News

U.S. and Canadian cybersecurity agencies say Chinese-linked actors deployed "Brickstorm" malware to infiltrate critical infrastructure and maintain long-term access for potential sabotage. Reuters reports: The Chinese-linked hacking operations are the latest example of Chinese hackers targeting critical infrastructure, infiltrating sensitive networks and "embedding themselves to enable long-term access, disruption, and potential sabotage," Madhu Gottumukkala, the acting director of the Cybersecurity and Infrastructure Security Agency, said in an advisory signed by CISA, the National Security Agency and the Canadian Centre for Cyber Security. According to the advisory, which was published alongside a more detailed malware analysis report (PDF), the state-backed hackers are using malware known as "Brickstorm" to target multiple government services and information technology entities. Once inside victim networks, the hackers can steal login credentials and other sensitive information and potentially take full control of targeted computers. In one case, the attackers used Brickstorm to penetrate a company in April 2024 and maintained access through at least September 3, 2025, according to the advisory. CISA Executive Assistant Director for Cybersecurity Nick Andersen declined to share details about the total number of government organizations targeted or specifics around what the hackers did once they penetrated their targets during a call with reporters on Thursday. The advisory and malware analysis reports are based on eight Brickstorm samples obtained from targeted organizations, according to CISA. The hackers are deploying the malware against VMware vSphere, a product sold by Broadcom's VMware to create and manage virtual machines within networks. [...] In addition to traditional espionage, the hackers in those cases likely also used the operations to develop new, previously unknown vulnerabilities and establish pivot points to broader access to more victims, Google said at the time.

Read more of this story at Slashdot.

Meta is acquiring AI wearable startup Limitless, maker of a pendant that records conversations and generates summaries. "We're excited that Limitless will be joining Meta to help accelerate our work to build AI-enabled wearables," a Meta spokesperson said in a statement. CNBC reports: Limitless CEO Dan Siroker revealed the deal on Friday via a corporate blog post but did not disclose the financial terms. "Meta recently announced a new vision to bring personal superintelligence to everyone and a key part of that vision is building incredible AI-enabled wearables," Siroker said in the post and an accompanying video. "We share this vision and we'll be joining Meta to help bring our shared vision to life."

Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: A few years ago, Paul Wieland, a 44-year-old information technology professional living in New York's Adirondack Mountains, was wrapping up a home renovation when he ran into a hiccup. He wanted to be able to control his new garage door with his smartphone. But the options available, including a product called MyQ, required connecting to a company's internet servers. He believed a "smart" garage door should operate only over a local Wi-Fi network to protect a home's privacy, so he started building his own system to plug into his garage door. By 2022, he had developed a prototype, which he named RATGDO, for Rage Against the Garage Door Opener. He had hoped to sell 100 of his new gadgets just to recoup expenses, but he ended up selling tens of thousands. That's because MyQ's maker did what a number of other consumer device manufacturers have done over the last few years, much to the frustration of their customers: It changed the device, making it both less useful and more expensive to operate. Chamberlain Group, a company that makes garage door openers, had created the MyQ hubs so that virtually any garage door opener could be controlled with home automation software from Apple, Google, Nest and others. Chamberlain also offered a free MyQ smartphone app. Two years ago, Chamberlain started shutting down support for most third-party access to its MyQ servers. The company said it was trying to improve the reliability of its products. But this effectively broke connections that people had set up to work with Apple's Home app or Google's Home app, among others. Chamberlain also started working with partners that charge subscriptions for their services, though a basic app to control garage doors was still free. While Mr. Wieland said RATGDO sales spiked after Chamberlain made those changes, he believes the popularity of his device is about more than just opening and closing a garage. It stems from widespread frustration with companies that sell internet-connected hardware that they eventually change or use to nickel-and-dime customers with subscription fees. "You should own the hardware, and there is a line there that a lot of companies are experimenting with," Mr. Wieland said in a recent interview. "I'm really afraid for the future that consumers are going to swallow this and that's going to become the norm." [...] For Mr. Wieland, the fight isn't over. He started a company named RATCLOUD, for Rage Against the Cloud. He said he was developing similar products that were not yet for sale.

Read more of this story at Slashdot.

On Dec. 2, QuickTime turned 34, and despite its origins in Apple's chaotic 1990s (1991 to be exact), "it's still the backbone of video on our devices," writes Macworld's Jason Snell. That includes MP4 and Apple's immersive video formats for Vision Pro. From the report: By the late '80s and early '90s, digital audio had been thoroughly integrated into Macs. (PCs needed add-on cards to do much more than issue beeps.) The next frontier was video, and even better, synchronized video and audio. There were a whole lot of challenges: the Macs of the day were not really powerful to decode and display more than a few frames per second, which was more of a slideshow than a proper video. Also, the software written to decode and encode such video (called codecs) was complex and expensive, and there were lots of different formats, making file exchange unreliable. Apple's solution wasn't to invent entirely new software to cover every contingency, but to build a framework for multimedia creation and playback that could use different codecs as needed. At its heart was a file that was a container for other streams of audio and video in various formats: the QuickTime Movie, or MOV. [...] QuickTime's legacy lives on. At a recent event I attended at Apple Park, Apple's experts in immersive video for the Vision Pro pointed out that the standard format for immersive videos is, at its heart, a QuickTime container. And perhaps the most ubiquitous video container format on the internet, the MP4 file? That standard file format is actually a container format that can encompass different kinds of audio, video, and other information, all in one place. If that sounds familiar, that's because MPEG-4 is based on the QuickTime format. Thirty-four years later, QuickTime may seem like a quaint product of a long-lost era of Apple. But the truth is, it's become an integral part of the computing world, so pervasive that it's almost invisible. I'd like to forget most of what happened at Apple in the early 1990s, but QuickTime definitely deserves our appreciation.

Read more of this story at Slashdot.

Two Virginia brothers Muneeb and Sohaib Akhter, previously convicted of hacking the U.S. State Department, were rehired as federal contractors and are now charged with conspiring to steal sensitive data and destroy government databases after being fired. "Following the termination of their employment, the brothers allegedly sought to harm the company and its U.S. government customers by accessing computers without authorization, issuing commands to prevent others from modifying the databases before deletion, deleting databases, stealing information, and destroying evidence of their unlawful activities," the Justice Department said in a Wednesday press release. BleepingComputer reports: According to court documents, Muneeb Akhter deleted roughly 96 databases containing U.S. government information in February 2025, including Freedom of Information Act records and sensitive investigative documents from multiple federal agencies. One minute after deleting a Department of Homeland Security database, Muneeb Akhter also allegedly asked an artificial intelligence tool for instructions on clearing system logs after deleting a database. The two defendants also allegedly ran commands to prevent others from modifying the targeted databases before deletion, and destroyed evidence of their activities. The prosecutors added that both men wiped company laptops before returning them to the contractor and discussed cleaning out their house in anticipation of a law enforcement search. The complaint also claims that Muneeb Akhter stole IRS information from a virtual machine, including federal tax data and identifying information for at least 450 individuals, and stole Equal Employment Opportunity Commission information after being fired by the government contractor. Muneeb Akhter has been charged with conspiracy to commit computer fraud and destroy records, two counts of computer fraud, theft of U.S. government records, and two counts of aggravated identity theft. If found guilty, he faces a minimum of two years in prison for each aggravated identity theft count, with a maximum of 45 years on other charges. His brother, Sohaib, is charged with conspiracy to commit computer fraud and password trafficking, facing a maximum penalty of six years if convicted.

Read more of this story at Slashdot.

Netflix says its open AV1 video codec now powers about 30% of all streaming on the platform and is rapidly becoming its primary delivery format thanks to major gains in compression, bandwidth efficiency, HDR support, and film-grain rendering. TVTechnology reports: The blog by Liwei Guo, Zhi Li, Sheldon Radford and Jeff Watts comes at a time when AV2 is on the horizon. [...] The blog revisits Netflix's AV1 journey to date, highlights emerging use cases, and shares adoption trends across the device ecosystem. It noted that since entering the streaming business in 2007, Netflix has primarily relied on H.264/AVC as its streaming format. "Looking ahead, we are excited about the forthcoming release of AV2, announced by the Alliance for Open Media for the end of 2025," said the authors. "AV2 is poised to set a new benchmark for compression efficiency and streaming capabilities, building on the solid foundation laid by AV1. At Netflix, we remain committed to adopting the best open technologies to delight our members around the globe. While AV2 represents the future of streaming, AV1 is very much the present -- serving as the backbone of our platform and powering exceptional entertainment experiences across a vast and ever-expanding ecosystem of devices."

Read more of this story at Slashdot.

An anonymous reader quotes a report from MIT Technology Review: New research reveals that AI chatbots can shift voters' opinions in a single conversation -- and they're surprisingly good at it. A multi-university team of researchers has found that chatting with a politically biased AI model was more effective than political advertisements at nudging both Democrats and Republicans to support presidential candidates of the opposing party. The chatbots swayed opinions by citing facts and evidence, but they were not always accurate -- in fact, the researchers found, the most persuasive models said the most untrue things. The findings, detailed in a pair of studies published in the journals Nature and Science, are the latest in an emerging body of research demonstrating the persuasive power of LLMs. They raise profound questions about how generative AI could reshape elections.

Read more of this story at Slashdot.