Skip to main content

Arch Linux Malware Incident: Malicious Commits Found in 1,579 Packages

3 weeks 2 days ago
More than 1,500 user-contributed packages in the Arch Linux User Repository "AUR" were infected with malware, reports Phoronix: The last message in the thread over this security incident is noting that Arch Linux developers have deleted all the malicious commits they are aware of. Cited was this list that puts the number of malware-affected packages at 1,579... Even at 1,579 packages listed, that final updated noted, it's a "list containing many (but not all) of the affected packages". Thanks to long-time Slashdot reader couchslug for sharing the report.

Read more of this story at Slashdot.

EditorDavid

OpenAI Investigated By Coalition of America's State Attorneys General

3 weeks 2 days ago
"A coalition of state attorneys general has opened an investigation into OpenAI," reports the Wall Street Journal, citing "people familiar with the matter." OpenAI was served Friday with a subpoena seeking documents related to a broad range of its activities and impact on users, including advertising, user engagement and retention, handling of consumer data and health data, activities related to minors and seniors, deep learning models, model sycophancy and company policies, some of the people said. The subpoena, viewed by The Wall Street Journal, was sent by New York's attorney general.... Earlier this month, Florida became the first state to file a lawsuit against OpenAI and its chief executive, Sam Altman. The lawsuit claims OpenAI and Altman knowingly released an unsafe product and ignored warnings that it could harm users. Florida's Attorney General, James Uthmeier, opened a criminal investigation into OpenAI in April over the role its chatbot played in a mass shooting that killed two people at Florida State University last year. The suspect allegedly turned to ChatGPT as a confidant and sounding board to plan the attack, and the chatbot dispensed advice for his questions... State attorneys general have been scrutinizing OpenAI's competitors in the AI industry as well. In December, a coalition of 42 state attorneys general led by Pennsylvania's Dave Sunday sent a letter to companies including OpenAI, Meta, Anthropic, Google and xAI. In the letter, the Attorneys General demanded safeguards to protect vulnerable users from harmful interactions with chatbots, warning that "developers may be held accountable for the outputs of their GenAI products" for "encouraging an individual to commit a criminal act." "We take the concerns raised by state attorneys general seriously," OpenAI told the Journal in a statement, "and intend to engage constructively with their offices." The article also acknowledges that The Wall Street Journal's parent company "has a content-licensing partnership with OpenAI."

Read more of this story at Slashdot.

EditorDavid