CISA has publicly [1]released Thorium, a powerful open-source platform [2]developed with Sandia National Labs that [3]automates malware and forensic analysis at massive scale . According to BleepingComputer, the platform can "schedule over 1,700 jobs per second and ingest over 10 million files per hour per permission group." From the report:

> Security teams can use Thorium for automating and speeding up various file analysis workflows, including but not limited to:

>

> - Easily import and export tools to facilitate sharing across cyber defense teams,

> - Integrate command-line tools as Docker images, including open-source, commercial, and custom software,

> - Filter results using tags and full-text search,

> - Control access to submissions, tools, and results with strict group-based permissions,

> - Scale with Kubernetes and ScyllaDB to meet workload demands.

>

> Defenders can find installation instructions and get their own copy of Thorium from [4]CISA's official GitHub repository .



[1] https://www.cisa.gov/news-events/alerts/2025/07/31/thorium-platform-public-availability

[2] https://www.sandia.gov/labnews/2024/09/05/cybersecurity-suite-now-on-duty-defending-the-nation/

[3] https://www.bleepingcomputer.com/news/security/cisa-open-sources-thorium-platform-for-malware-forensic-analysis/

[4] http://github.com/cisagov/thorium

An anonymous reader quotes a report from Ars Technica:

> E-commerce giants everywhere felt the sting Wednesday when President Donald Trump [1]announced that the US will be " [2]suspending duty-free de minimis treatment for low-value shipments " worth $800 or less from anywhere in the world. Americans will likely soon feel the crunch, with one [3]recent study estimating that the cost of eliminating the trade loophole overall to US consumers could fall between $10.9 billion and $13 billion while "disproportionately" hurting "lower-income and minority consumers" who buy a higher percentage of cheap imports.

>

> Price hikes will likely come this fall, as the trade loophole will be closed starting on August 29, with Amazon emerging as perhaps the biggest question mark for US consumers wondering how hard their wallets may be hit by the major trade policy change ahead of the holiday shopping season.

In February, Trump [4]temporarily ended the de minimis exemption for [5]all imports from China , prompting China-based retailers Temu and Shein to raise their prices.



[1] https://www.whitehouse.gov/fact-sheets/2025/07/fact-sheet-president-donald-j-trump-is-protecting-the-united-states-national-security-and-economy-by-suspending-the-de-minimis-exemption-for-commercial-shipments-globally/

[2] https://arstechnica.com/tech-policy/2025/07/trump-suspends-trade-loophole-for-cheap-online-retailers-globally/

[3] https://www.nber.org/papers/w32607

[4] https://yro.slashdot.org/story/25/02/05/055207/usps-halts-all-packages-from-china-sending-the-ecommerce-industry-into-chaos

[5] https://news.slashdot.org/story/25/05/02/2121218/temu-to-stop-selling-goods-from-china-directly-to-us-customers

Apple began selling iPad repair parts to the public in late May following new right-to-repair legislation, but independent repair professionals say [1]the pricing makes most repairs economically unviable . A charge port for an iPad Pro 11 costs $250 from Apple compared to less than $20 for aftermarket parts, Brian Clark of iGuys Tech Shop told 404 Media.

An iPad A16 digitizer costs $200 from Apple versus $50 from third-party suppliers, while the entire iPad A16 retails for $349. The iPad Pro 13 screen assembly costs $749. Jonathan Strange of XiRepair analyzed the parts catalog and found more than one-third of components cost too much for repair shops to use profitably, 404 Media reported Thursday. Strange calculates repair viability by adding $85 labor costs and 10% profit margin to parts prices, then comparing the total to half the device's retail cost.



[1] https://www.404media.co/apple-is-selling-ipad-repair-parts-for-astronomical-prices/

Google [1]lost its appeal Thursday of a judge's order that will force the tech giant to open up its app store to competitors. The 9th Circuit Court of Appeals upheld a lower court ruling requiring Google Play to allow rival marketplaces and billing systems, ending a legal battle that began when Epic Games sued over anticompetitive practices.

A jury sided with Epic in December 2023, finding Google paid phone makers and app developers to use its store exclusively.



[1] https://www.reuters.com/legal/litigation/google-loses-us-appeal-over-app-store-reforms-epic-games-case-2025-07-31/

The world's "oldest baby" has been born in the US [1]from an embryo that was frozen in 1994 , it has been reported. The Guardian:

> Thaddeus Daniel Pierce was born on 26 July in Ohio to Lindsey and Tim Pierce, using an "adopted" embryo from Linda Archerd, 62, from more than 30 years ago.

>

> In the early 1990s, Archerd and her then husband decided to try in vitro fertilisation (IVF) after struggling to become pregnant. In 1994 four embryos resulted: one was transferred to Archerd and resulted in the birth of a daughter, who is now 30 and mother to a 10-year-old. The other embryos were cryopreserved and stored.

>

> "We didn't go into it thinking we would break any records," Lindsey told the MIT Technology Review, which first reported the story. "We just wanted to have a baby."



[1] https://www.theguardian.com/society/2025/jul/31/worlds-oldest-baby-born-embryo-frozen-1994-ivf

Microsoft's internal pay guidelines show exactly [1]how much the company will pay new engineering hires , according to documents obtained by Business Insider. The guidelines, updated in May, break down salary ranges, stock awards, and bonuses for every level from entry-level engineers to the company's most senior technical talent.

The documents come with an important caveat: recruiters can get approval to pay more when competing for exceptional candidates. At Microsoft's highest tier, Level 70 "distinguished engineers" can earn up to $408,000 in annual salary. But the real money comes from stock: these hires get up to $1.9 million in stock when they join, plus annual stock awards reaching $1.476 million.

The company uses different pay scales depending on location. Engineers in expensive markets like San Francisco get higher ranges than those at Microsoft's Redmond headquarters, where most hiring happens. For entry-level engineers at Level 57, Microsoft offers salaries between $83,000 and $108,000 in its main markets, with higher ranges of $95,800 to $124,600 in expensive areas like San Francisco. These new hires get modest stock awards of $5,000 to $13,000 and signing bonuses up to $9,000.

The company considers levels 57 through 59 as entry-level positions. The compensation jumps significantly as engineers advance. By Level 63, when engineers reach senior status, salaries range from $145,000 to $237,600 depending on location, with stock awards reaching $220,000.



[1] https://www.businessinsider.com/microsoft-pay-guidelines-new-hire-offers-exception-2025-7

Microsoft has abandoned a decades-long tradition of calling out the names of its rivals in regulatory documents. From a report:

> When the 50-year-old technology company released its annual report Wednesday, the 101-page document [1]contained zero references to longtime foes Apple and IBM.

>

> Nor did it mention privately held challengers such as Anthropic or Databricks. Last year's Microsoft annual report officially designated over 25 companies as competitors. The names of Microsoft's enemies have appeared in its annual reports at least since 1994.



[1] https://www.cnbc.com/2025/07/31/microsoft-competitors-filings.html

Sony has filed a lawsuit in California court against Tencent, alleging the Chinese company's upcoming game Light of Motiram [1]constitutes a "slavish clone" of Sony's Horizon series.

The complaint details extensive similarities between the games, from post-apocalyptic robot dinosaur settings to red-haired female protagonists. Tencent had approached Sony for licensing deals in 2024, which Sony rejected twice.



[1] https://www.ign.com/articles/sony-is-suing-tencent-over-shameless-horizon-knock-off-game-light-of-motiram

Britain's Competition and Markets Authority concluded that Microsoft and Amazon [1]hold "significant unilateral market power" in cloud services and recommended investigating both companies under new competition rules. The regulator said it had concerns about practices creating customer "lock-in" effects through egress fees and unfavorable licensing terms that trap businesses in difficult-to-exit contracts.

Microsoft and Amazon each control roughly 30-40% of the infrastructure-as-a-service market, while Google holds 5-10%. Microsoft disputed the findings, calling the cloud market "dynamic and competitive." Amazon said the probe recommendations were "unwarranted."



[1] https://www.cnbc.com/2025/07/31/uk-cma-cloud-ruling-microsoft-amazon.html

Beijing has summoned Nvidia over alleged security issues with its chips, in a blow to the US company's push to revive sales in the country after Washington granted approval for the export of a made-for-China chip. From a report:

> China's cyber regulator on Thursday said it had held a meeting with Nvidia [1]over what it called "serious security issues" with the company's artificial intelligence chips.

>

> It said US AI experts had "revealed that Nvidia's computing chips have location tracking and can remotely shut down the technology." The Cyberspace Administration of China requested that Nvidia explain the security problems associated with the H20 chip, which was designed for the Chinese market to comply with US export restrictions, and submit documentation to support their case.



[1] https://arstechnica.com/gadgets/2025/07/china-claims-nvidia-built-backdoor-into-h20-chip-designed-for-chinese-market/

Microsoft has [1]reached a $4 trillion market cap , becoming only the second company to achieve this milestone. Investors drove the stock up 4.62% following the company's fourth-quarter earnings report, which showed strong growth in cloud-computing services fueled by artificial intelligence demand. Microsoft's Azure cloud business generated $75 billion in annual revenue, representing a 34% increase from the previous fiscal year.

Nvidia became the first company to [2]reach the $4 trillion market cap earlier this month.



[1] https://finance.yahoo.com/news/microsofts-market-cap-surpasses-4-trillion-mark-joining-nvidia-in-exclusive-club-141657294.html

[2] https://slashdot.org/story/25/07/09/149217/nvidia-hits-4-trillion-market-cap-first-company-to-do-so

A Nature survey of more than 1,100 physicists [1]reveals fundamental disagreements about quantum mechanics' relationship to reality , despite the theory's century-long track record as one of science's most successful frameworks. The survey, conducted to mark quantum mechanics' 100th anniversary, found 36% of researchers favor the Copenhagen interpretation while 17% prefer epistemic approaches that treat quantum states as information rather than physical reality.

Another 15% support the many-worlds interpretation. Researchers split evenly on whether a boundary exists between quantum and classical worlds -- 45% said yes, 45% said no. When asked about the wavefunction's nature, 47% called it a mathematical tool while 36% considered it a representation of physical reality. Only 24% of respondents expressed confidence their chosen interpretation was correct, with others viewing their preference as merely adequate or useful in certain circumstances.

The survey contacted over 15,000 researchers whose recent papers involved quantum mechanics, plus attendees of a centenary meeting on Heligoland island. Despite quantum mechanics enabling technologies from computer chips to medical imaging, physicists remain divided on the physical reality underlying the mathematics.



[1] https://www.nature.com/articles/d41586-025-02342-y

Developers are growing increasingly frustrated with AI coding tools that [1]produce deceptively flawed solutions , according to Stack Overflow's [2]latest survey of over 49,000 programmers worldwide. The 2025 survey exposes a widening gap between AI adoption and satisfaction: while 84% of developers now use or plan to use AI tools, their trust has cratered.

Only 33% trust AI accuracy today, down from 43% last year. The core problem isn't broken code that developers can easily spot and discard. Instead, two-thirds report wrestling with AI solutions that appear correct but contain subtle errors requiring significant debugging time. Nearly half say fixing AI-generated code takes longer than expected, undermining the productivity gains these tools promise to deliver.



[1] https://venturebeat.com/ai/stack-overflow-data-reveals-the-hidden-productivity-tax-of-almost-right-ai-code/

[2] https://survey.stackoverflow.co/2025

An anonymous reader quotes a report from Reuters:

> Australia said on Wednesday it will [1]add YouTube to sites covered by its world-first ban on social media for teenagers , reversing an [2]earlier decision to exempt the Alphabet-owned video-sharing site and potentially setting up a legal challenge. The decision came after the internet regulator urged the government last month to overturn the YouTube carve-out, citing a survey that found 37% of minors reported harmful content on the site, the worst showing for a social media platform.

>

> "I'm calling time on it," Prime Minister Anthony Albanese said in a statement highlighting that Australian children were being negatively affected by online platforms, and reminding social media of their social responsibility. "I want Australian parents to know that we have their backs." The decision broadens the ban set to take effect in December. YouTube says it is used by nearly three-quarters of Australians aged 13 to 15, and should not be classified as social media because its main activity is hosting videos. "Our position remains clear: YouTube is a video sharing platform with a library of free, high-quality content, increasingly viewed on TV screens. It's not social media," a YouTube spokesperson said by email.



[1] https://www.reuters.com/legal/litigation/australia-widens-teen-social-media-ban-youtube-scraps-exemption-2025-07-29/

[2] https://news.slashdot.org/story/25/06/25/0146212/australia-regulator-and-youtube-spar-over-under-16s-social-media-ban

[1]sciencehabit shares a report from Science.org:

> Peacocks have a secret hidden in their brightly colored tail feathers: [2]tiny reflective structures that can amplify light into a laser beam . After dyeing the feathers and energizing them with an external light source, researchers discovered they emitted narrow beams of yellow-green laser light. They say the study, [3]published this month in Scientific Reports , offers the first example of a laser cavity in the animal kingdom. [...]

>

> Scientists have long known that peacock feathers also exhibit "structural color" -- nature's pigment-free way to create dazzling hues. Ordered microstructures within the feathers reflect light at specific frequencies, leading to their vivid blues and greens and iridescence. But Florida Polytechnic University physicist Nathan Dawson and his colleagues wanted to go a step further and see whether those microstructures could also function as a laser cavity. After staining the feathers with a common dye and pumping them with soft pulses of light, they used laboratory instruments to detect beams of yellow-green laser light that were too faint to see with the naked eye. They emerged from the feathers' eyespots, at two distinct wavelengths. Surprisingly, differently colored parts of the eyespots emitted the same wavelengths of laser light, even though each region would presumably vary in its microstructure.

>

> Just because peacock feathers emit laser light doesn't mean the birds are somehow using this emission. But there are still ramifications, Dawson says. He suggests that looking for laser light in biomaterials could help identify arrays of regular microstructures within them. In medicine, for example, certain foreign objects -- viruses with distinct geometric shapes, perhaps -- could be classified and identified based on their ability to be lasers, he says. The work also demonstrates how biological materials could one day yield lasers that could be put safely into the human body to emit light for biosensing, medical imaging, and therapeutics. "I always like to think that for many technological achievements that benefit humans," Dawson says, "some organism somewhere has already developed it through some evolutionary process."



[1] https://slashdot.org/~sciencehabit

[2] https://www.science.org/content/article/peacock-feathers-can-be-lasers

[3] https://www.nature.com/articles/s41598-025-04039-8

An anonymous reader quotes a report from Ars Technica:

> Google is fond of saying its mission is to "organize the world's information," but who gets to decide what information is worthy of organization? A San Francisco tech CEO has spent the past several years attempting to remove unflattering information about himself from Google's search index, and the nonprofit Freedom of the Press Foundation [1]says he's still at it. Most recently, an unknown bad actor [2]used a bug in one of Google's search tools to scrub the offending articles .

>

> The saga began in 2023 when independent journalist Jack Poulson [3]reported on Maury Blackman's 2021 domestic violence arrest. Blackman, who was then the CEO of surveillance tech firm Premise Data Corp., took offense at the publication of his legal issues. The case did not lead to charges after Blackman's 25-year-old girlfriend recanted her claims against the 53-year-old CEO, but Poulson reported on some troubling details of the public arrest report. Blackman has previously used tools like DMCA takedowns and lawsuits to stifle reporting on his indiscretion, but that campaign now appears to have co-opted part of Google's search apparatus. The Freedom of the Press Foundation (FPF) reported on Poulson's work and Blackman's attempts to combat it late last year. In June, Poulson contacted the Freedom of the Press Foundation to report that the article had mysteriously vanished from Google search results.

>

> The foundation began an investigation immediately, which led them to a little-known Google search feature known as Refresh Outdated Content. Google created this tool for users to report links with content that is no longer accurate or that lead to error pages. When it works correctly, Refresh Outdated Content can help make Google's search results more useful. However, Freedom of the Press Foundation now says that a bug allowed an unknown bad actor to scrub mentions of Blackman's arrest from the Internet. Upon investigating, FPF found that its article on Blackman was completely absent from Google results, even through a search with the exact title. Poulson later realized that two of his own Substack articles were similarly affected. The Foundation was led to the Refresh Outdated Content tool upon checking its search console.

The bug in the tool allowed malicious actors to de-index valid URLs from search results by altering the capitalization in the URL slug. Although URLs are typically case-sensitive, Google's tool treated them as case-insensitive. As a result, when someone submitted a slightly altered version of a working URL (for example, changing "anatomy" to "AnAtomy"), Google's crawler would see it as a broken link (404 error) and mistakenly remove the actual page from search results.

Ironically, Blackman is now CEO of the online reputation management firm The Transparency Company.



[1] https://freedom.press/issues/censorship-whac-a-mole-google-search-exploited-to-scrub-articles-on-san-francisco-tech-exec/

[2] https://arstechnica.com/gadgets/2025/07/google-tool-misused-to-scrub-tech-ceos-shady-past-from-search/

[3] https://jackpoulson.substack.com/p/the-covert-gig-work-surveillance

Voice actors and industry associations are [1]sounding the alarm over the growing use of AI in dubbing , calling for increased regulations to protect quality, jobs and artists' back catalogues from being used to create future dubbed work. "We need legislation: Just as after the car, which replaced the horse-drawn carriage, we need a highway code," said Boris Rehlinger, a voice actor known as the French voice of Ben Affleck, Joaquin Phoenix, and Puss in Boots. "I feel threatened even though my voice hasn't been replaced by AI yet," he said. Reuters reports:

> In Germany, 12 well-known dubbing actors went viral on TikTok in March, garnering 8.7 million views, for their campaign saying "Let's protect artistic, not artificial, intelligence." A petition from the VDS voice actors' association calling on German and EU lawmakers to push AI companies to obtain explicit consent when training the technology on artists' voices and fairly compensate them, as well as transparently label AI-generated content, gained more than 75,500 signatures.

>

> When intellectual property is no longer protected, no one will produce anything anymore "because they think 'tomorrow it will be stolen from me anyway'," said Cedric Cavatore, a VDS member who has dubbed films and video games including the PlayStation game "Final Fantasy VII Remake." VDS collaborates with United Voice Artists, a global network of over 20,000 voice actors advocating for ethical AI use and fair contracts. In the United States, Hollywood video game voice and motion capture actors this month [2]signed a new contract with video game studios focused on AI that SAG-AFTRA said represented important progress on protections against the tech.



[1] https://games.slashdot.org/story/25/07/10/2119204/video-game-actors-end-11-month-strike-with-new-ai-protections

[2] https://games.slashdot.org/story/25/07/10/2119204/video-game-actors-end-11-month-strike-with-new-ai-protections

Google today announced AlphaEarth Foundations, a new AI model that processes terabytes of daily satellite data to [1]track environmental changes across the planet. The system, part of Google's broader Earth AI initiative, uses machine learning to compress satellite imagery into color-coded maps showing material properties, vegetation types, groundwater sources, and human constructions down to 10-meter resolution.

The model uses a technique called "embeddings" that reduces storage requirements by 16 times compared to other AI tools Google tested, while delivering 23.9% higher accuracy than similar systems. AlphaEarth has already mapped complex Antarctic terrain and identified variations in Canadian agricultural land use invisible to direct observation.

The technology currently powers flood and wildfire alerts in Google Search and Maps. Research organizations including Brazil's MayBiomas and the Global Ecosystems Atlas are using the system to analyze rainforests, deserts, and wetlands. The model integrates with Google Earth Engine, providing agencies like NASA and the Forest Service access to over one trillion annual data points for environmental monitoring and mapping applications.



[1] https://blog.google/technology/ai/google-earth-ai/

Elon Musk's Boring Company [1]plans to build a 10-mile underground transportation loop in Nashville connecting the airport to downtown, with private funding and a projected launch as early as fall 2026. "If that happens, Nashville would become the second city where The Boring Company has opened such a system, with the [2]first being Las Vegas ," notes TechCrunch. "The company has spent the last few years in Sin City digging and opening tunnels around the Las Vegas Convention Center, and claims to have given 3 million rides in Teslas to date." From the report:

> The project will be privately funded by The Boring Company "and its private partners," according to the Governor's press release, though those partners are not named. The Boring Company and local officials will now begin a "public process to evaluate potential routes, engage community stakeholders, and finalize plans for the project's initial 10-mile phase." Construction won't begin until the project clears the approvals process. But the governor's office said the first segment of the loop could be operational as "early as fall of 2026."



[1] https://techcrunch.com/2025/07/29/elon-musks-boring-company-to-build-tesla-tunnels-under-nashville/

[2] https://tech.slashdot.org/story/23/08/03/2032234/the-boring-company-will-dig-a-68-mile-tunnel-network-under-las-vegas

Brian Krebs writes via KrebsOnSecurity:

> Fraudsters are flooding Discord and other social media platforms with [1]ads for hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. Here's a closer look at the social engineering tactics and remarkable traits of this sprawling network of more than 1,200 scam sites. The scam begins with deceptive ads posted on social media that claim the wagering sites are working in partnership with popular social media personalities, such as Mr. Beast, who recently launched a gaming business called Beast Games. The ads invariably state that by using a supplied "promo code," interested players can claim a $2,500 credit on the advertised gaming website.

>

> The gaming sites all require users to create a free account to claim their $2,500 credit, which they can use to play any number of extremely polished video games that ask users to bet on each action. At the scam website gamblerbeast[.]com, for example, visitors can pick from dozens of games like B-Ball Blitz, in which you play a basketball pro who is taking shots from the free throw line against a single opponent, and you bet on your ability to sink each shot. The financial part of this scam begins when users try to cash out any "winnings." At that point, the gaming site will reject the request and prompt the user to make a "verification deposit" of cryptocurrency -- typically around $100 -- before any money can be distributed. Those who deposit cryptocurrency funds are soon asked for additional payments. However, any "winnings" displayed by these gaming sites are a complete fantasy, and players who deposit cryptocurrency funds will never see that money again. Compounding the problem, victims likely will soon be peppered with come-ons from "recovery experts" who peddle dubious claims on social media networks about being able to retrieve funds lost to such scams. [...]

>

> [T]hreat hunting platform Silent Push reveals at least 1,270 recently-registered and active domains whose names all invoke some type of gaming or wagering theme. Here is a [2]list of all domains that Silent Push found were using the scambling network's chat API.



[1] https://krebsonsecurity.com/2025/07/scammers-unleash-flood-of-slick-online-gaming-sites/

[2] https://krebsonsecurity.com/wp-content/uploads/2025/07/deduped_scambling_domains.txt