"What happens when cybercriminals stop thinking small and start thinking like a Fortune 500 company?" asks a blog post from Koi Security. "You get GreedyBear, the attack group that just redefined industrial-scale crypto theft."

"150 weaponized Firefox extensions [impersonating popular cryptocurrency wallets like MetaMask and TronLink]. Nearly 500 malicious executables. Dozens of phishing websites. One coordinated attack infrastructure. According to user reports, over $1 million stolen." They upload 5-7 innocuous-looking extensions like link sanitizers, YouTube downloaders, and other common utilities with no actual functionality... They post dozens of fake positive reviews for these generic extensions to build credibility. After establishing trust, they "hollow out" the extensions — changing names, icons, and injecting malicious code while keeping the positive review history. This approach allows GreedyBear to bypass marketplace security by appearing legitimate during the initial review process, then weaponizing established extensions that already have user trust and positive ratings. The weaponized extensions captures wallet credentials directly from user input fields within the extension's own popup interface, and exfiltrate them to a remote server controlled by the group...

Alongside malware and extensions, the threat group has also launched a network of scam websites posing as crypto-related products and services. These aren't typical phishing pages mimicking login portals — instead, they appear as slick, fake product landing pages advertising digital wallets, hardware devices, or wallet repair services... While these sites vary in design, their purpose appears to be the same: to deceive users into entering personal information, wallet credentials, or payment details — possibly resulting in credential theft, credit card fraud, or both. Some of these domains are active and fully functional, while others may be staged for future activation or targeted scams...

A striking aspect of the campaign is its infrastructure consolidation: Almost all domains — across extensions, EXE payloads, and phishing sites — resolve to a single IP address: 185.208.156.66 — this server acts as a central hub for command-and-control, credential collection, ransomware coordination, and scam websites, allowing the attackers to streamline operations across multiple channels... Our analysis of the campaign's code shows clear signs of AI-generated artifacts. This makes it faster and easier than ever for attackers to scale operations, diversify payloads, and evade detection.

This isn't a passing trend — it's the new normal.
The researchers believe the group "is likely testing or preparing parallel operations in other marketplaces."

AOL (now a Yahoo subsidiary) just announced its dial-up internet service will be discontinued at the end of September.

"The change also means the retirement of the AOL Dialer software and the AOL Shield browser, both designed for older operating systems and slow connections that relied on the familiar screech of a modem handshake," remembers Slashdot reader BrianFagioli (noting that dial-up Internet "was once the gateway to the web for millions of households, back when speeds were measured in kilobits and waiting for a picture to load could feel like an eternity.")

AOL's dial-up service "has been publicly available for 34 years," writes Tom's Hardware. But AppleInsider notes the move comes more than 40 years after AOL started "as a very early Apple service." AOL itself started back in 1983 under the name Control Video Corporation, offering online services for the Atari 2600 console. After failing, it became Quantum Computer Services in 1985, eventually launching AppleLink in 1988 to connect Macintosh computers together... With the launch of PC Link for IBM-compatible PCs in 1988 and parting from Apple in October 1989, the company rebranded itself as America Online, or AOL... Even at its height, dial-up connections could get up to 56 kilobits per second under ideal conditions, while modern connections are measured in megabits and gigabits. Most of the service was also what's considered a "walled garden," with features that were only available through AOL itself and that it wasn't the actual, untamed Internet.
In the 1990s AOL "was how millions of people were introduced to the Internet," the article remembers, adding that "Even after the AOL Time Warner acquisition and the 2015 acquisition by Verizon, AOL was still a popular service. Astoundingly, it counted about two million dial-up subscribers at the time." In the 2021 acquisition of assets from Verizon by Apollo Global Management, AOL was said to have 1.5 million people paying for services. However, this was more for technical support and software, rather than for actual Internet access. A CNBC report at the time reports that the dial-up user count was "in the low thousands".... While it dies off, not with a bang but a whimper, AOL's dial-up is still remembered as one of the most transformative services in the Internet age.
"This change does not impact the numerous other valued products and services that these subscribers are able to access and enjoy as part of their plans," a Yahoo spokesperson told PC Magazine this week. "There is also no impact to our users' free AOL email accounts." AOL's disastrous 2001 merger with Time Warner and ongoing inability to deliver broadband to its customers... left it on a path to decline that acquiring such widely read sites as Engadget [2005] and TechCrunch [2010] did not stem. By 2014, the number of dial-up AOL customers had collapsed to 2.34 million. A year later, Verizon bought the company for $4.4 billion in an internet-content play that turned out to be as doomed as the Time Warner transaction. In 2021, Verizon unloaded both AOL and Yahoo, which it had separately purchased in 2017, to the private-equity firm Apollo Global Management....

The demise of AOL's dial-up service does not mean the extinction of the oldest form of consumer online access. Estimates from the Census Bureau's 2023 American Community Survey show 163,401 Americans connected to the internet via dial-up that year.

That was by far the smallest segment of the internet-using population, dwarfed by 100,166,949 subscribing to such forms of broadband as "cable, fiber optic, or DSL"; 8,628,648 using satellite; 3,318,901 using "Internet access without a subscription" (which suggests Wi-Fi from coffee shops or public libraries); and 1,445,135 via "other service."

The remaining AOL dial-up subscribers will need to find some sort of replacement, which in rural areas may be limited to fixed wireless or SpaceX's considerably more expensive Starlink. Or they may wind up joining the ranks of Americans with no internet access: 6,866,059, in those 2023 estimates.

"California's biggest electric utilities pulled off a record-breaking test..." reports Semafor, "during the 7pm-9pm window that is typically its time of peak demand as people come home from work." Pacific Gas & Electric and other top California power companies switched on residential batteries in more than 100,000 homes and drew power from them into the broader statewide grid. The purpose of the test — the largest ever in the state, which has by far the most home battery capacity in the U.S. — was to see just how much power is really there for the utility to tap, and to ensure it could be switched on, effectively running the grid in reverse, without causing a crash.

The result, which the research firm Brattle published this week, was 535 megawatts, equal to adding a big hydro dam or a half-sized nuclear reactor at a fraction of the cost. "Four years ago this capacity didn't even exist," Kendrick Li, PG&E's director of clean energy programs, told Semafor. "Now it's a really attractive option for us. It would be silly not to harness what our customers have installed...." Last week's test proved that in times of peak demand, PG&E can lean on its customers' batteries rather than turn on a gas-fired peaker plant or risk a blackout, Li said.

Virtual power plants (VPPs) also facilitate the addition of more solar energy on the grid: At the moment, California has so much solar generation at peak hours that it can push the wholesale power price close to or even below zero, a headache for grid managers and a disincentive for renewable project developers. The careful manipulation of networked residential batteries smooths out the timing disparity between peak sunshine at midday and peak demand in the evening, allowing the excess to be soaked up and redeployed when it's actually needed, and making power cheaper for everyone. The expanded use of VPPs shouldn't be noticeable to battery owners, Li said, except for the money back on their power bill; nothing about the process prevents them from running their AC or dishwasher while their battery is being tapped. The network can also run in reverse, with the utility taking excess power from the grid at times of low demand and sending it into home batteries for storage.

California could easily reach over a gigawatt of VPP capacity within five years, Li said. Nationwide, a Department of Energy study during the Biden administration forecast that VPP capacity could reach up to 160 gigawatts by 2030, essentially negating the need for dozens of new fossil fuel power plants, with no emissions and at a far lower cost. In 2024, utilities in 34 states moved to initiate or expand VPP networks, according to the advocacy group VP3.
Even with a reduction in federal credits, virtual power plants "offer a way for residential solar-plus-storage systems to remain economically attractive for homeowners — who get paid for the withdrawn power," the article points out — and "a way to make better use of clean energy resources that have already been built."

Sunrun's distributed battery fleet "delivered more than two-thirds of the energy," notes Electrek, "In total, the event pumped an average of 535 megawatts (MW) onto the grid — enough to power over half of San Francisco... This isn't a one-off. Sunrun's fleet already helped drop peak demand earlier this summer, delivering 325 MW during a similar event on June 24.

"The company compensates customers up to $150 per battery per season for participating."

Computer scientists at Tsinghua University and Stanford have developed an algorithm that surpasses a fundamental speed limit that has constrained network pathfinding calculations since 1984. The team's approach to the shortest-path problem -- finding optimal routes from one point to all others in a network -- runs faster than Dijkstra's 1956 algorithm and its improvements by avoiding the sorting process that created the decades-old computational barrier.

Led by Ran Duan at Tsinghua, the researchers combined clustering techniques with selective application of the Bellman-Ford algorithm to identify influential nodes without sorting all paths by distance. The algorithm divides graphs into layers and uses Bellman-Ford to locate key intersection points before calculating paths to other nodes. The technique works on both directed and undirected graphs with arbitrary weights, solving a problem that stymied researchers after partial breakthroughs in the late 1990s and early 2000s applied only to specific weight conditions.

AI startup Perplexity is deploying undeclared web crawlers that masquerade as regular Chrome browsers to access content from websites that have explicitly blocked its official bots, according to a Cloudflare report published Monday. When Perplexity's declared crawlers encounter robots.txt restrictions or network blocks, the company switches to a generic Mozilla user agent that impersonates "Chrome/124.0.0.0 Safari/537.36" running on macOS, the web infrastructure firm reported.

Cloudflare engineers tested the behavior by creating new domains with robots.txt files prohibiting all automated access. Despite the restrictions, Perplexity provided detailed information about the protected content when queried, while the stealth crawler generated 3-6 million daily requests across tens of thousands of domains. The undeclared crawler rotated through multiple IP addresses and network providers to evade detection.

"Digital storefront Itch.io is reindexing its free adult games," reports Engadget, "and is talking to its partnered payment processors about plans to gradually reintroduce paid NSFW content..." In a statement included in the Itch.io update, Stripe said it hasn't closed the door on the possibility of being able to support adult content again in the future. In the meantime, Itch.io says it is talking to its other payment partners about accepting the card payments Stripe is currently no longer able to process.
Itch's founder told the gaming news site Aftermath that it was a notice from Visa that led to the sudden deindexing of so many games. But Aftermath notes that Visa and Mastercard have now "both released statements effectively washing their hands of the situation but also, paradoxically, justifying any actions they might have taken."

- Visa: "When a legally operating merchant faces an elevated risk of illegal activity, we require enhanced safeguards for the banks supporting those merchants..."

- Mastercard: "Our payment network follows standards based on the rule of law. Put simply, we allow all lawful purchases on our network. At the same time, we require merchants to have appropriate controls to ensure Mastercard cards cannot be used for unlawful purchases, including illegal adult content."

Aftermath's take? The part where the two companies act as though their hands have been tied by the long arm of the law is, frankly, bullshit. None of the games removed from Steam or Itch were illegal. They depict actions that are perfectly legal in other mediums. To re-quote Mike Stabile, director of policy at the Free Speech Coalition: "The stuff [companies] are talking about is entirely legal. It's legal to have in a book, it's legal to have in a game. They are making decisions based on their brand, based on public pressure from anti-porn groups, and that can be reversed."
Meanwhile, gamers are still pushing back: It's difficult to say just how many people have spent the past several days tying up the lines of card companies and payment processors, but the movement has made itself visible enough to gain support from larger industry bodies like the Communications Workers of America [the largest communications/media labor union in America] and the International Game Developers Association.

Aurora Innovation has expanded its autonomous trucking operations with nighttime driverless runs between Dallas and Houston and a new Phoenix terminal. "Efficiency, uptime, and reliability are important for our customers, and Aurora is showing we can deliver," said Chris Urmson, co-founder and CEO of Aurora, in a press release. "Just three months after launch, we're running driverless operations day and night and we've expanded our terminal network to Phoenix. Our rapid progress is beginning to unlock the full value of self-driving trucks for our customers, which has the potential to transform the trillion-dollar trucking industry." FreightWaves reports: The expansion allows for continuous utilization, shortening delivery times and serving as part of its path to autonomous trucking profitability. Aurora notes that the unlocking of nighttime autonomous operations can also improve road safety. It cited a 2021 Federal Motor Carrier Safety Administration report on large truck and bus crashes that noted a disproportionate 37% of fatal crashes involving large trucks occurred at night. This comes despite trucks traveling fewer miles during those hours.

Aurora's SAE L4 autonomous driving system, called the Aurora Driver, can detect objects in the dark more than 450 meters away via its proprietary, long-range FirstLight Lidar. The lidar can identify pedestrians, vehicles, and debris up to 11 seconds sooner than a traditional driver, according to the company. In addition to the fleet and operations expansion, the new terminal in Phoenix, which opened in June, is part of an infrastructure-light approach. Aurora notes this design will closely resemble how the company plans to integrate with future customer endpoints, optimized for speed to market.

This expansion of the more than 15-hour Fort Worth to Phoenix route opens up opportunities to showcase the autonomous truck's ability to cut transit time in half compared to a single driver, who is limited to the 11-hour hours-of-service limitation. Aurora is piloting the autonomous trucking Phoenix lane with two customers, Hirschbach and Werner.

Hackers from the group UNC2891 attempted a high-tech bank heist by physically planting a 4G-enabled Raspberry Pi inside a bank's ATM network, using advanced malware hidden with a never-before-seen Linux bind mount technique to evade detection. "The trick allowed the malware to operate similarly to a rootkit, which uses advanced techniques to hide itself from the operating system it runs on," reports Ars Technica. Although the plot was uncovered before the hackers could hijack the ATM switching server, the tactic showcased a new level of sophistication in cyber-physical attacks on financial institutions. The security firm Group-IB, which detailed the attack in a report on Wednesday, didn't say where the compromised switching equipment was located or how attackers managed to plant the Raspberry Pi. Ars Technica reports: To maintain persistence, UNC2891 also compromised a mail server because it had constant Internet connectivity. The Raspberry Pi and the mail server backdoor would then communicate by using the bank's monitoring server as an intermediary. The monitoring server was chosen because it had access to almost every server within the data center. As Group-IB was initially investigating the bank's network, researchers noticed some unusual behaviors on the monitoring server, including an outbound beaconing signal every 10 minutes and repeated connection attempts to an unknown device. The researchers then used a forensic tool to analyze the communications. The tool identified the endpoints as a Raspberry Pi and the mail server but was unable to identify the process names responsible for the beaconing.

The researchers then captured the system memory as the beacons were sent. The review identified the process as lightdm, a process associated with an open source LightDM display manager. The process appeared to be legitimate, but the researchers found it suspicious because the LightDM binary was installed in an unusual location. After further investigation, the researchers discovered that the processes of the custom backdoor had been deliberately disguised in an attempt to throw researchers off the scent.

[Group-IB Senior Digital Forensics and Incident Response Specialist Nam Le Phuong] explained: "The backdoor process is deliberately obfuscated by the threat actor through the use of process masquerading. Specifically, the binary is named "lightdm", mimicking the legitimate LightDM display manager commonly found on Linux systems. To enhance the deception, the process is executed with command-line arguments resembling legitimate parameters -- for example, lightdm -- session child 11 19 -- in an effort to evade detection and mislead forensic analysts during post-compromise investigations. These backdoors were actively establishing connections to both the Raspberry Pi and the internal Mail Server."

Voice actors and industry associations are sounding the alarm over the growing use of AI in dubbing, calling for increased regulations to protect quality, jobs and artists' back catalogues from being used to create future dubbed work. "We need legislation: Just as after the car, which replaced the horse-drawn carriage, we need a highway code," said Boris Rehlinger, a voice actor known as the French voice of Ben Affleck, Joaquin Phoenix, and Puss in Boots. "I feel threatened even though my voice hasn't been replaced by AI yet," he said. Reuters reports: In Germany, 12 well-known dubbing actors went viral on TikTok in March, garnering 8.7 million views, for their campaign saying "Let's protect artistic, not artificial, intelligence." A petition from the VDS voice actors' association calling on German and EU lawmakers to push AI companies to obtain explicit consent when training the technology on artists' voices and fairly compensate them, as well as transparently label AI-generated content, gained more than 75,500 signatures.

When intellectual property is no longer protected, no one will produce anything anymore "because they think 'tomorrow it will be stolen from me anyway'," said Cedric Cavatore, a VDS member who has dubbed films and video games including the PlayStation game "Final Fantasy VII Remake." VDS collaborates with United Voice Artists, a global network of over 20,000 voice actors advocating for ethical AI use and fair contracts. In the United States, Hollywood video game voice and motion capture actors this month signed a new contract with video game studios focused on AI that SAG-AFTRA said represented important progress on protections against the tech.

Elon Musk's Boring Company plans to build a 10-mile underground transportation loop in Nashville connecting the airport to downtown, with private funding and a projected launch as early as fall 2026. "If that happens, Nashville would become the second city where The Boring Company has opened such a system, with the first being Las Vegas," notes TechCrunch. "The company has spent the last few years in Sin City digging and opening tunnels around the Las Vegas Convention Center, and claims to have given 3 million rides in Teslas to date." From the report: The project will be privately funded by The Boring Company "and its private partners," according to the Governor's press release, though those partners are not named. The Boring Company and local officials will now begin a "public process to evaluate potential routes, engage community stakeholders, and finalize plans for the project's initial 10-mile phase." Construction won't begin until the project clears the approvals process. But the governor's office said the first segment of the loop could be operational as "early as fall of 2026."

Brian Krebs writes via KrebsOnSecurity: Fraudsters are flooding Discord and other social media platforms with ads for hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. Here's a closer look at the social engineering tactics and remarkable traits of this sprawling network of more than 1,200 scam sites. The scam begins with deceptive ads posted on social media that claim the wagering sites are working in partnership with popular social media personalities, such as Mr. Beast, who recently launched a gaming business called Beast Games. The ads invariably state that by using a supplied "promo code," interested players can claim a $2,500 credit on the advertised gaming website.

The gaming sites all require users to create a free account to claim their $2,500 credit, which they can use to play any number of extremely polished video games that ask users to bet on each action. At the scam website gamblerbeast[.]com, for example, visitors can pick from dozens of games like B-Ball Blitz, in which you play a basketball pro who is taking shots from the free throw line against a single opponent, and you bet on your ability to sink each shot. The financial part of this scam begins when users try to cash out any "winnings." At that point, the gaming site will reject the request and prompt the user to make a "verification deposit" of cryptocurrency -- typically around $100 -- before any money can be distributed. Those who deposit cryptocurrency funds are soon asked for additional payments. However, any "winnings" displayed by these gaming sites are a complete fantasy, and players who deposit cryptocurrency funds will never see that money again. Compounding the problem, victims likely will soon be peppered with come-ons from "recovery experts" who peddle dubious claims on social media networks about being able to retrieve funds lost to such scams. [...]

[T]hreat hunting platform Silent Push reveals at least 1,270 recently-registered and active domains whose names all invoke some type of gaming or wagering theme. Here is a list of all domains that Silent Push found were using the scambling network's chat API.

An anonymous reader shares an analysis: In most major aviation markets, including the U.S. and Europe, competition is an oligopolistic affair, with several large airlines competing for market share. India's domestic sector, however, is increasingly characterized by the ascent of a single airline.

Low-cost carrier IndiGo has achieved an extraordinary concentration of the market, capturing approximately 64.4% of all passenger traffic as of May. More strikingly, the airline operates with a near-monopoly on 66% of its domestic routes, facing little to no direct competition in a significant portion of its network.

This position is the culmination of a decade-long expansion that saw the exit of rivals like Jet Airways and GoAir. Today, its remaining competitors continue to struggle; SpiceJet's domestic market share has fallen to just 2% while it operates a reduced fleet of only 19 aircraft. Air India, despite its acquisition by the Tata Group in 2022, has been slow in its restructuring and continues to cede domestic ground, with the flag carrier remaining unprofitable.

New submitter Pravetz-82 shares a report from Politico: A cyberattack on Russian state-owned flagship carrier Aeroflot caused a mass outage to the company's computer systems on Monday, Russia's prosecutor's office said, forcing the airline to cancel more than 100 flights and delay others. Ukrainian hacker group Silent Crow and Belarusian hacker activist group the Belarus Cyber-Partisans, which opposes the rule of Belarusian President Alexander Lukashenko, claimed responsibility for the cyberattack. Images shared on social media showed hundreds of delayed passengers crowding Moscow's Sheremetyevo airport, where Aeroflot is based. The outage also disrupted flights operated by Aeroflot's subsidiaries, Rossiya and Pobeda. While most of the flights affected were domestic, the disruption also led to cancellations for some international flights to Belarus, Armenia and Uzbekistan.

Silent Crow claimed it had accessed Aeroflot's corporate network for a year, copying customer and internal data, including audio recordings of phone calls, data from the company's own surveillance on employees and other intercepted communications. "All of these resources are now inaccessible or destroyed and restoring them will possibly require tens of millions of dollars. The damage is strategic," the channel purporting to be the Silent Crow group wrote on Telegram. There was no way to independently verify its claims. The same channel also shared screenshots that appeared to show Aeroflot's internal IT systems, and insinuated that Silent Crow could begin sharing the data it had seized in the coming days. "The personal data of all Russians who have ever flown with Aeroflot have now also gone on a trip -- albeit without luggage and to the same destination," it said. The Belarus Cyber-Partisans told The Associated Press that they had hoped to "deliver a crushing blow." Russia's Prosecutor's Office said it had opened a criminal investigation. Meanwhile, Kremlin spokesperson Dmitry Peskov called reports of the cyberattack "quite alarming," adding that "the hacker threat is a threat that remains for all large companies providing services to the general public."

This week Google's Open Source Security Team announced "a new project to strengthen trust in open source package ecosystems" — by reproducing upstream artifacts.

It includes automation to derive declarative build definitions, new "build observability and verification tools" for security teams, and even "infrastructure definitions" to help organizations rebuild, sign, and distribute provenance by running their own OSS Rebuild instances. (And as part of the initiative, the team also published SLSA Provenance attestations "for thousands of packages across our supported ecosystems.") Our aim with OSS Rebuild is to empower the security community to deeply understand and control their supply chains by making package consumption as transparent as using a source repository. Our rebuild platform unlocks this transparency by utilizing a declarative build process, build instrumentation, and network monitoring capabilities which, within the SLSA Build framework, produces fine-grained, durable, trustworthy security metadata. Building on the hosted infrastructure model that we pioneered with OSS Fuzz for memory issue detection, OSS Rebuild similarly seeks to use hosted resources to address security challenges in open source, this time aimed at securing the software supply chain... We are committed to bringing supply chain transparency and security to all open source software development. Our initial support for the PyPI (Python), npm (JS/TS), and Crates.io (Rust) package registries — providing rebuild provenance for many of their most popular packages — is just the beginning of our journey...

OSS Rebuild helps detect several classes of supply chain compromise:

- Unsubmitted Source Code: When published packages contain code not present in the public source repository, OSS Rebuild will not attest to the artifact.

- Build Environment Compromise: By creating standardized, minimal build environments with comprehensive monitoring, OSS Rebuild can detect suspicious build activity or avoid exposure to compromised components altogether.

- Stealthy Backdoors: Even sophisticated backdoors like xz often exhibit anomalous behavioral patterns during builds. OSS Rebuild's dynamic analysis capabilities can detect unusual execution paths or suspicious operations that are otherwise impractical to identify through manual review.


For enterprises and security professionals, OSS Rebuild can...

— Enhance metadata without changing registries by enriching data for upstream packages. No need to maintain custom registries or migrate to a new package ecosystem.

— Augment SBOMs by adding detailed build observability information to existing Software Bills of Materials, creating a more complete security picture...

- Accelerate vulnerability response by providing a path to vendor, patch, and re-host upstream packages using our verifiable build definitions...


The easiest (but not only!) way to access OSS Rebuild attestations is to use the provided Go-based command-line interface.
"With OSS Rebuild's existing automation for PyPI, npm, and Crates.io, most packages obtain protection effortlessly without user or maintainer intervention."

Long-time Slashdot reader hackingbear writes: China's Huawei Technologies showed off an AI computing system on Saturday that can rival Nvidia's most advanced offering, even though the company faces U.S. export restrictions. The CloudMatrix 384 system made its first public debut at the World Artificial Intelligence Conference (WAIC), a three-day event in Shanghai where companies showcase their latest AI innovations, drawing a large crowd to the company's booth. The CloudMatrix 384 incorporates 384 of Huawei's latest 910C chips, optically connected through an all-to-all topology, and outperforms Nvidia's GB200 NVL72 on some metrics, which uses 72 B200 chips, according to SemiAnalysis. A full CloudMatrix system can now deliver 300 PFLOPs of dense BF16 compute, almost double that of the GB200 NVL72. With more than 3.6x aggregate memory capacity and 2.1x more memory bandwidth, Huawei and China "now have AI system capabilities that can beat Nvidia's," according to a report by SemiAnalysis.

The trade-off is that it takes 4.1x the power of a GB200 NVL72, with 2.5x worse power per FLOP, 1.9x worse power per TB/s memory bandwidth, and 1.2x worse power per TB HBM memory capacity, but SemiAnalysis noted that China has no power constraints only chip constraints. Nvidia had announced DGX H100 NVL256 "Ranger" Platform [with 256 GPUs], SemiAnalysis writes, but "decided to not bring it to production due to it being prohibitively expensive, power hungry, and unreliable due to all the optical transceivers required and the two tiers of network. The CloudMatrix Pod requires an incredible 6,912 400G LPO transceivers for networking, the vast majority of which are for the scaleup network."


Also at this event, Chinese e-commerce giant Alibaba released a new flagship open-source reasoning model Qwen3-235B-A22B-Thinking-2507 which has "already topped key industry benchmarks, outperforming powerful proprietary systems from rivals like Google and OpenAI," according to industry reports. On the AIME25 benchmark, a test designed to evaluate sophisticated, multi-step problem-solving skills, Qwen3-Thinking-2507 achieved a remarkable score of 92.3. This places it ahead of some of the most powerful proprietary models, notably surpassing Google's Gemini-2.5 Pro, while Qwen3-Thinking secured a top score of 74.1 at LiveCodeBench, comfortably ahead of both Gemini-2.5 Pro and OpenAI's o4-mini, demonstrating its practical utility for developers and engineering teams.

"A Chinese mega-constellation of communications satellites is facing serious delays," reports the South China Morning Post, "that could jeopardise its ambitions to compete with SpaceX's Starlink for valuable orbital resources." Only 90 satellites have been launched into low Earth orbit for the Qianfan broadband network — also known as the Thousand Sails Constellation or G60 Starlink — well short of the project's goal of 648 by the end of this year... Shanghai Yuanxin Satellite Technology, the company leading the project, plans to deploy more than 15,000 satellites by 2030 to deliver direct-to-phone internet services worldwide. To stay on track, Yuanxin — which is backed by the Shanghai municipal government — would have to launch more than 30 satellites a month to achieve its milestones of 648 by the end of 2025 for regional coverage and 1,296 two years later for global connectivity.
The New York Times reports that "the other megaconstellation, Guowang, is even farther behind. Despite plans to launch about 13,000 satellites within the next decade, it has 34 in orbit." A constellation has to launch half of its satellites within five years of successfully applying for its frequencies, and complete the full deployment within seven years, according to rules set by the International Telecommunication Union, a United Nations agency that allocates frequencies. The Chinese megaconstellations are behind on these goals. Companies that fail to hit their targets could be required to reduce the size of their megaconstellations.
Meanwhile SpaceX "has about 8,000 Starlink satellites in orbit and is expanding its lead every month," the Times writes, citing data from the U.S. Space Force and the nonprofit space-data group CelesTrak. (The Times has even created an animation showing Starlink's 8,000 satellites in orbit.) Researchers for the People's Liberation Army predict that the network will become "deeply embedded in the U.S. military combat system." They envision a time when Starlink satellites connect U.S. military bases and serve as an early missile-warning and interception network....

One of the major reasons for China's delay is the lack of a reliable, reusable launcher. Chinese companies still launch satellites using single-use rockets. After the satellites are deployed, rocket parts tumble back to Earth or become space debris... Six years after [SpaceX's] Falcon 9 began launching Starlink satellites, Chinese firms still have no answer to it... The government has tested nearly 20 rocket launchers in the "Long March" series.

The vulnerability-watching "Zero Day Initiative" was started in 2005 as a division of 3Com, then acquired in 2015 by cybersecurity company Trend Micro, according to Wikipedia.

But the Register reports today that the initiative's head of threat awareness is now concerned about the source for that exploit of Microsoft's Sharepoint servers: How did the attackers, who include Chinese government spies, data thieves, and ransomware operators, know how to exploit the SharePoint CVEs in such a way that would bypass the security fixes Microsoft released the following day? "A leak happened here somewhere," Dustin Childs, head of threat awareness at Trend Micro's Zero Day Initiative, told The Register. "And now you've got a zero-day exploit in the wild, and worse than that, you've got a zero-day exploit in the wild that bypasses the patch, which came out the next day...."

Patch Tuesday happens the second Tuesday of every month — in July, that was the 8th. But two weeks before then, Microsoft provides early access to some security vendors via the Microsoft Active Protections Program (MAPP). These vendors are required to sign a non-disclosure agreement about the soon-to-be-disclosed bugs, and Microsoft gives them early access to the vulnerability information so that they can provide updated protections to customers faster....

One researcher suggests a leak may not have been the only pathway to exploit. "Soroush Dalili was able to use Google's Gemini to help reproduce the exploit chain, so it's possible the threat actors did their own due diligence, or did something similar to Dalili, working with one of the frontier large language models like Google Gemini, o3 from OpenAI, or Claude Opus, or some other LLM, to help identify routes of exploitation," Tenable Research Special Operations team senior engineer Satnam Narang told The Register. "It's difficult to say what domino had to fall in order for these threat actors to be able to leverage these flaws in the wild," Narang added.

Nonetheless, Microsoft did not release any MAPP guidance for the two most recent vulnerabilities, CVE-2025-53770 and CVE-2025-53771, which are related to the previously disclosed CVE-2025-49704 and CVE-2025-49706. "It could mean that they no longer consider MAPP to be a trusted resource, so they're not providing any information whatsoever," Childs speculated. [He adds later that "If I thought a leak came from this channel, I would not be telling that channel anything."]

"It also could mean that they're scrambling so much to work on the fixes they don't have time to notify their partners of these other details.

Since 2010 Stack Exchange has run all its sites on physical hardware in New Jersey — about 50 different servers. (When Ryan Donovan joined in 2019, "I saw the original server mounted on a wall with a laudatory plaque like a beloved pet.") But this month everything moved to the cloud, a new blog post explains. "Our servers are now cattle, not pets. Nobody is going to have to drive to our New Jersey data center and replace or reboot hardware..." Over the years, we've shared glamor shots of our server racks and info about updating them. For almost our entire 16-year existence, the SRE team has managed all datacenter operations, including the physical servers, cabling, racking, replacing failed disks and everything else in between. This work required someone to physically show up at the datacenter and poke the machines... [O]n July 2nd, in anticipation of the datacenter's closure, we unracked all the servers, unplugged all the cables, and gave these once mighty machines their final curtain call...

We moved Stack Overflow for Teams to Azure in 2023 and proved we could do it. Now we just had to tackle the public sites (Stack Overflow and the Stack Exchange network), which is hosted on Google Cloud. Early last year, our datacenter vendor in New Jersey decided to shut down that location, and we needed to be out by July 2025. Our other datacenter — in Colorado — was decommissioned in June. It was primarily for disaster recovery, which we didn't need any more. Stack Overflow no longer has any physical datacenters or offices; we are fully in the cloud and remote...!

[O]ur Staff Site Reliability Engineer, got a little wistful. "I installed the new web tier servers a few years ago as part of planned upgrades," he said. "It's bittersweet that I'm the one deracking them also." It's the IT version of Old Yeller.
There's photos of the 50 servers, as well as the 400+ cables connecting them, all of which wound up in a junk pile. "For security reasons (and to protect the PII of all our users and customers), everything was being shredded and/or destroyed. Nothing was being kept... Ever have difficulty disconnecting an RJ45 cable? Well, here was our opportunity to just cut the damn things off instead of figuring out why the little tab wouldn't release the plug."

The Internet Archive has received federal depository library status from California Sen. Alex Padilla, joining a network of over 1,100 libraries that archive government documents and make them accessible to the public. Padilla made the designation in a letter to the Government Publishing Office, which oversees the program.

The San Francisco-based nonprofit organization already operates Democracy's Library, a free online compendium of government research and publications launched in 2022. Founder Brewster Kahle said the new designation makes it easier to work with other federal depository libraries and provides more reliable access to government materials for digitization and distribution.

Under federal law, members of Congress can designate up to two qualified libraries for federal depository status.

American Airlines Chief Executive Robert Isom criticized the use of AI in setting air fares during an earnings call, calling the practice "inappropriate" and a "bait and switch" move that could trick travelers. Isom's comments target Delta Air Lines, which is testing AI to help set pricing on about 3% of its network today with plans to expand to 20% by year-end.

Delta maintains it is not using the technology to target customers with individualized offers based on personal information, stating all customers see identical fares across retail channels. US Senators Ruben Gallego, Richard Blumenthal, and Mark Warner have questioned Delta's AI pricing plans, citing data privacy concerns and potential fare increases. Southwest Airlines CEO Bob Jordan said his carrier also has no plans to use AI in revenue management or pricing decisions.