it next to impossible for the public to track the cost of extreme weather and climate events. The weather, climate and oceans agency is also ending other products, it has recently announced, due in large part to staffing reductions. NOAA is narrowing the array of services it provides, with climate-related programs scrutinized especially closely.

The disasters database, which will be archived but no longer updated beyond 2024, has allowed taxpayers, media and researchers to track the cost of natural disasters -- spanning extreme events from hurricanes to hailstorms -- since 1980. Its discontinuation is another Trump-administration blow to the public's view into how fossil fuel pollution is changing the world around them and making extreme weather more costly. [...]

The database vacuums loss information from throughout the insurance industry, among other public and private sources. According to the database, there were 403 weather and climate disasters totally at least $1 billion in the United States since 1980, totaling more than $2.945 trillion. As of April 8, there had not been any confirmed billion-dollar disasters so far in 2025, but it lists four events as having the potential to make the tally, including the Los Angeles-area wildfires in January. Between 1980 and 2024, there were nine such disasters on average each year, though in the past five years, that annual average has jumped to 24. The record for one year was 28 events in 2023. "What makes this resource uniquely valuable is not just its standardized methodology across decades, but the fact that it draws from proprietary and non-public data sources (such as reinsurance loss estimates, localized government reports, and private claims databases) that are otherwise inaccessible to most researchers," Jeremy Porter, head of climate implications for and co-founder of First Street, a climate risk financial modeling firm, told CNN via email.

"Without it, replicating or extending damage trend analyses, especially at regional scales or across hazard types, is nearly impossible without significant funding or institutional access to commercial catastrophe models."

President Trump on Thursday attacked a law signed by President Joe Biden aimed at expanding high-speed internet access, calling the effort "racist" and "totally unconstitutional" and threatening to end it "immediately." The New York TimesL: Mr. Trump's statement was one of the starkest examples yet of his slash-and-burn approach to dismantling the legacy of his immediate predecessor in this term in office. The Digital Equity Act, a little-known effort to improve high-speed internet access in communities with poor access, was tucked into the $1 trillion bipartisan infrastructure bill that Mr. Biden signed into law early in his presidency.

The act was written to help many different groups, including veterans, older people and disabled and rural communities. But Mr. Trump, using the incendiary language that has been a trademark of his political career, denounced the law on Thursday for also seeking to improve internet access for ethnic and racial minorities, raging in a social media post that it amounted to providing "woke handouts based on race."

An anonymous reader quotes a report from Ars Technica: The US Senate today voted along party lines to kill a Federal Communications Commission program to distribute Wi-Fi hotspots to schoolchildren, with Democrats saying the Republican-led vote will make it harder for kids without reliable Internet access to complete their homework. The Senate approved a Congressional Review Act (CRA) resolution to nullify the hotspot rule, which was issued by the Federal Communications Commission in July 2024 under then-Chairwoman Jessica Rosenworcel. The program would be eliminated if the House version passes and President Trump signs the joint resolution of disapproval.

The Rosenworcel FCC's rule expanded E-Rate, a Universal Service Fund program, allowing schools and libraries to use E-Rate funding to lend out Wi-Fi hotspots and services that could be used off-premises. The FCC rule was titled, "Addressing the Homework Gap through the E-Rate Program," and the hotspot lending program was scheduled to begin in funding year 2025, which starts in July 2025. Today's Senate vote on the resolution of disapproval was 50-38. There was a 53-47 vote on Tuesday that allowed the Senate measure to proceed to the final step. Sen. Richard Blumenthal (D-Conn.) said on Tuesday that "this resolution would prevent millions of students, educators, and families from getting online." Sen. Edward Markey (D-Mass.) called the Republican move "a cruel and shortsighted decision that will widen the digital divide and rob kids of the tools they need to succeed."

A Florida federal judge has dismissed the majority of claims against celebrities who endorsed Sam Bankman-Fried's now-collapsed cryptocurrency exchange FTX. Judge K. Michael Moore ruled that investors failed to demonstrate the high-profile endorsers -- including Tom Brady, Gisele Bundchen, Kevin O'Leary, Larry David, Shohei Ohtani, and Stephen Curry -- knew about FTX's fraudulent activities.

In his ruling, Moore wrote that while the celebrity endorsers may have been "uninformed, negligent, or even reckless," plaintiffs didn't adequately establish that defendants had "knowledge of FTX's fraud" or "the requisite intent to deceive and defraud investors."

Wikipedia is taking legal action against the UK's new Online Safety Act regulations it says could threaten the safety of its volunteer editors and their ability to keep harmful content off the site. From a report: The Wikimedia Foundation -- the non-profit which supports the online encyclopaedia -- is seeking a judicial review of rules which could mean Wikipedia is subjected to the toughest duties required of websites under the act.

Lead counsel Phil Bradley-Schmieg said it was "unfortunate that we must now defend the privacy and safety of Wikipedia's volunteer editors from flawed legislation." The government told the BBC it was committed to implementing the act but could not comment on ongoing legal proceedings. It's thought this is the first judicial review to be brought against the new online safety laws - albeit a narrow part of them - but experts say it may not be the last.

"The Online Safety Act is vast in scope and incredibly complex," Ben Packer, a partner at law firm Linklaters, told the BBC. The law would inevitably have impacts on UK citizens' freedom of expression and other human rights, so as more of it comes into force "we can expect that more challenges may be forthcoming," he told the BBC.

Plastic producers have pushed "advanced recycling" as a salve to the plastic waste crisis despite knowing for years that it is not a technically or economically feasible solution, a new report argues. The Guardian: Advanced recycling, also known as chemical recycling, refers to a variety of processes used to break plastics into their constituent molecules. The industry has increasingly promoted these technologies, as public concern about the environmental and health effects of plastic pollution has grown. Yet the rollout of these technologies has been plagued by problems, according to a new analysis from the Center for Climate Integrity (CCI), a fossil-fuel accountability advocacy group.

"The companies make it sound like it's pretty great, like it's something we should pursue," said Davis Allen, investigative researcher at the CCI and author of the report. "But they know the problems, the limitations." The new analysis follows a 2024 CCI report which alleged that plastic producers concealed the problems with traditional recycling, and argued that they could face legal ramifications for doing so. That earlier research was cited in a September lawsuit filed by California's attorney general, Rob Bonta, against ExxonMobil for its role in the plastic pollution crisis. "The new report focuses on this modern deception with advanced recycling, which has become a real focus for the industry in recent years," said Davis.

An anonymous reader quotes a report from SFGATE: When the pandemic upended the world of higher education, Robin Pugh, a professor at City College of San Francisco, began to see one puzzling problem in her online courses: Not everyone was a real student. Of the 40 students enrolled in her popular introduction to real estate course, Pugh said she'd normally drop three to five from her roster who don't start the course or make contact with her at the start of the semester. But during the current spring semester, Pugh said that number more than doubled when she had to cut 11 students. It's a strange new reality that has left her baffled. "It's really unclear to me, and beyond the scope of my knowledge, how this is really happening," she said. "Is it organized crime? Is it something else? Everybody has lots of theories."

Some of the disengaged students in Pugh's courses are what administrators and cybersecurity experts say are "ghost students," and they've been a growing problem for community colleges, particularly since the shift to online instruction during the pandemic. These "ghost students" are artificially intelligent agents or bots that pose as real students in order to steal millions of dollars of financial aid that could otherwise go to actual humans. And as colleges grapple with the problem, Pugh and her colleagues have been tasked with a new and "frustrating" task of weeding out these bots and trying to decide who's a real person.

The process, she said, takes her focus off teaching the real students. "I am very intentional about having individualized interaction with all of my students as early as possible," Pugh said. "That included making phone calls to people, sending email messages, just a lot of reaching out individually to find out 'Are you just overwhelmed at work and haven't gotten around to starting the class yet? Or are you not a real person?'" Financial aid fraud is not new, but it's been on the rise in California's community colleges, Cal Matters reported, with scammers stealing more than $10 million in 2024, more than double the amount in 2023. Wendy Brill-Wynkoop, the president of the Faculty Association of California Community Colleges and a professor at College of the Canyons in Santa Clarita, said the bots have been enrolling in courses since around early 2021.

"It's been going on for quite some time," she said. "I think the reason that you're hearing more about it is that it's getting harder and harder to combat or to deal with." A spokesperson for the California Community Colleges Chancellor's Office estimates that 0.21% of the system's financial aid was fraudulently disbursed. However, the office was unable to estimate the percentage of fraudulent attempts attributed to bots.

According to Bloomberg, the Trump administration plans to revise a set of chip trade restrictions called the "AI diffusion" rule, which were scheduled to take effect on May 15. CNBC reports: The rule, which was proposed in the last days of the Biden administration, organizes countries into three different tiers, all of which have different restrictions on whether advanced AI chips like those made by Nvidia, AMD, and Intel can be shipped to the country without a license.

Chipmakers including Nvidia and AMD have been against the rule. AMD CEO Lisa Su told CNBC on Wednesday that the U.S. should strike a balance between restricting access to chips for national security and providing access, which will boost the American chip industry. Nvidia CEO Jensen Huang said earlier this week that being locked out of the Chinese AI market would be a "tremendous loss."

The Drug Enforcement Administration has quietly ended its body camera program barely four years after it began, ProPublica reports, citing an internal email. From the report: On April 2, DEA headquarters emailed employees announcing that the program had been terminated effective the day before. The DEA has not publicly announced the policy change, but by early April, links to pages about body camera policies on the DEA's website were broken.

The email said the agency made the change to be "consistent" with a Trump executive order rescinding the 2022 requirement that all federal law enforcement agents use body cameras. But at least two other federal law enforcement agencies within the Justice Department -- the U.S. Marshals Service and the Bureau of Alcohol, Tobacco, Firearms and Explosives -- are still requiring body cameras, according to their spokespeople.

The Department of Defense is revamping its "outdated" software procurement systems through a new Software Fast Track initiative. The SWFT program aims to reform how software is acquired, tested, and authorized with security as the primary focus. "Widespread use of open source software, with contributions from developers worldwide, presents a significant and ongoing challenge," DoD CIO Katie Arrington wrote in the initiative memo.

The DoD currently "lacks visibility into the origins and security of software code," hampering security assurance efforts. The initiative will establish verification procedures for software products and expedite authorization processes. Multiple requests for information are running until late May seeking industry input, including how to leverage AI for software authorization and define effective supply chain risk management requirements.

The push comes amid recent DoD security incidents, from malware campaigns targeting procurement systems to sensitive information leaks.

An anonymous reader quotes a report from TechCrunch: Spyware maker NSO Group will have to pay more than $167 million in damages to WhatsApp for a 2019 hacking campaign against more than 1,400 users. On Tuesday, after a five-year legal battle, a jury ruled that NSO Group must pay $167,256,000 in punitive damages and around $444,719 in compensatory damages. This is a huge legal win for WhatsApp, which had asked for more than $400,000 in compensatory damages, based on the time its employees had to dedicate to remediate the attacks, investigate them, and push fixes to patch the vulnerability abused by NSO Group, as well as unspecified punitive damages.

The trial, as well as the whole lawsuit, prompted a series of revelations, such as the location of the victims of the 2019 spyware campaign, as well as the names of some of NSO Group's customers. The ruling marks the end -- pending a potential appeal -- of a legal battle that started in more than five years ago, when WhatsApp filed a lawsuit against the spyware maker. The Meta-owned company accused NSO Group of accessing WhatsApp servers and exploiting an audio-calling vulnerability in the chat app to target around 1,400 people, including dissidents, human rights activists, and journalists. NSO Group's spokesperson Gil Lainer left the door open for an appeal. "We will carefully examine the verdict's details and pursue appropriate legal remedies, including further proceedings and an appeal," Lainer said in a statement.

Rep. Kat Cammack (R-FL) introduced the App Store Freedom Act [PDF] on Tuesday, legislation that would compel "large app store operators" with over 100 million US users to permit third-party app stores and allow them to be set as defaults. The bill directly challenges Apple's walled garden approach and Google's Play Store dominance by requiring both companies to allow developers to use alternative payment systems, bypassing the platforms' commission structures.

It would also mandate equal access to development tools and interfaces without discrimination, while giving users the ability to remove pre-installed apps. Violations would trigger FTC enforcement with penalties up to $1 million per infraction. The legislation mirrors recent European Union regulations that have already forced Apple to permit third-party app stores and allow users to change default apps.

Longtime Slashdot reader RoccamOccam shares a blog post from the Trifecta Tech Foundation, a nonprofit organization that creates secure, open source building blocks for infrastructure software. The foundation is also the developer behind Sudo-rs. From the report: Ubuntu 25.10 is set to adopt sudo-rs by default. Sudo-rs is a memory-safe reimplementation of the widely-used sudo utility, written in the Rust programming language. This move is part of a broader effort by Canonical to improve the resilience and maintainability of core system components. [...]

The decision to adopt sudo-rs is in line with Canonical's commitment to Carefully But Purposefully increase the resilience of critical system software, by adopting Rust. Rust is a programming language with strong memory safety guarantees that eliminates many of the vulnerabilities that have historically plagued traditional C-based software. Sudo-rs is part of the Trifecta Tech Foundation's Privilege Boundary initiative, which aims to handle privilege escalation with memory-safe alternatives.

President Trump's proposed 2026 budget seeks to cut nearly $500 million from CISA, accusing the agency of prioritizing censorship over cybersecurity and election protection. "The proposed cuts -- which are largely symbolic at this stage as they need to be approved by Congress -- are framed as a purge of the so-called 'censorship industrial complex,' a term the White House uses to describe CISA's work countering misinformation," reports The Register. From the report: In its fiscal 2024 budget request, the agency had asked [PDF] for a total of just over $3 billion to safeguard the nation's online security across both government and private sectors. The enacted budget that year was about $34 million lower than the previous year's. Now, a deep cut has been proposed [PDF], as the Trump administration decries the agency's past work tackling the spread of misinformation on the web by America's enemies, as well as the agency's efforts safeguarding election security. [...]

"The budget eliminates programs focused on so-called misinformation and propaganda as well as external engagement offices such as international affairs," it reads [PDF]. "These programs and offices were used as a hub in the censorship industrial complex to violate the First Amendment, target Americans for protected speech, and target the President. CISA was more focused on censorship than on protecting the nation's critical systems, and put them at risk due to poor management and inefficiency, as well as a focus on self-promotion."

Recent college graduates face the worst job market in decades, with unemployment reaching 5.8%, according to recently released New York Federal Reserve data. The "recent-grad gap" - the difference between unemployment rates of young college graduates versus the overall labor force - has hit its lowest point in four decades, indicating college graduates are facing unusual difficulties securing employment. (The New York Federal Reserve said labor conditions for recent college graduates have "deteriorated noticeably" in the past few months.)

Even graduates from elite MBA programs are struggling to find work, while law school applications have surged as young people seek shelter from the difficult job market. Economists are attributing the decline to three potential factors: incomplete recovery from pandemic disruptions, diminishing returns on college education, and possibly AI replacing entry-level positions.

"When you think about what generative AI can do, it's the kind of things that young college grads have done," said David Deming, a Harvard economist. "They read and synthesize information and data. They produce reports and presentations."

Further reading: Young Men in US Abandoning College Education at Record Rates.