In mid-2021 Ameria's National Security Advisor set up a new directorate focused on "advanced chips, quantum computing, and other cutting-edge tech," reports Wired. And the next year as Congress was working on boosting America's semiconductor sector, he was "closing in on a plan to cripple China's... In October 2022, the Commerce Department forged ahead with its new export controls."

So what happened next? In a phone call with President Biden this past spring, Xi Jinping warned that if the US continued trying to stall China's technological development, he would not "sit back and watch." And he hasn't. Already, China has answered the US export controls — and its corresponding deals with other countries — by imposing its own restrictions on critical minerals used to make semiconductors and by hoovering up older chips and manufacturing equipment it is still allowed to buy. For the past several quarters, in fact, China was the top customer for ASML and a number of Japanese chip companies. A robust black market for banned chips has also emerged in China. According to a recent New York Times investigation, some of the Chinese companies that have been barred from accessing American chips through US export controls have set up new corporations to evade those bans. (These companies have claimed no connection to the ones who've been banned.) This has reportedly enabled Chinese entities with ties to the military to obtain small amounts of Nvidia's high-powered chips.

Nvidia, meanwhile, has responded to the US actions by developing new China-specific chips that don't run afoul of the US controls but don't exactly thrill the Biden administration either. For the White House and Commerce Department, keeping pace with all of these workarounds has been a constant game of cat and mouse. In 2023, the US introduced the first round of updates to its export controls. This September, it released another — an announcement that was quickly followed by a similar expansion of controls by the Dutch. Some observers have speculated that the Biden administration's actions have only made China more determined to invest in its advanced tech sector.

And there's clearly some truth to that. But it's also true that China has been trying to become self-sufficient since long before Biden entered office. Since 2014, it has plowed nearly $100 billion into its domestic chip sector. "That was the world we walked into," [NSA Advisor Jake] Sullivan said. "Not the world we created through our export controls." The United States' actions, he argues, have only made accomplishing that mission that much tougher and costlier for Beijing. Intel CEO Pat Gelsinger estimated earlier this year that there's a "10-year gap" between the most powerful chips being made by Chinese chipmakers like SMIC and the ones Intel and Nvidia are working on, thanks in part to the export controls.

If the measure of Sullivan's success is how effectively the United States has constrained China's advancement, it's hard to argue with the evidence. "It's probably one of the biggest achievements of the entire Biden administration," said Martijn Rasser, managing director of Datenna, a leading intelligence firm focused on China. Rasser said the impact of the US export controls alone "will endure for decades." But if you're judging Sullivan's success by his more idealistic promises regarding the future of technology — the idea that the US can usher in an era of progress dominated by democratic values — well, that's a far tougher test. In many ways, the world, and the way advanced technologies are poised to shape it, feels more unsettled than ever.

Four years was always going to be too short for Sullivan to deliver on that promise. The question is whether whoever's sitting in Sullivan's seat next will pick up where he left off.

Former Ukranian officer Serhii "Flash" Beskrestnov created a Signal channel where military communications specialists could talk with civilian radio experts, reports MIT's Technology Review. But radio communications are crucial for drones, so... About once a month, he drives hundreds of kilometers east in a homemade mobile intelligence center: a black VW van in which stacks of radio hardware connect to an array of antennas on the roof that stand like porcupine quills when in use. Two small devices on the dash monitor for nearby drones. Over several days at a time, Flash studies the skies for Russian radio transmissions and tries to learn about the problems facing troops in the fields and in the trenches.

He is, at least in an unofficial capacity, a spy. But unlike other spies, Flash does not keep his work secret. In fact, he shares the results of these missions with more than 127,000 followers — including many soldiers and government officials — on several public social media channels. Earlier this year, for instance, he described how he had recorded five different Russian reconnaissance drones in a single night — one of which was flying directly above his van... Drones have come to define the brutal conflict that has now dragged on for more than two and a half years. And most rely on radio communications — a technology that Flash has obsessed over since childhood. So while Flash is now a civilian, the former officer has still taken it upon himself to inform his country's defense in all matters related to radio...

Flash has also become a source of some controversy among the upper echelons of Ukraine's military, he tells me. The Armed Forces of Ukraine declined multiple requests for comment, but Flash and his colleagues claim that some high-ranking officials perceive him as a security threat, worrying that he shares too much information and doesn't do enough to secure sensitive intel... [But] His work has become greatly important to those fighting on the ground, and he recently received formal recognition from the military for his contributions to the fight, with two medals of commendation — one from the commander of Ukraine's ground forces, the other from the Ministry of Defense...

And given the mounting evidence that both militaries and militant groups in other parts of the world are now adopting drone tactics developed in Ukraine, it's not only his country's fate that Flash may help to determine — but also the ways that armies wage war for years to come.
He's also written guides on building cheap anti-drone equipment...

Formed in 2021 by cybersecurity professionals (and backed by high-powered VCs including Dell Technologies Capital), Halcyon sells an enterprise-grade anti-ransomware platform.

And this month they announced they're offering protection against ransomware attacks targeting Linux systems, according to Linux magazine: According to Cynet, Linux ransomware attacks increased by 75 percent in 2023 and are expected to continue to climb as more bad actors target Linux deployments... "While Windows is the favorite for desktops, Linux dominates the market for supercomputers and servers."
Here's how Halcyon's announcement made their pitch: "When it comes to ransomware protection, organizations typically prioritize securing Windows environments because that's where the ransomware operators were focusing most of their attacks. However, Linux-based systems are at the core of most any organization's infrastructure, and protecting these systems is often an afterthought," said Jon Miller, CEO & Co-founder, Halcyon. "The fact that Linux systems usually are always on and available means they provide the perfect beachhead for establishing persistence and moving laterally in a targeted network, and they can be leveraged for data theft where the exfiltration is easily masked by normal network traffic. As more ransomware operators are developing the capability to target Linux systems alongside Windows, it is imperative that organizations have the ability to keep pace with the expanded threat."

Halcyon Linux, powered through the Halcyon Anti-Ransomware Platform, uniquely secures Linux-based systems offering comprehensive protection and rapid response capabilities... Halcyon Linux monitors and detects ransomware-specific behaviors such as unauthorized access, lateral movement, or modification of critical files in real-time, providing instant alerts with critical context... When ransomware is suspected or detected, the Halcyon Ransomware Response Engine allows for rapid response and action.... Halcyon Data Exfiltration Protection (DXP) identifies and blocks unauthorized data transfers to protect sensitive information, safeguarding the sensitive data stored in Linux-based systems and endpoints...

Halcyon Linux runs with minimal resource impact, ensuring critical environments such as database servers or virtualized workloads, maintain the same performance.
And in addition, Halcyon offers "an around the clock Threat Response team, reviewing and responding to alerts," so your own corporate security teams "can attend to other pressing priorities..."

Casio confirmed it suffered a ransomware attack earlier this month, resulting in the theft of personal and confidential data from employees, job candidates, business partners, and some customers. Although customer payment data was not compromised, Casio warns the impact may broaden as the investigation continues. BleepingComputer reports: The attack was disclosed Monday when Casio warned that it was facing system disruption and service outages due to unauthorized access to its networks during the weekend. Yesterday, the Underground ransomware group claimed responsibility for the attack, leaking various documents allegedly stolen from the Japanese tech giant's systems. Today, after the data was leaked, Casio published a new statement that admits that sensitive data was stolen during the attack on its network.

As to the current results of its ongoing investigation, Casio says the following information has been confirmed as likely compromised:

- Personal data of both permanent and temporary/contract employees of Casio and its affiliated companies.
- Personal details related to business partners of Casio and certain affiliates.
- Personal information of individuals who have interviewed for employment with Casio in the past.
- Personal information related to customers using services provided by Casio and its affiliated companies.
- Details related to contracts with current and past business partners.
- Financial data regarding invoices and sales transactions.
- Documents that include legal, financial, human resources planning, audit, sales, and technical information from within Casio and its affiliates.

Ecovacs robot vacuums have been hacked across the U.S. to shout racial slurs at unsuspecting people. VICE News reports: The issue is specifically with Ecovacs' Deebot X2 model. The hackers gained control of the devices and used the onboard speakers to blast racial slurs at anyone within earshot. One such person was a lawyer from Minnesota named Daniel Swenson. He was watching TV when he heard some odd noises coming from the direction of his vacuum. He changed the password and restarted it. But then the odd sounds started up again. And then it started shouting racial slurs at him like a surly disgruntled maid.

There were multiple reports of similar incidents across the United States and around the same time. One of them happened in Los Angeles, where a vacuum chased a dog while spewing hate. Another happened in El Paso, where the vac spewed slurs until it's owner turned it off. The attacks are apparently quite easy to pull off thanks to several known security vulnerabilities in Ecovacs, like a bad Bluetooth connector and a defective PIN system that is intended to safeguard video feeds and remote access but actually doesn't do any of that at all. A pair of cybersecurity researchers released a report on Ecovacs detailing the brand's multiple security flaws earlier this year.

An APT hacking group known as GoldenJackal has successfully breached air-gapped government systems in Europe using two custom toolsets to steal sensitive data, like emails, encryption keys, images, archives, and documents. From a report: According to an ESET report, this happened at least two times, one against the embassy of a South Asian country in Belarus in September 2019 and again in July 2021, and another against a European government organization between May 2022 and March 2024. In May 2023, Kaspersky warned about GoldenJackal's activities, noting that the threat actors focus on government and diplomatic entities for purposes of espionage. Although their use of custom tools spread over USB pen drives, like the 'JackalWorm,' was known, cases of a successful compromise of air-gapped systems were not previously confirmed.

penciling_in writes: Ukrainian authorities have arrested a 28-year-old man in Khmelnytskyi for running an illegal VPN service that allowed users to bypass Ukrainian sanctions and access the Russian internet (Runet). The VPN, active since Russia's invasion, enabled Russian sympathizers and people in occupied territories to reach blocked Russian government sites, social media, and news.

Handling over 100GB of data daily and linking to 48 million Russian IP addresses, the VPN may have been exploited by Russian intelligence. Ukrainian cyber police, in collaboration with the National Security Service, seized servers and equipment in multiple locations. The suspect faces charges under Part 5 of Article 361 of Ukraine's Criminal Code, which could lead to a 15-year prison sentence. Investigations are ongoing into further connections and funding sources. The case highlights the growing role of VPNs in the ongoing cyberwar between Ukraine and Russia.

U.S. officials are racing to understand the full scope of a China-linked hack of major U.S. broadband providers, as concerns mount from members of Congress that the breach could amount to a devastating counterintelligence failure. From a report: Federal authorities and cybersecurity investigators are probing the breaches of Verizon Communications, AT&T and Lumen Technologies. A stealthy hacking group known as Salt Typhoon tied to Chinese intelligence is believed to be responsible. The compromises may have allowed hackers to access information from systems the federal government uses for court-authorized network wiretapping requests, The Wall Street Journal reported last week.

Among the concerns are that the hackers may have essentially been able to spy on the U.S. government's efforts to surveil Chinese threats, including the FBI's investigations. The House Select Committee on China sent letters Thursday asking the three companies to describe when they became aware of the breaches and what measures they are taking to protect their wiretap systems from attack. Spokespeople for AT&T, Lumen and Verizon declined to comment on the attack. A spokesman at the Chinese Embassy in Washington has denied that Beijing is responsible for the alleged breaches.

Combined with other Chinese cyber threats, news of the Salt Typhoon assault makes clear that "we face a cyber-adversary the likes of which we have never confronted before," Rep. John Moolenaar, the Republican chairman of the House Select Committee Committee on China, and Raja Krishnamoorthi, the panel's top Democrat, said in the letters. "The implications of any breach of this nature would be difficult to overstate," they said. Hackers still had access to some parts of U.S. broadband networks within the last week, and more companies were being notified that their networks had been breached, people familiar with the matter said. Investigators remain in the dark about precisely what the hackers were seeking to do, according to people familiar with the response.

TechCrunch's Carly Page reports: Fidelity Investments, one of the world's largest asset managers, has confirmed that over 77,000 customers had personal information compromised during an August data breach, including Social Security numbers and driver's licenses. The Boston, Massachusetts-based investment firm said in a filing with Maine's attorney general on Wednesday that an unnamed third party accessed information from its systems between August 17 and August 19 "using two customer accounts that they had recently established."

"We detected this activity on August 19 and immediately took steps to terminate the access," Fidelity said in a letter sent to those affected, adding that the incident did not involve any access to customers' Fidelity accounts. Fidelity confirmed that a total of 77,099 customers were affected by the breach, and its completed review of the compromised data determined that customers' personal information was affected. When reached by TechCrunch, Fidelity did not say how the creation of two Fidelity customer accounts allowed access to the data of thousands of other customers.

In another data breach notice filed with New Hampshire's attorney general, Fidelity revealed that the third party "accessed and retrieved certain documents related to Fidelity customers and other individuals by submitting fraudulent requests to an internal database that housed images of documents pertaining to Fidelity customers." Fidelity said the data breach included customers' Social Security numbers and driver's licenses, according to a separate data breach notice filed by Fidelity with the Massachusetts' attorney general. No information about the breach was found on Fidelity's website at the time of writing.

Microsoft is enhancing passkey support in Windows 11 with a redesigned Windows Hello experience that allows users to sync passkeys to their Microsoft account or third-party providers like 1Password and Bitwarden. The Verge reports: A new API for third-party password and passkey managers means developers can plug directly into the Windows 11 experience, so you can use the same passkey from your mobile device to authenticate on your PC. Right now it's possible in some apps to do this through QR codes and other ways to authenticate from a mobile device, but Microsoft's full support means the passkeys experience on Windows is about to get a lot better.

Microsoft is also redesigning the Windows Hello prompt, including the ability to setup syncing of passkeys to your Microsoft account or saving them elsewhere. Once you've completed a one-time setup process you can use facial recognition, fingerprint, or PIN to authenticate with a passkey across multiple Windows 11 devices. Windows Insiders will get access to these new passkey features "in the coming months."

An anonymous reader quotes a report from Gizmodo: The Internet Archive and Wayback Machine went down on Tuesday following a sustained cyber attack. In addition, the Archive's user data has been compromised. If you've ever logged into the site to pore over its ample archives, it's time to change your passwords. [...] A pro-Palestenian hacktivist group called SN_BLACKMETA has taken responsibility for the hack on X and Telegram. "They are under attack because the archive belongs to the USA, and as we all know, this horrendous and hypocritical government supports the genocide that is being carried out by the terrorist state of 'Israel,'" the group said on X when someone asked them why they'd gone after the Archive.

The group elaborated on its reasoning in a now-deleted post on X. Jason Scott, an archivist at the Archive, screenshotted it and shared it. "Everyone calls this organization 'non-profit', but if its roots are truly in the United States, as we believe, then every 'free' service they offer bleeds millions of lives. Foreign nations are not carrying their values beyond their borders. Many petty children are crying in the comments and most of those comments are from a group of Zionist bots and fake accounts," the post said.

SN_BLACKMETA also claimed responsibility for a six-day DDoS attack on the Archive back in May. "Since the attacks began on Sunday, the DDoS intrusion has been launching tens of thousands of fake information requests per second. The source of the attack is unknown," Chris Freeland, Director of Library Services at the Archive said in a post about the attacks back in May. SN_BLACKMETA launched its Telegram channel on November 23 and has claimed responsibility for a number of other attacks including a six-day DDoS run at Arab financial institutions and various attacks on Israeli tech companies in the spring.

Alypius shares a report from 9to5Mac: It was revealed this weekend that Chinese hackers managed to access systems run by three of the largest internet service providers (ISPs) in the US. What's notable about the attack is that it compromised security backdoors deliberately created to allow for wiretaps by US law enforcement. [...] Apple famously refused the FBI's request to create a backdoor into iPhones to help access devices used by shooters in San Bernardino and Pensacola. The FBI was subsequently successful in accessing all the iPhones concerned without the assistance it sought.

Our arguments against such backdoors predate both cases, when Apple spoke out on the issue in the wake of terrorist attacks in Paris more than a decade ago: "Apple is absolutely right to say that the moment you build in a backdoor for use by governments, it will only be a matter of time before hackers figure it out. You cannot have an encryption system which is only a little bit insecure any more than you can be a little bit pregnant. Encryption systems are either secure or they're not -- and if they're not then it's a question of when, rather than if, others are able to exploit the vulnerability."

This latest case perfectly illustrates the point. The law required ISPs to create backdoors that could be used for wiretaps by US law enforcement, and hackers have now found and accessed them. Exactly the same would be true if Apple created backdoors into iPhones.

Turkey has blocked access to Discord after the messaging platform refused to share potentially illegal information with authorities. Reuters reports: Justice minister Yilmaz Tunc said an Ankara court decided to block access to Discord from Turkey due to sufficient suspicion that crimes of "child sexual abuse and obscenity" had been committed by some using the platform. The block comes after public outrage in Turkey caused by the murder of two women by a 19-year-old man in Istanbul this month. Content on social media showed Discord users subsequently praising the killing. Transport and infrastructure minister Abdulkadir Uraloglu said the nature of the Discord platform made it difficult for authorities to monitor and intervene when illegal or criminal content is shared.

"Security personnel cannot go through the content. We can only intervene when users complain to us about content shared there," he told reporters in parliament. "Since Discord refuses to share its own information, including IP addresses and content, with our security units, we were forced to block access." Russia also recently blocked Discord for violating Russian law, after previously fining the company for failing to remove banned content.

An anonymous reader quotes a report from ZDNet: Getting open-source and artificial intelligence (AI) on the same page isn't easy. Just ask the Open Source Initiative (OSI). The OSI, the open-source definition steward organization, has been working on creating an open-source artificial intelligence definition for two years now. The group has been making progress, though. Its Open Source AI Definition has now released its first release candidate, RC1. The latest definition aims to clarify the often contentious discussions surrounding open-source AI. It specifies four fundamental freedoms that an AI system must grant to be considered open source: the ability to use the system for any purpose without permission, to study how it works, to modify it for any purpose, and to share it with or without modifications. So far, so good.

However, the OSI has opted for a compromise regarding training data. Recognizing it's not easy to share full datasets, the current definition requires "sufficiently detailed information about the data used to train the system" rather than the full dataset itself. This approach aims to balance transparency with practical and legal considerations. That last phrase is proving difficult for some people to swallow. From their perspective, if all the data isn't open, then AI large language models (LLM) based on such data can't be open-source. The OSI summarized these arguments as follows: "Some people believe that full, unfettered access to all training data (with no distinction of its kind) is paramount, arguing that anything less would compromise full reproducibility of AI systems, transparency, and security. This approach would relegate Open-Source AI to a niche of AI trainable only on open data." The OSI acknowledges that the definition of open-source AI isn't final and may need significant rewrites, but the focus is now on fixing bugs and improving documentation. The final version of the Open Source AI Definition is scheduled for release at the All Things Open conference on October 28, 2024.

Phoronix's Michael Larabel reports: OpenBSD 7.6 is out this evening as another major step forward for this BSD operating system with enhanced hardware support, security improvements, updating various user-space software, and enabling other kernel enhancements. There are a ton of changes to find with the just-released OpenBSD 7.6.

Some of the new OpenBSD 7.6 features include:

- OpenBSD 7.6 provides initial support for Qualcomm Snapdragon X1 Elite (X1E80100) SoCs. The 7.6 release also has initial Samsung Galaxy Book4 Edge boot support in ACPI mode with OpenBSD 7.6.
- ARM64 has additional CPU security mitigations with Spectre-V4 now in place on ARM64 and adding Spectre-BHB for Cortex-A57 cores.
- OpenBSD 7.6 on RISC-V now supports the Milk-V Pioneer board.
- OpenBSD 7.6 on AMD64 has finally implemented support for AVX-512.
- Various SMP kernel improvements. You can view the full list of features and download the OpenBSD 7.6 release via OpenBSD.org.

BleepingComputer's Lawrence Abrams: Internet Archive's "The Wayback Machine" has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records. News of the breach began circulating Wednesday afternoon after visitors to archive.org began seeing a JavaScript alert created by the hacker, stating that the Internet Archive was breached.

"Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!," reads a JavaScript alert shown on the compromised archive.org site. The text "HIBP" refers to is the Have I Been Pwned data breach notification service created by Troy Hunt, with whom threat actors commonly share stolen data to be added to the service.

Hunt told BleepingComputer that the threat actor shared the Internet Archive's authentication database nine days ago and it is a 6.4GB SQL file named "ia_users.sql." The database contains authentication information for registered members, including their email addresses, screen names, password change timestamps, Bcrypt-hashed passwords, and other internal data. Hunt says there are 31 million unique email addresses in the database, with many subscribed to the HIBP data breach notification service. The data will soon be added to HIBP, allowing users to enter their email and confirm if their data was exposed in this breach.

OpenAI said a group with apparent ties to China tried to carry out a phishing attack on its employees, reigniting concerns that bad actors in Beijing want to steal sensitive information from top US artificial intelligence companies. From a report: The AI startup said Wednesday that a suspected China-based group called SweetSpecter posed as a user of OpenAI's chatbot ChatGPT earlier this year and sent customer support emails to staff. The emails included malware attachments that, if opened, would have allowed SweetSpecter to take screenshots and exfiltrate data, OpenAI said, but the attempt was unsuccessful.

"OpenAI's security team contacted employees who were believed to have been targeted in this spear phishing campaign and found that existing security controls prevented the emails from ever reaching their corporate emails," OpenAI said. The disclosure highlights the potential cybersecurity risks for leading AI companies as the US and China are locked in a high-stakes battle for artificial intelligence supremacy. In March, for example, a former Google engineer was charged with stealing AI trade secrets for a Chinese firm.

An anonymous reader quotes a report from TechCrunch: U.S. money transfer giant MoneyGram has confirmed that hackers stole its customers' personal information and transaction data during a cyberattack last month. The company said in a statement Monday that an unauthorized third party "accessed and acquired" customer data during the cyberattack on September 20. The cyberattack -- the nature of which remains unknown -- sparked a week-long outage that resulted in the company's website and app falling offline. MoneyGram says it serves over 50 million people in more than 200 countries and territories each year.

The stolen customer data includes names, phone numbers, postal and email addresses, dates of birth, and national identification numbers. The data also includes a "limited number" of Social Security numbers and government identification documents, such as driver's licenses and other documents that contain personal information, like utility bills and bank account numbers. MoneyGram said the types of stolen data will vary by individual. MoneyGram said that the stolen data also included transaction information, such as dates and amounts of transactions, and, "for a limited number of consumers, criminal investigation information (such as fraud)."

TechCrunch's Paul Sawers reports: Fledgling fintech startup OpenBB is revealing the next step in its plans to take on the heavyweights of the investment research world. The company is launching a new, free version of a product that will open its arsenal of data and financial tooling to more users. OpenBB is the handiwork of software engineer Didier Lopes, who launched the Python-based platform back in 2021 as a way for amateur investors and enthusiasts to do investment research using different datasets for free, via a command line interface (CLI). The company went on to raise $8.5 million in seed funding from OSS Capital and angel investors such as Ram Shriram, an early backer of Google. While the community-based, open source project has amassed some 50,000 users, OpenBB has also been building an enterprise incarnation called Terminal Pro. This paid version gives teams access to an interface, pre-built database integrations, an Excel add-in, and various security and support bolt-ons that would appeal to larger businesses. [...]

The all-new OpenBB Terminal -- not to be confused with the previous CLI-based OpenBB Terminal that the startup sunsetted in March -- is a full-fledged web app, though it strips out many of the premium features of Terminal Pro. It's fully customizable, can run on any operating system or platform, and provides access to an AI-enabled OpenBB copilot. Like the previous OpenBB Terminal, the all-new web app is also free to use. OpenBB Terminal is perhaps something of a middle ground between the CLI centricity of the open source project and the bells-and-whistles feature set of the enterprise product.

The OpenBB Terminal serves as a single end point for accessing financial information from some 100 data sources, spanning equity, options, forex, the macro economy, and more. Users can also throw all their new data into the mix -- the community has previously contributed financial datasets such as historical currency exchange rates and crypto pricing data. There are also a slew of extensions and toolkits to bring more functionality to OpenBB -- such as an AI stock analysis agent. Users are free to incorporate their own AI systems and large language models (LLMs), which might be particularly important for security and compliance use cases. But with the OpenBB Copilot, categorized as a "compound AI system," users can run natural-language queries about their data out of the box. While OpenBB has been likened to an "open-source Bloomberg," TechCrunch notes that it's not a direct competitor due to Bloomberg's massive data resources and built-in chat functionality. OpenBB, however, offers flexibility with its open-source platform and customization options.

OpenBB filed for a trademark, but Bloomberg has requested an extension to potentially oppose it, despite the company asserting there's no link between OpenBB and Bloomberg's abbreviation "BBG". Lopes says the name originates from BlackBerry stock, where the founders had lost money during the meme stock craze.

Apple has rolled out an update to macOS 15 Sequoia that addresses compatibility issues with third-party security software that emerged in the initial release. The update, macOS 15.0.1, aims to resolve problems affecting products from CrowdStrike and Microsoft. The compatibility problems had disrupted the functionality of several cybersecurity tools when macOS 15 first launched in September.