Slashdot

Mastercard is working with Microsoft and other leading AI companies to give AI agents the ability to shop online and make payments on behalf of consumers. From a report: Under the new program, a shopper could prompt an AI agent -- Microsoft's Copilot, for example -- to search for a pair of yellow running shoes in a particular size. The agent would then search and offer the customer options, and then be able to make the purchase while also recommending the best way to pay, Mastercard said in a statement Tuesday.

Read more of this story at Slashdot.

Electronic Arts (EA) has laid off around 300 employees across multiple departments, including about 100 at Respawn Entertainment. IGN reports: IGN understands that these wider cuts largely impacted EA's Experiences team, which includes groups such as EA's Fan Care team and various others working on customer support and marketing, though other EA departments saw reductions as well. As with other cuts at EA, those impacted will be given the opportunity to apply for other roles internally prior to being let go. The roughly 100 jobs impacted at Respawn included individuals in development, publishing, and QA workers on Apex Legends, as well as smaller groups of individuals working on the Jedi team and two canceled incubation projects, one of which we reported on back in March, and the other of which was, per Bloomberg's reporting, a new Titanfall game. "As part of our continued focus on our long-term strategic priorities, we've made select changes within our organization that more effectively aligns teams and allocates resources in service of driving future growth," an EA spokesperson said in an official statement. "We are treating our people with care and respect throughout this process, working to minimize impacts by helping affected employees explore new opportunities within the company when possible and providing support during the transition."

Read more of this story at Slashdot.

Firefox has launched its long-awaited tab groups feature, responding to the most upvoted request in Mozilla Connect's three-year history. The feature allows users to organize tabs by name or color through a drag-and-drop interface. Mozilla is now developing an AI-powered "smart tab groups" feature that automatically suggests organization based on open tabs. Unlike competitors, the company said, Firefox processes this data locally, keeping tab information on the user's device rather than sending it to cloud servers.

Read more of this story at Slashdot.

A new study [PDF] reveals AI-generated code frequently references non-existent third-party libraries, creating opportunities for supply-chain attacks. Researchers analyzed 576,000 code samples from 16 popular large language models and found 19.7% of package dependencies -- 440,445 in total -- were "hallucinated." These non-existent dependencies exacerbate dependency confusion attacks, where malicious packages with identical names to legitimate ones can infiltrate software. Open source models hallucinated at nearly 22%, compared to 5% for commercial models. "Once the attacker publishes a package under the hallucinated name, containing some malicious code, they rely on the model suggesting that name to unsuspecting users," said lead researcher Joseph Spracklen. Alarmingly, 43% of hallucinations repeated across multiple queries, making them predictable targets.

Read more of this story at Slashdot.

South Korean telecom network SK Telecom is providing free SIM card replacements to all 25 million mobile subscribers following an April 19 security breach where malware compromised Universal Subscriber Identity Module data. Despite the company's announcement, only 6 million replacement cards will be available through May 2025. The stolen data potentially includes IMSI numbers, authentication keys, and network usage information, though customer names, identification details, and financial information remain secure. The primary risk is unauthorized SIM swapping attacks, where threat actors could clone SIM cards.

Read more of this story at Slashdot.

Carbon removal technologies, potentially a $250 billion market, are failing to gain traction as buyers remain scarce. The Intergovernmental Panel on Climate Change projects a need for 10 billion metric tons of carbon removals annually by 2050, yet only 175 million tons have been sold to date -- less than 2% of requirements. Microsoft dominates the market, accounting for 35% of all purchases and 76% of engineered removal solutions specifically. The market suffers from significant barriers: unproven technologies, vast price disparities ($80 per ton for forest projects versus $1,000 for direct air capture), and lack of standardization. Industry experts at a recent London gathering concluded that without more buyers willing to accept early adoption risks, the market cannot meaningfully grow.

Read more of this story at Slashdot.

The Karnataka High Court on Tuesday directed India's government to block Switzerland-based email service Proton Mail, citing national security concerns and law enforcement challenges. Justice M Nagaprasanna ordered authorities to initiate proceedings under Section 69A of the Information Technology Act to ban the service, while mandating immediate blocking of "offending URLs" until final decisions are made. The ruling followed a petition from M Moser Design Associates India, which claimed its female employees were targeted with obscene emails containing "AI-generated deepfake images" sent via Proton Mail. Petitioners argued Proton Mail operates servers outside India, making it inaccessible to law enforcement. The court noted several bomb threats to Indian schools were sent using the service, which has already been banned in Russia and Saudi Arabia. Additional Solicitor General Aravind Kamath, representing the government, said authorities would comply with the court's direction.

Read more of this story at Slashdot.

Bitcoin mining has crossed a critical economic threshold, with costs now exceeding market value for most operators. According to data cited by CoinShares, large public mining companies spend over $82,000 to produce a single Bitcoin -- nearly double last quarter's figure -- while smaller operations face even steeper costs of approximately $137,000 per coin. With Bitcoin currently trading around $94,703, the math no longer works for most miners. The economics become particularly challenging in high-electricity-cost regions like Germany, where mining a single coin requires approximately $200,000. Industry analysts suggest larger mining operations are adapting by optimizing energy consumption and positioning their computational infrastructure for alternative uses. These companies can potentially lease their mining setups for other computational tasks during unprofitable mining periods, then resume mining when market conditions improve. For individual miners, however, the era of profitable home operations appears effectively over, as industrial-scale facilities with strategic positioning and optimized technology have fundamentally altered the mining landscape.

Read more of this story at Slashdot.

An anonymous reader shares a report: Reddit's top lawyer, Ben Lee, said the company is considering legal action against researchers from the University of Zurich who ran what he called an "improper and highly unethical experiment" by surreptitiously deploying AI chatbots in a popular debate subreddit. The University of Zurich told 404 Media that the experiment results will not be published and said the university is investigating how the research was conducted. As we reported Monday, researchers at the University of Zurich ran an "unauthorized" and secret experiment on Reddit users in the r/changemyview subreddit in which dozens of AI bots engaged in debates with users about controversial issues. In some cases, the bots generated responses which claimed they were rape survivors, worked with trauma patients, or were Black people who were opposed to the Black Lives Matter movement. The researchers used a separate AI to mine the posting history of the people they were responding to in an attempt to determine personal details about them that they believed would make their bots more effective, such as their age, race, gender, location, and political beliefs.

Read more of this story at Slashdot.

Hackers working for governments were responsible for the majority of attributed zero-day exploits used in real-world cyberattacks last year, per new research from Google. From a report: Google's report said that the number of zero-day exploits -- referring to security flaws that were unknown to the software makers at the time hackers abused them -- had dropped from 98 exploits in 2023 to 75 exploits in 2024. But the report noted that of the proportion of zero-days that Google could attribute -- meaning identifying the hackers who were responsible for exploiting them -- at least 23 zero-day exploits were linked to government-backed hackers. Among those 23 exploits, 10 zero-days were attributed to hackers working directly for governments, including five exploits linked to China and another five to North Korea.

Read more of this story at Slashdot.

A former Disney employee who hacked into the company's servers to alter its restaurant menus, including falsifying allergen information and printing profane language, has been sentenced to three years in prison. From a report: Michael Scheuer, a Florida resident, was sentenced last week in federal court and ordered to pay nearly $690,000 in restitution, with most of that going to Disney. He pled guilty in January to one count of computer fraud and one count of aggravated identity theft. "Scheuer remains remorseful and apologetic to his former co-workers. We are grateful that the judge heard all of our arguments and mitigation when fashioning a sentence that was half of what the government was seeking," said David Haas, Scheuer's lawyer, in a statement to CNN. Scheuer worked as a menu production manager for Disney and was fired last June for misconduct, according to the original complaint. He had access to, and also used, secure internal servers for creating and publishing menus for all of Disney's restaurants as part of his job at the company.

Read more of this story at Slashdot.

An anonymous reader shares a report: Amazon doesn't want to shoulder the blame for the cost of President Donald Trump's trade war. So the e-commerce giant will soon show how much Trump's tariffs are adding to the price of each product, according to a person familiar with the plan. The shopping site will display how much of an item's cost is derived from tariffs -- right next to the product's total listed price. In response, White House press secretary Karoline Leavitt said: This is hostile and political act by Amazon. Why didn't Amazon do this when the Biden administration hiked inflation to the highest level in 40 years? Update: Amazon is considering showing a tariff surcharge on items sold via its site for ultra-low-price items, called Haul, the company said. "This was never a consideration for the main Amazon site and nothing has been implemented on any Amazon properties," the company added.

Read more of this story at Slashdot.

Longtime Slashdot reader me34point5 writes: OpenBSD quietly released the new version (7.7) of its "secure by default" operating system. This is the 58th release. Changes include improved hardware and VMM support, along with many kernel improvements. This release brings several specific improvements, including performance boosts on ARM64, Arm SVE support, AMD SEV virtualization enhancements, better low-memory handling on i386, and improved suspend/hibernate and SMP performance. It also updates graphics drivers with support for AMD Ryzen IA 300, Radeon RX 9070, and Intel Arrow Lake, along with expanded hardware support for MediaTek SoCs. A full list of changes can be found here.

Read more of this story at Slashdot.

The once-celebrated partnership between OpenAI's Sam Altman and Microsoft's Satya Nadella is deteriorating amid fundamental disagreements over computing resources, model access, and AI capabilities, according to WSJ. The relationship that Altman once called "the best partnership in tech" has grown strained as both companies prepare for independent futures. Tensions center on several critical areas: Microsoft's provision of computing power, OpenAI's willingness to share model access, and conflicting views on achieving humanlike intelligence. Altman has expressed confidence OpenAI can build models with humanlike intelligence soon -- a milestone Nadella publicly dismissed as "nonsensical benchmark hacking" during a February podcast. The companies retain significant leverage over each other. Microsoft can block OpenAI's conversion to a for-profit entity, potentially costing the startup billions if not completed this year. Meanwhile, OpenAI's board can trigger contract clauses preventing Microsoft from accessing its most advanced technology. After Altman's brief ouster in 2023 -- dubbed "the blip" within OpenAI -- Nadella pursued an "insurance policy" by hiring DeepMind co-founder Mustafa Suleyman for $650 million to develop competing models. The personal relationship has also cooled, with the executives now communicating primarily through scheduled weekly calls rather than frequent text exchanges.

Read more of this story at Slashdot.

Amazon successfully launched the first 27 satellites for its Project Kuiper internet constellation, kicking off a major effort to compete with Starlink by deploying over 1,600 satellites by mid-2026. It company is investing $10 billion in Kuiper and plans to begin commercial service later this year. CNBC reports: "We had a nice smooth countdown, beautiful weather, beautiful liftoff, and Atlas V is on its way to orbit to take those 27 Kuiper satellites, put them on their way and really start this new era in internet connectivity," Caleb Weiss, a systems engineer at ULA, said on the livestream following the launch. The satellites are expected to separate from the rocket roughly 280 miles above Earth's surface, at which point Amazon will look to confirm the satellites can independently maneuver and communicate with its employees on the ground. [...] In his shareholder letter earlier this month, Amazon CEO Andy Jassy said Kuiper will require upfront investment at first, but eventually the company expects it to be "a meaningful operating income and ROIC business for us." ROIC stands for return on invested capital. Investors will be listening for any commentary around further capex spend on Kuiper when Amazon reports first-quarter earnings after the bell on Thursday. A livestream can be found here.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Wired: Automakers are increasingly pushing consumers to accept monthly and annual fees to unlock preinstalled safety and performance features, from hands-free driving systems and heated seats to cameras that can automatically record accident situations. But the additional levels of internet connectivity this subscription model requires can increase drivers' exposure to government surveillance and the likelihood of being caught up in police investigations. A cache of more than two dozen police records recently reviewed by WIRED show US law enforcement agencies regularly trained on how to take advantage of "connected cars," with subscription-based features drastically increasing the amount of data that can be accessed during investigations. The records make clear that law enforcement's knowledge of the surveillance far exceeds that of the public and reveal how corporate policies and technologies -- not the law -- determine driver privacy. "Each manufacturer has their whole protocol on how the operating system in the vehicle utilizes telematics, mobile Wi-Fi, et cetera," one law enforcement officer noted in a presentation prepared by the California State Highway Patrol (CHP) and reviewed by WIRED. The presentation, while undated, contains statistics on connected cars for the year 2024. "If the vehicle has an active subscription," they add, "it does create more data." The CHP presentation, obtained by government transparency nonprofit Property of the People via a public records request, trains police on how to acquire data based on a variety of hypothetical scenarios, each describing how vehicle data can be acquired based on the year, make, and model of a vehicle. The presentation acknowledges that access to data can ultimately be limited due to choices made by not only vehicle manufacturers but the internet service providers on which connected devices rely. One document notes, for instance, that when a General Motors vehicle is equipped with an active OnStar subscription, it will transmit data -- revealing its location -- roughly twice as often as a Ford vehicle. Different ISPs appear to have not only different capabilities but policies when it comes to responding to government requests for information. Police may be able to rely on AT&T to help identify certain vehicles based on connected devices active in the car but lack the ability to do so when the device relies on a T-Mobile or Verizon network instead. [...] Nearly all subscription-based car features rely on devices that come preinstalled in a vehicle, with a cellular connection necessary only to enable the automaker's recurring-revenue scheme. The ability of car companies to charge users to activate some features is effectively the only reason the car's systems need to communicate with cell towers. The police documents note that companies often hook customers into adopting the services through free trial offers, and in some cases the devices are communicating with cell towers even when users decline to subscribe.

Read more of this story at Slashdot.

Oracle engineers mistakenly triggered a five-day software outage at a number of Community Health Systems hospitals, causing the facilities to temporarily return to paper-based patient records. From a report: CHS told CNBC that the outage involving Oracle Health, the company's electronic health record (EHR) system, affected "several" hospitals, leading them to activate "downtime procedures." Trade publication Becker's Hospital Review reported that 45 hospitals were hit. The outage began on April 23, after engineers conducting maintenance work mistakenly deleted critical storage connected to a key database, a CHS spokesperson said in a statement. The outage was resolved on Monday, and was not related to a cyberattack or other security incident. CHS is based in Tennessee and includes 72 hospitals in 14 states, according to the medical system's website.

Read more of this story at Slashdot.

According to an email posted on Duolingo's LinkedIn, the language learning app will "gradually stop using contractors to do work that AI can handle." Co-founder and CEO Luis von Ahn also said the company will be "AI-first." The Verge reports: According to von Ahn, being "AI-first" means the company will "need to rethink much of how we work" and that "making minor tweaks to systems designed for humans won't get us there." As part of the shift, the company will roll out "a few constructive constraints," including the changes to how it works with contractors, looking for AI use in hiring and in performance reviews, and that "headcount will only be given if a team cannot automate more of their work." von Ahn says that "Duolingo will remain a company that cares deeply about its employees" and that "this isn't about replacing Duos with AI." Instead, he says that the changes are "about removing bottlenecks" so that employees can "focus on creative work and real problems, not repetitive tasks." "AI isn't just a productivity boost," von Ahn says. "It helps us get closer to our mission. To teach well, we need to create a massive amount of content, and doing that manually doesn't scale. One of the best decisions we made recently was replacing a slow, manual content creation process with one powered by AI. Without AI, it would take us decades to scale our content to more learners. We owe it to our learners to get them this content ASAP."

Read more of this story at Slashdot.

Nixplay has dramatically reduced its free cloud storage offering for digital photo frame users from the original 10GB to just 500MB. The previously announced update, which took effect last week, also removed the formerly free ability to sync Google Photos albums. Users whose accounts already exceed the new 500MB limit will find their content "restricted from sharing or viewing" unless they edit their library or purchase a subscription. Nixplay now offers two paid tiers: Nixplay Lite at $19.99 annually for 100GB storage and Nixplay Plus at $29.99 yearly for unlimited storage.

Read more of this story at Slashdot.

OpenAI has upgraded ChatGPT's search tool to include shopping features, allowing users to receive personalized product recommendations, view images and reviews, and access direct purchase links using natural language queries. TechCrunch reports: When ChatGPT users search for products, the chatbot will now offer a few recommendations, present images and reviews for those items, and include direct links to webpages where users can buy the products. OpenAI says users can ask hyper-specific questions in natural language and receive customized results. To start, OpenAI is experimenting with categories including fashion, beauty, home goods, and electronics. OpenAI is rolling out the feature in the default AI model for ChatGPT, GPT-4o, today for ChatGPT Pro, Plus, and Free users, as well as logged-out users around the globe. [...] OpenAI claims its search product is growing rapidly. Users made more than a billion web searches in ChatGPT last week, the company told TechCrunch. OpenAI says it's determining ChatGPT shopping results independently, and notes that ads are not part of this upgrade to ChatGPT search. The shopping results will be based on structured metadata from third parties, such as pricing, product descriptions, and reviews, according to OpenAI. The company won't receive a kickback from purchases made through ChatGPT search. [...] Soon, OpenAI says it will integrate its memory feature with shopping for Pro and Plus users, meaning ChatGPT will reference a user's previous chats to make highly personalized product recommendations. The company previously updated ChatGPT to reference memory when making web searches broadly. However, these memory features won't be available to users in the EU, the U.K., Switzerland, Norway, Iceland, and Liechtenstein.

Read more of this story at Slashdot.