An anonymous reader quotes a report from the BBC:

> A lack of action by big tech firms is [1]enabling the "industrial scale theft" of premium video services, especially live sport , a new report says. The [2]research by Enders Analysis accuses Amazon, Google, Meta and Microsoft of "ambivalence and inertia" over a problem it says costs broadcasters revenue and puts users at an increased risk of cyber-crime. Gareth Sutcliffe and Ollie Meir, who authored the research, described the Amazon Fire Stick -- which they argue is the device many people use to access illegal streams -- as "a piracy enabler." [...] The device plugs into TVs and gives the viewer thousands of options to watch programs from legitimate services including the BBC iPlayer and Netflix. They are also being used to access illegal streams, particularly of live sport.

>

> In November last year, a Liverpool man who sold Fire Stick devices he reconfigured to allow people to illegally stream Premier League football matches was jailed. After uploading the unauthorized services on the Amazon product, he advertised them on Facebook. Another man from Liverpool was given a two-year suspended sentence last year after modifying fire sticks and selling them on Facebook and WhatsApp. According to data for the first quarter of this year, provided to Enders by Sky, 59% of people in UK who said they had watched pirated material in the last year while using a physical device said they had used a Amazon fire product. The Enders report says the fire stick enables "billions of dollars in piracy" overall. [...]

>

> The researchers also pointed to the role played by the "continued depreciation" of Digital Rights Management (DRM) systems, particularly those from Google and Microsoft. This technology enables high quality streaming of premium content to devices. Two of the big players are Microsoft's PlayReady and Google's Widevine. The authors argue the architecture of the DRM is largely unchanged, and due to a lack of maintenance by the big tech companies, PlayReady and Widevine "are now compromised across various security levels." Mr Sutcliffe and Mr Meir said this has had "a seismic impact across the industry, and ultimately given piracy the upper hand by enabling theft of the highest quality content." They added: "Over twenty years since launch, the DRM solutions provided by Google and Microsoft are in steep decline. A complete overhaul of the technology architecture, licensing, and support model is needed. Lack of engagement with content owners indicates this a low priority."



[1] https://www.bbc.com/news/articles/cp3n7dx2174o

[2] https://www.endersanalysis.com/reports/video-piracy-big-tech-clearly-unwilling-address-problem

Billions of stolen cookies are [1]being sold on the dark web and Telegram , with over 1.2 billion containing session data that can grant cybercriminals access to accounts and systems without login credentials, bypassing MFA. The Register reports:

> More than 93.7 billion of them are currently available for criminals to buy online and of those, between 7-9 percent are active, on average, according to NordVPN's breakdown of stolen cookies by country. Adrianus Warmenhoven, cybersecurity advisor at NordVPN, said: "Cookies may seem harmless, but in the wrong hands, they're digital keys to our most private information. What was designed to enhance convenience is now a growing vulnerability exploited by cybercriminals worldwide. Most people don't realize that a stolen cookie can be just as dangerous as a password, despite being so willing to accept cookies when visiting websites, just to get rid of the prompt at the bottom of the screen. However, once these are intercepted, a cookie can give hackers direct access to all sorts of accounts containing sensitive data, without any login required."

>

> The vast majority of stolen cookies (90.25 percent) contain ID data, used to uniquely identify users and deliver targeted ads. They can also contain data such as names, home and email addresses, locations, passwords, phone numbers, and genders, although these data points are only present in around 0.5 percent of all stolen cookies. The risk of ruinous personal data exposure as a result of cookie theft is therefore pretty slim. Aside from ID cookies, the other statistically significant type of data that these can contain are details of users' sessions. Over 1.2 billion of these are still up for grabs (roughly 6 percent of the total), and these are generally seen as more of a concern.



[1] https://www.theregister.com/2025/05/29/billions_of_cookies_available/

In a full-circle moment for Palmer Luckey, Meta and his defense tech company Anduril are [1]teaming up to develop mixed reality headsets for the U.S. military under the Army's revamped SBMC Next program. The collaboration will merge Meta's Reality Labs hardware and Llama AI with Anduril's battlefield software, marking Meta's entry into military XR through the very company founded by Luckey after his [2]controversial departure from Facebook. "I am glad to be working with Meta once again," Luckey said in a [3]blog post . "My mission has long been to turn warfighters into technomancers, and the products we are building with Meta do just that." TechCrunch reports:

> This partnership stems from the Soldier Borne Mission Command (SBMC) Next program, formerly called the Integrated Visual Augmentation System (IVAS) Next. IVAS was a massive military contract, with a total $22 billion budget, originally awarded to Microsoft in 2018 intended to develop HoloLens-like AR glasses for soldiers. But after endless problems, in February the Army stripped management of the program from Microsoft and [4]awarded it to Anduril , with Microsoft staying on as a cloud provider. The intent is to eventually have multiple suppliers of mixed reality glasses for soldiers.

>

> All of this meant that if Luckey's former employer, Meta, wanted to tap into the potentially lucrative world of military VR/AR/XR headsets, it would need to go through Anduril. The devices will be based on tech out of Meta's AR/VR research center Reality Labs, the post says. They'll use Meta's Llama AI model, and they will tap into Anduril's command and control software known as Lattice. The idea is to provide soldiers with a heads-up display of battlefield intelligence in real time. [...] An Anduril spokesperson tells TechCrunch that the product family Meta and Anduril are building is even called EagleEye, which will be an ecosystem of devices. EagleEye is what Luckey named Anduril's first imagined headset in Anduril's pitch deck draft, before his investors convinced him to focus on building software first.

After the announcement, Luckey [5]said on X: "It is pretty cool to have everything at our fingertips for this joint effort -- everything I made before Meta acquired Oculus, everything we made together, and everything we did on our own after I was fired."



[1] https://techcrunch.com/2025/05/29/in-a-victory-for-palmer-luckey-meta-and-anduril-work-on-mixed-reality-headsets-for-the-military/

[2] https://hardware.slashdot.org/story/17/03/31/204229/oculus-co-founder-and-rift-creator-palmer-luckey-leaves-facebook

[3] https://www.anduril.com/article/anduril-and-meta-team-up-to-transform-xr-for-the-american-military/

[4] https://tech.slashdot.org/story/25/02/11/2011222/anduril-to-take-over-managing-microsoft-goggles-for-us-army

[5] https://x.com/PalmerLuckey/status/1928128326037569797

An anonymous reader quotes a report from KrebsOnSecurity:

> The U.S. government today [1]imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams known as "pig butchering." In January 2025, KrebsOnSecurity detailed how Funnull was being used as a content delivery network that [2]catered to cybercriminals seeking to route their traffic through U.S.-based cloud providers . "Americans lose billions of dollars annually to these cyber scams, with revenues generated from these crimes rising to record levels in 2024," reads a statement from the U.S. Department of the Treasury, which sanctioned Funnull and its 40-year-old Chinese administrator Liu Lizhi. "Funnull has directly facilitated several of these schemes, resulting in over $200 million in U.S. victim-reported losses."

>

> The Treasury Department said Funnull's operations are linked to the majority of virtual currency investment scam websites reported to the FBI. The agency said Funnull directly facilitated pig butchering and other schemes that resulted in more than $200 million in financial losses by Americans. Pig butchering is a rampant form of fraud wherein people are lured by flirtatious strangers online into investing in fraudulent cryptocurrency trading platforms. Victims are coached to invest more and more money into what appears to be an extremely profitable trading platform, only to find their money is gone when they wish to cash out. The scammers often insist that investors pay additional "taxes" on their crypto "earnings" before they can see their invested funds again (spoiler: they never do), and a shocking number of people have lost six figures or more through these pig butchering scams.

>

> KrebsOnSecurity's [3]January story on Funnull was based on research from the security firm Silent Push, which discovered in October 2024 that a vast number of domains hosted via Funnull were promoting gambling sites that bore the logo of the Suncity Group, a Chinese entity named in a [4]2024 UN report (PDF) for laundering millions of dollars for the North Korean state-sponsored hacking group Lazarus. Silent Push found Funnull was a criminal content delivery network (CDN) that carried a great deal of traffic tied to scam websites, funneling the traffic through a dizzying chain of auto-generated domain names and U.S.-based cloud providers before redirecting to malicious or phishous websites. The FBI has released a [5]technical writeup (PDF) of the infrastructure used to manage the malicious Funnull domains between October 2023 and April 2025.



[1] https://home.treasury.gov/news/press-releases/sb0149

[2] https://krebsonsecurity.com/2025/05/u-s-sanctions-cloud-provider-funnull-as-top-source-of-pig-butchering-scams/

[3] https://krebsonsecurity.com/2025/01/infrastructure-laundering-blending-in-with-the-cloud/

[4] https://www.unodc.org/roseap/uploads/documents/Publications/2024/Casino_Underground_Banking_Report_2024.pdf

[5] https://www.ic3.gov/CSA/2025/250529.pdf

Instagram now [1]supports 3:4 aspect ratio photos , allowing users to upload images that "appear just exactly as you shot it." Instagram head Adam Mosseri announced the update in a [2]Threads post , noting that "almost every phone camera defaults to" that format. The Verge reports:

> An image from [3]Instagram's broadcast channel shows how the change makes a difference. You can already post images with a rectangular aspect ratio of 4:5, but with 3:4, your photo won't be cropped at the ends. 3:4 photos are supported with single-photo uploads and with carousels, according to the channel. If you want, you can still post photos with a square or 4:5 aspect ratio.



[1] https://www.theverge.com/news/676549/instagram-3-4-aspect-ratio-photos-phones-square-rectangle

[2] https://www.threads.com/@mosseri/post/DKOIbJkRNIb

[3] https://www.instagram.com/channel/AbblUjTFQ69pvy6a/AbZvyCPrUB0795Wn/

[1]BrianFagioli shares a report from BetaNews:

> Microsoft just can't leave well enough alone. The company is now [2]injecting formatting features into Notepad , a program that has long been appreciated for one thing -- its simplicity. You see, starting with version 11.2504.50.0, [3]this update is rolling out to Windows Insiders in the Canary and Dev Channels, and it adds bold text, italics, hyperlinks, lists, and even headers. Sadly, this isn't a joke. Notepad is actually being turned into a watered-down word processor, complete with a formatting toolbar and Markdown support. Users can even toggle between styled content and raw Markdown syntax. And while Microsoft is giving you the option to disable formatting or strip it all out, it's clear the direction of the app is changing.



[1] https://slashdot.org/~BrianFagioli

[2] https://betanews.com/2025/05/30/microsoft-notepad-formatting-update-windows-11/

[3] https://blogs.windows.com/windows-insider/2025/05/30/text-formatting-in-notepad-begin-rolling-out-to-windows-insiders/

An anonymous reader quotes a report from 404 Media:

> If you've left a comment on a YouTube video, a new website claims it might be able to find every comment you've ever left on any video you've ever watched. Then an AI can build a profile of the commenter and [1]guess where you live, what languages you speak, and what your politics might be . The service is called [2]YouTube-Tools and is just the latest in a suite of web-based tools that started life as a site to investigate League of Legends usernames. Now it uses a modified large language model created by the company Mistral to generate a background report on YouTube commenters based on their conversations. Its developer claims it's meant to be used by the cops, but anyone can sign up. It costs about $20 a month to use and all you need to get started is a credit card and an email address.

>

> The tool presents a significant privacy risk, and shows that people may not be as anonymous in the YouTube comments sections as they may think. The site's report is ready in seconds and provides enough data for an AI to flag identifying details about a commenter. The tool could be a boon for harassers attempting to build profiles of their targets, and 404 Media has seen evidence that harassment-focused communities have used the developers' other tools. YouTube-Tools also appears to be a violation of YouTube's privacy policies, and raises questions about what YouTube is doing to stop the scraping and repurposing of peoples' data like this. "Public search engines may scrape data only in accordance with YouTube's robots.txt file or with YouTube's prior written permission," it says.



[1] https://www.404media.co/developer-builds-tool-that-scrapes-youtube-comments-uses-ai-to-predict-where-users-live/

[2] https://lolarchiver.com/tos

Amazon has quietly removed billions of product listings through a confidential initiative called "Bend the Curve," according to Business Insider. The project [1]planned to eliminate at least 24 billion ASINs -- unique product identifiers -- from Amazon's marketplace, reducing the total from a projected 74 billion to under 50 billion by December 2024. The purge targets "unproductive selection" including poor-selling items, listings without actual inventory, and product pages inactive for over two years.

The initiative represents a shift for the company that built its reputation as "The Everything Store" through three decades of relentless catalog expansion. Bend the Curve forms part of CEO Andy Jassy's broader cost-cutting strategy, saving Amazon's retail division over $22 million in AWS server costs during 2024 by reducing the number of hosted product pages.



[1] https://www.businessinsider.com/amazon-bend-curve-project-purges-billions-product-listings-everything-store-2025-5

United Airlines CEO Scott Kirby has harsh words for budget carriers, [1]calling their business model "dead."

"It's dead. Look, it's a crappy model. Sorry," he said when asked about the budget airline approach. Kirby argued that budget carriers like Southwest, Spirit, and Frontier built their operations around what he characterized as customer-hostile practices, saying "The model was, screw the customer ... Trick people, get them to buy, get them to come, and then charge them a whole bunch of fees that they aren't expecting."

He said he believes that these airlines struggle to retain customers once they reach sufficient scale to require repeat business.



[1] https://www.marketwatch.com/story/united-ceo-says-budget-airlines-screw-the-customer-but-apparently-new-partner-jetblue-is-an-exception-93f8fb8c

WordPress.com parent company Automattic is changing direction... again. From a report:

> In a blog post titled "Returning to Core" published Thursday evening, Automattic announced it will [1]unpause its contributions to the WordPress project . This is despite having said only last month that the 6.8 WordPress release would be the final major release for all of 2025.

>

> "After pausing our contributions to regroup, rethink, and plan strategically, we're ready to press play again and return fully to the WordPress project," the new blog post states. "Expect to find our contributions across all of the greatest hits -- WordPress Core, Gutenberg, Playground, Openverse, and WordPress.org. This return is a moment of excitement for us as it's about continuing the mission we've always believed in: democratizing publishing for everyone, everywhere," it reads.

>

> Automattic says it's learned a lot from the pause in terms of the many ways WordPress is used, and that it's now committed to helping it "grow and thrive." The post also notes that WordPress today powers 43% of the web.



[1] https://techcrunch.com/2025/05/30/automattic-says-it-will-start-contributing-to-wordpress-again-after-pause/

Major broadband lobby groups have [1]asked the Trump administration to sue states that require internet service providers to offer low-cost plans to low-income residents, following their unsuccessful court challenges against such laws. The cable, telecom, and mobile industry associations [2]filed the request this week with the Justice Department's new Anticompetitive Regulations Task Force, specifically targeting New York's law that mandates $15 and $20 monthly broadband options for eligible customers.

The industry groups suffered a significant legal defeat when the Supreme Court [3]refused to hear their challenge to [4]New York's affordability mandate in December 2024 , after losing in federal appeals court. Now they face a potential wave of similar legislation, with California proposing $15 plans offering 100 Mbps speeds and ten other states considering comparable requirements.



[1] https://arstechnica.com/tech-policy/2025/05/isps-urge-trump-admin-to-sue-states-that-require-cheaper-broadband-plans/

[2] https://www.regulations.gov/comment/ATR-2025-0001-0333

[3] https://yro.slashdot.org/story/24/12/17/1918225/big-loss-for-isps-as-supreme-court-wont-hear-challenge-to-15-broadband-law

[4] https://tech.slashdot.org/story/24/08/15/1944226/isps-ask-supreme-court-to-kill-new-york-law-that-requires-15-broadband-plans

Lovable, a Swedish startup that allows users to create websites and apps through natural language prompts, [1]failed to address a critical security vulnerability for months after being notified, according to a new report. A study by Replit employees found that 170 of 1,645 Lovable-created applications exposed sensitive user information including names, email addresses, financial data, and API keys that could allow hackers to run up charges on customers' accounts.

The vulnerability, published this week in the National Vulnerabilities Database, stems from misconfigured Supabase databases that Lovable's AI-generated code connects to for storing user data. Despite being alerted to the problem in March, Lovable initially dismissed concerns and only later implemented a limited security scan that checks whether database access controls are enabled but cannot determine if they are properly configured.



[1] https://www.semafor.com/article/05/29/2025/the-hottest-new-vibe-coding-startup-lovable-is-a-sitting-duck-for-hackers

An anonymous reader shares a report:

> In a landmark ruling advancing efforts to hold major polluters accountable for transnational climate-related harms, on May 28 a German court concluded that [1]a corporation can be held liable under civil law for its proportional contribution to global climate change, Climate Rights International said today.

>

> Filed in 2015, the case against German energy giant RWE AG challenged the corporation to pay for its proportional share of adaptation costs needed to protect the Andean city of Huaraz, Peru, from a flood from a glacial lake exacerbated by global warming. RWE AG, one of Europe's largest emitters, is estimated to be responsible for approximately 0.47% of global historical global greenhouse gas emissions.

>

> "This groundbreaking ruling confirms that corporate emitters can no longer hide behind borders, politics, or scale to escape responsibility," said Lotte Leicht, Advocacy Director at Climate Rights International. "The court's message is clear: major carbon polluters can be held legally responsible for their role in driving the climate crisis and the resulting human rights and economic harms. If the reasoning of this decision is adopted by other courts, it could lay the foundation for ending the era of impunity for fossil fuel giants and other big greenhouse gas emitters."



[1] https://cri.org/germany-court-confirms-civil-liability-for-corporate-climate-harms/

An anonymous reader shares a report:

> Some of the citations that underpin the science in the White House's sweeping "MAHA Report" [1]appear to have been generated using artificial intelligence [ [2]non-paywalled source ] , resulting in numerous garbled scientific references and invented studies, AI experts said Thursday. Of the 522 footnotes to scientific research in an initial version of the report sent to The Washington Post, at least 37 appear multiple times, according to a review of the report by The Post.

>

> Other citations include the wrong author, and several studies cited by the extensive health report do not exist at all, a fact [3]first reported by the online news outlet NOTUS on Thursday morning. Some references include "oaicite" attached to URLs -- a definitive sign that the research was collected using artificial intelligence. The presence of "oaicite" is a marker indicating use of OpenAI, a U.S. artificial intelligence company. A common hallmark of AI chatbots, such as ChatGPT, is unusually repetitive content that does not sound human or is inaccurate -- as well as the tendency to "hallucinate" studies or answers that appear to make sense but are not real.



[1] https://www.washingtonpost.com/health/2025/05/29/maha-rfk-jr-ai-garble/

[2] https://www.theguardian.com/us-news/2025/may/29/rfk-jr-maha-health-report-studies

[3] https://www.notus.org/health-science/make-america-healthy-again-report-citation-errors

The three largest U.S. airlines are charging solo travelers [1]higher fares than passengers booking for two or more people on select domestic routes, a pricing strategy analysts believe targets business travelers, according to fare analysis by travel publication Thrifty Traveler.

American Airlines, United Airlines and Delta Air Lines implement the practice by opening different fare categories based on passenger count. United charges $269 for a solo traveler flying from Chicago O'Hare to Peoria, while two passengers pay $181 each for identical seats. American's Charlotte-to-Fort Myers route costs solo travelers $422 versus $266 per person for pairs.

The airlines appear to be "segmenting" customers by charging business travelers paying with corporate cards more while offering better deals to families booking together. Solo travelers are more likely to be business flyers using employer funds and "less likely to care about paying another $80 or more," according to the analysis.



[1] https://thriftytraveler.com/news/airlines/airlines-charging-solo-travelers-higher-fares/

Almost 40% of glaciers in existence today are [1]already doomed to melt due to climate-heating emissions from fossil fuels, a study has found. The Guardian:

> The loss will soar to 75% if global heating reaches the 2.7C rise for which the world is currently on track. The massive loss of glaciers would push up sea levels, endangering millions of people and driving mass migration, profoundly affecting the billions reliant on glaciers to regulate the water used to grow food, the researchers said.

>

> However, slashing carbon emissions and limiting heating to the internationally agreed 1.5C target would save half of glacier ice. That goal is looking increasingly out of reach as emissions continue to rise, but the scientists said that every tenth-of-a-degree rise that was avoided would save 2.7tn tonnes of ice.



[1] https://www.theguardian.com/environment/2025/may/29/almost-40-of-worlds-glaciers-already-doomed-due-to-climate-crisis-study

Google has begun [1]automatically generating AI-powered email summaries for Gmail Workspace users, eliminating the need to manually trigger the feature that has been available since last year. The company's Gemini AI will now independently determine when longer email threads or messages with multiple replies would benefit from summarization, displaying these summaries above the email content itself. The automatic summaries currently appear only on mobile devices for English-language emails and may take up to two weeks to roll out to individual accounts, with Google providing no timeline for desktop expansion or availability to non-Workspace Gmail users.



[1] https://www.theverge.com/news/676933/gmail-ai-summaries-workspace-android-ios

An anonymous reader shares a report:

> Negotiations are under way between the UAE and OpenAI that may make the company's ChatGPT Plus artificial intelligence chatbot [1]available to all residents free of charge , though a final deal has not been reached.

>

> An agreement involving ChatGPT Plus would be part of the recently announced Stargate UAE infrastructure plan to create an AI hub in Abu Dhabi, according to a source familiar with the country's AI strategy. Abu Dhabi's AI company G42 has partnered with OpenAI, Oracle and Nvidia to set up Stargate UAE, a 1-gigawatt computing cluster that will operate in the newly established 5GW UAE -- US AI Campus.



[1] https://www.thenationalnews.com/future/technology/2025/05/27/chatgpt-plus-uae-openai-deal/

[1]sinij shares a report from the BBC:

> France's National Assembly has [2]voted to abolish low-emission zones , a key measure introduced during President Emmanuel Macron's first term to reduce city pollution. So-called ZFEs (zones a faibles emissions) have been criticized for hitting those who cannot afford less-polluting vehicles the hardest. A handful of MPs from Macron's party joined opposition parties from the right and far right in voting 98-51 to scrap the zones, which have gradually been extended across French cities since 2019. [...]

>

> The low-emission zones began with 15 of France's most polluted cities in 2019 and by the start of this year had been extended to every urban area with a population of more than 150,000, with a ban on cars registered before 1997. Those produced after 1997 need a round "Crit'Air" sticker to drive in low-emission zones, and there are six categories that correspond to various types of vehicle. The biggest restrictions have been applied in the most polluted cities, Paris and Lyon, as well as Montpellier and Grenoble.

The BBC notes that while the abolition is expected to pass France's Senate, it must still be included in a broader bill approved by the lower house in June and cleared by the Constitutional Council, which isn't guaranteed.



[1] https://slashdot.org/~sinij

[2] https://www.bbc.com/news/articles/c0mrpl2208no

For the first time, scientists have [1]directly observed atmospheric sputtering in action on Mars -- an erosion process driven by solar wind ions that may have played a major role in the planet's atmospheric and water loss. ScienceAlert reports:

> The only spacecraft with the equipment and orbital configuration to make these observations is [2]NASA's MAVEN . The researchers carefully pored over the data collected by the spacecraft since it arrived in Mars orbit in September 2014, looking to find simultaneous observations of the solar electric field and an upper atmosphere abundance of argon -- one of the sputtered particles, used as a tracer for the phenomenon. They found that, above an altitude of 350 kilometers (217 miles), argon densities vary depending on the orientation of the solar wind electric field, compared to argon densities at lower altitudes that remain consistent.

>

> The results showed that lighter isotopes of argon vary, leaving behind an excess of heavy argon -- a discrepancy that is best explained by active sputtering. This is supported by observations of a solar storm, the outflows of which arrived at Mars in January 2016. During this time, the evidence of sputtering became significantly more pronounced. Not only does this support the team's finding that argon density variations at high Martian altitudes are the result of sputtering, it demonstrates what conditions may have been like billions of years ago, when the Sun was younger and rowdier, undergoing more frequent storm activity.

The findings have been [3]published in the journal Science Advances .



[1] https://www.sciencealert.com/scientists-have-clear-evidence-of-martian-atmosphere-sputtering

[2] https://science.nasa.gov/missions/maven/nasas-maven-makes-first-observation-of-atmospheric-sputtering-at-mars/

[3] https://doi.org/10.1126/sciadv.adt1538