An anonymous reader quotes a report from The Record: Threat actors are stealing sensitive data from organizations by breaching end-of-life appliances made by cybersecurity company SonicWall. Incident responders from Google Threat Intelligence Group (GTIG) and Mandiant said on Wednesday that they have uncovered an ongoing campaign by an unidentified threat group that leverages credentials and one-time password (OTP) seeds stolen during previous intrusions -- allowing the hackers to regain access to organizations even after security updates are installed. [...]

The campaign is targeting fully patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances. Google explained that the malware the hackers are using removes log entries, making it difficult to figure out how they initially gained access to a system. Google said the campaign extends beyond the incidents they investigated directly and added that SonicWall has "confirmed reports of other impacted organizations." The company noted that SonicWall updated an advisory for a bug tracked as CVE-2024-38475 in light of Google's findings. "As an added security measure, we strongly advise customers to reset the OTP (One-Time Password) binding for all users. This step ensures that any potentially compromised or stale OTP secrets are invalidated, thereby mitigating unauthorized access risks," SonicWall said in the update to the advisory..

One novel aspect of the campaign is the use of a backdoor called OVERSTEP, which modifies the SonicWall appliance's boot process to maintain persistent access, steal sensitive credentials and conceal the malware's own components. Incident responders struggled to track other activities by the hackers because OVERSTEP allowed them to delete logs and largely cover their tracks. OVERSTEP is specifically designed for SonicWall SMA 100 series appliances, according to Google. In addition to CVE-2024-38475, Google and Mandiant experts floated several potential vulnerabilities the hackers may have used to gain initial access, including CVE-2021-20038, CVE-2024-38475, CVE-2021-20035, CVE-2021-20039 and, CVE-2025-32819. Beyond those, Google theorized that the hackers may have used an unknown zero-day vulnerability to deploy the malware on targeted SonicWall SMA appliances.

The Verge's Emma Roth reports: The News/Media Alliance, a trade association behind major news publishers, announced that it has "successfully secured" the removal of 12ft.io, a website that helped users bypass paywalls online. The trade association says 12ft.io's webhost took down the site on July 14th "following the News/Media Alliance's efforts." 12ft.io -- or 12 Foot Ladder -- also allowed users to view webpages without ads, trackers, or pop-ups by disguising a user's browser as a web crawler, giving them unfettered access to a webpage's contents. Software engineer Thomas Millar says he created the site when he realized "8 of the top 10 links on Google were paywalled" when doing research during the pandemic. [...]

In its announcement, News/Media Alliance says 12ft.io "offered illegal circumvention technology" that allowed users to access copyrighted content without paying for it. The organization adds that it will take "similar actions" against other sites that let users get around paywalls. The News Media Alliance recently called Google's AI Mode "theft." (Like many chatbots, Google's AI Mode eliminates the need to visit a website, starving publishers of the pageviews they need to be compensated for their work.) "Publishers commit significant resources to creating the best and most informative content for consumers, and illegal tools like 12ft.io undermine their ability to financially support that work through subscriptions and ad revenue," News/Media Alliance president and CEO Danielle Coffey said in the press release. "Taking down paywall bypassers is an essential part of ensuring we have a healthy and sustainable information ecosystem."

Digital tokens designed to track popular stocks have suffered extreme price deviations since launching two weeks ago, with an Amazon-tracking token briefly spiking to more than 100 times the underlying stock's closing price. The token AMZNX hit $23,781.22 on crypto trading platform Jupiter on July 3, while Amazon shares had closed the previous day around $200.

A similar Apple-tracking token jumped to $236.72 on July 3, representing a 12% premium to the actual stock price. Companies including Robinhood, Kraken, Gemini and Bybit launched these blockchain-based versions of U.S. stocks in late June for non-U.S. customers. Robinhood is facing scrutiny from Lithuania's central bank after launching tokens tied to OpenAI and SpaceX without permission from either company, prompting OpenAI to disavow the tokens on social media.

The UK secretly relocated thousands of Afghans to the UK after their personal details were disclosed in one of the country's worst ever data breaches, putting them at risk of Taliban retaliation. The operation cost around $2.7 billion and remained under a court-imposed superinjunction until recently lifted. Reuters reports: The leak by the Ministry of Defence in early 2022, which led to data being published on Facebook the following year, and the secret relocation program, were subject to a so-called superinjunction preventing the media reporting what happened, which was lifted on Tuesday by a court. British defence minister John Healey apologised for the leak, which included details about members of parliament and senior military officers who supported applications to help Afghan soldiers who worked with the British military and their families relocate to the UK. "This serious data incident should never have happened," Healey told lawmakers in the House of Commons. It may have occurred three years ago under the previous government, but to all whose data was compromised I offer a sincere apology."

The incident ranks among the worst security breaches in modern British history because of the cost and risk posed to the lives of thousands of Afghans, some of whom fought alongside British forces until their chaotic withdrawal in 2021. Healey said about 4,500 Afghans and their family members have been relocated or were on their way to Britain under the previously secret scheme. But he added that no-one else from Afghanistan would be offered asylum because of the data leak, citing a government review which found little evidence of intent from the Taliban to seek retribution against former officials.

Reddit has begun verifying users' ages in the UK to restrict access to "certain mature content" for minors, complying with the UK's Online Safety Act. The BBC reports: Reddit, known for its online communities and discussions, said that while it does not want to know who its audience is: "It would be helpful for our safety efforts to be able to confirm whether you are a child or an adult." Ofcom, the UK regulator, said: "We expect other companies to follow suit, or face enforcement if they fail to act." Reddit said that from 14 July, an outside firm called Persona will perform age verification for the social media platform either through an uploaded selfie or "a photo of your government ID," such as a passport. It said Reddit will not have access to the photo and will only retain a user's verification status and date of birth so people do not have to re-enter it each time they try to access restricted content. Reddit added that Persona "promises not to retain the picture for longer than seven days" and will not have access to a user's data on the site. The new rules in the UK come into force on 25 July. [...]

Companies that fail to meet the rules face fines of up to 18 million pounds or 10% of worldwide revenue, "whichever is greater." [Ofcom] added that in the most serious cases, it can seek a court order for "business disruption measures," such as requiring payment providers or advertisers to withdraw their services from a platform, or requiring Internet Service Providers to block access to a site in the UK."

U.S. prosecutors and the Commodity Futures Trading Commission (CFTC) have officially closed their investigations into Polymarket, the decentralized, blockchain-powered prediction market platform where users bet with real cryptocurrency on the outcomes of future events. "The DOJ was investigating Polymarket last year, reportedly for allowing U.S. users to place bets on the site despite Polymarket being required to block U.S. traders," reports CoinDesk.

The FBI raided Polymarket CEO Shayne Coplan's Manhattan apartment last November, seizing his phone and electronic devices. A source close to the matter told The New York Post it was politically motivated due to Polymarket's successful prediction of Trump's election win. It's "grand political theater at its worst," the source said. "They could have asked his lawyer for any of these things. Instead, they staged a so-called raid so they can leak it to the media and use it for obvious political reasons."

An anonymous reader quotes a report from TorrentFreak: Internet service providers BT, Virgin Media, Sky, TalkTalk, EE, and Plusnet account for the majority of the UK's residential internet market and as a result, blocking injunctions previously obtained at the High Court often list these companies as respondents. These so-called "no fault' injunctions stopped being adversarial a long time ago; ISPs indicate in advance they won't contest a blocking order against various pirate sites, and typically that's good enough for the Court to issue an order with which they subsequently comply. For more than 15 years, this has led to blocking being carried out as close to users as possible, with ISPs' individual blocking measures doing the heavy lifting. A new wave of blocking targeting around 200 pirate site domains came into force yesterday but with the unexpected involvement of a significant new player.

In the latest wave of blocking that seems to have come into force yesterday, close to 200 pirate domains requested by the Motion Picture Association were added to one of the longest pirate site blocking lists in the world. The big change is the unexpected involvement of Cloudflare, which for some users attempting to access the domains added yesterday, displays the [Error 451 -- Unavailable for Legal Reasons] notice ... As stated in the notice, Error 451 is returned when a domain is blocked for legal reasons, in this case reasons specific to the UK. [...] In this case there's no indication of who requested the blocking order, or the authority that issued it. However, from experience we know that the request was made by the studios of the Motion Picture Association and for the same reason the High Court in London was the issuing authority. [...] The issue lies with dynamic injunctions; while a list of domains will appear in the original order (which may or may not be made available), when the MPA concludes that other domains that appear subsequently are linked to the same order, those can be blocked too, but the details are only rarely made public.

From information obtained independently, one candidate is an original order obtained in December 2022 which requested blocking of domains with well known pirate brands including 123movies, fmovies, soap2day, hurawatch, sflix, and onionplay. This leads directly to another unusual issue. The notice linked from Cloudflare doesn't directly concern Cloudflare. The studios sent the notice to Google after Google agreed to voluntarily remove those domains from its search indexes, if it was provided with a copy of relevant court orders. Notices like these were supplied and the domains were deindexed, and the practice has continued ever since. That raises questions about the nature of Cloudflare's involvement here and why it links to the order sent to Google; notices sent to Cloudflare are usually submitted to Lumen by Cloudflare itself. That doesn't appear to be the case here. "Domains blocked by Sky, BPI and others, don't appear to be affected," notes TorrentFreak. "All relate to sites targeted by the MPA, and the majority if not all trigger malware warnings of a very serious kind, either immediately upon visiting the sites, or shortly after."

"At least in the short term, if Cloudflare is blocking a domain in the UK, moving on is strongly advised."

Many trains in the U.S. are vulnerable to a hack that can remotely lock a train's brakes, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the researcher who discovered the vulnerability. From a report:The railroad industry has known about the vulnerability for more than a decade but only recently began to fix it. Independent researcher Neil Smith first discovered the vulnerability, which can be exploited over radio frequencies, in 2012.

"All of the knowledge to generate the exploit already exists on the internet. AI could even build it for you," Smith told 404 Media. "The physical aspect really only means that you could not exploit this over the internet from another country, you would need to be some physical distance from the train [so] that your signal is still received."

An anonymous reader shares a report: Hugging Face, a company with a multi-billion dollar valuation and one of the most commonly used platforms for sharing AI tools and resources, is hosting over 5,000 AI image generation models that are designed to recreate the likeness of real people. These models were all previously hosted on Civitai, an AI model sharing platform 404 Media reporting has shown was used for creating nonconsensual pornography, until Civitai banned them due to pressure from payment processors.

Users downloaded the models from Civitai and reuploaded them to Hugging Face as part of a concerted community effort to archive the models after Civitai announced in May it will ban them. In that announcement, Civitai said it will give the people who originally uploaded them "a short period of time" before they were removed. Civitai users began organizing an archiving effort on Discord earlier in May after Civitai indicated it had to make content policy changes due to pressure from payment processors, and the effort kicked into high gear when Civitai announced the new "real people" model policy.

An anonymous reader quotes a report from Investing.com: Meta's newly formed superintelligence lab is discussing potential changes to the company's artificial intelligence strategy that could represent a major shift for the social media giant. A small group of top members of the lab, including 28-year-old Alexandr Wang, Meta's new chief A.I. officer, talked last week about abandoning the company's most powerful open source A.I. model, called Behemoth, in favor of developing a closed model, according to a report in the New York Times, citing people familiar with the matter.

Meta has traditionally open sourced its A.I. models, making the computer code public for other developers to build upon, and any shift toward a closed A.I. model would mark a significant philosophical change for Meta. Meta had completed training its Behemoth model by feeding in data to improve it, but delayed its release due to poor internal performance. After the company announced the formation of the superintelligence lab last month, teams working on the Behemoth model, which is considered a "frontier" model, stopped conducting new tests on it. The discussions within the superintelligence lab remain preliminary, and no decisions have been finalized. Any potential changes would require approval from Meta CEO Mark Zuckerberg.

A small fraction of hyperactive social media users generates the vast majority of toxic online content, according to research by New York University psychology professor Jay Van Bavel and colleagues Claire Robertson and Kareena del Rosario. The study found that 10% of users produce roughly 97% of political tweets, while just 0.1% of users share 80% of fake news.

Twelve accounts known as the "disinformation dozen" created most vaccine misinformation on Facebook during the pandemic, the research found. In experiments, researchers paid participants to unfollow divisive political accounts on X. After one month, participants reported 23% less animosity toward other political groups. Nearly half declined to refollow hostile accounts after the study ended, and those maintaining healthier newsfeeds reported reduced animosity 11 months later. The research describes social media as a "funhouse mirror" that amplifies extreme voices while muting moderate perspectives.

Mark Zuckerberg said on Monday that Meta would spend hundreds of billions of dollars to build several massive AI data centers for superintelligence, intensifying his pursuit of a technology that he has chased with a talent war for top AI engineers. From a report: The social media giant is among the large technology companies that have chased high-profile deals and doled out multi-million-dollar pay packages in recent months to fast-track work on machines that can outthink humans on most tasks.

Unveiling the spending commitment in a Threads post on Monday, CEO Zuckerberg touted the strength in the company's core advertising business to support the massive spending that has raised concerns among tech investors about potential payoffs. "We have the capital from our business to do this," Zuckerberg said. He also cited a report from a chip industry publication Semianalysis that said Meta is on track to be the first lab to bring online a 1-gigawatt-plus supercluster, which refers to a massive data center built to train advanced AI models.

Bay Area Michelin-starred restaurants are conducting extensive background research on diners before they arrive, mining social media profiles and maintaining detailed guest databases to personalize dining experiences. Lazy Bear maintains records on 115,000 people and employs a guest services coordinator who creates weekly reports by researching publicly available social media information.

Staff study color-coded Google documents containing guest data before each service. SingleThread's reservation team researches social media, Google, and LinkedIn profiles for guests, where meals cost over $500 on weekends. General manager Akeel Shah told SFGate the information helps "tailor the experience and make it memorable." Acquerello has collected guest data for 36 years, initially handwritten in books. Co-owner Giancarlo Paterlini said their director of operations reviews each reservation for dining history and wine preferences to customize service.

James Gunn's Superman "appears to be succeeding in rebooting DC Studios and its most iconic comic book franchise," writes The Hollywood Reporter, noting the film is "headed for a possible record domestic box office debut of $115 million to $120 million." Gunn is in a unique position, being both the film's writer-director and the co-head of the Warner Bros.-owned DC, which he co-runs with Peter Safran. Overseas, Superman is launching to $100 million-plus from 78 markets after earning $40 million midweek from its first raft of international markets for an early global total of $96.5 million through Friday. Superman will be the first superhero film to cross $100 million in its North American bow since Marvel Studios and Ryan Reynolds' Deadpool & Wolverine launched to $211 million in summer 2024 ("superhero fatigue" has become part of the Hollywood lexicon). And it's the first DC title to cross $100 million in eight long years since Wonder Woman debuted to $103.3 million in 2017.

And if the $225 million tentpole comes in north of $116.6 million, it will beat Zack Snyder's 2013 film Man of Steel ($116.7 million) to rank as the biggest domestic launch ever for a solo Superman pic, not adjusted for inflation. Snyder's mash-up Batman v Superman: Dawn of Justice scored the biggest DC opening of all time when earning $166.6 million over Easter weekend in 2016... Gunn's movie is only the third Hollywood title of 2025 to launch north of $100 million after fellow Warners tentpole A Minecraft Movie, which opened to $162.8 million, and Disney's live-action Lilo & Stitch, which sewed up $146 million in its debut. Crossing the century mark is no small feat for any movie in the post-pandemic era, and particularly for the troubled superhero genre.

The pic should enjoy a long run thanks to strong word-of-mouth. Critics and audiences alike are embracing the film. The pic earned an A- CinemaScore from moviegoers, the same grade given to Man of Steel and ahead of Superman Returns' B+. The audience score on Rotten Tomatoes is a stellar 94 percent, while the critics' score is a pleasing 82 percent...

Other upcoming DC Studios projects include HBO's Green Lantern series, Lanterns, and a Supergirl movie due out in 2026.
Superman's weekend debut at nearly $130 million domestically smashes early estimates of around $90 million (according to a senior media analyst at Comscore).

And the film also got a positive reaction from the author of the cultural history Superman: The Unauthorized Biography (writing for NPR): Recent attempts to tell live-action Superman stories have shied away from his bright, hopeful, altruistic nature in favor of making him more cool and relatable (read: dark and brooding). That's not who he is; it never has been. Superman is an ideal. He represents the best we can aspire to be. He's not the hero you relate to, à la Peter Parker/Spider-Man's ongoing struggle to pay his rent and buy Aunt May her damn medicine. He's the hero who inspires you, who shows you the way...

It doesn't have to be about slogging through trauma and shame and shadow-selves and endlessly tedious redemption arcs. Sometimes, it's simpler, cleaner, brighter. And also? Not for nothing? More fun.

"Microsoft's Outlook email service malfunctioned for over 21 hours Wednesday and Thursday," reports CNBC, "prompting some people to post on social media about the inability to reach their virtual mailboxes." The issue began at 6:20 p.m. Eastern time on Wednesday, according to a dashboard the software company maintains. It affected Outlook.com as well as Outlook mobile apps and desktop programs. At 12:21 ET on Thursday, the Microsoft 365 Status account posted that it was rolling out a fix.
Although earlier on Thursday Microsoft posted on X that "We identified an issue with the initial fix, and we've corrected it..."

More details from the Associated Press: Disruptions appeared to peak just before noon ET on Thursday, when more than 2,700 users worldwide reported issues with Outlook, formerly also Hotmail, to outage tracker Downdetector. Some said they encountered problems like loading their inboxes or signing in. By later in the afternoon, reports had fallen to just over a couple hundred...

Microsoft did not immediately provide more information about what had caused the hourslong outage. A spokesperson for Microsoft had no further comment when reached by The Associated Press on Thursday.

Bitcoin "vaulted to a fresh all-time high Friday, breaking above $118,000," reports Yahoo Finance: Year to date, the token is up roughly 21%, buoyed in part by crypto-friendly policies from the Trump administration, including the establishment of a strategic bitcoin reserve and a broader digital asset stockpile... "At the heart of this rally lies sustained structural inflows from institutional players," wrote Dilin Wu, research strategist at Pepperstone. "Corporates are also ramping up participation," he added. The analyst noted companies like Strategy and GameStop have continued to add bitcoin to their balance sheets. Trump Media & Technology Group this week also filed for approval to launch a "Crypto Blue Chip ETF", which would include about 70% of its holdings in bitcoin.

The timing of bitcoin's breakout also comes days before Congress kicks off its highly anticipated "Crypto Week" on July 14. Lawmakers will debate a series of bills that could define the industry's regulatory framework... The GENIUS Act is among the regulations the House will consider. The bill, which recently passed through the Senate, proposes a federal framework for stablecoins.
"After jumping above $118,000 on Thursday, technical analyst Katie Stockton, founder and managing partner of research firm Fairlead Strategies, believes bitcoin is on track to reach $134,500, about 14% higher than current levels," writes Business Insider . It's not just bitcoin that's jumped this week. Other cryptos are surging as well. Ethereum has rallied over 16% in the past five days, and as DOGE rose 8% in the last day alone... Additionally, over $1 billion in short positions were liquidated in the last 24 hours as the price of bitcoin surged and traders were forced to close their positions, [said Thomas Perfumo, global economist at crypto Kraken].

An anonymous reader quotes a report from Ars Technica: When Stanford University researchers asked ChatGPT whether it would be willing to work closely with someone who had schizophrenia, the AI assistant produced a negative response. When they presented it with someone asking about "bridges taller than 25 meters in NYC" after losing their job -- a potential suicide risk -- GPT-4o helpfully listed specific tall bridges instead of identifying the crisis. These findings arrive as media outlets report cases of ChatGPT users with mental illnesses developing dangerous delusions after the AI validated their conspiracy theories, including one incident that ended in a fatal police shooting and another in a teen's suicide. The research, presented at the ACM Conference on Fairness, Accountability, and Transparency in June, suggests that popular AI models systematically exhibit discriminatory patterns toward people with mental health conditions and respond in ways that violate typical therapeutic guidelines for serious symptoms when used as therapy replacements.

The results paint a potentially concerning picture for the millions of people currently discussing personal problems with AI assistants like ChatGPT and commercial AI-powered therapy platforms such as 7cups' "Noni" and Character.ai's "Therapist." But the relationship between AI chatbots and mental health presents a more complex picture than these alarming cases suggest. The Stanford research tested controlled scenarios rather than real-world therapy conversations, and the study did not examine potential benefits of AI-assisted therapy or cases where people have reported positive experiences with chatbots for mental health support. In an earlier study, researchers from King's College and Harvard Medical School interviewed 19 participants who used generative AI chatbots for mental health and found reports of high engagement and positive impacts, including improved relationships and healing from trauma.

Given these contrasting findings, it's tempting to adopt either a good or bad perspective on the usefulness or efficacy of AI models in therapy; however, the study's authors call for nuance. Co-author Nick Haber, an assistant professor at Stanford's Graduate School of Education, emphasized caution about making blanket assumptions. "This isn't simply 'LLMs for therapy is bad,' but it's asking us to think critically about the role of LLMs in therapy," Haber told the Stanford Report, which publicizes the university's research. "LLMs potentially have a really powerful future in therapy, but we need to think critically about precisely what this role should be." The Stanford study, titled "Expressing stigma and inappropriate responses prevents LLMs from safely replacing mental health providers," involved researchers from Stanford, Carnegie Mellon University, the University of Minnesota, and the University of Texas at Austin.

joshuark writes: A Russian basketball player, Daniil Kasatkin, was arrested on June 21 in France at the request of the United States as he allegedly is part of a network of hackers. Daniil Kasatkin, aged 26, is accused by the United States of negotiating the payment of ransoms to this hacker network, which he denies. He has been studied in the United States, and is the subject of a U.S. arrest warrant for "conspiracy to commit computer fraud" and "computer fraud conspiracy."

His lawyer alleges that Kasatkin is not guilty of these crimes and that they are instead linked to a second-hand computer that he purchased. "He bought a second-hand computer. He did absolutely nothing. He's stunned," his lawyer, Freric Belot, told the media. "He's useless with computers and can't even install an application. He didn't touch anything on the computer: it was either hacked, or the hacker sold it to him to act under the cover of another person." The report notes that Kasatkin briefly played NCAA basketball at Penn State before returning to Russia in 2019. He also appeared in 172 games with MBA-MAI before he left the team.

A Russian professional basketball player has been arrested in France at the request of the United States, which reportedly accused him of being involved in a ransomware group that allegedly targeted hundreds of American companies and federal institutions. From a report: Daniil Kasatkin, 26, was detained in June at Paris's Charles de Gaulle Airport shortly after arriving in the country with his fiancee, according to local media reports. He is currently being held in extradition custody, with a U.S. warrant reportedly issued against him. Kasatkin previously studied and played basketball in the U.S., at Penn State University.

The unnamed ransomware network Kasatkin is suspected of being part of is believed to have targeted nearly 900 entities between 2020 and 2022. Local media, citing court proceedings in Paris, reported that Kasatkin allegedly helped negotiate ransom payments, though the extent of the damage caused by the attacks has not been disclosed.

An anonymous reader quotes a report from Dexerto: It's been ten years since YouTube first introduced its trending page in 2015, and the platform is finally sunsetting the program in favor of a new system. [...] As announced by YouTube in a support thread on July 10, 2025, the site is now set on introducing Charts, a new system for ranking popular content on its platform. "Back when we first launched the Trending page in 2015, the answer to 'What's trending?' was a lot simpler to capture with a singular list of viral videos that everyone was talking about," the post reads. "But today, trends consist of many videos created by many fandoms, and there are more micro-trends enjoyed by diverse communities than ever before."

As a result, YouTube says that its Trending page has seen "significantly" less traffic in the last five years, prompting them to make a change. Now, YouTube Charts will break up trends from one, all-encompassing page into separate, category-specific lists. The current Trending page will be moved to a Trending Now section, where the site's most popular content overall will be shown. However, viewers can now look for specific trends in certain categories on YouTube Charts for things like music videos, top podcasts, movie trailers and more. In the meantime, YouTube says that its Gaming Explore page will be home to trending gaming videos, and it will continue to serve personalized content to users via recommendations on their home feeds.