LinuxWebLog.com

An anonymous reader quotes a report from Cyber Press: A newly uncovered Chinese threat group, DarkSpectre, has been linked to one of the most widespread browser-extension malware operations to date, compromising more than 8.8 million users of Chrome, Edge, Firefox, and Opera over the past seven years. According to research by Koi.ai, the group operates three interconnected campaigns: ShadyPanda, GhostPoster, and a newly identified one named The Zoom Stealer, forming a single, strategically organized operation. DarkSpectre's structure differs from that of ordinary cybercrime operations. The group runs separate but interconnected malware clusters, each with distinct goals. The ShadyPanda campaign, responsible for 5.6 million infections, focuses on long-term user surveillance and e-commerce affiliate fraud. Its extensions have appeared legitimate for years, offering new tab pages and translation utilities, before secretly downloading malicious configurations from command-and-control servers such as jt2x.com and infinitynewtab.com. Once activated, they inject remote scripts, hijack search results, and track browsing activity. The second campaign, GhostPoster, spreads via Firefox and Opera extensions that conceal malicious payloads in PNG images via steganography. After lying dormant for several days, the extensions extract and execute JavaScript hidden within images, enabling stealthy remote code execution. This campaign has affected over one million users and relies on domains like gmzdaily.com and mitarchive.info for payload delivery. The most recent discovery, The Zoom Stealer, exposes around 2.2 million users to corporate espionage. These extensions masquerade as productivity tools or video downloaders while secretly harvesting corporate meeting links, credentials, and speaker profiles from more than 28 video conferencing platforms, including Zoom, Microsoft Teams, and Google Meet. The extensions use real-time WebSocket connections to exfiltrate data to Firebase databases, such as zoocorder.firebaseio.com, and to Google Cloud functions, such as webinarstvus.cloudfunctions.net.

Read more of this story at Slashdot.

OpenAI is paying employees more than any major tech startup in history, with average stock-based compensation hitting roughly $1.5 million per worker in 2025. "That is more than seven times higher than the stock-based pay Google disclosed in 2003, before it filed for an initial public offering in 2004," reports the Wall Street Journal. "The $1.5 million is about 34 times the average employee compensation of 18 other large tech companies in the year before they went public." From the report: To keep its lead in the AI race, OpenAI is doling out massive stock compensation packages to top researchers and engineers, making them some of the richest employees in Silicon Valley. The equity awards are inflating the company's heavy operating losses and diluting existing shareholders at a rapid clip. As an AI arms race intensified this summer, frontier labs such as OpenAI faced pressure to increase employee pay after Meta Platforms Chief Executive Mark Zuckerberg began offering pay packages worth hundreds of millions of dollars -- and in some rare cases $1 billion -- to top executives and researchers at rival companies. Zuckerberg's recruiting blitz swept up 20-plus OpenAI personnel, including ChatGPT co-creator Shengjia Zhao. In August, OpenAI gave some of its research and engineering staff a one-time bonus, with some employees receiving millions of dollars, The Wall Street Journal previously reported. The financial data, shared with investors over the summer, shows that OpenAI's stock-based compensation was expected to increase by about $3 billion annually through 2030. The company recently told staff it would discontinue a policy that required employees to work at OpenAI for at least six months before their equity vests. That development could lead to further compensation increases. OpenAI's compensation as a percentage of revenue was set to reach 46% in 2025, the highest of any of the 18 companies except for Rivian, which didn't generate revenue the year before its IPO. Palantir's stock-based compensation equaled 33% of its revenue the year before its IPO in 2020, Google's was 15% and Facebook's was 6%, the analysis shows. On average, each company's stock-based compensation made up about 6% of revenue among tech companies the Journal analyzed in the year before their IPOs, according to the Equilar data.

Read more of this story at Slashdot.

Reuters reports that the United States Department of the Treasury under the Donald Trump administration has lifted sanctions on three executives linked to the spyware firm Intellexa. Reuters reports: The move partially reverses the imposition of sanctions last year by then-President Joe Biden's administration on seven people tied to Intellexa. The Treasury Department at the time described the consortium, opens new tab, launched by former Israeli intelligence official Tal Dilian, as "a complex international web of decentralized companies that built and commercialized a comprehensive suite of highly invasive spyware products." Treasury said in an email that the removal "was done as part of the normal administrative process in response to a petition request for reconsideration." It added that each of the individuals had "demonstrated measures to separate themselves from the Intellexa Consortium." The notice said sanctions were lifted on Sara Hamou, whom the U.S. government accused of providing managerial services to Intellexa, Andrea Gambazzi, whose company was alleged by the U.S. government to have held the distribution rights to the Predator spyware, and Merom Harpaz, described by U.S. officials as a top executive in the consortium.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Guardian: France intends to follow Australia and ban social media platforms for children from the start of the 2026 academic year. A draft bill preventing under-15s from using social media will be submitted for legal checks and is expected to be debated in parliament early in the new year. The French president, Emmanuel Macron, has made it clear in recent weeks that he wants France to swiftly follow Australia's world-first ban on social media platforms for under-16s, which came into force in December. It includes Facebook, Snapchat, TikTok and YouTube. Le Monde and France Info reported on Wednesday that a draft bill was now complete and contained two measures: a ban on social media for under-15s and a ban on mobile phones in high schools, where 15- to 18-year-olds study. Phones have already been banned in primary and middle schools. The bill will be submitted to France's Conseil d'Etat for legal review in the coming days. Education unions will also look at the proposed high-school ban on phones. The government wants the social media ban to come into force from September 2026. Le Monde reported the text of the draft bill cited "the risks of excessive screen use by teenagers," including the dangers of being exposed to inappropriate social media content, online bullying, and altered sleep patterns. The bill states the need to "protect future generations" from dangers that threaten their ability to thrive and live together in a society with shared values. Earlier this month, Macron confirmed at a public debate in Saint Malo that he wanted a social media ban for young teenagers. He said there was "consensus being shaped" on the issue after Australia introduced its ban. "The more screen time there is, the more school achievement drops the more screen time there is, the more mental health problems go up," he said. He used the analogy of a teenager getting into a Formula One racing car before they had learned to drive. "If a child is in a Formula One car and they turn on the engine, I don't want them to win the race, I just want them to get out of the car. I want them to learn the highway code first, and to ensure the car works, and to teach them to drive in a different car."

Read more of this story at Slashdot.

New Jersey has found its answer to the relentless flooding that has plagued the state's coastal and inland communities for decades: buy the homes, demolish them and turn the land back into open space permanently. The state's Blue Acres program has acquired some 1,200 properties since 1995, spending more than $234 million in federal and state funds to pay fair market value to homeowners exhausted by repeated floods from tropical storms, nor'easters, and heavy rain. A Georgetown Climate Center report this month called the program a national model, crediting its success to faster processing than federal buyout programs, stable state funding and case managers who guide each homeowner through the process. The demolished homes become grass lots that absorb rainwater far better than concrete and asphalt. Manville, a borough of 11,000 at the confluence of two rivers about 25 miles southwest of Newark, has sold 120 homes to the state for roughly $22 million between 2015 and 2024. Another 53 buyouts are underway there. The need for such programs is only growing. Sea levels along the New Jersey coast rose about 1.5 feet over the past century -- more than double the global rate -- and a Rutgers study predicts a further increase of 2.2 to 3.8 feet by 2100. A November report from the Natural Resources Defense Council noted that billions in previously approved FEMA resilience grants have already been cancelled, making state-run initiatives like Blue Acres increasingly essential.

Read more of this story at Slashdot.

An anonymous reader shares a report: Getting to space is hard. In many ways, getting back is even harder. NASA soon aims to pull off the kind of re-entry it last conducted more than 50 years ago: safely returning astronauts to Earth after they fly to the moon and back. The mission is a big moment for NASA, which will put a crew on its Orion ship for the first time. The flight will test the spacecraft's heat shield, designed to protect the astronauts on board. Re-entries of vehicles from orbit remain one of the high-stakes parts of any human spaceflight, given the stress they put on spacecraft. In 2003, NASA's Columbia Space Shuttle broke apart as it came back from low-Earth orbit due to a breach on the vehicle that occurred during launch. All seven astronauts on board were killed. Orion will be coming back to Earth from much further away than low-Earth orbit, where all recent human spaceflights have been conducted. That means its velocity and the energy it needs to disperse will be greater, putting even more stress on the heat shield. During a test flight in 2022 that didn't include astronauts, Orion's heat shield didn't perform as expected. That sparked worries about crew safety on future missions, prompting NASA to investigate and address what happened. NASA will launch Orion with the astronauts on board as soon as February. [...] When the vehicle initially re-enters the Earth's atmosphere, it will be traveling around 25,000 miles an hour and face temperatures of 5,000 degrees as it slows down. The Orion craft, developed by Lockheed Martin for NASA, has a shield that is almost 17 feet in diameter. Installed on the vehicle's underside, the shield is covered in what is called an "ablative" material, which is designed to shift heat away from the craft during re-entry by burning off in a controlled manner.

Read more of this story at Slashdot.

JPMorgan Chase is now fighting to avoid paying $10.2 million in disputed legal charges racked up by Charlie Javice, the convicted founder of student-finance startup Frank, after court filings revealed her defense team billed more than $5 million simply for attending her fraud trial -- including on days when court wasn't even in session. A previously sealed Delaware court filing [PDF] released Monday showed that Javice's total legal tab has reached $74 million, far exceeding the $30 million Elizabeth Holmes spent defending herself in the Theranos case. JPMorgan claims the five law firms representing Javice operated under the mindset that "someone else is paying her bills." The bank's filing focused on Quinn Emanuel and Mintz Levin, the two largest firms on Javice's defense. JPMorgan said Javice had between 16 and 29 lawyers and legal staff present every day of her six-week trial, billing an average of $360,000 daily. No more than four lawyers had speaking roles. Among the 2,377 pages of receipts submitted for March: a Cookie Monster toddler's toy, lavender and jasmine sachets, 57 hotel room upgrades at $300 per night, and a $900 meal at Koloman, a highly rated New York restaurant. A New York jury found Javice guilty in March of misleading JPMorgan into acquiring Frank for $175 million by fabricating millions of fake users. She was sentenced in September to seven years in prison but remains free on bail pending her appeal.

Read more of this story at Slashdot.

The fight over net neutrality saw another turbulent year in 2025, as federal protections that seemed poised for a comeback in 2024 were first struck down by a court and then preemptively removed by the Trump administration's FCC without a chance for public comment. The removal, The Verge summarizes in a report, was part of Chairman Brendan Carr's "Delete, Delete, Delete" initiative targeting what the agency deems unnecessary regulations. Federal net neutrality rules have now been on and off for 15 years, passing under Obama in 2010, returning in 2015, getting overturned in 2017, and briefly revived in 2024 before courts struck them down again. Matt Wood, vice president of policy and general counsel at nonprofit Free Press, told The Verge that ISPs often feel little financial impact from these rules. "A lot of their complaints about the supposed 'burdens' from these rules are really just ideological in nature," Wood said. States have filled the void. California's 2018 law remains the nation's gold standard, and Maine passed a bipartisan bill in June. John Bergmayer, legal director at Public Knowledge, said state-level laws and the threat of new ones "has kept some of the worst outcomes in check." The National Telecommunications and Information Administration is now pressuring states to exempt ISPs from net neutrality laws to remain eligible for broadband infrastructure funding. Chao Jun Liu of the Electronic Frontier Foundation summed up the year's pattern: "ISPs just want to do whatever they want to do with no limits and nobody telling them how to do it."

Read more of this story at Slashdot.

A large-scale study tracking more than 27,500 middle-aged and elderly people over roughly nine years has found that poor sleep quality is associated with accelerated brain aging, and chronic inflammation appears to be one of the key mechanisms driving this effect. Researchers at Sweden's Karolinska Institute assessed participants' sleep across five dimensions -- chronotype, duration, insomnia, snoring and daytime sleepiness -- and later scanned their brains using MRI to estimate biological brain age through machine learning models. The results? For every point decrease in healthy sleep score, the gap between brain age and chronological age widened by approximately six months. Those in the poorest sleep category had brains that appeared roughly one year older than their actual age. Night-owl tendencies, sleep duration outside the 7-8 hour sweet spot and snoring were particularly strongly linked to brain aging. The researchers measured low-grade inflammation using biomarkers including C-reactive protein levels and white blood cell counts. Inflammation accounted for more than 10% of the association between poor sleep patterns and brain aging. The glymphatic system, which clears waste from the brain primarily during sleep, may also play a role, the research added.

Read more of this story at Slashdot.

Another year wraps up, and with it comes the annual ritual of taking stock. What were the movies, TV shows and books from this year that stood out to you? Not necessarily the ones that dominated conversation or topped charts, but the ones you found yourself recommending to friends, or returning to for a second watch or read. Share your picks and, if you're inclined, a line or two on what made them stick.

Read more of this story at Slashdot.

Colossal Biosciences, the Texas-based startup now valued at more than $10 billion that has attracted investments from Paris Hilton, Peter Jackson and Tom Brady, claimed earlier this year to have resurrected the dire wolf -- an animal that disappeared at the end of the last ice age -- but a group of leading canid experts concluded the company had done no such thing. The scientists found that Colossal had made 20 edits to the DNA of grey wolves and the resulting animals did not substantially differ from wolves currently roaming North America. Beth Shapiro, Colossal's own chief scientist, acknowledged to New Scientist: "It's not possible to bring something back that is identical to a species that used to be alive. Our animals are grey wolves with 20 edits that are cloned." Nic Rawlence, director of the palaeogenetics laboratory at the University of Otago in New Zealand, added: "Rather than true de-extinction, Colossal's attempts are genetically engineered poor copies at best, passed off as the real deal." The company has nevertheless pressed forward. It has launched projects to revive the Tasmanian tiger, the dodo, and the moa and plans to unveil its interpretation of the woolly mammoth -- a genetically modified Asian elephant adapted to survive at -40C -- in the coming years. The Trump administration cited the dire wolf announcement while making efforts to cut the US endangered species list, calling de-extinction technology a potential "bedrock for modern species conservation."

Read more of this story at Slashdot.

Starting in July 2026, every public school district in California will be required to have policies on the books that restrict or prohibit students from using smartphones during the school day, thanks to Assembly Bill 3216 that Governor Gavin Newsom signed into law back in 2024. The legislation also mandates that districts update these policies every five years. Newsom had previously signed related legislation in 2019, though that earlier law merely affirmed that school districts have the authority to regulate smartphone use rather than requiring them to do so.

Read more of this story at Slashdot.

Finnish authorities on Wednesday seized a vessel suspected of severing an undersea telecommunications cable that connects Helsinki to Tallinn by dragging its anchor across the Gulf of Finland, the latest in a string of infrastructure incidents that have put Baltic Sea nations on edge since Russia's 2022 invasion of Ukraine. Police are investigating the case as aggravated criminal damage and have not disclosed the ship's name, nationality or details about its crew. The cable belongs to Finnish telecoms group Elisa. Estonia's justice ministry reported that a second telecoms cable connecting the two countries -- owned by Sweden's Arelion -- also went down on Wednesday. This follows Finland's December 2024 boarding of the Russian-linked oil tanker Eagle S, which investigators said damaged a power cable and multiple telecoms links using the same anchor-dragging method. A Finnish court in October dismissed criminal charges against the Eagle S crew after prosecutors failed to prove intent.

Read more of this story at Slashdot.

China's Commerce Ministry on Wednesday demanded that the Netherlands "immediately correct its mistakes" over chipmaker Nexperia, escalating a standoff that has disrupted global semiconductor supply chains and triggered warnings from automakers about component shortages. The Dutch government in September invoked a Cold War-era law to effectively seize control of the Chinese-owned chipmaker, reportedly after the United States raised security concerns. China responded by blocking Nexperia products from leaving the country. Nexperia manufactures billions of foundation chips -- transistors, diodes and power management components -- that are produced in Europe, assembled and tested in China, and then re-exported to customers worldwide. These low-tech, inexpensive chips are essential in almost every device that uses electricity, from car braking systems and airbag controllers to electric windows and entertainment systems. The Commerce Ministry spokesperson said the Netherlands "remains indifferent and stubbornly insists on its own way, showing absolutely no responsible attitude towards the security of the global semiconductor supply chain." Dutch Economy Minister Vincent Karremans has repeatedly defended the intervention. Auto industry groups have warned that disruptions have not been fundamentally resolved. Japan's Nissan and German supplier Bosch have flagged looming shortages, and the German Association of the Automotive Industry warned of elevated supply risks "particularly for the first quarter" of 2026.

Read more of this story at Slashdot.

The U.S. has surpassed 2,000 measles cases for the first time in more than 30 years, according to data from the Centers for Disease Control and Prevention. From a report: As of Dec. 23, a total of 2,012 cases have been reported in the U.S. Of those cases, 24 were reported among international visitors to the U.S.

Read more of this story at Slashdot.

Longtime Slashdot reader ptorrone writes: The January 1, 2026, NYC mayoral inauguration prohibits attendees from bringing specific brand-name devices, explicitly banning Raspberry Pi single-board computers and the Flipper Zero, listed alongside weapons, explosives, and drones. Rather than restricting behaviors or capabilities like signal interference or unauthorized transmitters, the policy names two widely used educational and testing tools while allowing smartphones and laptops that are far more capable. Critics argue this device-specific ban creates confusion, encourages selective enforcement, and reflects security theater rather than a clear, capability-based public safety framework. New York has handled large-scale events more pragmatically before.

Read more of this story at Slashdot.

PostNord is ending letter delivery in Denmark after a 90%+ collapse in mail volume. It marks the first known case of a national postal carrier abandoning letters entirely -- a symbolic milestone of a fully digitized society that's sparking nostalgia even among people who stopped sending mail years ago. The New York Times reports: Denmark has had a postal service for more than 400 years. But a steep decline in its use has led the Nordic country's longtime postal carrier to stop letter deliveries entirely, a change taking effect on Tuesday. Danes have seen it coming for months: The carrier, PostNord, has been removing its red mailboxes, once a ubiquitous public fixture. The disappearance of the mailboxes is "what actually made people emotional," said Julia Lahme, a trend researcher and the director of Lahme, a Danish communications agency, "even though most of them hadn't sent a letter in 18 months." Letter writing in the country has declined by more than 90 percent since 2000, according to PostNord, which is owned jointly by the Danish and Swedish governments. Next year, in Denmark, it will only deliver packages, although in Sweden it will continue to deliver letters. The change comes partly as a result of a drop-off in government mail. Denmark is one of the world's most digitized countries. Only 250,000 people, or less than 5 percent of the population, still receive their official communications in the mail. "People simply do not rely on physical letters the way they used to," Andreas Brethvad, the communications director of PostNord Denmark, said in an emailed statement. He said that because nine in 10 Danes shop online each month, the change "is about keeping up with times to meet the demands of society. It's a natural evolution." The report notes that snail mail lovers will still be able to send and receive letters through Dao, a private company. "While some Danes are quietly mourning a service that, for the most part, they had largely stopped using, the transition feels like a sign of the times," reports the Times.

Read more of this story at Slashdot.

Israel has operationally deployed Iron Beam, a 100,000-watt laser air-defense system capable of shooting down drones, rockets, and mortars at negligible per-shot cost. According to Tom's Hardware, it marks the first real-world deployment of a high-energy laser as part of a modern, multi-layered missile defense network. From the report: The Iron Beam is a short-range line-of-sight laser interceptor that is extremely cheap to run and, therefore, perfectly suited for intercepting low-cost, high-volume threats. According to the official Israeli announcement, Iron Beam systems have "successfully intercepted rockets, mortars, and UAVs." A complex mix of government, military, scientific, and commercial interests were responsible for the research and development of the Iron Beam laser system. Central to the Iron Beam are "an advanced laser source and a unique electro-optical targeting system, enabling the interception of a wide range of targets at an enhanced operational range, with maximum precision and superior efficiency," boasted the press release by Israel's MoD. Moreover, it works "at a negligible marginal cost, which constitutes the laser system's primary advantage." We don't get much more by way of technical details, perhaps understandably. However, Rafael Advanced Defense Systems execs heralded the system's "unique adaptive optics technology," in what it calls "the world's most advanced laser-based system for intercepting aerial threats." Its operational debut "marks the beginning of the era of high-energy laser defense," they claimed.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: South Africans ... have found a remedy for power cuts that have plagued people in the developing world for years. Thanks to swiftly falling prices of Chinese made solar panels and batteries, they now draw their power from the sun. These aren't the tiny, old-school solar lanterns that once powered a lightbulb or TV in rural communities. Today, solar and battery systems are deployed across a variety of businesses -- auto factories and wineries, gold mines and shopping malls. And they are changing everyday life, trade and industry in Africa's biggest economy. This has happened at startling speed. Solar has risen from almost nothing in 2019 to roughly 10 percent of South Africa's electricity-generating capacity. No longer do South Africans depend entirely on giant coal-burning plants that have defined how people worldwide got their electricity for more than a century. That's forcing the nation's already beleaguered electric utility to rethink its business as revenues evaporate. Joel Nana, a project manager with Sustainable Energy Africa, a Cape Town-based organization, called it "a bottom-up movement" to sidestep a generations-old problem. "The broken system is unreliable electricity, expensive electricity or no electricity at all," he said. "We've been living in this situation forever." What's happening in South Africa is repeating across the continent. Key to this shift: China's ambition to lead the world in clean energy. The report says that more than 7 gigawatts of solar capacity have been installed in South Africa over the past five years -- about 1/10 of the country's total installed capacity (55 GW). And most of this new solar capacity is privately owned and installed by households and businesses rather than utilities. Across the continent, Chinese solar imports rose 50% in the first 10 months of 2025. Cheap Chinese solar is rapidly reshaping Africa's energy landscape from the bottom up but it's also shifting geopolitical influence, hollowing out local manufacturing opportunities, and deepening divides between those who can afford energy independence and those who can't. "The solar surge does little to address the most pressing social and economic problems of developing countries like South Africa, the need to generate new jobs for millions of young citizens," reports the NYT. "Installation labor is local, but the panels and batteries are almost all made in China." Further reading: Why Solarpunk Is Already Happening In Africa

Read more of this story at Slashdot.

In an opinion piece for Computerworld, columnist Steven Vaughan-Nichols argues that restrictive visa policies and a hostile border climate under the Trump administration are driving foreign tech workers, researchers, and conference speakers away from the U.S. The result, he says, is a gradual shift of talent, events, and long-term innovation toward more welcoming regions such as Europe, Canada, and Asia. From the report: I go to a lot of tech conferences -- 13 in 2025 -- and many of those I attend are outside the U.S.; several are in London, one is in Amsterdam, another in Paris, and two in Tokyo. Wherever I went this past year, when we weren't talking about AI, Linux, the cloud, or open-source software, the top non-tech topic for non-Americans involved the sweeping changes that have occurred since President Donald J. Trump returned to office last January. The conversations generally ended with something like this: "I'm not taking a job or going to a conference in the United States." Honestly, who can blame them? Under Trump, America now has large "Keep Out!" and "No Trespassing!" signs effectively posted. I've known several top tech people who tried to come to the U.S. for technology shows with proper visas and paperwork, but were still turned away at the border. Who wants to fly for 8+ hours for a conference, only to be refused entry at the last minute, and be forced to fly back? I know many of the leading trade show organizers, and it's not just me who's seeing this. They universally agree that getting people from outside the States to agree to come to the U.S. is increasingly difficult. Many refuse even to try to come. As a result, show managers have begun to close U.S.-based events and are seeking to replace them with shows in Europe, Canada, and Asia. [...] Once upon a time, everyone who was anyone in tech was willing to uproot their lives to come to the U.S. Here, they could make a good living. They could collaborate, publish, and build companies in jurisdictions that welcome them, and meet their peers at conferences. Now, they must run a gauntlet at the U.S. border and neither a green card nor U.S. citizenship guarantees they won't be abused by the federal government. Trump's America seems bound and determined to become a second-rate tech power. His administration can loosen all the restrictions it wants on AI, but without top global talent, U.S. tech prowess will decline. That's not good for America, the tech industry or the larger world.

Read more of this story at Slashdot.