Microsoft

Microsoft Poaches Top Google DeepMind Staff in AI Talent War (ft.com) 26

Microsoft has recruited more than 20 AI employees from Google's DeepMind research division, the newest front in a talent war being waged by Silicon Valley's tech giants as they jostle to gain an edge in the nascent technology. From a report: Amar Subramanya, the former head of engineering for Google's Gemini chatbot, is the latest to move to Microsoft from its rival, according to a post on his LinkedIn profile on Tuesday. "The culture here is refreshingly low ego yet bursting with ambition," he wrote, confirming his appointment as corporate vice-president of AI.

Subramanya will join other DeepMind staff including engineering lead Sonal Gupta, software engineer Adam Sadovsky and product manager Tim Frank, according to people familiar with Microsoft's recruiting. The Seattle-based company has persuaded at least 24 staff to join in the past six months, they added.

HP

Mike Lynch's Estate and Business Partner Owe HP $944M, Court Rules (theguardian.com) 37

The estate of Mike Lynch, who died a year ago when his superyacht sank off the coast of Sicily, and his business partner owe Hewlett-Packard more than $944 million, a court has ruled. From a report: The US technology company has been seeking damages of up to $4.55 billion from the estate of the late tycoon, once hailed as the UK's answer to Microsoft founder Bill Gates, over its disastrous takeover of his British software company Autonomy.

Lynch's estate has been estimated to be worth about $674 million and paying its share of the $944 million damages could leave it bankrupt. He and six others, including his 18-year-old daughter Hannah, died last August on a trip celebrating his acquittal on US fraud charges relating to HP's $11 billion takeover of Autonomy in 2011. However, HP won a separate six-year civil fraud case against Lynch and his former finance director Sushovan Hussain in the English high court in 2022, with Mr Justice Hildyard ruling that the US company had been induced into overpaying for the business.

Google

Google Launches OSS Rebuild (googleblog.com) 7

Google has announced OSS Rebuild, a new project designed to detect supply chain attacks in open source software by independently reproducing and verifying package builds across major repositories. The initiative, unveiled by the company's Open Source Security Team, targets PyPI (Python), npm (JavaScript/TypeScript), and Crates.io (Rust) packages.

The system, the company said, automatically creates standardized build environments to rebuild packages and compare them against published versions. OSS Rebuild generates SLSA Provenance attestations for thousands of packages, meeting SLSA Build Level 3 requirements without requiring publisher intervention. The project can identify three classes of compromise: unsubmitted source code not present in public repositories, build environment tampering, and sophisticated backdoors that exhibit unusual execution patterns during builds.

Google cited recent real-world attacks including solana/webjs (2024), tj-actions/changed-files (2025), and xz-utils (2024) as examples of threats the system addresses. Open source components now account for 77% of modern applications with an estimated value exceeding $12 trillion. The project builds on Google's hosted infrastructure model previously used for OSS Fuzz memory issue detection.
Medicine

At Least 750 US Hospitals Faced Disruptions During Last Year's CrowdStrike Outage, Study Finds (wired.com) 31

At least 759 US hospitals experienced network disruptions during the CrowdStrike outage on July 19, 2024, with more than 200 suffering outages that directly affected patient care services, according to a study published in JAMA Network Open by UC San Diego researchers. The researchers detected disruptions across 34% of the 2,232 hospital networks they scanned, finding outages in health records systems, fetal monitoring equipment, medical imaging storage, and patient transfer platforms.

Most services recovered within six hours, though some remained offline for more than 48 hours. CrowdStrike dismissed the study as "junk science," arguing the researchers failed to verify whether affected networks actually ran CrowdStrike software. The researchers defended their methodology, noting they could scan only about one-third of America's hospitals, suggesting the actual impact may have been significantly larger.
Music

Spotify Publishes AI-Generated Songs From Dead Artists Without Permission (404media.co) 13

Spotify was found publishing AI-generated songs on the official pages of deceased artists like Blaze Foley and Guy Clark -- without permission from their estates or labels. The tracks, flagged for deceptive content and now removed, were uploaded via TikTok's SoundOn distribution platform. "We've flagged the issue to SoundOn, the distributor of the content in question, and it has been removed for violating our Deceptive Content policy," a Spotify spokesperson told 404 Media. From the report: McDonald, who decided to originally upload Foley's music to Spotify in order to share it with more people, told me he never thought that an AI-generated track could appear on Foley's page without his permission. "It's harmful to Blaze's standing that this happened," he said. "It's kind of surprising that Spotify doesn't have a security fix for this type of action, and I think the responsibility is all on Spotify. They could fix this problem. One of their talented software engineers could stop this fraudulent practice in its tracks, if they had the will to do so. And I think they should take that responsibility and do something quickly."

McDonald's suggested fix is not allowing any track to appear on an artist's official Spotify page without allowing the page owner to sign off on it first. "Any real Blaze fan would know, I think, pretty instantly, that this is not Blaze or a Blaze recording," he said. "Then the harm is that the people who don't know Blaze go to the site thinking, maybe this is part of Blaze, when clearly it's not. So again, I think Spotify could easily change some practices. I'm not an engineer, but I think it's pretty easy to stop this from happening in the future."

Security

Alaska Airlines Resumes Operations After System Glitch Grounds All Flights (gizmodo.com) 13

Alaska Airlines and Horizon Air grounded all flights Sunday night due to a major IT outage, prompting a system-wide FAA ground stop that lasted until early Monday. Although operations have since resumed, passengers are still facing delays and residual disruptions. Gizmodo reports: The airline requested a system-wide ground stop from federal aviation authorities at about 11 p.m. ET on Sunday night. That stop remained in effect until around 2 a.m. ET Monday, when the Federal Aviation Administration confirmed it had been lifted. But disruptions didn't end there. Alaska warned passengers to brace for likely delays throughout the day. [...] The FAA's website listed the stop as applying to all Alaska Airlines aircraft. Gizmodo notes that the incident comes nearly a year after the massive 2024 CrowdStrike crash, which has become known as the largest IT outage in history. "The July 2024 outage brought down an estimated 8.5 million Microsoft Windows systems running CrowdStrike's Falcon Sensor software, disrupting everything from hospitals and airports to broadcast networks."

"There's no word yet from Alaska on whether the outage ties into a broader software problem, but the timing, almost exactly a year after the CrowdStrike crash, isn't going unnoticed on social media, with users wondering if the events are related."
Businesses

Figma Aims At $16.4 Billion Valuation As Tech IPOs Bounce Back (reuters.com) 15

An anonymous reader quotes a report from Reuters: Figma is targeting a fully-diluted valuation of up to $16.4 billion in its initial public offering, as the cloud-based design software firm prepares for a debut on the NYSE that could inject fresh momentum into a resurgent market for tech listings. The San Francisco-based company, along with some investors, is eyeing proceeds of up to $1.03 billion by selling nearly 37 million shares priced between $25 and $28 each, it said on Monday. The listing could be a major milestone for Figma, coming more than a year after its $20 billion sale to Adobe failed due to regulatory hurdles in Europe and the UK. Figma's IPO is expected to occur the week of July 28th, offering shares priced between $25 and $28. It'll trade under the symbol "FIG".
Transportation

Boeing Fuel Switches Checked, as Critic Cites a Similar Fuel Switch Cutoff in 2019 (financialexpress.com) 90

ABC News reports: Dialogue heard on a cockpit voice recording indicates that the captain of the Air India flight that crashed in June, killing 260 people, may have turned off the fuel just after takeoff, prompting the first officer to panic, according to The Wall Street Journal, which cited sources familiar with U.S. official's early assessment... The president of the Federation of Indian Pilots condemned the Wall Street Journal report, saying, "The preliminary report nowhere states that the pilots have moved the fuel control switches, and this has been corroborated by the CVR [cockpit voice recorder] recording."
But meanwhile "India on Monday ordered its airlines to examine fuel switches on several Boeing aircraft models," reports Reuters, "while South Korea ordered a similar measure on Tuesday, as scrutiny intensified of fuel switch locks at the centre of an investigation into a deadly Air India crash." The precautionary moves by the two countries and airlines in several others came despite the planemaker and the U.S. Federal Aviation Administration assuring airlines and regulators in recent days that the fuel switch locks on Boeing jets are safe... [The preliminary report] noted a 2018 advisory from the FAA, which recommended, but did not mandate, operators of several Boeing models, including the 787, to inspect the locking feature of fuel cutoff switches to ensure they could not be moved accidentally... Some airlines around the world told Reuters they had been checking relevant switches since 2018 in accordance with the FAA advisory, including Australia's Qantas Airways. Others said they had made additional or new checks since the release of the preliminary report into the Air India crash.
The web site of India's Financial Express newspaper spoke to Mary Schiavo, who was Inspector General of America's Transportation Department from 1990 to 1996 (and is also a long-time critic of the FAA). The site notes Schiavo "rejected the claims of human error that a pilot downed the Ahmedabad to London flight by cutting off the fuel supply." Schiavo exclusively told FinancialExpress.com that this is not the first time fuel switch transitioned from "Run" to "Cutoff" on its own. It happened five years ago, too. "There was an All Nippon Airways (ANA) flight in 2019 in which the 787 aircraft did this itself, while the flight was on final approach. No pilot input cutting off the fuel whatsoever," Schiavo told FinancialExpress.com... "The investigation revealed the plane software made the 787 think it was on the ground and the Thrust Control Malfunction Accommodation System cut the fuel to the engines," she told FinancialExpress.com, before adding, "The pilots never touched the fuel cutoff..." Both engines flamed out immediately after the pilot deployed the thrust reversers for landing. The aircraft, which was also a Boeing 787 Dreamliner, was towed away from the runway by the authorities, and no injuries were reported.

UK Civil Aviation Authority, four weeks before the crash, had warned about similar fuel system issues on Boeing aircraft [on May 15, 2025]. "The FAA has issued an Airworthiness Directive addressing a potential unsafe condition affecting fuel shutoff valves installed on Boeing aircraft," the UK regulator's notice read, listing the B737, B757, B767, B777 and B787...

Thrust Control Malfunction Accommodation informs FADEC [a digital computer] about whether the aircraft is on the ground or in the air, and if it believes the aircraft is on the ground, it may automatically throttle back the engines, without the pilot's input.

Reuters notes that the Air India crash preliminary report "said maintenance records showed that the throttle control module, which includes the fuel switches, was replaced in 2019 and 2023 on the plane involved in the crash."

Thanks to long-time Slashdot reader wired_parrot for sharing the news.
China

Chinese Companies Now Authorized to Conduct Foreign Cyberattacks, Sell Access to Government (msn.com) 57

"The U.S. is absolutely facing the most serious Chinese hacking ever." That's what the Washington Post was told by a China-focused consultant at security company SentinelOne: Undeterred by recent indictments alleging widespread cyberespionage against American agencies, journalists and infrastructure targets, Chinese hackers are hitting a wider range of targets and battling harder to stay inside once detected, seven current and former U.S. officials said in interviews. Hacks from suspected Chinese government actors detected by the security firm CrowdStrike more than doubled from 2023 to more than 330 last year and continued to climb as the new administration took over, the company said... Although the various Chinese hacking campaigns seem to be led by different government agencies and have different goals, all benefit from new techniques and from Beijing's introduction of a less constrained system for cyber offense, the officials and outside researchers told The Washington Post... Chinese intelligence, military and security agencies previously selected targets and tasked their own employees with breaking in, they said. But the Chinese government decided to take a more aggressive approach by allowing private industry to conduct cyberattacks and hacking campaigns on their own, U.S. officials said.

The companies are recruiting top hackers who discover previously unknown, or "zero-day," flaws in software widely used in the United States. Then the companies search for where the vulnerable programs are installed, hack a great many of them at once, and then sell access to multiple Chinese government customers and other security companies. That hacking-for-hire approach creates hundreds of U.S. victims instead of a few, making it hard to block attacks and to decide which were China's key targets and which were unintentionally caught in the hacks, an FBI official said, speaking on the condition of anonymity to follow agency practices... "The result of that incentive structure is that there is significantly more hacking...."

China has mastered the ability to move undetected through networks of compromised U.S. devices, so that the final connection to a target appears to be an ordinary domestic connection. That makes it easy to get around technology that blocks overseas links and puts it outside the purview of the National Security Agency, which by law must avoid scrutinizing most domestic transmissions. Beijing is increasingly focused on hacking software and security vendors that provide access to many customers at once, the FBI official said. Once access is obtained, the hackers typically add new email and collaboration accounts that look legitimate... Beyond the increased government collaboration with China's private security sector is occasional collaborating with criminal groups, said Ken Dunham, an analyst at the security firm Qualys.

The article notes that China's penetration of U.S. telecom carriers "is still not fully contained, according to the current and former officials." But in addition, the group behind that attack "has more recently shown up inside core communications infrastructure in Europe, according to John Carlin, a former top national security official in the Justice Department who represents some U.S. victims of the group." And documents leaked last year from a security contractor that works with the Chinese military and other government groups "described contracts and targets in 20 countries, with booty including Indian immigration data, logs of calls in South Korea, and detailed information on roads in Taiwan.

"It also detailed prices for some services, such as $25,000 for promised remote access to an iPhone, payment disputes with government customers and employee gripes about long hours..."
Open Source

Intel Kills Clear Linux OS As Support Ends Without Warning (nerds.xyz) 95

BrianFagioli shares a report from NERDS.xyz: Intel has quietly pulled the plug on Clear Linux OS, officially ending support for the once-promising Linux distribution that it had backed for nearly a decade. Effective immediately, the company says it will no longer provide any updates, security patches, or maintenance for the operating system. In a final blow, the Clear Linux OS GitHub repository is now archived in read-only mode.

The move was announced with little fanfare, and for users still relying on Clear Linux OS, there's no sugarcoating it... you need to move on. Intel is urging everyone to migrate to an actively maintained Linux distribution as soon as possible to avoid running unpatched software.
"Rest assured that Intel remains deeply invested in the Linux ecosystem, actively supporting and contributing to various open-source projects and Linux distributions to enable and optimize for Intel hardware," the company said in a statement. "A heartfelt thank you to every developer, user, and contributor who helped shape Clear Linux OS over the last 10 years. Your feedback and contributions have been invaluable."
The Internet

News Publishers Take Paywall-Blocker 12ft.io Offline (theverge.com) 81

The Verge's Emma Roth reports: The News/Media Alliance, a trade association behind major news publishers, announced that it has "successfully secured" the removal of 12ft.io, a website that helped users bypass paywalls online. The trade association says 12ft.io's webhost took down the site on July 14th "following the News/Media Alliance's efforts." 12ft.io -- or 12 Foot Ladder -- also allowed users to view webpages without ads, trackers, or pop-ups by disguising a user's browser as a web crawler, giving them unfettered access to a webpage's contents. Software engineer Thomas Millar says he created the site when he realized "8 of the top 10 links on Google were paywalled" when doing research during the pandemic. [...]

In its announcement, News/Media Alliance says 12ft.io "offered illegal circumvention technology" that allowed users to access copyrighted content without paying for it. The organization adds that it will take "similar actions" against other sites that let users get around paywalls. The News Media Alliance recently called Google's AI Mode "theft." (Like many chatbots, Google's AI Mode eliminates the need to visit a website, starving publishers of the pageviews they need to be compensated for their work.)
"Publishers commit significant resources to creating the best and most informative content for consumers, and illegal tools like 12ft.io undermine their ability to financially support that work through subscriptions and ad revenue," News/Media Alliance president and CEO Danielle Coffey said in the press release. "Taking down paywall bypassers is an essential part of ensuring we have a healthy and sustainable information ecosystem."
Cloud

VMware Reboots Its Partner Program Again With New Invite-Only Program 24

VMware is overhauling its partner program again under Broadcom's direction, drastically reducing the number of authorized partners -- especially small and mid-size ones -- while ending the white label program by October 31, 2025. The Register reports: Australian IT service provider Interactive outlined the changes on Wednesday in a post that explained the changes with the following five points:

- Partner Reduction: The new program significantly reduces the number of authorized partners, being a by-invitation-only program. As a result on July 15, 2025 VCSP partners who are not invited to participate in the new Program for VCSP partners will be sent a notice of non-renewal.
- Transition Period Until 31 October, 2025: Non-invited partners can continue to transact until 31 October 2025. After that date, they may only service existing VCSP commitment contracts for the remainder of the current term. No new commitment contracts or renewals will be accepted for those partners.
- White Label Program Ending: Broadcom is also sunsetting the White Label model on 31 October 2025. The same transitional commercial conditions apply to White Label contracts as stated above.
- Immediate Impact: Departing partners are encouraged to work with authorized VCSP partners to ensure a smooth transition for customers who seek to renew a service at the end of their current term.
- Shift Toward Hyperscale Private Compute: Broadcom is reshaping its vision for private compute, whereby VMware Cloud Foundation 9 underpins a small number [of] hyperscale private cloud platforms in each region. A future where customers buy managed infrastructure from partners like Interactive to support their compute requirements.

Interactive also warned that customers whose partners are no longer part of the partner program could expect the change to effect:

- Your ability to renew licenses through your existing partner
- The support and service quality you've come to expect
- Potential delays or confusion during upcoming renewals or service requests
- Potential cost increases as partner consolidation may led additional costs for migration and re-onboarding, and reduced bundling options that previously allowed for greater cost efficiencies
VMware also told The Register that "Non-renewing partners can continue to support their existing customers until the end of their current commit contract term including co-termed capacity orders. Non-renewing partners are encouraged to work with authorized VCSP partners to ensure a smooth transition for customers who seek to renew a service at the end of their current term."

Making matters worse: VMware on Tuesday divulged three critical flaws in eights of its products rated 9.3/10.
Privacy

Chinese Authorities Are Using a New Tool To Hack Seized Phones and Extract Data (techcrunch.com) 40

An anonymous reader quotes a report from TechCrunch: Security researchers say Chinese authorities are using a new type of malware to extract data from seized phones, allowing them to obtain text messages -- including from chat apps such as Signal -- images, location histories, audio recordings, contacts, and more. In a report shared exclusively with TechCrunch, mobile cybersecurity company Lookout detailed the hacking tool called Massistant, which the company said was developed by Chinese tech giant Xiamen Meiya Pico.

Massistant, according to Lookout, is Android software used for the forensic extraction of data from mobile phones, meaning the authorities using it need to have physical access to those devices. While Lookout doesn't know for sure which Chinese police agencies are using the tool, its use is assumed widespread, which means Chinese residents, as well as travelers to China, should be aware of the tool's existence and the risks it poses. [...]

The good news ... is that Massistant leaves evidence of its compromise on the seized device, meaning users can potentially identify and delete the malware, either because the hacking tool appears as an app, or can be found and deleted using more sophisticated tools such as the Android Debug Bridge, a command line tool that lets a user connect to a device through their computer. The bad news is that at the time of installing Massistant, the damage is done, and authorities already have the person's data.
"It's a big concern. I think anybody who's traveling in the region needs to be aware that the device that they bring into the country could very well be confiscated and anything that's on it could be collected," said Kristina Balaam, a researcher at Lookout who analyzed the malware. "I think it's something everybody should be aware of if they're traveling in the region."
AI

Music Insiders Call for Warning Labels After AI-Generated Band Gets 1 Million Plays On Spotify 215

Bruce66423 shares a report from The Guardian: They went viral, amassing more than 1m streams on Spotify in a matter of weeks, but it later emerged that hot new band the Velvet Sundown were AI-generated -- right down to their music, promotional images and backstory. The episode has triggered a debate about authenticity, with music industry insiders saying streaming sites should be legally obliged to tag music created by AI-generated acts so consumers can make informed decisions about what they are listening to. [...]

Several figures told the Guardian that the present situation, where streaming sites, including Spotify, are under no legal obligation to identify AI-generated music, left consumers unaware of the origins of the songs they're listening to. Roberto Neri, the chief executive of the Ivors Academy, said: "AI-generated bands like Velvet Sundown that are reaching big audiences without involving human creators raise serious concerns around transparency, authorship and consent." Neri added that if "used ethically," AI has the potential to enhance songwriting, but said at present his organization was concerned with what he called "deeply troubling issues" with the use of AI in music.

Sophie Jones, the chief strategy officer at the music trade body the British Phonographic Industry (BPI), backed calls for clear labelling. "We believe that AI should be used to serve human creativity, not supplant it," said Jones. "That's why we're calling on the UK government to protect copyright and introduce new transparency obligations for AI companies so that music rights can be licensed and enforced, as well as calling for the clear labelling of content solely generated by AI."

Liz Pelly, the author of Mood Machine: The Rise of Spotify and the Costs of the Perfect Playlist, said independent artists could be exploited by people behind AI bands who might create tracks that are trained using their music. She referred to the 2023 case of a song that was uploaded to TikTok, Spotify and YouTube, which used AI-generated vocals claiming to be the Weeknd and Drake. Universal Music Group said the song was "infringing content created with generative AI" and it was removed shortly after it was uploaded.

Aurelien Herault, the chief innovation officer at the music streaming service Deezer, said the company uses detection software that identifies AI-generated tracks and tags them. He said: "For the moment, I think platforms need to be transparent and try to inform users. For a period of time, what I call the "naturalization of AI', we need to inform users when it's used or not." Herault did not rule out removing tagging in future if AI-generated music becomes more popular and musicians begin to use it like an "instrument." At present, Spotify does not label music as AI-generated and has previously been criticized for populating some playlists with music by "ghost artists" -- fake acts that create stock music.
Bruce66423 comments: "Artists demand 'a warning' on such material. Why? If it is what the people want..."
Bitcoin

LibreOffice Lands Built-In Support For Bitcoin As Currency (phoronix.com) 32

An anonymous reader quotes a report from Phoronix: Merged yesterday to the latest development code for the LibreOffice open-source office suite is now recognizing Bitcoin "BTC" as a supported currency for use within the Calc spreadsheet program and elsewhere within this cross-platform free software office suite. Stemming from a recent bug report requesting Bitcoin as an official currency option within LibreOffice Calc, the necessary additions are now in place so it's a built-in preset like USD and EUR. Thus easier managing of Bitcoin transactions and the like from within LibreOffice Calc.
Software

Blender 4.5 LTS Released (nerds.xyz) 11

BrianFagioli shares a report from NERDS.xyz: Blender 4.5 has arrived and it's a long-term support release. That means users get two full years of updates and bug fixes, making it a smart choice for anyone looking for stability in serious projects. Whether you're a solo artist or part of a studio pipeline, this version is built to last. Here's a list of key features and changes in this release:

- Vulkan backend replaces OpenGL (faster, smoother UI)
- Adaptive subdivision up to 14x faster with multithreading
- New Geometry Nodes: Camera Info, Instance Bounds
- GPU-accelerated compositor nodes with standardized inputs
- New Boolean solver: Manifold (cleaner, faster mesh operations)
- UV maps visible in Object Mode + improved selection behavior
- Grease Pencil render pass and Geometry Nodes integration
- Improved file import support: PLY, OBJ, STL, CSV, VDB
- Deprecations: Collada, Big Endian, legacy .blend, Intel Mac support
- Cycles OptiX now requires NVIDIA driver v535+
- New shader variants for add-on developers (POLYLINES_*, POINT_*)
~500 bug fixes across all major systems
Power

California Set To Become First US State To Manage Power Outages With AI (technologyreview.com) 74

An anonymous reader quotes a report from MIT Technology Review: California's statewide power grid operator is poised to become the first in North America to deploy artificial intelligence to manage outages, MIT Technology Review has learned. "We wanted to modernize our grid operations. This fits in perfectly with that," says Gopakumar Gopinathan, a senior advisor on power system technologies at the California Independent System Operator -- known as the CAISO and pronounced KAI-so. "AI is already transforming different industries. But we haven't seen many examples of it being used in our industry."

At the DTECH Midwest utility industry summit in Minneapolis on July 15, CAISO is set to announce a deal to run a pilot program using new AI software called Genie, from the energy-services giant OATI. The software uses generative AI to analyze and carry out real-time analyses for grid operators and comes with the potential to autonomously make decisions about key functions on the grid, a switch that might resemble going from uniformed traffic officers to sensor-equipped stoplights. But while CAISO may deliver electrons to cutting-edge Silicon Valley companies and laboratories, the actual task of managing the state's electrical system is surprisingly analog.

Today, CAISO engineers scan outage reports for keywords about maintenance that's planned or in the works, read through the notes, and then load each item into the grid software system to run calculations on how a downed line or transformer might affect power supply. "Even if it takes you less than a minute to scan one on average, when you amplify that over 200 or 300 outages, it adds up," says Abhimanyu Thakur, OATI's vice president of platforms, visualization, and analytics. "Then different departments are doing it for their own respective keywords. Now we consolidate all of that into a single dictionary of keywords and AI can do this scan and generate a report proactively." If CAISO finds that Genie produces reliable, more efficient data analyses for managing outages, Gopinathan says, the operator may consider automating more functions on the grid. "After a few rounds of testing, I think we'll have an idea about what is the right time to call it successful or not," he says.

AI

China's Moonshot Launches Free AI Model Kimi K2 That Outperforms GPT-4 In Key Benchmarks 41

Chinese AI startup Moonshot AI has released Kimi K2, a trillion-parameter open-source language model that outperforms GPT-4 in key benchmarks with particularly strong performance on coding and autonomous agent tasks. VentureBeat reports: The new model, called Kimi K2, features 1 trillion total parameters with 32 billion activated parameters in a mixture-of-experts architecture. The company is releasing two versions: a foundation model for researchers and developers, and an instruction-tuned variant optimized for chat and autonomous agent applications. "Kimi K2 does not just answer; it acts," the company stated in its announcement blog. "With Kimi K2, advanced agentic intelligence is more open and accessible than ever. We can't wait to see what you build."

The model's standout feature is its optimization for "agentic" capabilities -- the ability to autonomously use tools, write and execute code, and complete complex multi-step tasks without human intervention. In benchmark tests, Kimi K2 achieved 65.8% accuracy on SWE-bench Verified, a challenging software engineering benchmark, outperforming most open-source alternatives and matching some proprietary models. [...] On LiveCodeBench, arguably the most realistic coding benchmark available, Kimi K2 achieved 53.7% accuracy, decisively beating DeepSeek-V3's 46.9% and GPT-4.1's 44.7%. More striking still: it scored 97.4% on MATH-500 compared to GPT-4.1's 92.4%, suggesting Moonshot has cracked something fundamental about mathematical reasoning that has eluded larger, better-funded competitors.

But here's what the benchmarks don't capture: Moonshot is achieving these results with a model that costs a fraction of what incumbents spend on training and inference. While OpenAI burns through hundreds of millions on compute for incremental improvements, Moonshot appears to have found a more efficient path to the same destination. It's a classic innovator's dilemma playing out in real time -- the scrappy outsider isn't just matching the incumbent's performance, they're doing it better, faster, and cheaper.
AI

Cognition AI Buys Windsurf as AI Frenzy Escalates 11

Cognition AI, an artificial intelligence startup that offers a software coding assistant, said on Monday that it had bought rival Windsurf as part of an escalating battle to lead in the technology. From a report: The move follows a $2.4 billion deal by Google to acquire some of Windsurf's top executives and license the start-up's technology, which was revealed on Friday.

Google's deal appeared to leave Windsurf in a difficult position as a stand-alone start-up. OpenAI, the maker of the ChatGPT chatbot, had also been in talks to buy Windsurf before the Google deal. "We've long admired the Windsurf team and what they've built," said Scott Wu, a co-founder of Cognition, in an email to employees viewed by The New York Times. "Within our lifetime, engineers will go from bricklayers to architects, focusing on the creativity of designing systems rather than the manual labor of putting them together."
Encryption

Why It's Time To Invest In Quantum Cybersecurity Now (aptiv.com) 35

Brian Witten, VP/CSO of automotive technology supplier Aptiv, warns that "While seven to 10 years may sound like a long way off, preparation for quantum threats must begin now, not once they have already materialized." Organizations need time to implement post-quantum cryptography (PQC) transition plans methodically — and that applies both to anyone with an IT infrastructure and to anyone building software-defined systems. "Current encryption, such as RSA and ECC [elliptic curve cryptography], will become obsolete once quantum computing matures," said Cigent cofounder John Benkert. "Management often assumes cybersecurity threats are only present-day problems. But this is a future-proofing issue — especially relevant for industries dealing with sensitive, long-lifespan data, like healthcare, finance or government." Remediation requires long-term planning. Organizations that wait until quantum computers have broken encryption to address the threat will find that it is too late.
Start by building an inventory of what needs to change, Witten recommends. (Fortunately, "It's a matter of using newer and different chips and algorithms, not necessarily more expensive components," he writes, also suggesting requests for proposals "should ask vendors to include a PQC update plan.")

Firmware will also need quantum-resistant digital signatures. ("Broken authentication lets bad things happen. Someone could remotely take over a vehicle, for instance, or send malicious code for autonomous execution later, even after the vehicle has gone offline.") And remember that post-quantum key sizes are larger, requiring more storage space. "In some cases, digitally signed messages with security information could triple in size, which could impact storage and bandwidth."

Thanks to Esther Schindler (Slashdot reader #16,185) for sharing the article.

Slashdot Top Deals