News

An anonymous reader quotes a report from The Register: AI can reverse engineer machine code and find vulnerabilities in ancient legacy architectures, says Microsoft Azure CTO Mark Russinovich, who used his own Apple II code from 40 years ago as an example. Russinovich wrote: "We are entering an era of automated, AI-accelerated vulnerability discovery that will be leveraged by both defenders and attackers." In May 1986, Russinovich wrote a utility called Enhancer for the Apple II personal computer. The utility, written in 6502 machine language, added the ability to use a variable or BASIC expression for the destination of a GOTO, GOSUB, or RESTORE command, whereas without modification Applesoft BASIC would only accept a line number. Russinovich had Claude Opus 4.6, released early last month, look over the code. It decompiled the machine language and found several security issues, including a case of "silent incorrect behavior" where, if the destination line was not found, the program would set the pointer to the following line or past the end of the program, instead of reporting an error. The fix would be to check the carry flag, which is set if the line is not found, and branch to an error. The existence of the vulnerability in Apple II type-in code has only amusement value, but the ability of AI to decompile embedded code and find vulnerabilities is a concern. "Billions of legacy microcontrollers exist globally, many likely running fragile or poorly audited firmware like this," said one comment to Russinovich's post.

Read more of this story at Slashdot.

Axios reports that Meta has acquired Moltbook, the viral, Reddit-like social network designed for AI agents. Humans are welcome, but only to observe. Axios reports: The deal brings Moltbook's creators -- Matt Schlicht and Ben Parr -- into Meta Superintelligence Labs (MSL), the unit run by former Scale AI CEO Alexandr Wang. Meta did not disclose Moltbook's purchase price. The deal is expected to close mid-March, Meta says, with the pair starting at MSL on March 16. When it launched in late January, Moltbook was labeled the "most interesting place on the internet" by open-source developer and writer Simon Willison. "Browsing around Moltbook is so much fun. A lot of it is the expected science fiction slop, with agents pondering consciousness and identity. There's also a ton of genuinely useful information, especially on m/todayilearned." In an internal post seen by Axios, Meta's Vishal Shah said existing Moltbook customers can temporarily continue using the platform. "The Moltbook team has given agents a way to verify their identity and connect with one another on their human's behalf," Shah says. "This establishes a registry where agents are verified and tethered to human owners." He added: "Their team has unlocked new ways for agents to interact, share content, and coordinate complex tasks."

Read more of this story at Slashdot.

German publishers and advertising groups are urging regulators to fine Apple over its App Tracking Transparency (ATT) system, arguing it unfairly restricts access to advertising data while allowing Apple to remain the central gatekeeper -- without subjecting its own apps to the same restrictions. If Germany's antitrust authority does rule against Apple, the company could face fines of up to 10% of its global revenue. 9to5Mac reports: One of the countries investigating whether ATT is anticompetitive is Germany. Last year, in an attempt to appease the country's antitrust watchdog, the company proposed several changes to the framework's rules. From Reuters' original coverage of Apple's changes proposals: "Apple had agreed to introduce neutral consent prompts for both its own services and third-party apps, and to largely align the wording, content and visual design of these messages, said Andreas Mundt, head of Germany's Bundeskartellamt. The company also proposed simplifying the consent process so developers can obtain user permission for advertising-related data processing in a way that complies with data protection law." [...] At the time, German regulators launched a consultation with industry publications to determine whether the proposals addressed their concerns. As it turns out, the answer was a hard no. As Reuters reported today: "Apple's proposed changes to its app tracking rules do not resolve antitrust issues in the mobile advertising market, associations representing German publishers and advertisers said on Tuesday as they urged the country's antitrust authority to slap a fine on the U.S. tech giant. [...] 'The proposed commitments would not change the negative effects of the App Tracking Transparency Framework,' Bernd Nauen, chief executive of the German Advertising Federation, said in a joint letter signed by the trade bodies. 'Apple would remain the data gatekeeper and would continue to decide who gets access to advertising-relevant data and how companies can communicate with their end customers,' he said."

Read more of this story at Slashdot.

Private equity firm EQT AB is reportedly exploring a sale of SUSE that could value the open-source Linux pioneer at up to $6 billion, roughly doubling the valuation since EQT took the company private in 2023. Reuters reports: EQT "has hired investment bank Arma Partners to sound out a group of private equity investors for a possible sale of the company, said the sources, who requested anonymity to discuss confidential matters. The deliberations are at "an early stage and there is no certainty that EQT will proceed with "a transaction, the sources said. [...] The potential deal comes amid a broader selloff in software stocks, which has disrupted mergers and acquisitions activity. Investors are "concerned that new artificial intelligence tools could displace many existing software products, weighing on technology "valuations and making deals harder to price. Some investors, however, see Luxembourg-headquartered SUSE as a potential beneficiary of AI adoption, arguing that demand for enterprise-grade infrastructure software is likely to grow as companies build and deploy more AI applications. The company generates about $800 million in revenue and more than $250 million in earnings before interest, taxes, depreciation, and amortization (EBITDA) and could fetch between $4 billion and $6 billion in a sale, the sources said.

Read more of this story at Slashdot.

Several security vulnerabilities have been discovered in Netty, a Java NIO client/server socket framework. It was found that Netty was vulnerable to the MadeYouReset DDoS attack, a logical vulnerability in the HTTP/2 protocol itself and programming errors which enabled request smuggling attacks. Additionally Netty contained an SMTP command injection vulnerability due to insufficient input validation potentially allowing remote attackers to forge arbitrary emails from trusted servers.

The security update for bookworm also contains the fix for CVE-2024-29025. Julien Viet discovered that Netty was vulnerable to allocation of resources without limits or throttling due to the accumulation of data in the HttpPostRequestDecoder. This would allow an attacker to cause a denial of service.

https://security-tracker.debian.org/tracker/DSA-6160-1

An anonymous reader quotes a report from Ars Technica: This week, tens of thousands of game developers and producers will once again gather in San Francisco, as they have since 1988, for the weeklong Game Developers Conference. But this year's show will be missing many international developers who say they no longer feel comfortable traveling to the United States to attend, no matter how relevant the show is to their work and careers. Dozens of those developers who spoke to Ars in recent months say they're wary of traveling to a country that has shown a callous disregard for -- or outright hostility toward -- the safety of international travelers. That's especially true for developers from various minority groups, those with transgender identities, and those who feel they could be targeted for outspoken political beliefs. "I honestly don't know anyone who is not from the U.S. who is planning on going to the next GDC," Godot Foundation Executive Director Emilio Coppola, who's based in Spain, told Ars. "We never felt super safe, but now we are not willing to risk it." "I honestly don't know anyone who is not from the U.S. who is planning on going to the next GDC," says Godot Foundation Executive Director Emilio Coppola, who's based in Spain. "We never felt super safe, but now we are not willing to risk it." "Hearing European citizens getting arrested by border control over their views on the U.S. is not something I would like to test for myself," adds Nazih Fares, a French-Lebanese citizen and creative director at indie studio Le Cabinet du Savoir.. Many of the developers who spoke to Ars cite the intrusive questioning, racial profiling, and other horror stories reported at the U.S. border. "I read a few long reads about how UK/German tourists ended up detained, and that was the final straw for me," Austrian-based Cohop Game founder Eline Muijres said. "It doesn't feel safe for me." Domini Gee, a Canadian game writer and narrative designer echoed that concern, adding: "There's no shortage of stories... about the risk of detainment, deportation, phones being searched... the consequences if I'm not [OK] could be high."

Read more of this story at Slashdot.

The FBI is investigating a breach affecting systems tied to wiretapping and surveillance warrant data, after abnormal logs revealed possible unauthorized access to law-enforcement-sensitive information. "The FBI identified and addressed suspicious activities on FBI networks, and we have leveraged all technical capabilities to respond," a spokesperson for the bureau said. "We have nothing additional to provide." The Register reports: [W]hile the FBI declined to provide any additional information, it's worth noting that China's Salt Typhoon previously compromised wiretapping systems used by law enforcement. Salt Typhoon is the PRC-backed crew that famously hacked major US telecommunications firms and stole information belonging to nearly every American. According to the Associated Press, the FBI notified Congress that it began investigating the breach on February 17 after spotting abnormal log information related to a system on its network. "The affected system is unclassified and contains law enforcement sensitive information, including returns from legal process, such as pen register and trap and trace surveillance returns, and personally identifiable information pertaining to subjects of FBI investigations," the notification said.

Read more of this story at Slashdot.

A startup called Reflect Orbital wants to launch thousands of mirror-bearing satellites to reflect sunlight onto Earth at night and "power solar farms after sunset, provide lighting for rescue workers and illuminate city streets, among other things," reports the New York Times. From the report: It is an idea seemingly out of a sci-fi movie, but the company, Reflect Orbital of Hawthorne, Calif., could soon receive permission to launch its first prototype satellite with a 60-foot-wide mirror. The company has applied to the Federal Communications Commission, which issues the licenses needed to deploy satellites. If the F.C.C. approves, the test satellite could get a ride into orbit as soon as this summer. The F.C.C.'s public comment period on the application closes on Monday. "We're trying to build something that could replace fossil fuels and really power everything," Ben Nowack, Reflect Orbital's chief executive, said in an interview. The company has raised more than $28 million from investors. [...] Reflect Orbital's first prototype, which will be roughly the size of a dorm fridge, is almost complete. Once in space, about 400 miles up, the test satellite would unfurl a square mirror nearly 60 feet wide. That would bounce sunlight to illuminate a circular patch about three miles wide on the Earth's surface. Someone looking up would see a dot in the sky about as bright as a full moon. Two more prototypes could follow within a year. By the end of 2028, Reflect Orbital hopes to launch 1,000 larger satellites, and 5,000 of them by 2030. The largest mirrors are planned to be nearly 180 feet wide, reflecting as much light as 100 full moons. The company said its goal was to deploy the full constellation of 50,000 satellites by 2035. How much does it cost to order sunlight at night? Mr. Nowack said the company would charge about $5,000 an hour for the light of one mirror if a customer signed an annual contract for 1,000 hours or more. Lighting for one-time events and emergencies, which might require numerous satellites and more effort to coordinate, would be more expensive. For solar farms, he envisions splitting revenue from the electricity generated by the additional hours of light.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Heise: Pay securely with an Android smartphone, completely without Google services: This is the plan being developed by the newly founded industry consortium led by the German Volla Systeme GmbH. It is an open-source alternative to Google Play Integrity. This proprietary interface decides on Android smartphones with Google Play services whether banking, government, or wallet apps are allowed to run on a smartphone. Obstacles and tips for paying with an Android smartphone without official Google services have been highlighted by c't in a comprehensive article. The European industry consortium now wants to address some problems mentioned. To this end, the group, which includes Murena, which develops the hardened custom ROM /e/OS, Iode from France, and Apostrophy (Dot) from Switzerland, in addition to Volla, is developing a so-called "UnifiedAttestation" for Google-free mobile operating systems, primarily based on the Android Open-Source Project (AOSP). According to Volla, a European manufacturer and a leading manufacturer from Asia, as well as European foundations such as the German UBports Foundation, have also expressed interest in supporting it. Furthermore, developers and publishers of government apps from Scandinavia are examining the use of the new procedure as "first movers." In its announcement, Volla explains that Google provides app developers with an interface called Play Integrity, which checks whether an app is running on a device with specific security requirements. This primarily affects applications from "sensitive areas such as identity verification, banking, or digital wallets -- including apps from governments and public administrations". The company criticizes that the certification is exclusively offered for Google's own proprietary "Stock Android" but not for Android versions without Google services, such as /e/OS or similar custom ROMs. "Since this is closely intertwined with Google services and Google data centers, a structural dependency arises -- and for alternative operating systems, a de facto exclusion criterion," the company states. From the consortium's perspective, this also leads to a "security paradox," because "the check of trustworthiness is carried out by precisely that entity whose ecosystem is to be avoided at the same time". The UnifiedAttestation system is built around three main components: an "operating system service" that apps can call to check whether the device's OS meets required security standards, a decentralized validation service that verifies the OS certificate on a device without relying on a single central authority, and an open test suite used to evaluate and certify that a particular operating system works securely on a specific device model. "We don't want to centralize trust, but organize it transparently and publicly verifiable. When companies check competitors' products, we can strengthen that trust," says Dr. Jorg Wurzer, CEO of Volla Systeme GmbH and initiator of the consortium. The goal is to increase digital sovereignty and break free from the control of any one, single U.S. company, he says.

Read more of this story at Slashdot.

Samsung says it's thinking about bringing "vibe coding" to future Galaxy phones, allowing users to describe apps or interface changes in plain language and have AI generate the code. TechRadar interviewed Won-Joon Choi, Samsung's head of mobile experience, to learn more about the plans. Here's an excerpt from their report: As noted by Won-Joon Choi, the usefulness of vibe coding on smartphones is that it opens up the "possibility of customizing your smartphone experience in new ways, not just your apps but your UX." He added, "Right now we're limited to premade tools, but with vibe coding, users could adjust their favorite apps or make something customized to their needs. So vibe coding is very interesting, and something we're looking into." [...] Samsung recently debuted the Galaxy S26 series of phones and made a point to not call them smartphones -- they're "AI phones" now. This certainly rang true with the majority of upgrades to the devices being AI software-focused, like the new Now Nudge and expanded Audio Eraser tools, with the biggest hardware bump for the base models coming via the 39% improved NPU processing (the processor in charge of on-device AI tasks). It also teased the debut of Perplexity on its phones, joining as an alternative to the Gemini assistant, and teased the possibility of other AI models getting the same treatment in the future.

Read more of this story at Slashdot.

Electronic Arts has laid off staff across multiple Battlefield studios despite Battlefield 6 being the best-selling game in the U.S. in 2025 and the "biggest launch in franchise history." According to IGN, the layoffs include workers at Criterion, Dice, Ripple Effect, and Motive Studios. From the report: Individuals are being informed that the layoffs are taking place as part of a "realignment" across the Battlefield studios, as the team continues its ongoing, live service support for Battlefield 6 following launch. All four studios will remain operational, though the layoffs seem to be impacting a variety of teams across multiple studios and offices. IGN asked EA for comment on total number and types of roles impacted, as well as for the specific reasons for the layoffs. An EA spokesperson told IGN: "We've made select changes within our Battlefield organization to better align our teams around what matters most to our community. Battlefield remains one of our biggest priorities, and we're continuing to invest in the franchise, guided by player feedback and insights from Battlefield Labs."

Read more of this story at Slashdot.

Live Nation reached a settlement with the U.S. Department of Justice that avoids breaking up its dominant live events empire with Ticketmaster. Instead, the deal requires changes like "open sourcing" their ticketing model and divesting some venues. NBC News reports: The company and the Justice Department reached a settlement on Monday, following a week of testimony during an antitrust trial that threatened to potentially separate the world's largest live entertainment company. [...] On a background call with reporters Monday, a senior justice official said the deal will drive down prices by giving both artists and consumers more choice. As part of the agreement, Ticketmaster will provide a standalone ticketing system that will allow third-party companies like SeatGeek and StubHub to offer primary tickets through the platform. The senior justice official described it as "open sourcing" their ticketing model. The company will also divest up to 13 amphitheaters and reserve 50% of tickets for nonexclusive venues. Ticketmaster is also prohibited from retaliating against a venue that selects another primary ticket distributor, among other requirements. Although a group of states have joined the DOJ in signing the agreement, other states can continue to press their own claims.

Read more of this story at Slashdot.

An anonymous reader quotes a report from KrebsOnSecurity: AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any task -- are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting the security priorities for organizations, while blurring the lines between data and code, trusted co-worker and insider threat, ninja hacker and novice code jockey. The new hotness in AI-based assistants -- OpenClaw (formerly known as ClawdBot and Moltbot) -- has seen rapid adoption since its release in November 2025. OpenClaw is an open-source autonomous AI agent designed to run locally on your computer and proactively take actions on your behalf without needing to be prompted. If that sounds like a risky proposition or a dare, consider that OpenClaw is most useful when it has complete access to your entire digital life, where it can then manage your inbox and calendar, execute programs and tools, browse the Internet for information, and integrate with chat apps like Discord, Signal, Teams or WhatsApp. Other more established AI assistants like Anthropic's Claude and Microsoft's Copilot also can do these things, but OpenClaw isn't just a passive digital butler waiting for commands. Rather, it's designed to take the initiative on your behalf based on what it knows about your life and its understanding of what you want done. "The testimonials are remarkable," the AI security firm Snyk observed. "Developers building websites from their phones while putting babies to sleep; users running entire companies through a lobster-themed AI; engineers who've set up autonomous code loops that fix tests, capture errors through webhooks, and open pull requests, all while they're away from their desks." You can probably already see how this experimental technology could go sideways in a hurry. [...] Last month, Meta AI safety director Summer Yue said OpenClaw unexpectedly started mass-deleting messages in her email inbox, despite instructions to confirm those actions first. She wrote: "Nothing humbles you like telling your OpenClaw 'confirm before acting' and watching it speedrun deleting your inbox. I couldn't stop it from my phone. I had to RUN to my Mac mini like I was defusing a bomb." Krebs also noted the many misconfigured OpenClaw installations users had set up, leaving their administrative dashboards publicly accessible online. According to pentester Jamieson O'Reilly, "a cursory search revealed hundreds of such servers exposed online." When those exposed interfaces are accessed, attackers can retrieve the agent's configuration and sensitive credentials. O'Reilly warned attackers could access "every credential the agent uses -- from API keys and bot tokens to OAuth secrets and signing keys." "You can pull the full conversation history across every integrated platform, meaning months of private messages and file attachments, everything the agent has seen," O'Reilly added. And because you control the agent's perception layer, you can manipulate what the human sees. Filter out certain messages. Modify responses before they're displayed."

Read more of this story at Slashdot.

Bluesky CEO Jay Graber is stepping down after overseeing the platform's growth from a Twitter research project into a 40-million-user alternative to X. "As Bluesky matures, the company needs a seasoned operator focused on scaling and execution, while I return to what I do best: building new things," Graber wrote in a statement. She will be transitioning to a new Chief Innovation Officer role while Venture capitalist Toni Schneider will serve as interim CEO until the board searches for a permanent replacement. Wired reports: Graber joined Bluesky in 2019, when it was a research project within Twitter focused on developing a decentralized framework for the social web. She became the company's first chief executive officer in 2021, when it spun out into an independent entity. She oversaw the platform's remarkable rise and the growing pains it experienced as it transformed from a quirky Twitter offshoot to a full-fledged alternative to X. Schneider tells WIRED that he intends to help Bluesky "become not just the best open social app, but the foundation for a whole new generation of user-owned networks." Schneider, who will continue working as a partner at the venture capital firm True Ventures while at Bluesky, was previously CEO of the Wordpress parent company, Automattic, from 2006 to 2014. He also served as its CEO again in 2024 while top executive Matt Mullenweg went on a sabbatical. During that time, Schneider met Graber and became an adviser to Bluesky's leadership. In a blog post announcing his new role, Schneider said he plans to emphasize scaling, describing his job as "to help set up Bluesky's next phase of growth." This isn't the end for Graber and Bluesky. She will transition to become the company's chief innovation officer, a role focused on Bluesky's technology stack rather than its business operations. The position was created for her. Graber, who began her career as a software engineer, has always sounded the most enthusiastic when discussing Bluesky's technology rather than its revenue streams. Bluesky's board of directors will appoint the next permanent CEO. The members include Jabber founder Jeremie Miller, crypto-focused VC Kinjal Shah, TechDirt founder Mike Masnick, and Graber. (Twitter founder Jack Dorsey was originally part of the board but quit in 2024.) This means Graber will have input on her successor. The talent search is still in early stages.

Read more of this story at Slashdot.

Qualcomm and Arduino have unveiled the Arduino Ventuno Q, a new AI-focused single-board computer built for robotics and edge systems. Engadget reports: Called the Arduino Ventuno Q, it uses Qualcomm's Dragonwing IQ8 processor along with a dedicated STM32H5 low-latency microcontroller (MCU). "Ventuno Q is engineered specifically for systems that move, manipulate and respond to the physical world with precision and reliability," the company wrote on the product page. The Ventuno Q is more sophisticated (and expensive) than Arduinio's usual AIO boards, thanks to the Dragonwing IQ8 processor that includes an 8-core ARM Cortex CPU, Adreno Arm Cortex A623 GPU and Hexagon Tensor NPU that can hit up ot 40 TOPs. It also comes with 16GB of LPDDR5 RAM, along with 64GB of eMMC storage and an M.2 NVME Gen.4 slot to expand that. Other features include Wi-Fi 6, Bluetooth 5.3, 2.5Gbps ethernet and USB camera support. The Ventuno Q includes Arudino App Lab, with pre-trained AI models including LLMs, VLMs, ASR, gesture recognition, pose estimation and object tracking, all running offline. It's designed for AI systems that run entirely offline like smart kiosks, healthcare assistants and traffic flow analysis, along with Edge AI vision and sensing systems. It also supports a full robotics stack including vision processing combined with deterministic motor control for precise vision and manipulation. It's also ideal for education and research in areas like computer vision, generative AI and prototyping at the edge, according to Arduino. Further reading: Up Next for Arduino After Qualcomm Acquisition: High-Performance Computing

Read more of this story at Slashdot.

Anthropic is suing the Department of Defense after the Trump administration labeled the company a "supply chain risk" and canceled its government contracts when Anthropic refused to allow its AI model Claude to be used for domestic surveillance or autonomous weapons. Fortune reports: The lawsuit, filed Monday in the U.S. District Court for the Northern District of California, calls the administration's actions "unprecedented and unlawful" and claims they threaten to harm "Anthropic irreparably." The complaint claims that government contracts are already being canceled and that private contracts are also in doubt, putting "hundreds of millions of dollars" at near-term risk. An Anthropic spokesperson told Fortune: "Seeking judicial review does not change our longstanding commitment to harnessing AI to protect our national security, but this is a necessary step to protect our business, our customers, and our partners." "We will continue to pursue every path toward resolution, including dialogue with the government," they added.

Read more of this story at Slashdot.

"If Lockheed Martin made a Game Boy, would you buy one?" That was the [rhetorical] question The Verge's Sean Hollister asked when he reviewed ModRetro's Game Boy-style handheld device back in 2024. He said it "might be the best version of the Game Boy ever made," though the connection to Palmer Luckey and his defense tech startup Anduril left him conflicted. "I don't remember my childhood nostalgia coming with a side of possible guilt and fear about putting money into the pocket of a weapons contractor," he wrote. "Feels weird!" Those conflicted feelings have lingered ever since. TechCrunch recently cited Hollister's review while reporting that ModRetro is now seeking funding at a $1 billion valuation. The company is said to have additional retro-inspired hardware in development, including one designed to replicate the Nintendo 64. As for Anduril? It's reportedly in talks to raise a new funding round that would value the company at around $60 billion.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Guardian: AI has made it vastly easier for malicious hackers to identify anonymous social media accounts, a new study has warned. In most test scenarios, large language models (LLMs) -- the technology behind platforms such as ChatGPT -- successfully matched anonymous online users with their actual identities on other platforms, based on the information they posted. The AI researchers Simon Lermen and Daniel Paleka said LLMs make it cost effective to perform sophisticated privacy attacks, forcing a "fundamental reassessment of what can be considered private online". In their experiment, the researchers fed anonymous accounts into an AI, and got it to scrape all the information it could. They gave a hypothetical example of a user talking about struggling at school, and walking their dog Biscuit through a "Dolores park." In that hypothetical case, the AI then searched elsewhere for those details and matched @anon_user42 to the known identity with a high degree of confidence. While this example was fictional, the paper's authors highlighted scenarios in which governments use AI to surveil dissidents and activists posting anonymously, or hackers are able to launch "highly personalized" scams.

Read more of this story at Slashdot.

Swiss voters overwhelmingly approved a constitutional amendment guaranteeing the right to use physical cash. "The vote means Switzerland will join the likes of Hungary, Slovakia and Slovenia, which have already written the right to cold, hard cash in their constitutions," reports Politico. From the report: Official results revealed that 73.4 percent of voters backed the legal amendment, which the government proposed as a counter to a similar initiative by a group called the Swiss Freedom Movement. The Swiss Freedom Movement triggered the national referendum after its initiative to protect cash collected more than 100,000 signatures, triggering a national referendum. Its initiative secured only 46 percent of the final vote after the government said some of the group's proposed amendments went too far.

Read more of this story at Slashdot.

An anonymous reader quotes a report from CBS News: Tonight, we have details of a classified U.S. intelligence mission that has obtained a previously unknown weapon that may finally unlock a mystery. Since at least 2016, U.S. diplomats, spies and military officers have suffered crippling brain injuries. They've told of being hit by an overwhelming force, damaging their vision, hearing, sense of balance and cognition. but the government has doubted their stories. They've been called delusional. Well now, 60 Minutes has learned that a weapon that can inflict these injuries was obtained overseas and secretly tested on animals on a U.S. military base. We've investigated this mystery for nine years. This is our fourth story called, "Targeting Americans." Despite official government doubt, we never stopped reporting because of the haunting stories we heard [...]. 60 Minutes interviewed Dr. David Relman, a scientific expert and professor from Stanford University who was tasked by the government to lead two investigations into the Havana Syndrome cases. What he and his panel of doctors, physicists, engineers and others found was that "the most plausible explanation for a subset of these cases was a form of radiofrequency or microwave energy," the report says. According to confidential sources cited in the report, undercover Homeland Security agents bought a miniaturized microwave weapon from a Russian criminal network in 2024 and tested it on animals at a U.S. military lab. The injuries reportedly matched those seen in the human cases. "Our confidential sources tell us the still classified weapon has been tested in a U.S. military lab for more than a year," says Dr. Relman. "Tests on rats and sheep show injuries consistent with those seen in humans." He continues: "Also, as a separate part of the investigation, security camera videos have been collected that show Americans being hit. The videos are classified but they were described to us. In one, a camera in a restaurant in Istanbul captured two FBI agents on vacation sitting at a table with their families. A man with a backpack walks in and suddenly everyone at the table grabs their head as if in pain. Our sources say another video comes from a stairwell in the U.S. embassy in Vienna. The stairs lead to a secure facility. In the video, two people on the stairs suddenly collapse. Those videos and the weapon were among the reasons the Biden administration summoned about half a dozen victims to the White House with about two months left in the president's term." Former intelligence officials and researchers claim elements of the U.S. government downplayed or dismissed the theory for years, possibly to avoid political consequences of accusing a foreign state like Russia of conducting attacks on American personnel.

Read more of this story at Slashdot.