Two Virginia brothers Muneeb and Sohaib Akhter, previously convicted of hacking the U.S. State Department, were rehired as federal contractors and are now charged with conspiring to steal sensitive data and destroy government databases after being fired. "Following the termination of their employment, the brothers allegedly sought to harm the company and its U.S. government customers by accessing computers without authorization, issuing commands to prevent others from modifying the databases before deletion, deleting databases, stealing information, and destroying evidence of their unlawful activities," the Justice Department said in a Wednesday press release. BleepingComputer reports: According to court documents, Muneeb Akhter deleted roughly 96 databases containing U.S. government information in February 2025, including Freedom of Information Act records and sensitive investigative documents from multiple federal agencies. One minute after deleting a Department of Homeland Security database, Muneeb Akhter also allegedly asked an artificial intelligence tool for instructions on clearing system logs after deleting a database.

The two defendants also allegedly ran commands to prevent others from modifying the targeted databases before deletion, and destroyed evidence of their activities. The prosecutors added that both men wiped company laptops before returning them to the contractor and discussed cleaning out their house in anticipation of a law enforcement search. The complaint also claims that Muneeb Akhter stole IRS information from a virtual machine, including federal tax data and identifying information for at least 450 individuals, and stole Equal Employment Opportunity Commission information after being fired by the government contractor.

Muneeb Akhter has been charged with conspiracy to commit computer fraud and destroy records, two counts of computer fraud, theft of U.S. government records, and two counts of aggravated identity theft. If found guilty, he faces a minimum of two years in prison for each aggravated identity theft count, with a maximum of 45 years on other charges. His brother, Sohaib, is charged with conspiracy to commit computer fraud and password trafficking, facing a maximum penalty of six years if convicted.

An anonymous reader quotes a report from the Conversation, written by authors Adrian R. Bell, Anne Curry, and Jason Sadler: When you picture medieval warfare, you might think of epic battles and famous monarchs. But what about the everyday soldiers who actually filled the ranks? Until recently, their stories were scattered across handwritten manuscripts in Latin or French and difficult to decipher. Now, our online database makes it possible for anyone to discover who they were and how they lived, fought and travelled. To shed light on the foundations of our armed services -- one of England's oldest professions -- we launched the Medieval Soldier Database in 2009. Today, it's the largest searchable online database of medieval nominal data in the world. It contains military service records giving names of soldiers paid by the English Crown. It covers the period from 1369 to 1453 and many different war zones.

We created the database to challenge assumptions about the lack of professionalism of soldiers during the hundred years war and to show what their careers were really like. In response to the high interest from historians and the public (the database has 75,000 visitors per month), the resource has recently been updated. It is now sustainably hosted by GeoData, a University of Southampton research institute. We have recently added new records, taking the dataset back to the late 1350s, meaning it now contains almost 290,000 entries. [...] We hope the database will continue to grow and go on providing answers to questions about our shared military heritage. We are sure that it will unlock many previously untold stories of soldier ancestors.

A gauge of risk on Oracle debt "reached a three-year high in November," reports Bloomberg.

"And things are only going to get worse in 2026 unless the database giant is able to assuage investor anxiety about a massive artificial intelligence spending spree, according to Morgan Stanley." A funding gap, swelling balance sheet and obsolescence risk are just some of the hazards Oracle is facing, according to Lindsay Tyler and David Hamburger, credit analysts at the brokerage.

The cost of insuring Oracle's debt against default over the next five years rose to 1.25 percentage point a year on Tuesday, according to ICE Data Services. The price on the five-year credit default swaps is at risk of toppling a record set in 2008 as concerns over the company's borrowing binge to finance its AI ambitions continue to spur heavy hedging by banks and investors, they warned in a note Wednesday. The CDS could break through 1.5 percentage point in the near term and could approach 2 percentage points if communication around its financing strategy remains limited as the new year progresses, the analysts wrote. Oracle CDS hit a record 1.98 percentage point in 2008, ICE Data Services shows...

"Over the past two months, it has become more apparent that reported construction loans in the works, for sites where Oracle is the future tenant, may be an even greater driver of hedging of late and going forward," wrote the analysts... Concerns have also started to weigh on Oracle's stock, which the analysts said may incentivize management to outline a financing plan on the upcoming earnings call...
Thanks to Slashdot reader Bruce66423 for sharing the article.

Researchers at the Pacific Institute documented 420 water-related conflicts globally in 2024, a record that far surpasses the 355 incidents logged in 2023 and continues a trend that has seen such violence more than quadruple over the past five years. The Oakland-based water think tank's database tracks disputes where water triggered violence, where water systems were targeted, and where infrastructure became collateral damage in broader conflicts.

The Middle East reported the most incidents at 138, including 66 tied to the Israeli-Palestinian conflict. The Israeli military destroyed more than 30 wells in Rafah and Khan Yunis, and there were numerous reports of settlers destroying pipelines and tanks in the West Bank. The Russia-Ukraine war accounted for 51 incidents, including strikes that disrupted water service in Ukrainian cities.

An anonymous reader shared this report from Sky News: A new wind record has been set for Britain, with enough electricity generated from turbines to power 22 million homes, the system operator has said.

The mark of 22,711 megawatts (MW) was set at 7.30pm on 11 November... enough to keep around three-quarters of British homes powered, the National Energy System Operator (Neso) said. The country had experienced windy conditions, particularly in the north of England and Scotland...

Neso has predicted that Britain could hit another milestone in the months ahead by running the electricity grid for a period entirely with zero carbon power, renewables and nuclear... Neso said wind power is now the largest source of electricity generation for the UK, and the government wants to generate almost all of the UK's electricity from low-carbon sources by 2030.
"Wind accounted for 55.7 per cent of Britain's electricity mix at the time..." reports The Times: Gas provided only 12.5 per cent of the mix, with 11.3 per cent coming from imports over subsea power cables, 8 per cent from nuclear reactors, 8 per cent from biomass plants, 1.4 per cent from hydroelectric plants and 1.1 per cent from storage.

Britain has about 32 gigawatts of wind farms installed, approximately half of that onshore and half offshore, according to the Wind Energy Database from the wind industry body Renewable UK. That includes five of the world's biggest offshore wind farms. The government is seeking to double onshore wind and quadruple offshore wind power by 2030 as part of its plan for clean energy....

Jane Cooper, deputy chief executive of Renewable UK, said: "On a cold, dark November evening, wind was generating enough electricity to power 80 per cent of British homes when we needed it most.

A California judge has shut down a decade-long surveillance program in which Sacramento's utility provider shared granular smart-meter data on 650,000 residents with police to hunt for cannabis grows. The EFF reports: The Sacramento County Superior Court ruled that the surveillance program run by the Sacramento Municipal Utility District (SMUD) and police violated a state privacy statute, which bars the disclosure of residents' electrical usage data with narrow exceptions. For more than a decade, SMUD coordinated with the Sacramento Police Department and other law enforcement agencies to sift through the granular smart meter data of residents without suspicion to find evidence of cannabis growing. EFF and its co-counsel represent three petitioners in the case: the Asian American Liberation Network, Khurshid Khoja, and Alfonso Nguyen. They argued that the program created a host of privacy harms -- including criminalizing innocent people, creating menacing encounters with law enforcement, and disproportionately harming the Asian community.

The court ruled that the challenged surveillance program was not part of any traditional law enforcement investigation. Investigations happen when police try to solve particular crimes and identify particular suspects. The dragnet that turned all 650,000 SMUD customers into suspects was not an investigation. "[T]he process of making regular requests for all customer information in numerous city zip codes, in the hopes of identifying evidence that could possibly be evidence of illegal activity, without any report or other evidence to suggest that such a crime may have occurred, is not an ongoing investigation," the court ruled, finding that SMUD violated its "obligations of confidentiality" under a data privacy statute. [...]

In creating and running the dragnet surveillance program, according to the court, SMUD and police "developed a relationship beyond that of utility provider and law enforcement." Multiple times a year, the police asked SMUD to search its entire database of 650,000 customers to identify people who used a large amount of monthly electricity and to analyze granular 1-hour electrical usage data to identify residents with certain electricity "consumption patterns." SMUD passed on more than 33,000 tips about supposedly "high" usage households to police. [...] Going forward, public utilities throughout California should understand that they cannot disclose customers' electricity data to law enforcement without any "evidence to support a suspicion" that a particular crime occurred.

Cloudflare suffered its worst network outage in six years on Tuesday, beginning at 11:20 UTC. The disruption prevented the content delivery network from routing traffic for roughly three hours. The failure, writes Cloudflare in a blog post, originated from a database permissions change deployed at 11:05 UTC. The modification altered how a database query returned information about bot detection features. The query began returning duplicate entries. A configuration file used to identify automated traffic doubled in size and spread across the network's machines. Cloudflare's traffic routing software reads this file to distinguish bots from legitimate users. The software had a built-in limit of 200 bot detection features. The enlarged file contained more than 200 entries. The software crashed when it encountered the unexpected file size.

Users attempting to access websites behind Cloudflare's network received error messages. The outage affected multiple services. Turnstile security checks failed to load. The Workers KV storage service returned elevated error rates. Users could not log into Cloudflare's dashboard. Access authentication failed for most customers.

Engineers initially suspected a coordinated attack. The configuration file was automatically regenerated every five minutes. Database servers produced either correct or corrupted files during a gradual system update. Services repeatedly recovered and failed as different versions of the file circulated. Teams stopped generating new files at 14:24 UTC and manually restored a working version. Most traffic resumed by 14:30 UTC. All systems returned to normal at 17:06 UTC.

An anonymous reader shares a report: Lawyers from the American Civil Liberties Union (ACLU) and Electronic Frontier Foundation (EFF) sued the city of San Jose, California over its deployment of Flock's license plate-reading surveillance cameras, claiming that the city's nearly 500 cameras create a pervasive database of residents movements in a surveillance network that is essentially impossible to avoid.

The lawsuit was filed on behalf of the Services, Immigrant Rights & Education Network and Council on American-Islamic Relations, California, and claims that the surveillance is a violation of California's constitution and its privacy laws. The lawsuit seeks to require police to get a warrant in order to search Flock's license plate system. The lawsuit is one of the highest profile cases challenging Flock; a similar lawsuit in Norfolk, Virginia seeks to get Flock's network shut down in that city altogether.

"San Jose's ALPR [automatic license plate reader] program stands apart in its invasiveness," ACLU of Northern California and EFF lawyers wrote in the lawsuit. "While many California agencies run ALPR systems, few retain the locations of drivers for an entire year like San Jose. Further, it is difficult for most residents of San Jose to get to work, pick up their kids, or obtain medical care without driving, and the City has blanketed its roads with nearly 500 ALPRs."

An anonymous reader shares a report: The IRS accessed a database of hundreds of millions of travel records, which show when and where a specific person flew and the credit card they used, without obtaining a warrant, according to a letter signed by a bipartisan group of lawmakers and shared with 404 Media. The country's major airlines, including Delta, United Airlines, American Airlines, and Southwest, funnel customer records to a data broker they co-own called the Airlines Reporting Corporation (ARC), which then sells access to peoples' travel data to government agencies.

The IRS case in the letter is the clearest example yet of how agencies are searching the massive trove of travel data without a search warrant, court order, or similar legal mechanism. Instead, because the data is being sold commercially, agencies are able to simply buy access. In the letter addressed to nine major airlines, the lawmakers urge them to shut down the data selling program. Update: after this piece was published, ARC said it already planned to shut down the program.

"Disclosures made by the IRS to Senator Wyden confirm that it did not follow federal law and its own policies in purchasing airline data from ARC," the letter reads. The letter says the IRS "confirmed that it did not conduct a legal review to determine if the purchase of Americans' travel data requires a warrant."

Michael Burry, the investor made famous for his bet against the US housing market ahead of the 2008 financial crisis, is closing his hedge fund [non-paywalled source] as he warned that market valuations had become unhinged from fundamentals. From a report: Scion Asset Management this week terminated its registration with US securities regulators, according to a Securities and Exchange Commission database. Burry told investors that he would "liquidate the funds and return capital -- but for a small audit/tax holdback -- by year's end," according to two people with direct knowledge of a letter he sent to investors.

"My estimation of value in securities is not now, and has not been for some time, in sync with the markets," said the letter, which was dated October 27. The move to close Scion comes as some investors have become concerned that markets are trading at frothy levels after years of strong returns. Those jitters flared up on Thursday, with the tech-heavy Nasdaq Composite sliding nearly 2%. Still, the big gains for tech stocks this year, driven by hopes that artificial intelligence will transform business and society, have left valuations at lofty heights compared with their average in recent years.

Tim Berners-Lee thinks AI will help the web, not destroy it. The inventor of the World Wide Web has spent years warning about platform concentration and social media's corrosive effects, but he views AI differently. AI has accomplished what his Semantic Web project could not. The technology extracts structured data from websites regardless of how the information was formatted. Berners-Lee spent decades trying to convince database owners to make their systems machine-readable voluntarily. AI companies simply took the data anyway. They achieved the machine-readable internet through extraction rather than cooperation, but the result is the same.

Berners-Lee also weighed in on the growing browser competition in the market. OpenAI released Atlas a few weeks ago. Perplexity has launched Comet. Google has expanded AI features in Chrome. All these browsers run on Chromium, which Berners-Lee acknowledges is not ideal, but conceded that browser engines are expensive to build. He thinks Apple's decision to restrict iPhones to WebKit prevents web apps from competing with native apps.

The nonprofit Dust-to-Digital Foundation is making thousands of historic songs accessible to the public for free through a new partnership with the University of California, Santa Barbara. The songs represent "some of the rarest and most uniquely American music borne from the Jazz Age and the Great Depression," according to the university, and classic blues recordings or tracks by Fiddlin' John Carson and his daughter Moonshine Kate "would have likely been lost to landfills and faded from memory."

Launched in 1999 by Lance and April Ledbetter, Dust-to-Digital focused on preserving hard-to-find music. Originally a commercial label producing high-quality box sets (along with CDs, records, and books), it established a nonprofit foundation in 2010, working closely with collectors to digitize and preserve record collections. And there's an interesting story about how they became familiar with library curator David Seubert... Once a relationship is established, Dust-to-Digital sets up special turntables and laptops in a collector's home, with paid technicians painstakingly digitizing and labeling each record, one song at a time. Depending on the size of the collection, the process can take months, even years... In 2006, they heard about Seubert's Cylinder Preservation and Digitization Project getting "slashdotted," a term that describes when a website crashes or receives a sudden and debilitating spike in traffic after being mentioned in an article on Slashdot.
Here in 2025, the university's library already has over 50,000 songs in a Special Research Collections, which they've been uploading it to a Discography of American Historical Recordings (DAHR) database. ("Recordings in the public domain are also available for free download, in keeping with the UCSB Library's mission for open access.") Over 5,000 more songs from Dust-to-Digital have already been added, says library curator Seubert, and "Thousands more are in the pipeline."

One interest detail? The bulk of the new songs come from Joe Bussard, a man whose 75-year obsession with record collecting earned him the name "the king of the record collectors and "the saint of 78s".

"According to court filings and interviews with lawyers and scholars, the legal profession in recent months has increasingly become a hotbed for AI blunders," reports the New York Times: Earlier this year, a lawyer filed a motion in a Texas bankruptcy court that cited a 1985 case called Brasher v. Stewart. Only the case doesn't exist. Artificial intelligence had concocted that citation, along with 31 others. A judge blasted the lawyer in an opinion, referring him to the state bar's disciplinary committee and mandating six hours of A.I. training.

That filing was spotted by Robert Freund, a Los Angeles-based lawyer, who fed it to an online database that tracks legal A.I. misuse globally. Mr. Freund is part of a growing network of lawyers who track down A.I. abuses committed by their peers, collecting the most egregious examples and posting them online. The group hopes that by tracking down the A.I. slop, it can help draw attention to the problem and put an end to it... [C]ourts are starting to map out punishments of small fines and other discipline. The problem, though, keeps getting worse. That's why Damien Charlotin, a lawyer and researcher in France, started an online database in April to track it.

Initially he found three or four examples a month. Now he often receives that many in a day. Many lawyers... have helped him document 509 cases so far. They use legal tools like LexisNexis for notifications on keywords like "artificial intelligence," "fabricated cases" and "nonexistent cases." Some of the filings include fake quotes from real cases, or cite real cases that are irrelevant to their arguments. The legal vigilantes uncover them by finding judges' opinions scolding lawyers...

Court-ordered penalties "are not having a deterrent effect," said Freund, who has publicly flagged more than four dozen examples this year. "The proof is that it continues to happen."

Mark Zuckerberg opened an unlicensed school named after the family's pet chicken -- and it was the final straw for his neighbors, writes Slashdot reader joshuark, citing a report from Wired. The magazine obtained 1,665 pages of documents about the neighborhood dispute -- "including 311 records, legal filings, construction plans, and emails." Here are excerpts from the report: The documents reveal that the school may have been operating as early as 2021 without a permit to operate in the city of Palo Alto. As many as 30 students might have enrolled, according to observations from neighbors. [...] Over time, neighbors became fed up with what they argued was the city's lack of action, particularly with respect to the school. Some believed that the delay was because of preferential treatment to the Zuckerbergs. "We find it quite remarkable that you are working so hard to meet the needs of a single billionaire family while keeping the rest of the neighborhood in the dark," reads one email sent to the city's Planning and Development Services Department in February. "Just as you have not earned our trust, this property owner has broken many promises over the years, and any solution which depends on good faith behavioral changes from them is a failure from the beginning." [...]

In order for the Zuckerbergs to run a private school on their land, which is in a residential zone, they need a "conditional use" permit from the city. However, based on the documents WIRED obtained, and Palo Alto's public database of planning applications, the Zuckerbergs do not appear to have ever applied for or received this permit. Per emails obtained by WIRED, Palo Alto authorities told a lawyer working with the Zuckerbergs in March 2025 that the family had to shut down the school on its compound by June 30. [...] However, Zuckerberg family spokesperson Brian Baker tells WIRED that the school didn't close, per se. It simply moved. It's not clear where it is now located, or whether the school is operating under a different name. [...] Most of the Zuckerbergs' neighbors did not respond to WIRED's request for comment. However, the ones that did clearly indicated that they would not be forgetting the Bicken Ben saga, or the past decade of disruption, anytime soon.

An anonymous reader quotes a report from the Associated Press: Google Maps is heading in a new direction with artificial intelligence sitting in the passenger's seat. Fueled by Google's Gemini AI technology, the world's most popular navigation app will become a more conversational companion as part of a redesign announced Wednesday. The hands-free experience is meant to turn Google Maps into something more like an insightful passenger able to direct a driver to a destination while also providing nearby recommendations on places to eat, shop or sightsee, when asked for the advice. "No fumbling required -- now you can just ask," Google promised in a blog post about the app makeover.

The AI features are also supposed to enable Google Maps to be more precise by calling out landmarks to denote the place to make a turn instead of relying on distance notifications. AI chatbots, like Gemini and OpenAI's ChatGPT, have sometimes lapsed into periods of making things up -- known as "hallucinations" in tech speak -- but Google is promising that built-in safeguards will prevent Maps from accidentally sending drivers down the wrong road. All the information that Gemini is drawing upon will be culled from the roughly 250 million places stored in Google Maps' database of reviews accumulated during the past 20 years. Google Maps' new AI capabilities will be rolling out to both Apple's iPhone and Android mobile devices.

A massive cyberattack on Swedish IT supplier Miljodata exposed personal data from up to 1.5 million citizens, prompting a national privacy investigation and scrutiny into security failures across multiple municipalities. BleepingComputer reports: MiljÃdata is an IT systems supplier for roughly 80% of Sweden's municipalities. The company disclosed the incident on August 25, saying that the attackers stole data and demanded 1.5 Bitcoin to not leak it. The attack caused operational disruptions that affected citizens in multiple regions in the country, including Halland, Gotland, Skelleftea, Kalmar, Karlstad, and Monsteras.

Because of the large impact, the state monitored the situation from the time of disclosure, with CERT-SE and the police starting to investigate immediately. According to IMY, the attacker exposed on the dark web data that corresponds to 1.5 million people in the country, creating the basis for investigating potential General Data Protection Regulation (GDPR) violations. [...] Although no ransomware groups had claimed the attack when Miljodata disclosed the incident, BleepingComputer found that the threat group Datacarry posted the stolen data on its dark web portal on September 13. The leaked database has been added to Have I Been Pwned, which contains information such as names, email addresses, physical addresses, phone numbers, government IDs, and dates of birth.

An anonymous reader quotes a report from Ars Technica: On Monday afternoon, Amazon confirmed that an outage affecting Amazon Web Services' cloud hosting, which had impacted millions across the Internet, had been resolved. Considered the worst outage since last year's CrowdStrike chaos, Amazon's outage caused "global turmoil," Reuters reported. AWS is the world's largest cloud provider and, therefore, the "backbone of much of the Internet," ZDNet noted. Ultimately, more than 28 AWS services were disrupted, causing perhaps billions in damages, one analyst estimated for CNN.

[...] Amazon's problems originated at a US site that is its "oldest and largest for web services" and often "the default region for many AWS services," Reuters noted. The same site has experienced two outages before in 2020 and 2021, but while the tech giant had confirmed that those prior issues had been "fully mitigated," apparently the fixes did not ensure stability into 2025. ZDNet noted that Amazon's first sign of the outage was "increased error rates and latency across numerous key services" tied to its cloud database technology. Although "engineers later identified a Domain Name System (DNS) resolution problem" as the root of these issues and quickly fixed it, "other AWS services began to fail in its wake, leaving the platform still impaired" as more than two dozen AWS services shut down. At the peak of the outage on Monday, Down Detector tracked more than 8 million reports globally from users panicked by the outage, ZDNet reported. Ken Birman, a computer science professor at Cornell University, told Reuters that "software developers need to build better fault tolerance."

"When people cut costs and cut corners to try to get an application up, and then forget that they skipped that last step and didn't really protect against an outage, those companies are the ones who really ought to be scrutinized later."

"Windows 10 is officially dead," writes Slashdot user darwinmac, "and the vultures are circling. Or maybe they are liberators, depending on your point of view." Neowin reports: Of all the projects trying to poach Windows users, Zorin Group might be the most aggressive, launching its biggest OS upgrade, Zorin OS 18, on the very day Windows 10 died. In a recent post on X, Zorin Group celebrated the launch of version 18, claiming that it hit 100,000 downloads in "a little over 2 days". The company called it its "biggest launch ever" and claimed that over 72% of those downloads came from Windows...

Zorin OS 18 now includes an updated version of WINE 10 for better support of Windows software. On top of that, there's also an expanded database that helps when it detects a Windows installer. The system checks the file and suggests the best way to run over 170 popular apps, whether that means installing a native Linux version, using the web-based alternative, or firing it up through WINE.
The article also notes LibreOffice's creators have been presenting Linux as a secure and cost-effective alternative since June, and "We have also seen initiatives like The "End of 10" Campaign by KDE, making the case for Linux and providing guides and info on how to switch."

An anonymous reader quotes a report from BleepingComputer: The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances. Redis (short for Remote Dictionary Server) is an open-source data structure store used in approximately 75% of cloud environments, functioning like a database, cache, and message broker, and storing data in RAM for ultra-fast access. The security flaw (tracked as CVE-2025-49844) is caused by a 13-year-old use-after-free weakness found in the Redis source code and can be exploited by authenticated threat actors using a specially crafted Lua script (a feature enabled by default). Successful exploitation enables them to escape the Lua sandbox, trigger a use-after-free, establish a reverse shell for persistent access, and achieve remote code execution on the targeted Redis hosts.

After compromising a Redis host, attackers can steal credentials, deploy malware or cryptocurrency mining tools, extract sensitive data from Redis, move laterally to other systems within the victim's network, or use stolen information to gain access to other cloud services. "This grants an attacker full access to the host system, enabling them to exfiltrate, wipe, or encrypt sensitive data, hijack resources, and facilitate lateral movement within cloud environments," said Wiz researchers, who reported the security issue at Pwn2Own Berlin in May 2025 and dubbed it RediShell.

While successful exploitation requires attackers first to gain authenticated access to a Redis instance, Wiz found around 330,000 Redis instances exposed online, with at least 60,000 of them not requiring authentication. Redis and Wiz urged admins to patch their instances immediately by applying security updates released on Friday, "prioritizing those that are exposed to the internet." To further secure their Redis instances against remote attacks, admins can also enable authentication, disable Lua scripting and other unnecessary commands, launch Redis using a non-root user account, enable Redis logging and monitoring, limit access to authorized networks only, and implement network-level access controls using firewalls and Virtual Private Clouds (VPCs).

Currently DNA synthesis companies "deploy biosecurity software designed to guard against nefarious activity," reports the Washington Post, "by flagging proteins of concern — for example, known toxins or components of pathogens." But Microsoft researchers discovered "up to 100 percent" of AI-generated ricin-like proteins evaded detection — and worked with a group of leading industry scientists and biosecurity experts to design a patch. Microsoft's chief science officer called it "a Windows update model for the planet.

"We will continue to stay on it and send out patches as needed, and also define the research processes and best practices moving forward to stay ahead of the curve as best we can."

But is that enough? Outside biosecurity experts applauded the study and the patch, but said that this is not an area where one single approach to biosecurity is sufficient. "What's happening with AI-related science is that the front edge of the technology is accelerating much faster than the back end ... in managing the risks," said David Relman, a microbiologist at Stanford University School of Medicine. "It's not just that we have a gap — we have a rapidly widening gap, as we speak. Every minute we sit here talking about what we need to do about the things that were just released, we're already getting further behind."
The Washington Post notes not every company deploys biosecurity software. But "A different approach, biosecurity experts say, is to ensure AI software itself is imbued with safeguards before digital ideas are at the cusp of being brought into labs for research and experimentation." "The only surefire way to avoid problems is to log all DNA synthesis, so if there is a worrisome new virus or other biological agent, the sequence can be cross-referenced with the logged DNA database to see where it came from," David Baker, who shared the Nobel Prize in chemistry for his work on proteins, said in an email.