The vulnerability-watching "Zero Day Initiative" was started in 2005 as a division of 3Com, then acquired in 2015 by cybersecurity company Trend Micro, according to Wikipedia.

But the Register reports today that the initiative's head of threat awareness is now concerned about the source for that exploit of Microsoft's Sharepoint servers: How did the attackers, who include Chinese government spies, data thieves, and ransomware operators, know how to exploit the SharePoint CVEs in such a way that would bypass the security fixes Microsoft released the following day? "A leak happened here somewhere," Dustin Childs, head of threat awareness at Trend Micro's Zero Day Initiative, told The Register. "And now you've got a zero-day exploit in the wild, and worse than that, you've got a zero-day exploit in the wild that bypasses the patch, which came out the next day...."

Patch Tuesday happens the second Tuesday of every month — in July, that was the 8th. But two weeks before then, Microsoft provides early access to some security vendors via the Microsoft Active Protections Program (MAPP). These vendors are required to sign a non-disclosure agreement about the soon-to-be-disclosed bugs, and Microsoft gives them early access to the vulnerability information so that they can provide updated protections to customers faster....

One researcher suggests a leak may not have been the only pathway to exploit. "Soroush Dalili was able to use Google's Gemini to help reproduce the exploit chain, so it's possible the threat actors did their own due diligence, or did something similar to Dalili, working with one of the frontier large language models like Google Gemini, o3 from OpenAI, or Claude Opus, or some other LLM, to help identify routes of exploitation," Tenable Research Special Operations team senior engineer Satnam Narang told The Register. "It's difficult to say what domino had to fall in order for these threat actors to be able to leverage these flaws in the wild," Narang added.

Nonetheless, Microsoft did not release any MAPP guidance for the two most recent vulnerabilities, CVE-2025-53770 and CVE-2025-53771, which are related to the previously disclosed CVE-2025-49704 and CVE-2025-49706. "It could mean that they no longer consider MAPP to be a trusted resource, so they're not providing any information whatsoever," Childs speculated. [He adds later that "If I thought a leak came from this channel, I would not be telling that channel anything."]

"It also could mean that they're scrambling so much to work on the fixes they don't have time to notify their partners of these other details.

Since 2010 Stack Exchange has run all its sites on physical hardware in New Jersey — about 50 different servers. (When Ryan Donovan joined in 2019, "I saw the original server mounted on a wall with a laudatory plaque like a beloved pet.") But this month everything moved to the cloud, a new blog post explains. "Our servers are now cattle, not pets. Nobody is going to have to drive to our New Jersey data center and replace or reboot hardware..." Over the years, we've shared glamor shots of our server racks and info about updating them. For almost our entire 16-year existence, the SRE team has managed all datacenter operations, including the physical servers, cabling, racking, replacing failed disks and everything else in between. This work required someone to physically show up at the datacenter and poke the machines... [O]n July 2nd, in anticipation of the datacenter's closure, we unracked all the servers, unplugged all the cables, and gave these once mighty machines their final curtain call...

We moved Stack Overflow for Teams to Azure in 2023 and proved we could do it. Now we just had to tackle the public sites (Stack Overflow and the Stack Exchange network), which is hosted on Google Cloud. Early last year, our datacenter vendor in New Jersey decided to shut down that location, and we needed to be out by July 2025. Our other datacenter — in Colorado — was decommissioned in June. It was primarily for disaster recovery, which we didn't need any more. Stack Overflow no longer has any physical datacenters or offices; we are fully in the cloud and remote...!

[O]ur Staff Site Reliability Engineer, got a little wistful. "I installed the new web tier servers a few years ago as part of planned upgrades," he said. "It's bittersweet that I'm the one deracking them also." It's the IT version of Old Yeller.
There's photos of the 50 servers, as well as the 400+ cables connecting them, all of which wound up in a junk pile. "For security reasons (and to protect the PII of all our users and customers), everything was being shredded and/or destroyed. Nothing was being kept... Ever have difficulty disconnecting an RJ45 cable? Well, here was our opportunity to just cut the damn things off instead of figuring out why the little tab wouldn't release the plug."

The Internet Archive has received federal depository library status from California Sen. Alex Padilla, joining a network of over 1,100 libraries that archive government documents and make them accessible to the public. Padilla made the designation in a letter to the Government Publishing Office, which oversees the program.

The San Francisco-based nonprofit organization already operates Democracy's Library, a free online compendium of government research and publications launched in 2022. Founder Brewster Kahle said the new designation makes it easier to work with other federal depository libraries and provides more reliable access to government materials for digitization and distribution.

Under federal law, members of Congress can designate up to two qualified libraries for federal depository status.

American Airlines Chief Executive Robert Isom criticized the use of AI in setting air fares during an earnings call, calling the practice "inappropriate" and a "bait and switch" move that could trick travelers. Isom's comments target Delta Air Lines, which is testing AI to help set pricing on about 3% of its network today with plans to expand to 20% by year-end.

Delta maintains it is not using the technology to target customers with individualized offers based on personal information, stating all customers see identical fares across retail channels. US Senators Ruben Gallego, Richard Blumenthal, and Mark Warner have questioned Delta's AI pricing plans, citing data privacy concerns and potential fare increases. Southwest Airlines CEO Bob Jordan said his carrier also has no plans to use AI in revenue management or pricing decisions.

A 21-year-old student who designed and distributed online kits linked to $175 million worth of fraud has been jailed for seven years. From a report: Ollie Holman created phishing kits that mimicked government, bank and charity websites so that criminals could harvest victims' personal information to defraud them. In one case a kit was used to mimic a charity's donation webpage so when someone tried to give money, their card details were taken and used by criminals.

Holman, of Eastcote in north-west London, created and supplied 1,052 phishing kits that targeted 69 organisations across 24 countries. He also offered tutorials in how to use the kits and built up a network of almost 700 connections. The fake websites supplied in the kits had features that allowed information such as login and bank details to be stored. It is estimated Holman received $405,000 from selling the kits between 2021 and 2023. The kits were distributed through the encrypted messaging service Telegram.

Longtime Slashdot reader gbkersey shares a report from The Mirror: Elon Musk's satellite internet Starlink has been hit with a global outage preventing thousands of users from accessing the internet. According to DownDetector, reports of issues began to surge around 8pm GMT, with nearly 60,000 global users affected at the peak of the outage. "Starlink is currently in a network outage and we are actively implementing a solution," the company said in a post on X. "We appreciate your patience, we'll share an update once this issue is resolved."

Outages are being reported across the U.S., as well as along the Ukrainian frontline. Meanwhile, more than 10,000 people in the UK have logged issues with Starlink since 8pm this evening. "The majority of the reports (64%) are concerning a total blackout, while the rest point to internet problems," the report says.

UPDATE: Michael Nicolls, VP of Starlink Engineering, wrote in a post: "Starlink has now mostly recovered from the network outage, which lasted approximately 2.5 hours. The outage was due to failure of key internal software services that operate the core network. We apologize for the temporary disruption in our service; we are deeply committed to providing a highly reliable network, and will fully root cause this issue and ensure it does not occur again."

UPDATE #2: Starlink said in an update at 5:18 PM PT: "The network issue has been resolved, and Starlink service has been restored. We understand how important connectivity is and apologize for the disruption."

Massive mobile device tracking data has exposed the interconnected network of Myanmar's expanding scam centers, revealing how trafficked workers circulate between compounds despite February crackdowns. Analysis of 4.9 million location records from 11,930 mobile devices between January 2024 and May 2025 showed five devices visited all three major compounds -- Yatai New City, Apolo Park, and Yulong Bay Park -- plus the raided KK Park and Huanya Park facilities.

Workers are forced into romance scams, deceiving victims into believing they're in romantic relationships before extracting money. A South Asian man held six months at KK Park worked 16 hours daily conducting these online deceptions while enduring beatings and electric shocks for poor performance. Nikkei's investigation combined satellite imagery analysis, social media posts from Chinese platform Douyin, and open-source intelligence techniques to document continued construction at eight of 16 suspected sites. Myanmar authorities deported over 66,000 foreign nationals involved in these online fraud operations between October 2023 and June 2025.

An anonymous reader quotes a report from Ars Technica: Hacking is hard. Well, sometimes. Other times, you just call up a company's IT service desk and pretend to be an employee who needs a password reset, an Okta multifactor authentication reset, and a Microsoft multifactor authentication reset... and it's done. Without even verifying your identity. So you use that information to log in to the target network and discover a more trusted user who works in IT security. You call the IT service desk back, acting like you are now this second person, and you request the same thing: a password reset, an Okta multifactor authentication reset, and a Microsoft multifactor authentication reset. Again, the desk provides it, no identity verification needed. So you log in to the network with these new credentials and set about planting ransomware or exfiltrating data in the target network, eventually doing an estimated $380 million in damage. Easy, right?

According to The Clorox Company, which makes everything from lip balm to cat litter to charcoal to bleach, this is exactly what happened to it in 2023. But Clorox says that the "debilitating" breach was not its fault. It had outsourced the "service desk" part of its IT security operations to the massive services company Cognizant -- and Clorox says that Cognizant failed to follow even the most basic agreed-upon procedures for running the service desk. In the words of a new Clorox lawsuit, Cognizant's behavior was "all a devastating lie," it "failed to show even scant care," and it was "aware that its employees were not adequately trained."

"Cognizant was not duped by any elaborate ploy or sophisticated hacking techniques," says the lawsuit, using italics to indicate outrage emphasis. "The cybercriminal just called the Cognizant Service Desk, asked for credentials to access Clorox's network, and Cognizant handed the credentials right over. Cognizant is on tape handing over the keys to Clorox's corporate network to the cybercriminal -- no authentication questions asked." [...] The new lawsuit, filed in California state courts, wants Cognizant to cough up millions of dollars to cover the damage Clorox says it suffered after weeks of disruption to its factories and ordering systems. (You can read a brief timeline of the disruption here.)

Government funding for a program that hunts for threats on America's critical infrastructure networks expired on Sunday, preventing Lawrence Livermore National Laboratory from analyzing activity that could indicate a cyberattack, the program director told Congress on Tuesday. From a report: Nate Gleason leads a team at Lawrence Livermore National Laboratory (LLNL) focused on nation-state threats against critical infrastructure, and this includes the CyberSentry Program.

It's a public-private partnership, managed by CISA, that looks for malicious activity on IT and operational technology (OT) networks in America's energy, water, healthcare, and other critical facilities. This includes threats along the lines of China's Volt Typhoon and Salt Typhoon intrusions -- network activity that may look like, or even start as, espionage, but ultimately enables the digital invaders to backdoor critical orgs and deploy cyber weapons to aid in a kinetic war.

Researchers from La Sapienza University in Rome have developed "WhoFi," a system that uses the way a person's body distorts Wi-Fi signals to re-identify them across different locations -- even if they're not carrying a phone. By training a deep neural network on these subtle signal distortions, the researchers claim WhoFi is able to achieve up to 95.5% accuracy. The Register reports: "The core insight is that as a Wi-Fi signal propagates through an environment, its waveform is altered by the presence and physical characteristics of objects and people along its path," the authors state in their paper. "These alterations, captured in the form of Channel State Information (CSI), contain rich biometric information." CSI in the context of Wi-Fi devices refers to information about the amplitude and phase of electromagnetic transmissions. These measurements, the researchers say, interact with the human body in a way that results in person-specific distortions. When processed by a deep neural network, the result is a unique data signature.

Researchers proposed a similar technique, dubbed EyeFi, in 2020, and asserted it was accurate about 75 percent of the time. The Rome-based researchers who proposed WhoFi claim their technique makes accurate matches on the public NTU-Fi dataset up to 95.5 percent of the time when the deep neural network uses the transformer encoding architecture. "The encouraging results achieved confirm the viability of Wi-Fi signals as a robust and privacy-preserving biometric modality, and position this study as a meaningful step forward in the development of signal-based Re-ID systems," the authors say.

An anonymous reader shares a report: In 2023 and 2024, the hottest years on record, more than 78 million acres of forests burned around the globe. The fires sent veils of smoke and several billion tons of carbon dioxide into the atmosphere, subjecting millions of people to poor air quality. Extreme forest-fire years are becoming more common because of climate change, new research suggests.

"Climate change is loading the dice for extreme fire seasons like we've seen," said John Abatzoglou, a climate scientist at the University of California Merced. "There are going to be more fires like this." The area of forest canopy lost to fire during 2023 and 2024 was at least two times greater than the annual average of the previous nearly two decades, according to a new study published Monday in the journal Proceedings of the National Academy of Sciences.

The researchers used imagery from the LANDSAT satellite network to determine how tree cover had changed from 2002 to 2024, and compared that with satellite detections of fire activity to see how much canopy loss was because of fire. Globally, the area of land burned by wildfires has decreased in recent decades, mostly because humans are transforming savannas and grasslands into less flammable landscapes. But the area of forests burned has gone up.

At least 759 US hospitals experienced network disruptions during the CrowdStrike outage on July 19, 2024, with more than 200 suffering outages that directly affected patient care services, according to a study published in JAMA Network Open by UC San Diego researchers. The researchers detected disruptions across 34% of the 2,232 hospital networks they scanned, finding outages in health records systems, fetal monitoring equipment, medical imaging storage, and patient transfer platforms.

Most services recovered within six hours, though some remained offline for more than 48 hours. CrowdStrike dismissed the study as "junk science," arguing the researchers failed to verify whether affected networks actually ran CrowdStrike software. The researchers defended their methodology, noting they could scan only about one-third of America's hospitals, suggesting the actual impact may have been significantly larger.

Hackers are hiding malware inside DNS records, allowing malicious code to bypass security defenses that typically monitor web and email traffic. DomainTools researchers discovered the technique being used to host Joke Screenmate malware, with binary files converted to hexadecimal format and broken into chunks stored in TXT records across subdomains of whitetreecollective[.]com.

Attackers retrieve the chunks through DNS requests and reassemble them into executable malware. The method exploits a blind spot in security monitoring, as DNS traffic often goes unscrutinized compared to other network activity.

Microsoft has released emergency security updates for two actively exploited zero-day vulnerabilities in SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, that have compromised servers worldwide in what researchers call "ToolShell" attacks. The U.S. Cybersecurity and Infrastructure Security Agency warned over the weekend that hackers were exploiting the vulnerabilities to gain remote code execution on on-premises SharePoint installations, while Microsoft has not yet provided patches for all affected versions.

The vulnerabilities allow hackers to steal private digital keys from SharePoint servers without requiring credentials, enabling them to plant malware and access stored files and data. Eye Security, which first identified the attacks on Saturday, found dozens of actively exploited servers and warned that SharePoint's integration with Outlook, Teams, and OneDrive could enable further network compromise. Researcher Silas Cutler at cybersecurity firm Censys estimated more than 10,000 companies with SharePoint servers were at risk, with the largest concentrations in the United States, Netherlands, United Kingdom, and Canada.

Microsoft released patches for SharePoint 2019 and Subscription Edition but is still working on fixes for SharePoint Server 2016. Administrators must install available updates immediately and rotate machine keys to prevent re-compromise, according to Microsoft's security guidance.

T-Mobile is expanding support for the L4S standard across its 5G Advanced network over the next few weeks, becoming the first wireless carrier in the United States to implement the Low Latency, Low Loss, Scalable Throughput technology. The standard helps high-priority internet packets move with fewer delays to make video calls and cloud games feel smoother by allowing devices to manage congestion and reduce buffering issues that can occur even on higher bandwidth connections.

L4S is already deployed in many cities, the company said. Users will not need special phones or plans to access the network-driven improvements.

San Francisco-based startup Orchid Health "screens embryos for thousands of potential future illnesses," reports the Washington Post, calling it "the first company to say it can sequence an embryo's entire genome of 3 billion base pairs." It uses as few as five cells from an embryo to test for more than 1,200 of these uncommon single-gene-derived, or monogenic, conditions. The company also applies custom-built algorithms to produce what are known as polygenic risk scores, which are designed to measure a future child's genetic propensity for developing complex ailments later in life, such as bipolar disorder, cancer, Alzheimer's disease, obesity and schizophrenia. Orchid, [founder Noor] Siddiqui said in a tweet, is ushering in "a generation that gets to be genetically blessed and avoid disease." Right now, at $2,500 per embryo-screening on top of the average $20,000 for a single cycle of IVF, Siddiqui's social network in Silicon Valley and other tech hubs is an ideal target market...

Yet several genetic scientists told The Post they doubt Orchid's core claim: that it can accurately sequence an entire human genome from just five cells collected from an early-stage embryo, enabling it to see many more single- and multiple-gene-derived disorders than other methods have. Experts have struggled to extract accurate genetic information from small embryonic samples, said Svetlana Yatsenko, a Stanford University pathology professor who specializes in clinical and research genetics. Genetic tests that use saliva or blood samples typically collect hundreds of thousands of cells. For its vastly smaller samples, Orchid uses a process called amplification, which creates copies of the DNA retrieved from the embryo. That process, Yatsenko said, can introduce major inaccuracies. "You're making many, many mistakes in the amplification," she said, rendering it problematic to declare any embryo free of a particular disease, or positive for one. "It's basically Russian roulette...."

Numerous fertility doctors and scientists also told The Post they have serious reservations about screening embryos through polygenic risk scoring, the technique that allows Orchid and other companies to predict future disease by tying clusters of hundreds or even thousands of genes to disease outcomes and in some cases to other traits, such as intelligence and height. The vast majority of diseases that afflict humans are associated with many different genes rather than a single gene... And for traits such as intelligence, polygenic scoring has almost negligible predictive capacity — just a handful of IQ points... Or parents might select against an unwanted trait, such as schizophrenia, without understanding how they may be screening out desired traits associated with the same genes, such as creativity... The American College of Medical Genetics and Genomics calls the benefits of screening embryos for polygenic risks "unproven" and warns that such tests "should not be offered" by clinicians. A pioneer of polygenic risk scores, Harvard epidemiology professor Peter Kraft, has criticized Orchid, saying on X that "the science doesn't add up" and that "waving a magic wand and changing some of these variants at birth may not do anything at all."
The article notes several startups are already providing predictions on intelligence. "In the United States, there are virtually no restrictions on the types of genetic predictions companies can offer, and no external vetting of their proprietary scoring methods."

"The Luxembourg-based satellite company SES has now completed its acquisition of the European-based satellite company Intelsat, giving the combined company 120 active satellites in a variety of low and high Earth orbits," writes longtime Slashdot reader schwit1. "Both companies are long established, with Intelsat initially founded in the mid-1960s as a consortium of 23 nations aimed at launching the first geosynchronous communications satellites over the Atlantic and Pacific serving most of the Old World and linked to the New. The merger is an attempt by both companies to compete with the new low-orbit constellations of SpaceX, Amazon, and from China." From a press release: With a world-class network including approximately 90 geostationary (GEO), nearly 30 medium earth orbit (MEO) satellites, strategic access to low earth orbit (LEO) satellites, and an extensive ground network, SES can now deliver connectivity solutions utilizing complementary spectrum bands including C-, Ku-, Ka-, Military Ka-, X-band, and Ultra High Frequency. The expanded capabilities of the combined company will enable it to deliver premium-quality services and tailored solutions to its customers. The company's assets and networks, once fully integrated, will put SES in a strong competitive position to better serve the evolving needs of its customers including governments, aviation, maritime, and media across the globe. "Our focus is clear: to grow, to lead in high-potential markets, and to shape the future of our industry," said SES CEO Adel Al-Saleh in a statement. "This is a long-term play, and we are building with the future in mind -- growing year after year, expanding our capabilities, and creating lasting value for our customers and shareholders alike."

Fierce Network notes that the FCC is preparing to auction upper C-band spectrum (3.98-4.2 GHz), previously cleared in part by SES and Intelsat and now eyed for 5G expansion by Verizon and AT&T. With new legislative backing and industry pressure, including from CTIA and FCC Chairman Brendan Carr, the agency is being urged to act quickly to auction and open this spectrum for full-power wireless use.

Ukrainian hacker group BO Team, with help from the Ukrainian Cyber Alliance and possibly Ukraine's military, claims to have wiped out one of Russia's largest military drone manufacturers, destroying 47TB of production data and even disabling the doors in the facility. "Or, as described by the hacking collective (per Google translate), they 'deeply penetrated' the drone manufacturer 'to the very tonsils of demilitarization and denazification,'" reports The Register. From the report: BO Team (also known as Black Owl) announced the breach on its Telegram channel, and claimed to have carried out the operation alongside fellow hackers the Ukrainian Cyber Alliance "and one very well-known organization, the mention of which makes Vanya's bottle receivers explode," according to a Google translation of the Russian text. While the "very well-known organization" isn't named, BO Team included a link to Ukraine's Ministry of Defence.

The military intelligence agency, working alongside the attackers, "carried out large-scale work to capture the entire network and server infrastructure of Gaskar Group, collect valuable information about the UAVs being produced and prospective, and then destroy the information and disable this infrastructure," the Telegram post continued. This reportedly included 47TB of technical information about the production of Russian drones, and BO Team claims to have destroyed all of the information on Gaskar's servers, including 10TB of backup files. "By the way, from the information we received, China is providing assistance in the production and training of specialists of Gaskar Group," the hackers added via Telegram. BO Team also posted what they claim to be confidential employee questionnaires [PDF].

On their own Telegram channel, the Ukrainian Cyber Alliance said they also stole "all the source code" before destroying everything. "The network went down so thoroughly that the doors in the building were blocked," the pro-Ukraine crew wrote, per Google translate. "To open them, the administration had to turn on the fire alarm. Most likely, the defense order is on the verge of failure, and thousands of drones will not get to the front in the near future."

Uber said Thursday it will partner with electric vehicle maker Lucid Group and autonomous driving startup Nuro to deploy robotaxis using Lucid Gravity SUVs equipped with Nuro Driver technology on its ride-sharing network. The companies plan to launch the first vehicles in late 2026 in an unidentified major US city and deploy at least 20,000 robotaxis over six years.

Uber will make multi-hundred-million dollar investments in both partners, including $300 million for Lucid to upgrade its assembly line for integrating Nuro hardware into Gravity vehicles.

alternative_right shares a report from Phys.org: Monitoring changes in water temperature and pressure at the seafloor can improve understanding of ocean circulation, climate, and natural hazards such as tsunamis. In recent years, scientists have begun gathering submarine measurements via an existing infrastructure network that spans millions of kilometers around the planet: the undersea fiber-optic telecommunications cables that provide us with amenities like Internet and phone service. Without interfering with their original purpose, the cables can be used as sensors to measure small variations in the light signals that run through them so that scientists can learn more about the sea. Meichen Liu and colleagues recently developed a new instrument, consisting of a receiver and a microwave intensity modulator placed at a shore station, that facilitates the approach. Their work is published in Geophysical Research Letters.

Transcontinental fiber-optic cables are divided into subsections by repeaters, instruments positioned every 50 to 100 kilometers that boost information-carrying light signals so that they remain strong on the journey to their destination. At each repeater, an instrument called a fiber Bragg grating reflects a small amount of light back to the previous repeater to monitor the integrity of the cable. By observing and timing these reflections, the new instrument measures the changes in the time it takes for the light to travel between repeaters. These changes convey information about how the surrounding water changes the shape of the cable, and the researchers used that information to infer properties such as daily and weekly water temperature and tide patterns.