"Some joyless ne'er-do-well has loosed a botnet on the community-driven Arch Linux distro," reports the Register, with a distributed denial of service (DDoS) attack that apparently started a week ago.

Arch maintainer Cristian Heusel announced Thursday on the project's web site that the attack "primarily impacts our main webpage, the Arch User Repository (AUR), and the Forums." We are aware of the problems that this creates for our end users and will continue to actively work with our hosting provider to mitigate the attack. We are also evaluating DDoS protection providers while carefully considering factors including cost, security, and ethical standards... As a volunteer-driven project, we appreciate the community's patience as our DevOps team works to resolve these issues.
A status update Friday acknowledged "we are suffering from partial outages." The Register reports: The attack comes as the project has been enjoying a boost in mainstream success. The distro was picked by Valve to underpin the SteamOS software running on its Steam Deck handheld gaming gadget, with the company providing the project with funding for further development. Late last year, a new version of the archinstall tool was released, with a view to making the system more friendly to newcomers...

For now, the Arch team is working to mitigate the attack's impact, which highlights a bootstrapping issue. Tools designed to shift traffic to mirrors in the event the main infrastructure is unavailable rely on a mirror list obtained from that same main infrastructure, with Heusel advising that users should "default to the mirrors listed in the pacman-mirrorlist package" if tools like reflector fail. Installation media can be downloaded from a range of mirrors, too, but should be checked against the project's official signing key before being trusted.

British telecommunications service provider Colt Telecom "has offices in over 30 countries across North America, Europe, and Asia, reports CPO magazine. "It manages nearly 1,000 data centers and roughly 75,000 km of fiber infrastructure."

But now "a cyber attack has caused widespread multi-day service disruption..." On August 14, 2025, the telecom giant said it had detected a cyber attack that began two days earlier, on August 12. Upon learning of the cyber intrusion, the telecommunications service provider responded by proactively taking some systems offline to contain the cyber attack. Although Colt Telecom's cyber incident response team was working around the clock to mitigate the impacts of the cyber attack, service disruption has persisted for days. However, the service disruption did not affect the company's core network infrastructure, suggesting that Colt customers could still access its network services... The company also did not provide a clear timeline for resolving the service disruption. A week after the apparent ransomware attack, Colt Online and the Voice API platform remained unavailable.
And now Colt Technology Services "confirms that customer documentation was stolen," reports the tech news site BleepingComputer: "A criminal group has accessed certain files from our systems that may contain information related to our customers and posted the document titles on the dark web," reads an updated security incident advisory on Colt's site.

"We understand that this is concerning for you."

"Customers are able to request a list of filenames posted on the dark web from the dedicated call centre."

As first spotted by cybersecurity expert Kevin Beaumont, Colt added the no-index HTML meta tag to the web page, making it so it won't be indexed by search engines.

This statement comes after the Warlock Group began selling on the Ramp cybercrime forum what they claim is 1 million documents stolen from Colt. The documents are being sold for $200,000 and allegedly contain financial information, network architecture data, and customer information... The Warlock Group (aka Storm-2603) is a ransomware gang attributed to Chinese threat actors who utilize the leaked LockBit Windows and Babuk VMware ESXi encryptors in attacks... Last month, Microsoft reported that the threat actors were exploiting a SharePoint vulnerability to breach corporate networks and deploy ransomware.
"Colt is not the only telecom firm that has been named by WarLock on its leak website in recent days," SecurityWeek points out. "The cybercriminals claim to have also stolen data from France-based Orange."

Thanks to long-time Slashdot reader Z00L00K for sharing the news.

An anonymous reader quotes a report from The Register: Microsoft has reportedly stopped giving Chinese companies proof-of-concept exploit code for soon-to-be-disclosed vulnerabilities following last month's SharePoint zero-day attacks, which appear to be related to a leak in Redmond's early-bug-notification program. The software behemoth gives some software vendors early bug disclosures under its Microsoft Active Protections Program (MAPP), which typically delivers info two weeks before Patch Tuesday. MAPP participants sign a non-disclosure agreement, and in exchange get vulnerability details so that they can provide updated protections to customers more quickly.

According to Microsoft spokesperson David Cuddy, who spoke with Bloomberg about changes to the program, MAPP has begun limiting access to companies in "countries where they're required to report vulnerabilities to their governments," including China. Companies in these countries will no longer receive "proof of concept" exploit code, but instead will see "a more general written description" that Microsoft sends at the same time as patches, Cuddy told the news outlet. "A leak happened here somewhere," Dustin Childs, head of threat awareness at Trend Micro's Zero Day Initiative (ZDI), told The Register in July. "And now you've got a zero-day exploit in the wild, and worse than that, you've got a zero-day exploit in the wild that bypasses the patch, which came out the next day."

Childs said the MAPP change "is a positive change, if a bit late. Anything Microsoft can do to help prevent leaks while still offering MAPP guidance is welcome."

"In the past, MAPP leaks were associated with companies out of China, so restricting information from flowing to these companies should help," Childs said. "The MAPP program remains a valuable resource for network defenders. Hopefully, Microsoft can squelch the leaks while sending out the needed information to companies that have proven their ability (and desire) to protect end users."

Remote work policies designed to attract top talent are becoming security vulnerabilities as state-sponsored hackers seek employment at cryptocurrency firms. Coinbase has implemented mandatory in-person orientation and US citizenship requirements for sensitive roles after detecting North Korean IT workers attempting to infiltrate the company through remote positions.

CEO Brian Armstrong revealed on Stripe cofounder John Collison's podcast that the exchange now requires fingerprinting and live video interviews after discovering coordinated efforts involving US-based facilitators who reship laptops and attend virtual interviews on behalf of foreign operatives.

Davis Lu, a former Eaton Corporation developer, has been sentenced to four years in prison for sabotaging his ex-employer's Windows network with malware and a custom kill switch that locked out thousands of employees once his account was disabled. The attack caused significant operational disruption and financial losses, with Lu also attempting to cover his tracks by deleting data and researching privilege escalation techniques. BleepingComputer reports: After a corporate restructuring and subsequent demotion in 2018, the DOJ says that Lu retaliated by embedding malicious code throughout the company's Windows production environment. The malicious code included an infinite Java thread loop designed to overwhelm servers and crash production systems. Lu also created a kill switch named "IsDLEnabledinAD" ("Is Davis Lu enabled in Active Directory") that would automatically lock all users out of their accounts if his account was disabled in Active Directory. When his employment was terminated on September 9, 2019, and his account disabled, the kill switch activated, causing thousands of users to be locked out of their systems.

"The defendant breached his employer's trust by using his access and technical knowledge to sabotage company networks, wreaking havoc and causing hundreds of thousands of dollars in losses for a U.S. company," said Acting Assistant Attorney General Matthew R. Galeotti. When he was instructed to return his laptop, Lu reportedly deleted encrypted data from his device. Investigators later discovered search queries on the device researching how to elevate privileges, hide processes, and quickly delete files. Lu was found guilty earlier this year of intentionally causing damage to protected computers. After his four-year sentence, Lu will also serve three years of supervised release following his prison term.

Longtime Slashdot reader Xesdeeni writes: I received an email indicating Intuit will not support Windows 10 for the desktop versions of TurboTax starting this tax year. Laughably, they say "security is a top priority for us" before adding: "To use TurboTax Desktop software for tax year 2025, your computer will need to run on Microsoft Windows 11 [or] TurboTax Online."

I'm just paranoid enough to use the desktop version, since at least it limits what they see to the forms they send to the IRS -- rather than everything. Even if I was willing to endure the added burden of printing and mailing the forms, this would be the end of that, since I'm out on Windows 11 for the reasons you already know.
Here's what they sent: Hi there,

We're reaching out to provide an update on TurboTax Desktop software for tax year 2025. After October 14, 2025, Microsoft will no longer provide software updates, technical assistance, or security fixes for Windows 10 operating system. Because security is a top priority for us, TurboTax Desktop software for tax year 2025 onwards will not be compatible with Windows 10 operating system.

To use TurboTax Desktop software for tax year 2025, your computer will need to run on Microsoft Windows 11 operating system. You can also consider switching to TurboTax Online, which will work on any supported browser (available December 2025).

For more resources and additional information about this change, go to this help article: How does the end of support for Windows 10 affect my TurboTax Desktop experience?

Thanks for being part of the TurboTax family.

Warm regards,

The TurboTax Team Xesdeeni comments: "I've wanted a Linux offering for years now and only kept Windows for such limited products as this. I guess I can completely punt it now."

Two Harvard dropouts are launching Halo X, a $249 pair of AI-powered smart glasses that continuously listen, record, and transcribe conversations while displaying real-time information to the wearer. "Our goal is to make glasses that make you super intelligent the moment you put them on," said AnhPhu Nguyen, co-founder of Halo. Co-founder Caine Ardayfio said the glasses "give you infinite memory."

"The AI listens to every conversation you have and uses that knowledge to tell you what to say ... kinda like IRL Cluely," Ardayfio told TechCrunch. "If somebody says a complex word or asks you a question, like, 'What's 37 to the third power?' or something like that, then it'll pop up on the glasses." From the report: Ardayfio and Nguyen have raised $1 million to develop the glasses, led by Pillar VC, with support from Soma Capital, Village Global, and Morningside Venture. The glasses will be priced at $249 and will be available for preorder starting Wednesday. Ardayfio called the glasses "the first real step towards vibe thinking."

The two Ivy League dropouts, who have since moved into their own version of the Hacker Hostel in the San Francisco Bay Area, recently caused a stir after developing a facial-recognition app for Meta's smart Ray-Ban glasses to prove that the tech could be used to dox people. As a potential early competitor to Meta's smart glasses, Ardayfio said Meta, given its history of security and privacy scandals, had to rein in its product in ways that Halo can ultimately capitalize on. [...]

For now, Halo X glasses only have a display and a microphone, but no camera, although the two are exploring the possibility of adding it to a future model. Users still need to have their smartphones handy to help power the glasses and get "real time info prompts and answers to questions," per Nguyen. The glasses, which are manufactured by another company that the startup didn't name, are tethered to an accompanying app on the owner's phone, where the glasses essentially outsource the computing since they don't have enough power to do it on the device itself. Under the hood, the smart glasses use Google's Gemini and Perplexity as its chatbot engine, according to the two co-founders. Gemini is better for math and reasoning, whereas they use Perplexity to scrape the internet, they said.

An anonymous reader quotes a report from Ars Technica: After the Trump administration confirmed a rumor that the US is planning to buy a 10 percent stake in Intel, US Senator Bernie Sanders (I-Vt.) came forward Wednesday to voice support for the highly unusual plan, finding rare common ground with Donald Trump. According to Commerce Secretary Howard Lutnick, the plan would see the US disbursing approved CHIPS Act grants only after acquiring non-voting shares of Intel and likely other chipmakers. That would allow the US to profit off its investment in chipmakers, Lutnick suggested, and Sanders told Reuters that he agreed American taxpayers could benefit from the potential deals.

"If microchip companies make a profit from the generous grants they receive from the federal government, the taxpayers of America have a right to a reasonable return on that investment," Sanders said. While Lutnick gave Trump credit for coming up with what White House Press Secretary Karoline Leavitt described as a "creative idea that has never been done before" to protect US national and economic security, it appears that Lutnick is driving the initiative. "Lutnick has been pushing the equity idea," insiders granted anonymity previously told Reuters, "adding that Trump likes the idea."

So far, Intel has engaged in talks, while the Taiwan Semiconductor Manufacturing Company (TSMC) and other major CHIPS grant recipients like Samsung and Micron have yet to comment on the potential arrangement the Trump administration seems likely to pursue. They may possibly risk clawbacks of grants if such deals aren't made. On Wednesday, Taiwan Economy Minister Kuo Jyh-huei said his ministry would be consulting with TSMC soon, while noting that as yet, it's hard to "thoroughly understand the underlying meaning" of Lutnick's public comments. So far, Lutnick has only specified that "any potential arrangement wouldn't provide the government with voting or governance rights in Intel," dispelling fears that the US would use its ownership stake to try to control the world's most important chipmakers. Further reading: Intel is Getting a $2 Billion Investment From SoftBank

India Dispatch: The strongest case for India is not merely that it is young, but that it still has time, and it may be the only continental-scale economy that still has it in abundance. India won't cross the demographic threshold for an "old" country -- a median age of 41 -- until the late 2050s, while China reaches that point now. India requires 10.4% sustained GDP growth over 35 years to become rich before aging, compared to China's needed 32% annual growth rate. India's working-age population will increase from 67.5% in 2021 to 69.2% by 2031, with the median age remaining at 34.5 in 2036. The report adds: China's compressed dilemma mirrors what is gripping the developed world, where Europe's share of population over 65 is on track to hit 30% by 2050, up from 8% in 1950. Raising retirement ages -- what economists describe as the closest thing to a silver bullet -- faces older voting blocs, who now make up roughly 40% of those who turn up at the polls in European elections. In the U.S., what J.P. Morgan analysts term a "Social Security cliff" looms by 2033, when the system's trust funds are projected to be exhausted, and hopes that productivity miracles (powered by, hopefully AI) will quietly square this circle look optimistic, leaving much of the rich world and North Asia out of time.

The women-only dating-advice app Tea "has been hit with 10 potential class action lawsuits in federal and state court," NBC News reported last week, "after a data breach led to the leak of thousands of selfies, ID photos and private conversations online." The suits could result in Tea having to pay tens of millions of dollars in damages to the plaintiffs, which could be catastrophic for the company, an expert told NBC News... One of the suits lists the right-wing online discussion board 4chan and the social platform X as defendants, alleging that they allowed bad actors to spread users' personal information.
But meanwhile, a new competing app for men called "TeaOnHer" has already been launched. And it was also found to have enormous security flaws, reports TechCrunch, that "exposed its users' personal information, including photos of their driver's licenses and other government-issued identity documents..." [W]hen we looked at the TeaOnHer's public internet records, it had no meaningful information other than a single subdomain, appserver.teaonher.com. When we opened this page in our browser, what loaded was the landing page for TeaOnHer's API (for the curious, we uploaded a copy here)... It was on this landing page that we found the exposed email address and plaintext password (which wasn't that far off from "password") for [TeaOnHer developer Xavier] Lampkin's account to access the TeaOnHer "admin panel"... This API landing page included an endpoint called /docs, which contained the API's auto-generated documentation (powered by a product called Swagger UI) that contained the full list of commands that can be performed on the API [including administrator commands to return user data]...

While it's not uncommon for developers to publish their API documentation, the problem here was that some API requests could be made without any authentication — no passwords or credentials were needed...

The records returned from TeaOnHer's server contained users' unique identifiers within the app (essentially a string of random letters and numbers), their public profile screen name, and self-reported age and location, along with their private email address. The records also included web address links containing photos of the users' driver's licenses and corresponding selfies. Worse, these photos of driver's licenses, government-issued IDs, and selfies were stored in an Amazon-hosted S3 cloud server set as publicly accessible to anyone with their web addresses. This public setting lets anyone with a link to someone's identity documents open the files from anywhere with no restrictions...

The bugs were so easy to find that it would be sheer luck if nobody malicious found them before we did. We asked, but Lampkin would not say if he has the technical ability, such as logs, to determine if anyone had used (or misused) the API at any time to gain access to users' verification documents, such as by scraping web addresses from the API. In the days since our report to Lampkin, the API landing page has been taken down, along with its documentation page, and it now displays only the state of the server that the TeaOnHer API is running on as "healthy."
The flaws were discovered while TeaOnHer was the #2 free app in the Apple App Store, the article points out. And while these flaws "appear to be resolved," the article notes a larger issue. "Shoddy coding and security flaws highlight the ongoing privacy risks inherent in requiring users to submit sensitive information to use apps and websites,"

And TeaOnHer also had another authentication issue. A female reporter at Cosmopolitan also noted Friday that TeaOnHer "lets you browse through profiles before your verifications are complete. So literally anyone (like myself) can read reviews..."

Protected KVM (pKVM), the hypervisor powering the Android Virtualization Framework, has officially achieved SESIP Level 5 certification (in testing by cybersecurity lab Dekra against the TrustCB SESIP scheme).

Google's security blog called the certification "a watershed moment," and a "new benchmark" for both open-source security — and for the future of consumer electronics. "It provides a single, open-source, and exceptionally high-quality firmware base that all device manufacturers can build upon." This makes pKVM the first software security system designed for large-scale deployment in consumer electronics to meet this assurance bar. The implications for the future of secure mobile technology are profound. With this level of security assurance, Android is now positioned to securely support the next generation of high-criticality isolated workloads. This includes vital features, such as on-device AI workloads that can operate on ultra-personalized data, with the highest assurances of privacy and integrity...

Achieving Security Evaluation Standard for IoT Platforms (SESIP) Level 5 is a landmark because it incorporates AVA_VAN.5, the highest level of vulnerability analysis and penetration testing under the ISO 15408 (Common Criteria) standard. A system certified to this level has been evaluated to be resistant to highly skilled, knowledgeable, well-motivated, and well-funded attackers who may have insider knowledge and access. This certification is the cornerstone of the next-generation of Android's multi-layered security strategy. Many of the TEEs (Trusted Execution Environments) used in the industry have not been formally certified or have only achieved lower levels of security assurance... Looking ahead, Android device manufacturers will be required to use isolation technology that meets this same level of security for various security operations that the device relies on. Protected KVM ensures that every user can benefit from a consistent, transparent, and verifiably secure foundation.
"This achievement represents just one important aspect of the immense, multi-year dedication from the Linux and KVM developer communities and multiple engineering teams at Google developing pKVM and AVF," the post concludes.

"We look forward to seeing the open-source community and Android ecosystem continue to build on this foundation, delivering a new era of high-assurance mobile technology for users."

Three years ago security researcher Eaton Zveare discovered a vulnerability in Jacuzzi's SmartTub interface allowing access to the personal data of every hot tub owner.

Now Zverae says flaws in an unnamed carmaker's dealership portal "exposed the private information and vehicle data of its customers," reports TechCrunch, "and could have allowed hackers to remotely break into any of its customers' vehicles." Zveare, who works as a security researcher at software delivery company Harness, told TechCrunch the flaw he discovered allowed the creation of a ["national"] admin account that granted "unfettered access" to the unnamed carmaker's centralized web portal. With this access, a malicious hacker could have viewed the personal and financial data of the carmaker's customers, tracked vehicles, and enrolled customers in features that allow owners — or the hackers — to control some of their cars' functions from anywhere.

Zveare said he doesn't plan on naming the vendor, but said it was a widely known automaker with several popular sub-brands.

In an interview with TechCrunch ahead of his talk at the Def Con security conference in Las Vegas on Sunday, Zveare said the bugs put a spotlight on the security of these dealership systems, which grant their employees and associates broad access to customer and vehicle information... The flaws were problematic because the buggy code loaded in the user's browser when opening the portal's login page, allowing the user — in this case, Zveare — to modify the code to bypass the login security checks. Zveare told TechCrunch that the carmaker found no evidence of past exploitation, suggesting he was the first to find it and report it to the carmaker.

When logged in, the account granted access to more than 1,000 of the carmakers' dealers across the United States, he told TechCrunch... With access to the portal, Zveare said it was also possible to pair any vehicle with a mobile account, which allows customers to remotely control some of their cars' functions from an app, such as unlocking their cars... "The takeaway is that only two simple API vulnerabilities blasted the doors open, and it's always related to authentication," said Zveare. "If you're going to get those wrong, then everything just falls down."
Zveare told TechCrunch the portals even included "telematics systems that allowed the real-time location tracking of rental or courtesy cars...

"Zveare said the bugs took about a week to fix in February 2025 soon after his disclosure to the carmaker."

Thanks to long-time Slashdot reader schwit1 for sharing the article.

"Phishing training for employees as currently practiced is essentially useless," writes SC World, citing the presentation of two researchers at the Black Hat security conference: In a scientific study involving thousands of test subjects, eight months and four different kinds of phishing training, the average improvement rate of falling for phishing scams was a whopping 1.7%. "Is all of this focus on training worth the outcome?" asked researcher Ariana Mirian, a senior security researcher at Censys and recently a Ph.D. student at U.C. San Diego, where the study was conducted. "Training barely works..."

[Research partner Christian Dameff, co-director of the U.C. San Diego Center for Healthcare Cybersecurity] and Mirian wanted scientifically rigorous, real-world results. (You can read their academic paper here.) They enrolled more than 19,000 employees of the UCSD Health system and randomly split them into five groups, each member of which would see something different when they failed a phishing test randomly sent once a month to their workplace email accounts... Over the eight months of testing, however, there was little difference in improvement among the four groups that received different kinds of training. Those groups did improve a bit over the control group's performance — by the aforementioned 1.7%...

[A]bout 30% of users clicked on a link promising information about a change in the organization's vacation policy. Almost as many fell for one about a change in workplace dress code... Another lesson was that given enough time, almost everyone falls for a phishing email. Over the eight months of the experiment, just over 50% failed at least once.
Thanks to Slashdot reader spatwei for sharing the article.

An anonymous reader shared this report from Tom's Hardware: According to German news outlet Heise, notable progress has been made regarding the counterfeit Seagate hard drive case. Just like something out of an action movie, security teams from Seagate's Singapore and Malaysian offices, in conjunction with local Malaysian authorities, conducted a raid on a warehouse in May that was engaged in cooking up counterfeit Seagate hard drives, situated outside Kuala Lumpur.

During the raid, authorities reportedly uncovered approximately 700 counterfeit Seagate hard drives, with SMART values that had been reset to facilitate their sale as new... However, Seagate-branded drives were not the only items involved, as authorities also discovered drives from Kioxia and Western Digital. Seagate suspects that the used hard drives originated from China during the Chia [cryptocurrency] boom. Following the cryptocurrency's downfall, numerous miners sold these used drives to workshops where many were illicitly repurposed to appear new. This bust may represent only the tip of the iceberg, as Heise estimates that at least one million of these Chia drives are circulating, although the exact number that have been recycled remains uncertain.

The clandestine workshop, likely one of many establishments in operation, reportedly employed six workers. Their responsibilities included resetting the hard drives' SMART values, cleaning, relabeling, and repackaging them for distribution and sale via local e-commerce platforms.

"Several cybersecurity companies debuted advancements in AI agents at the Black Hat conference last week," reports Axios, "signaling that cyber defenders could soon have the tools to catch up to adversarial hackers." - Microsoft shared details about a prototype for a new agent that can automatically detect malware — although it's able to detect only 24% of malicious files as of now.

- Trend Micro released new AI-driven "digital twin" capabilities that let companies simulate real-world cyber threats in a safe environment walled off from their actual systems.

- Several companies and research teams also publicly released open-source tools that can automatically identify and patch vulnerabilities as part of the government-backed AI Cyber Challenge.

Yes, but: Threat actors are now using those AI-enabled tools to speed up reconnaissance and dream up brand-new attack vectors for targeting each company, John Watters, CEO of iCounter and a former Mandiant executive, told Axios.
The article notes "two competing narratives about how AI is transforming the threat landscape." One says defenders still have the upper hand. Cybercriminals lack the money and computing resources to build out AI-powered tools, and large language models have clear limitations in their ability to carry out offensive strikes. This leaves defenders with time to tap AI's potential for themselves. [In a DEF CON presentation a member of Anthropic's red team said its Claude AI model will "soon" be able to perform at the level of a senior security researcher, the article notes later]

Then there's the darker view. Cybercriminals are already leaning on open-source LLMs to build tools that can scan internet-connected devices to see if they have vulnerabilities, discover zero-day bugs, and write malware. They're only going to get better, and quickly...

Right now, models aren't the best at making human-like judgments, such as recognizing when legitimate tools are being abused for malicious purposes. And running a series of AI agents will require cybercriminals and nation-states to have enough resources to pay the cloud bills they rack up, Michael Sikorski, CTO of Palo Alto Networks' Unit 42 threat research team, told Axios. But LLMs are improving rapidly. Sikorski predicts that malicious hackers will use a victim organization's own AI agents to launch an attack after breaking into their infrastructure.

Matt Asay answered questions from Slashdot readers in 2010 as the then-COO of Canonical. Today he runs developer marketing at Oracle (after holding similar positions at AWS, Adobe, and MongoDB).

And this week Asay contributed an opinion piece to InfoWorld reminding us of open source contributions from companies where "enlightened self-interest underwrites the boring but vital work — CI hardware, security audits, long-term maintenance — that grassroots volunteers struggle to fund." [I]f you look at the Linux 6.15 kernel contributor list (as just one example), the top contributor, as measured by change sets, is Intel... Another example: Take the last year of contributions to Kubernetes. Google (of course), Red Hat, Microsoft, VMware, and AWS all headline the list. Not because it's sexy, but because they make billions of dollars selling Kubernetes services... Some companies (including mine) sell proprietary software, and so it's easy to mentally bucket these vendors with license fees or closed cloud services. That bias makes it easy to ignore empirical contribution data, which indicates open source contributions on a grand scale.
Asay notes Oracle's many contributions to Linux: In the [Linux kernel] 6.1 release cycle, Oracle emerged as the top contributor by lines of code changed across the entire kernel... [I]t's Oracle that patches memory-management structures and shepherds block-device drivers for the Linux we all use. Oracle's kernel work isn't a one-off either. A few releases earlier, the company topped the "core of the kernel" leaderboard in 5.18, and it hasn't slowed down since, helping land the Maple Tree data structure and other performance boosters. Those patches power Oracle Cloud Infrastructure (OCI), of course, but they also speed up Ubuntu on your old ThinkPad. Self-interested contributions? Absolutely. Public benefit? Equally absolute.

This isn't just an Oracle thing. When we widen the lens beyond Oracle, the pattern holds. In 2023, I wrote about Amazon's "quiet open source revolution," showing how AWS was suddenly everywhere in GitHub commit logs despite the company's earlier reticence. (Disclosure: I used to run AWS' open source strategy and marketing team.) Back in 2017, I argued that cloud vendors were open sourcing code as on-ramps to proprietary services rather than end-products. Both observations remain true, but they miss a larger point: Motives aside, the code flows and the community benefits.

If you care about outcomes, the motives don't really matter. Or maybe they do: It's far more sustainable to have companies contributing because it helps them deliver revenue than to contribute out of charity. The former is durable; the latter is not.
There's another practical consideration: scale. "Large vendors wield resources that community projects can't match."

Asay closes by urging readers to "Follow the commits" and "embrace mixed motives... the point isn't sainthood; it's sustainable, shared innovation. Every company (and really every developer) contributes out of some form of self-interest. That's the rule, not the exception. Embrace it." Going forward, we should expect to see even more counterintuitive contributor lists. Generative AI is turbocharging code generation, but someone still has to integrate those patches, write tests, and shepherd them upstream. The companies with the most to lose from brittle infrastructure — cloud providers, database vendors, silicon makers — will foot the bill. If history is a guide, they'll do so quietly.

ChatGPT now has nearly 700 million weekly users, OpenAI says. But after launching GPT-5 last week, critics bashed its less-intuitive feel, reports CNBC, "ultimately leading the company to restore its legacy GPT-4 to paying chatbot customers."

Yet GPT-5 was always about cracking the enterprise market "where rival Anthropic has enjoyed a head start," they write. And one week in, "startups like Cursor, Vercel, and Factory say they've already made GPT-5 the default model in certain key products and tools, touting its faster setup, better results on complex tasks, and a lower price." Some companies said GPT-5 now matches or beats Claude on code and interface design, a space Anthropic once dominated. Box, another enterprise customer, has been testing GPT-5 on long, logic-heavy documents. CEO Aaron Levie told CNBC the model is a "breakthrough," saying it performs with a level of reasoning that prior systems couldn't match...

Still, the economics are brutal. The models are expensive to run, and both OpenAI and Anthropic are spending big to lock in customers, with OpenAI on track to burn $8 billion this year. That's part of why both Anthropic and OpenAI are courting new capital... GPT-5 is significantly cheaper than Anthropic's top-end Claude Opus 4.1 — by a factor of seven and a half, in some cases — but OpenAI is spending huge amounts on infrastructure to sustain that edge. For OpenAI, it's a push to win customers now, get them locked in and build a real business on the back of that loyalty...

GPT-5 API usage has surged since launch, with the model now processing more than twice as much coding and agent-building work, and reasoning use cases jumping more than eightfold, said a person familiar with the matter who requested anonymity in order to discuss company data. Enterprise demand is rising sharply, particularly for planning and multi-step reasoning tasks.

GPT-5's traction over the past week shows how quickly loyalties can shift when performance and price tip in OpenAI's favor. AI-powered coding platform Qodo recently tested GPT-5 against top-tier models including Gemini 2.5, Claude Sonnet 4, and Grok 4, and said in a blog post that it led in catching coding mistakes. The model was often the only one to catch critical issues, such as security bugs or broken code, suggesting clean, focused fixes and skipping over code that didn't need changing, the company said. Weaknesses included occasional false positives and some redundancy.
JetBrains has also adopted GPT-5 as the default for its AI Assistant and for its new no-code tool Kineto, according to the article.

But Anthropic is still enjoying a great year too, with its annualized revenue growing 17x year-over-year (according to "a person familiar with the matter who requested anonymity")

An anonymous reader writes: Kaisen Linux, a Debian-based distro packed with tools for sysadmins, system rescue, and network diagnostics, is shutting down. This comes not long after Intel's Clear Linux also reached the end of the road.

Kaisen offered multiple desktop environments like KDE Plasma, LXQt, MATE, and Xfce, plus a "toram" mode that could load the whole OS into RAM so you could free up your USB port. The final release, Rolling 3.0, updates the base to Debian 13, defaults to KDE Plasma 6, replaces LightDM with SDDM, drops some packages like neofetch and hping3, and adds things like faster BTRFS snapshot restores, full ZFS support, and safer partitioning behavior.

Unlike Clear Linux, Kaisen will still get security updates for the next two years, giving current users time to migrate without rushing.

Proton has begun relocating infrastructure outside Switzerland ahead of proposed surveillance legislation requiring VPNs and messaging services with over 5,000 users to identify customers and retain data for six months.

The company's AI chatbot Lumo became the first product hosted on German servers rather than Swiss infrastructure. CEO Andy Yen confirmed the decision and a spokesperson told TechRadar that the company isn't fully exiting Switzerland.

In a blog post about the launch of Lumo last month, Proton's Head of Anti-Abuse and Account Security, Eamonn Maguire, explained that the company had decided to invest outside Switzerland for fear of the looming legal changes. He wrote: "Because of legal uncertainty around Swiss government proposals to introduce mass surveillance -- proposals that have been outlawed in the EU -- Proton is moving most of its physical infrastructure out of Switzerland. Lumo will be the first product to move."

The proposed amendments to Switzerland's Ordinance on the Surveillance of Correspondence by Post and Telecommunications would also mandate decryption capabilities for providers holding encryption keys. Proton is developing additional facilities in Norway.

An anonymous reader quotes a report from The Guardian: Russian hackers took control of a Norwegian dam this year, opening a floodgate and allowing water to flow unnoticed for four hours, Norway's intelligence service has said. The admission, by the Norwegian Police Security Service (PST), marks the first time that Oslo has formally attributed the cyber-attack in April on Bremanger, western Norway, to Moscow. The attack on the hydropower dam, which produces electricity, released 500 liters (132 gallons) of water a second for four hours until the incident was detected and stopped.

The head of PST, Beate Gangas, said on Wednesday: "Over the past year, we have seen a change in activity from pro-Russian cyber actors." The Bremanger incident was an example of such an attack, she added. "The aim of this type of operation is to influence and to cause fear and chaos among the general population. Our Russian neighbor has become more dangerous." The incident did not cause any injuries or damage because the water level of the river and the dam, which is close to the town of Svelgen, was a long way below flood capacity. The alleged perpetrators reportedly published a three-minute video, watermarked with the name of a pro-Russian cybercriminal group, on Telegram on the day of the attack.