Month: May 2025

Researchers have found malicious software that received more than 6,000 downloads from the NPM repository over a two-year span, in yet another discovery showing the hidden threats users of such open source archives face.

Eight packages using names that closely mimicked those of widely used legitimate packages contained destructive payloads designed to corrupt or delete important data and crash systems, Kush Pandya, a researcher at security firm Socket, reported Thursday. The packages have been available for download for more than two years and accrued roughly 6,200 downloads over that time.

A diversity of attack vectors

“What makes this campaign particularly concerning is the diversity of attack vectors—from subtle data corruption to aggressive system shutdowns and file deletion,” Pandya wrote. “The packages were designed to target different parts of the JavaScript ecosystem with varied tactics.”

Read full article

Comments

When web services shut down and have time to put up a blog post about it, there's typically some real understatement in their explanation of "why." Bookmarking service Pocket's goodbye post truly delivers on this front, noting almost off-handedly that "the way people use the web has evolved." Yes, you might just say that.

Both Pocket and another browser add-on, Fakespot, are being shut down by Firefox maker Mozilla in early July. In a post about the closures, Mozilla cites the need to "invest our time and resources so we can make the biggest impact." Pocket's saving and curation powers will be implemented into Firefox, while Fakespot's analysis of online shopping reviews "didn't fit a model we could sustain."

Pocket started in 2007 as Read It Later, a way to bookmark web articles for later reading. It's not just the focus on published text articles that now seems quaint but also the idea that there was a finite amount of web material you would get back to and would have the time to do so. Those who do want that nice-sounding media experience can cobble it together in most modern browsers, which have built-in tools for managing bookmarks, distinct "reading lists," and even creating stripped-down "readable" versions of articles.

Read full article

Comments

The Federal Aviation Administration gave the green light Thursday for SpaceX to launch the next test flight of its Starship mega-rocket as soon as next week, following two consecutive failures earlier this year.

The failures set back SpaceX's Starship program by several months. The company aims to get the rocket's development back on track with the upcoming launch, Starship's ninth full-scale test flight since its debut in April 2023. Starship is central to SpaceX's long-held ambition to send humans to Mars and is the vehicle NASA has selected to land astronauts on the Moon under the umbrella of the government's Artemis program.

In a statement Thursday, the FAA said SpaceX is authorized to launch the next Starship test flight, known as Flight 9, after finding the company "meets all of the rigorous safety, environmental and other licensing requirements."

Read full article

Comments

While our Sun prefers to go solo, many other stars are parts of binary systems, with a pair of stars gravitationally bound to each other. In some cases, the stars are far enough apart that planets can form around each of them. But there are also plenty of tight binary systems, where the stars orbit each other at a radius that would place them both comfortably inside our Solar System. In these systems, exoplanets tend to be found at greater distances, in orbits that have them circling both stars.

On Wednesday, scientists described a system that seems to be neither of the above. It is a tight binary system, with a heavy central star that's orbited by a white dwarf at a distance two to three times larger than Earth's orbit. The lone planet confirmed to be in the system is squeezed in between the two, orbiting at a distance similar to Earth's distance from the Sun. And, as an added bonus, the planet is orbiting backward relative to the white dwarf.

Orbiting ν Octantis

The exosolar system is termed ν Octantis (or Nu Octantis), and its primary star is just a bit heavier than our Sun (1.6 solar masses). It's orbited by a far dimmer companion that's roughly half of our Sun's mass, but which hasn't been characterized in detail until now. The companion's orbit relative to the central star is a bit lopsided, ranging from about two astronomical units (AU, the typical Earth-Sun distance) at its closest approach to roughly three AU at its farthest. And, until yesterday, the exact nature of the companion star was not clear.

Read full article

Comments

AT&T has struck a deal to buy CenturyLink's consumer fiber broadband division for $5.75 billion, giving the Internet provider another 1.1 million fiber customers in 11 states.

The all-cash deal is expected to close during the first half of 2026 assuming the companies obtain regulatory approval. AT&T will gain new customers in Arizona, Colorado, Florida, Idaho, Iowa, Minnesota, Nebraska, Nevada, Oregon, Utah, and Washington.

The deal will give AT&T room to grow its user base by more than the 1.1 million existing CenturyLink customers, as AT&T said the network areas being sold include over 4 million fiber-enabled locations. "The transaction will enable AT&T to significantly expand access to AT&T Fiber in major metro areas like Denver, Las Vegas, Minneapolis-St. Paul, Orlando, Phoenix, Portland, Salt Lake City and Seattle, as well as additional geographies," AT&T said.

Read full article

Comments

Ever since a mourning mother, Megan Garcia, filed a lawsuit alleging that Character.AI's dangerous chatbots caused her son's suicide, Google has maintained that—so it could dodge claims that it had contributed to the platform's design and was unjustly enriched—it had nothing to do with C.AI's development.

But Google lost its motion to dismiss the lawsuit on Wednesday after a US district judge, Anne Conway, found that Garcia had plausibly alleged that Google played a part in C.AI's design by providing a component part and "substantially" participating "in integrating its models" into C.AI. Garcia also plausibly alleged that Google aided and abetted C.AI in harming her son, 14-year-old Sewell Setzer III.

Google similarly failed to toss claims of unjust enrichment, as Conway suggested that Garcia plausibly alleged that Google benefited from access to Setzer's user data. The only win for Google was a dropped claim that C.AI makers were guilty of intentional infliction of emotional distress, with Conway agreeing that Garcia didn't meet the requirements, as she wasn't "present to witness the outrageous conduct directed at her child."

Read full article

Comments

Do you miss the feel of tactile buttons on your kitchen appliances or lament car manufacturers' insistence on touchscreens? Have you ever found yourself clumsily fumbling with the door handles of a vehicle or distracted by the bright blue light beaming from your vacuum or Wi-Fi router?

If so, you're not alone. The way technology gadgets are designed largely relies on things like blue, often LED, lights, flat resistive or capacitive touch input, and software. Some, like Amber Case, founder of the Calm Tech Institute, believe that these design choices distract from devices' purpose and functionality and are calling for a new approach to product design.

"Calm Tech Institute is kind of a consumer advocacy body that's collecting stories and research from neuroscientists that says, look at how the mind wants texture, and look at how it wants physical buttons, and there's a part of your mind that needs [those]," Case told Ars Technica. "When we don't have it and we replace it with glass, we're not only losing something about human experience, but we're actually causing the mind stress.”

Read full article

Comments

The GMK EVO-T1 is a compact desktop computer with an Intel Core Ultra 9 285H Arrow Lake 16-core, 24-thread processor with Intel Arc 140T integrated graphics,  OCuLink, USB4, and dual Ethernet ports, and support for up to four displays. GMK hasn’t announced pricing or availability details yet, but the company sent us a press release with […]

The post GMK introduces EVO-T1 mini PC with Intel Core Ultra 9 285H Arrow Lake appeared first on Liliputing.

I initially felt bad for the Medeo T9 City e-bike that Gazelle sent me for review. Not through any fault of its own but because I had just recently ridden Gazelle's Eclipse C380+, an all-inclusive beast that retailed for roughly 2.5 times the price of the Medeo T9 City. Would the lower-priced bike, with different versions of some of the same hardware, suffer compared to its beefier brethren?

Short answer: not really. The Medeo T9 City isn't trying to dominate the road; it just wants to get you where you're going. It has the same kind of automatic electric assist level shifting, just packed into a smaller handlebar display instead of a center console. It's has chain and gear cogs instead of the Eclipse's belt drive and stepless shifting, an external battery instead of an inline, and a 250-watt Bosch Active Line motor instead of a 350-watt Performance Line Speed.

I think the Medeo T9 City likely makes for a good first or second e-bike, or perhaps a nice upgrade if you're prioritizing comfort and transport. Given its hill-smoothing motor, wide range of sizes, stable ride feel, and the backing of known bike brands, you could do much worse than a Gazelle with a Bosch motor.

Read full article

Comments

VMware's business model under Broadcom is "legally and ethically flawed," a group of cloud service provider (CSP) customers and partners alleged in a report released today.

The report (PDF) comes from the European Cloud Competition Observatory (ECCO), which describes itself as "independent monitoring body" composed of members of the Cloud Infrastructure Services Providers in Europe (CISPE) trade association, "with the support—acting as observers—of European customer organizations." ECCO says its goals include "highlighting ongoing or new unfair software licensing practices from any software vendors in the cloud sector," and it has previously written similar reports about Broadcom and Microsoft.

In its announcement of the report, ECCO said that CISPE members have met with Broadcom once about the changes it has made to VMware's business model, which is now built around subscriptions of bundled products, but didn't see any changes.

Read full article

Comments