An anonymous reader quotes a report from independent journalist Ed Zitron:

> Today, I can exclusively report, based on audited financial documents viewed by this publication that have been independently verified by the [1]Financial Times , that OpenAI [2]lost around $38.5 billion in 2025 , as well as other crucial details about the financial condition of the company. [...] At the end of the year, OpenAI had just over $50 billion in assets, with almost half of that in cash. [...] The financial condition of OpenAI is deeply concerning. $38.53 billion in losses are astronomical, and far higher than most believed it would be. Losses also appear to be mounting year-over-year at a dramatic rate, and I'm not sure how this company finds a way toward any kind of sustainability or profitability. As discussed, I have not editorialized much today. I believe the best thing I can do for the general public is to deliver this news as plainly as possible.

Ars Technica's Kyle Orland offers a more editorial take, writing:

> All told, OpenAI's day-to-day "loss from operations" increased from $8.78 billion in 2024 to $20.92 billion in 2025, a concerning direction for a company that is telling investors it [3]hopes to be profitable by 2030 . But measured as a percentage of revenues, the company's operating losses slightly improved year to year, from 237 percent in 2024 to 160 percent in 2025.

>

> Operating numbers aside, OpenAI's headline "net loss" number of just over $5 billion in 2024 ballooned to nearly $39 billion in 2025. But the 2025 number includes a significant accounting charge related to investor valuations that shifted amid the company's 2025 conversion to a for-profit structure. The Financial Times cites "a person familiar with the matter" in reporting that this non-recurring charge was approximately $30 billion and that OpenAI's 2025 net loss amounted to a more reasonable-looking $8 billion without it.



[1] https://www.ft.com/content/e15b0d7e-ff6b-4f16-ba7a-4068feddb828?syn-25a6b1a6=1

[2] https://www.wheresyoured.at/exclusive-openai-financials/

[3] https://news.slashdot.org/story/25/11/26/1842249/openai-needs-at-least-207-billion-by-2030-just-to-keep-losing-money-hsbc-estimates

The European Commission has [1]declined (PDF) to propose a law [2]requiring publishers to keep discontinued video games playable , despite the [3]Stop Killing Games initiative [4]collecting nearly 1.3 million verified signatures. Instead, it plans to develop a voluntary industry code covering end-of-life transparency and preservation. Dextero reports:

> The Commission's full communication said a legal obligation to keep games playable, as requested by the initiative, "would not be proportionate." It cited concerns about intellectual property rights, confidential business information, publisher costs, and potential cybersecurity or safety risks once games are no longer supported. The code of conduct could include more transparent storefront labeling about possible game discontinuation, along with more partnerships between publishers and cultural heritage institutions to preserve games. However, it would not legally require publishers to provide offline patches, private server tools, or other methods for players to continue accessing games after official support ends. The Commission also argued that existing EU consumer law already provides some safeguards, including requirements around transparency, contract duration, termination conditions, and possible refunds if a shutdown conflicts with the agreement or a consumer's reasonable expectations.

>

> [...] Despite the setback, Stop Killing Games has said it is not ending its push for legislation. In a response posted after the Commission's decision, the official Stop Killing Games account said the outcome was "not unexpected" and claimed the campaign had already prepared for the result. The group said it is now pushing for members of the European Parliament to amend Stop Killing Games into the Digital Fairness Act instead. "We can move on without the Commission and their non-decision," the group said, referencing earlier comments from Accursed Farms creator Ross Scott.



[1] https://citizens-initiative.europa.eu/document/download/75d642bc-6ff5-4713-b1cf-14f4aaf15869_en?filename=C_2026_4110_EN.pdf

[2] https://www.dexerto.com/gaming/stop-killing-games-fails-to-secure-eu-law-despite-1-3m-signatures-3376431/

[3] https://www.stopkillinggames.com/en

[4] https://games.slashdot.org/story/26/06/07/198205/the-gamer-rights-group-fighting-to-make-the-industry-stop-killing-games-servers

UC Davis researchers say an implanted brain-computer interface has allowed Casey Harrell, an ALS patient who cannot speak, to [1]synthesize sentences from brain activity with 99% accuracy in controlled tests and about 92% accuracy in everyday use. The Register reports that the system has remained usable at home since 2023, helping Harrell communicate naturally, control a computer, and return to full-time work without researchers needing to supervise each session. The Register reports:

> A team of scientists from the University of California, Davis, published a paper Monday detailing a years-long study of a brain computer interface (BCI) system implanted in a patient with amyotrophic lateral sclerosis (ALS, also known as Lou Gehrig's disease), which destroys motor neurons and causes loss of motor control and eventual paralysis. According to the team, their patient, Casey Harrell, has been living with BCI implants since 2023 that are still working today, giving him the ability not only to control a computer cursor with his thoughts, but also to speak. [...] Davis neurosurgeon David Brandman, co-principal investigator and co-senior author of the paper published Monday, as well as the surgeon who placed Harrell's implant, described the results his team [2]published as the crossing of a threshold in BCI technology : Not only has Harrell's implant been working well with daily use since 2023, but it's also incredibly accurate.

>

> In controlled tests, the system managed to synthesize sentences from Harrell's brain activity with 99 percent accuracy; outside of the lab in daily use, Harrell still assessed it as being accurate 92 percent of the time. "The key thing to me is that it's enabling everyday communication for a guy who wants to talk but can't," Brandman told The Register in an interview. "Despite being paralyzed [Harrell] has gone back to work full time and has meaningful conversations with his daughter who's never heard the sound of his voice."

>

> Prior work in the BCI space, Brandman told us, has either required researchers to be in a patient's home whenever they're using the tech, or for the patient to come to the researchers. That's not the case here, with the system allowing Harrell's home care team to hook him up to the system themselves, enabling him to use the device for more than 3,800 hours in the past few years. Based on the time the study was filed (It published Monday but went into peer review in July 2025) that would mean Harrell was using the device for more than five hours a day, on average. "It is a life that is more full of dynamic action and with friends and family, with colleagues, and it is something that allows me to communicate more in my natural way of communicating than any other technology that I have experienced," Harrell told UC Davis via his BCI system.



[1] https://www.theregister.com/science/2026/06/16/ai-and-brain-computer-interface-allow-speechless-als-patient-to-work-a-full-time-job/5256492

[2] https://health.ucdavis.edu/news/headlines/brain-computer-interface-enables-independent-accurate-communication-for-man-living-with-als/2026/06

An anonymous reader quotes a report from Ars Technica:

> Hewlett Packard Enterprise's (HPE) new virtualization software promotion will likely pique the interest of end users and resellers who are unhappy with Broadcom's pricing of VMware. During its HPE Discover event in Las Vegas this week, HPE announced that customers [1]could use its "HPE Morpheus Software -- VM Essentials" offering for free for "up to one year ," per a press release. HPE's [2]website describes its virtualization platform as a "VMware alternative." It includes a hardware virtual machine (HVM) hypervisor and unified management and lets users "manage VMware ESXi and HVM clusters from one console and migrate when you're ready," HPE's website says. "New VM Essentials customers can receive up to one free year of licenses for VM Essentials, a year of HPE Zerto for $1 to support non-disruptive migration to HPE virtual machines, and 0 percent interest on software through HPE Financial Services," HPE's announcement reads, referring to HPE's group for helping IT teams manage funding.

>

> Free for a year is cheaper than what Broadcom has charged for VMware vSphere since taking over. [3]VMware prices have skyrocketed due to VMware's parent company [4]eliminating perpetual licenses and bundling products into expensive packages. Notably, per its website, HPE recommends charging $600 per CPU socket per year for VM Essentials; Broadcom has controversially shifted vSphere licensing pricing to a per-core basis. "Customers are feeling quite a bit of pain in the change that some of the virtualization companies have put there, specifically Broadcom," Jeremiah Jenson, VP of HPE's North American channel and partner ecosystem, [5]told CRN . The executive claimed that VM Essentials could bring up to 90 percent cost savings compared to VMware while also helping to "eliminate vendor lock-in and simplify hybrid IT."

>

> From March 1 to June 30, HPE has also been offering a free year of VM Essentials via rebate to customers who buy an AMD server and a one-year VM Essentials license. VM Essentials is only available through channel partners, a stark contrast from Broadcom's VMware approach, where the chip giant has drastically reduced the number of resellers that can sell VMware products. HPE's new promotion aims to entice customers to more deeply consider migrating off VMware. [...] HPE also announced that it would give 600 reseller partners who earn the HPE partner program's Private Cloud with Virtualization competency by the end of the year free VM Essentials software licenses for three years. Partners still have to pay support costs, though.

The benefit is "a step in the correct direction," said Dean Colpitts, CTO of Canadian managed services provider (MSP) Members IT Group (MITG), which VMware cut from its reseller program after 19 years of partnership a year ago. However, limiting the promotion to 600 partners is "very shortsighted." He believes that HPE should give all of its partners VM Essentials "to facilitate getting [VM Essentials] into customer sites and displacing the competitors."

"They need to fling [VM Essentials] as far and as fast as they possibly [can] to immediately gain traction and draw ISVs to them, which will increase adoption even more," he said.



[1] https://arstechnica.com/information-technology/2026/06/hpe-tempts-vmware-users-partners-with-year-of-free-virtualization-software/

[2] https://www.hpe.com/us/en/morpheus-software/virtualization.html

[3] https://slashdot.org/story/25/05/22/1818256/vmware-price-hikes-between-800-and-1500-since-acquisition-by-broadcom-claim-euro-customers

[4] https://tech.slashdot.org/story/25/07/24/0125217/vmware-prevents-some-perpetual-license-holders-from-downloading-patches

[5] https://www.crn.com/news/virtualization/2026/hpe-s-jeremiah-jenson-on-phenomenal-vm-essentials-opportunity-hpe-juniper-acceleration-and-why-hpe-channel-investment-is-going-up

Commodore has [1]unveiled the Callback 8020, a $499 Sailfish OS flip phone that runs most Android apps but [2]deliberately blocks social media, browsers, email, and workplace apps to discourage doomscrolling. The "not dumb dumbphone" still supports messaging, music, maps, ridesharing, hotspots, a removable battery, and plenty of Commodore nostalgia. "The phone uses T9-style texting with predictive input, includes Commodore SID ringtones, ships with a selection of Commodore and Sailfish games, and even includes Snake," reports TechSpot. From the report:

> Commodore says it has developed patent-pending technology that prevents browsers and social media apps from being sideloaded, while DNS-level blocking should stop them from working even if someone finds a way to install them. Users can still sideload nearly anything else if it's not available on the Commostore, but apps designed for doomscrolling remain off limits. That means useful services such as WhatsApp, SMS, Signal, Telegram, WeChat, Spotify, Uber, Lyft, maps, podcasts, QR scanning, voice notes, and hotspot support work, but the likes of Instagram, TikTok, Facebook, Gmail, and browsers do not.

>

> The Callback 8020 has a 3.25-inch 480 x 640 internal display, a MediaTek Helio G81 chip, 4GB of RAM, 64GB of storage, a 48MP Sony rear camera, an autofocus front camera, dual SIM support, USB-C, a headphone jack, FM radio, and something many of us miss from flagships: a removable battery. There's no 5G as Commodore argues that 4G VoLTE and Wi-Fi better fit a device meant to discourage constant streaming and scrolling. [...] The main screen is touch-capable but disabled by default, while the outer display keeps things deliberately sparse, showing basics such as time, battery, signal, and notifications via dome LEDs.

>

> The 8020 name is a nod to Commodore's 8010 modem from 1980. The phone comes in ProtoPET White, SX Silver, BASIC Beige, a translucent Starlight Edition, and a gold Founders Edition with a 24-karat gold-plated Commodore button. Standard models start at $499, the Starlight version is $549.99, and the Founders Edition costs $640. Preorders open June 30, with shipping targeted for winter.

You can watch the launch ad [3]on YouTube .



[1] https://commodore.net/callback/

[2] https://www.techspot.com/news/112781-commodore-callback-8020-499-flip-phone-blocks-social.html

[3] https://youtu.be/ixD_fqrnA_c?si=YjO9trxzGir9pGQ-

Binance is [1]expected to lose permission to serve EU customers in July after Greek regulators reportedly decided to reject its MiCA license application. Reuters reports:

> Under new EU rules, [2]called MiCA , crypto firms have until the end of June to obtain a licence to allow them to keep servicing clients across the bloc. Binance's application, made to Greece's market regulator, is set to be turned down, the people said. European regulators have been attempting to rein in crypto exchanges, which allow people to trade cryptocurrencies such as bitcoin around the globe.

>

> Under MiCA, crypto companies have to apply for licenses from regulators in individual EU countries, which they can use as a "passport" to operate throughout the 27-nation bloc. At stake is oversight of the multi-trillion-dollar crypto industry, which regulators have long warned could destabilize markets and harm investors if not properly supervised. The Greek rejection would mean Binance will not be given the green light to operate in the EU, leaving the fate of Binance's customers based in the bloc uncertain.

>

> Binance [3]posted on X after the Reuters report was published that it intends to "support an orderly process and minimise disruption to our users", without giving further details. A spokesperson for Binance, which has 300 million customers worldwide, earlier said it has been pursuing a MiCA licenze and had worked with regulators for 18 months. Binance believes it has met the requirements to be MiCA authorized, the spokesperson said. It understood that Greece's Hellenic Capital Market Commission had completed its review of the application and it was considered compliant. "HCMC has given no formal indication of the contrary," the spokesperson told Reuters.



[1] https://www.reuters.com/business/finance/binance-set-lose-eu-licence-bid-permission-offer-services-bloc-sources-say-2026-06-16/

[2] https://www.esma.europa.eu/esmas-activities/digital-finance-and-innovation/markets-crypto-assets-regulation-mica

[3] https://x.com/binance/status/2066936341342933215

Starting in 2027, France's cybersecurity agency ANSSI will [1]stop certifying security products that lack quantum-resistant encryption , effectively forcing government agencies and critical infrastructure operators to phase out older cryptographic systems. Reuters reports:

> Samih Souissi, ANSSI's chief of staff, said at the France Quantum conference that the agency would halt such certifications from 2027, and that businesses should be buying only quantum-safe products by 2030. ANSSI approval is required for use in French government agencies and critical infrastructure, making the policy a de facto phase-out of older encryption.

>

> "It's not only a technical issue," Souissi said. "It's a matter of governance, industrial planning, regulation, and sovereignty." The move reflects concern that attackers may store encrypted data now and unlock it later when quantum computers become strong enough to crack today's protections, a risk known as "harvest now, decrypt later."



[1] https://www.reuters.com/legal/litigation/france-stop-certifying-products-without-quantum-safe-encryption-2026-06-16/

An anonymous reader quotes a report from Ars Technica:

> The driving technology company Mobileye [1]plans to launch a robotaxi service in an as-yet-unnamed US city in 2027 , it said earlier today. The service will be vertically integrated, using Mobileye's Moovit mobility platform to interact with customers booking rides, coordinate drivers, and so on. The Israeli company, which was bought by Intel in 2017 before going public again in 2022, says it will start with around 100 robotaxis early next year. The company first rose to prominence in the mid-2010s, when Tesla began using Mobileye's advanced driving assistance systems (ADAS) as part of Autopilot. That relationship lasted until 2016, when Mobileye [2]dropped Tesla as a customer after being alarmed that a driver assistance system was being sold to end users as driverless technology. Since then, Mobileye has continued to work with other partners on ADAS and autonomous vehicles.

>

> It has developed a new "SuperVision" ADAS that combines cameras and radar sensors, used by Porsche and Polestar, among others. On the robotaxi front, it has partnered with Volkswagen Group's MOIA to develop a commercially available robotaxi based on the VW ID. Buzz minivan, and last year, Mobileye revealed plans to work with Lyft to deploy robotaxis in Dallas, "as soon as" this year. [...] If Mobileye's experience with the initial 100 robotaxis goes well, it says it will scale up to around 17,000 robotaxis within the following five years. "The robotaxi revolution has only just begun, and its potential for transforming how we travel around the world continues to increase," Shashua said.

"This initiative is not a replacement for our existing partnerships; it is an extension of them," said Amnon Shashua, founder and CEO of Mobileye. "We remain deeply committed to enabling automakers and mobility providers with Mobileye Drive. At the same time, operating our own service allows us to accelerate adoption, gain direct operational experience, and showcase the full potential of autonomous mobility."



[1] https://arstechnica.com/cars/2026/06/mobileye-is-entering-the-us-robotaxi-market-with-standalone-service/

[2] https://news.slashdot.org/story/16/07/28/0013217/tesla-and-autopilot-supplier-mobileye-split-up-after-fatal-crash

Snap is [1]launching its first consumer augmented-reality glasses this fall for $2,195. "You can preorder a pair of Specs now at [2]specs.com with a $200 refundable deposit, and Snap [3]says they're expected to ship 'this fall' in the US, UK, and France," reports The Verge. From the report:

> This is a big moment for Snap: The company made a big entry into smart glasses with its original Spectacles [4]in 2016 , and the company has been toiling away on nonpublic AR versions of Spectacles over the past few years. CEO Evan Spiegel promised the company would launch consumer AR glasses in 2026 and even turned its smart glasses team into a separate business. The company says that Specs are "fully standalone, with no puck and no tether." (Which is perhaps a jab at Apple's Vision Pro, which is tethered to a separate battery pack.) They'll be offered in two sizes, a 47mm model weighing 132g and a 52mm model weighing 136g, and will have removable inserts that Snap says will support "a wide range of prescriptions."

>

> You probably won't mistake Specs, with their wide, bold frames, for any of Meta's smart glasses -- Snap clearly picked a design that it wants to stand out. (They're not my style -- I don't think I can pull off the "snow goggles, but fashionable" look -- though maybe Jony Ive might like them.) They have visible light and infrared cameras, and while the Specs are recording, a little LED bar will glow in the middle of the glasses. Both of the lenses will be able to show you content, and Snap says that its display system is powered by a "proprietary liquid crystal on silicon technology" that offers a 51-degree field of view and can show 16 million colors. The lenses can also go from clear to tinted in 10 seconds, Snap says.

>

> The Specs have two Snapdragon processors onboard, and while Snap isn't specifying exactly which ones they are, the company says that one is focused on "computer vision" while the other is focused on running AR Lenses. "Together, they enable fast hand tracking, low latency, and responsive interactions that help digital content feel anchored in the real world," Snap says. You can also expect up to four hours of battery life on a charge, which Snap says accounts for things like "audio and video playback, AI assistance, Bluetooth notifications, and more." The Specs come with a charging case that Snap says will offer four more charges for a total of 20 hours of battery.



[1] https://www.theverge.com/tech/950492/snap-specs-ar-glasses-launch-date-preorder

[2] http://specs.com/

[3] https://newsroom.snap.com/introducing-specs-augmented-reality-glasses

[4] https://news.slashdot.org/story/16/09/24/156229/snapchats-10-second-video-glasses-are-real-and-cost-130-bucks

SpaceX has [1]agreed to acquire Cursor for $60 billion in stock , adding the popular AI coding assistant to Elon Musk's [2]newly public aerospace-and-AI conglomerate. CNBC reports:

> [3]Cursor built a popular AI coding tool that helps software developers generate, edit and review code, and the company has experienced explosive growth since its founding in 2022. In November, Cursor said it crossed $1 billion in annualized revenue, according to a release at the time. Cursor was also ranked at No. 37 on the annual CNBC Disruptor 50 list in 2026.

>

> [...] Musk merged SpaceX with his AI startup, xAI, earlier this year, and the Cursor deal looks set to help revitalize the company's efforts to compete with rivals like Anthropic and OpenAI, which also offer popular coding tools. SpaceX expects the merger to close during the third quarter of this year, according to a filing with the Securities and Exchange Commission. The transaction is subject to "requisite regulatory approvals," the filing said.



[1] https://www.cnbc.com/2026/06/16/spacex-spcx-cursor-acquisition-ipo.html

[2] https://news.slashdot.org/story/26/06/12/0612250/spacex-ipo-makes-elon-musk-worlds-first-trillionaire

[3] https://en.wikipedia.org/wiki/Cursor_(company)

TechCrunch's Zack Whittaker argues that the U.S. government's [1]abrupt export-control order forcing Anthropic to pull its Fable 5 and Mythos 5 models offline [2]was "never about an AI jailbreak" threat . Instead, it was driven more by " [3]personality differences " between the AI company and Trump administration. Security experts say the reported guardrail bypass did not justify the order and warn that the move sets a troubling precedent: the government can unilaterally disrupt American software products without court approval, potentially undermining trust in U.S. AI providers. From the report:

> Katie Moussouris, a cybersecurity veteran and researcher who founded Luta Security, said in a [4]blog post that Anthropic recently shared with her a private copy of a paper written by security researchers describing an alleged guardrail bypass in Fable 5. (The Wall Street Journal reports that the paper's authors [5]are security researchers at Amazon .) Moussouris said that Anthropic reached out to ask for her take on the paper. Moussouris' blog post described how the researchers triggered the guardrail bypass, but said that the bypass itself "should never have triggered an export control." The difference is largely between asking an AI model to "review code for security issues" versus asking it to "fix this code."

>

> The end result is largely the same, even if the questions are posed slightly differently. "The behavior described in the paper cannot meaningfully be fixed, and any attempt would only weaken the model for defense," said Moussouris, who criticized the export control directive as hasty, heavy-handed, and misguided. Moussouris and dozens of other top security researchers and experts have since called on the Trump administration to [6]revoke the export control order , calling the move to pull advanced cybersecurity capabilities from network defenders in the U.S. as "dangerous."

>

> Past administrations have made sweeping decisions on knowledge gaps. For instance, language used by the U.S. government during the 2010s to fix export law covering cybersecurity tools that could also be used for cyberattacks was so broad that inadvertently, it [7]nearly outlawed legitimate security and vulnerability research. However, the Trump administration's directive appears retaliatory. Justin Hendrix, the [8]editor of Tech Policy Press , said the Trump administration's move is "likely to raise alarms in foreign capitals about the reliability of American AI for critical applications." The message is that AI companies in the United States can't be trusted to operate without interference from the U.S. government.

>

> The Trump administration hasn't confirmed why it invoked its export control directive. Did the officials misread the report and freak out? Did Amazon CEO Andy Jassy say something to senior government officials that prompted the reaction, out of caution or spite? Was something lost in translation, or was this a way to pressure Anthropic, with whom the administration already has a fractious relationship? It's possible that the White House was unaware of the far-reaching consequences of the letter's demand and officials are scrambling to undo the damage of their own making. To quote Hendrix, "the climate is one of a cloud of suspicion that senior officials are picking favorites based on personal and political factors." The aftermath is that the government has set a dangerous precedent about how much control it intends to wield over the release of American-made software. This time the government took issue with Anthropic; tomorrow it could be with anyone else.



[1] https://news.slashdot.org/story/26/06/13/0546258/anthropic-suspends-all-mythos-and-fable-access-after-us-order-limiting-foreign-access

[2] https://techcrunch.com/2026/06/15/the-us-governments-anthropic-models-ban-was-never-about-an-ai-jailbreak/

[3] https://www.axios.com/2026/06/15/anthropic-white-house-fable-mythos

[4] https://www.lutasecurity.com/post/the-fable-5-export-controls-harm-us-cyber-defense

[5] https://news.slashdot.org/story/26/06/13/2227234/amazon-ceos-talks-with-us-officials-triggered-crackdown-on-anthropic-models

[6] https://it.slashdot.org/story/26/06/15/2128216/cybersecurity-vets-protest-dangerous-us-government-ban-on-anthropics-most-powerful-models

[7] https://www.wired.com/2015/07/moussouris-wassenaar-open-comment-period/

[8] https://www.techpolicy.press/anthropics-mythos-recall-and-the-white-houses-missing-ai-safety-playbook/

The Arch Linux User Repository "AUR" is facing another issue just days after more than 1,500 packages were [1]found carrying malware . According to Phoronix, over 70 AUR packages have reportedly been [2]modified to insert Russian spam and profane messages into users' shell configuration files . From the report:

> Nicolas Boichat with his AI/LLM detection bot [3]detected some questionable messages appearing in AUR content. Russian messages were being added post-install to the bashrc / zshrc / Fish configuration, etc containing offensive messaging. Those commits happened on the 14th, after the recent malware fiasco. And then over the past day reporting on dozens of AUR packages having similar Russian messages containing offensive language.

>

> The [4]latest update on that thread indicates more than 70 AUR packages having this Russian spam / offensive messaging. Among those various Python packages, Ruby packages, Llama.cpp, and others. At least the AI/LLM bots are proving helpful here in proactively picking up on some of the AUR abuses until the fundamental situation can be better handled.



[1] https://linux.slashdot.org/story/26/06/13/1817206/arch-linux-malware-incident-malicious-commits-found-in-1579-packages

[2] https://www.phoronix.com/news/Arch-Linux-AUR-Russian-Spam

[3] https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/message/GJURAWWOV453HZDBESQT3L26J2572VDV/

[4] https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/message/2YQSHTC27MOKDDKHZTH2BJGTEN2CYC7W/

An anonymous reader quotes a report from Linuxiac:

> Mozilla has [1]released Firefox 152, the latest update to its popular open-source web browser, with updated settings, improved media controls, experimental JPEG XL support, and various platform-specific fixes for desktop and Android. A key update is the redesigned Firefox Settings page, which [2]now features clearer groupings, improved navigation, and a more streamlined structure for easier customization . The release also expands built-in spellchecker support, adding dictionaries for Croatian, English (UK), Georgian, Persian, Slovenian, Tajik, Tamil, Tibetan, Turkish, Welsh, and Xhosa. [...] Importantly, Firefox now offers experimental support for JPEG XL, an image format with improved compression over WebP, JPEG, PNG, and GIF. Users can enable JPEG XL in the Firefox Labs panel within Settings.



[1] https://ftp.mozilla.org/pub/firefox/releases/152.0/

[2] https://linuxiac.com/firefox-152-adds-jpeg-xl-support-and-redesigned-settings/

New simulations suggest Venus' extremely slow backward rotation may have been [1]triggered by a high-angle collision with a fast-moving object roughly one-tenth its mass . The impact could have dramatically altered Venus' spin and melted nearly its entire mantle. Universe Today reports:

> Venus' bizarre and extraordinarily slow retrograde rotation on its axis has long puzzled planetary scientists. But in a [2]new paper presented at the recent European Geosciences Union General Assembly in Vienna, the authors argue that their models indicate that a high angle moon-sized, high-velocity impactor likely triggered Venus's strange 248-day rotation. And it probably happened within the first 50 million years of Venus' formation. [...] The team found that an impactor that is about a tenth of Venus' mass hitting the planet at a high angle could drastically slow the early young planet's rotation.

>

> Depending on the actual impact parameters, we can slow down a rapidly rotating early Venus to rotation rates that are that are compatible with long-term evolution towards a slow rotating planet, says [Cedric Gillmann, the paper's lead author and a planetary scientist at ETH Zurich]. Or even in some cases with large energetic impact that happen with a tangential impact that would even put planets early on in already a retrograde but faster rotation, he says. In the simulations, giant impacts expectedly produce surface magma oceans, the paper's authors note. Their relative depths vary depending on impact properties: from a shallow melt layer in the order of 100km thick to a fully molten mantle, they note. If the surface can radiate heat to space efficiently, the magma ocean cools down quickly, they write.

>

> If Gillmann and colleagues are correct, Venus' likely impactor also melted some 99 percent of Venus' mantle. That is, the interior structure that extends between its core and crust. You will get rid of that impact heat pretty efficiently, and after a few hundred million years, you end up seeing an evolution that is very difficult to distinguish from a case where you don't have an impact, says Gillmann. What role the impact may have played in Venus' lack of plate tectonics, however, remains open for debate. But it's known that Venus' lack of a large-scale carbon recycling mechanism likely led to its current runaway greenhouse.



[1] https://www.universetoday.com/articles/venus-strange-rotation-was-likely-triggered-by-a-high-velocity-moon-sized-impactor

[2] https://meetingorganizer.copernicus.org/EGU26/EGU26-10551.html

A Chinese Zhuque-2E rocket's upper stage broke apart shortly after last week's June 9 launch, [1]likely creating 100 to 150 pieces of debris in a busy region of low-Earth orbit crossed by the ISS and lower-altitude Starlink satellites. Most fragments should reenter within months because of atmospheric drag, but experts say the incident adds to a worsening trend as China leaves more large rocket bodies in orbit while expanding its launch rate. Ars Technica reports:

> The US Space Force confirmed the breakup event in a post on [2]space-track.org , a website used by the military to distribute orbit data to the public. "The tracked pieces are being incorporated into routine conjunction assessment to support spaceflight safety," the Space Force wrote in an advisory. "There are currently no threats to human spaceflight. Analysis is ongoing." So far, the Space Force has not added any of the debris fragments to the official catalog of human-made space objects.

>

> [...] The bad news is that the Zhuque-2E's breakup is the latest chapter in China's growing contribution to the space junk problem. After decades of leaving spent rocket bodies in orbit, launch operators in most countries now reserve enough fuel to steer their upper stages back to Earth for controlled reentries. Rocket bodies attributed to Russia and the former Soviet Union account for the bulk of the launch-related debris in long-lived orbits, followed by China and the United States. But the Russian and American numbers are declining or holding steady, while the mass of Chinese rocket bodies in these long-lived orbits has grown by more than 150 percent in the past five years, according to a new analysis by Space Domain Awareness expert Jim Shell. The increase comes as China ramps up launches of its own megaconstellations designed to compete with SpaceX's Starlink.

>

> Rocket bodies are the most concerning sources of space debris because they are typically fairly large in size and mass, often with residual propellant and high-pressure gases that can trigger an explosion. There is no way to maneuver or dispose of them if left abandoned in orbit after releasing their payloads. McKnight characterized the recent breakup of the Zhuque-2E rocket as a "slight space safety issue," but the trend is not good. China's Long March 6A rocket has an especially bad track record, including two explosions that littered a higher-altitude low-Earth orbit with more than 1,000 debris fragments, where they will remain for decades or centuries. "Three of the top four breakup events in LEO are of Chinese origin, with two of these events being from Chinese (rocket body) explosions in the last four years," McKnight said.



[1] https://arstechnica.com/space/2026/06/a-chinese-rocket-breaks-apart-dangerously-close-to-the-starlink-constellation/

[2] https://www.space-track.org/

An anonymous reader quotes a report from TechCrunch:

> A group made up of dozens of cybersecurity experts, including several well-known veterans of the industry, published an [1]open letter to the U.S. government [2]asking it to lift the export control order on Anthropic's Fable and Mythos models . According to the open letter, "this action has taken the best models away from [cybersecurity] defenders" who now can't use the models to find vulnerabilities and make their software and products more secure. "To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous," read the letter.

>

> On Friday, the U.S. government [3]ordered Anthropic to limit the export of Fable and Mythos, citing national security concerns, without explaining the specific reasons behind the order, according to Anthropic. In response, the company suspended access to the models to all users worldwide. As of this writing, the letter is signed by 76 cybersecurity experts, including Alex Stamos, former Facebook chief of security; Casey Ellis, the founder bug bounty platform Bugcrowd; Jon Callas, famed cryptographer and former Apple security design and architecture manager; Paul Vixie, computer scientist ; Dino Dai Zovi, the former head of applied security engineering at Block; Katie Moussouris, the founder of Luta Security; and Rachel Tobac, the CEO of the security awareness training firm SocialProof Security.

>

> [...] Anthropic said that the White House export control order may have been based on a report that there was a method to bypass -- or jailbreak -- Fable to unlock its powerful Mythos-level capabilities. According to Katie Moussouris, one of the signatories of the open letter, the method was [4]demonstrated by Amazon researchers in a paper that is not public but that she has reviewed. But Moussouris [5]said in a blog post that the paper did not actually demonstrate a real jailbreak. Instead, she wrote, the researchers simply asked Fable to fix open source code with public and known vulnerabilities along with "deliberately planted vulnerabilities," after the model initially refused to "review the code for security issues."

>

> "The behavior described in the paper cannot meaningfully be fixed, and any attempt would only weaken the model for defense," Moussouris wrote. "Defenders need to be able to ask AI to fix the bugs in a file, explain why the fix matters, and write tests that confirm the patch works. That is not a guardrail bypass. It is the most valuable thing an AI model can do for defensive security: executing the find, fix, and test loop defenders run every day." Moussouris' critique was echoed in the open letter, which also said that the group of experts believe the model capabilities in the Amazon paper "can be replicated" on OpenAI's GPT-5.5, on Anthropic's own publicly available Claude Opus 4.8 and Sonnet, "and even Chinese models like Kimi 2.7."

>

> Moussouris told TechCrunch that "the bugs used to demonstrate the techniques in the paper can be found using the other models. The method in the paper is a guardrail bypass technique. Other models that lack the Fable guardrails often won't refuse the straightforward request to look for security bugs, so they don't need a bypass." The letter also asked for transparently and fairly enforced regulations created by "a democratic rule-making process" that are based on scientific research done by industry and academic experts, and "used only to the minimal extent necessary to ensure the safety of the American public."



[1] https://freefable.org/

[2] https://techcrunch.com/2026/06/15/cybersecurity-vets-protest-dangerous-us-government-ban-on-anthropics-most-powerful-models/

[3] https://news.slashdot.org/story/26/06/13/0546258/anthropic-suspends-all-mythos-and-fable-access-after-us-order-limiting-foreign-access

[4] https://news.slashdot.org/story/26/06/13/2227234/amazon-ceos-talks-with-us-officials-triggered-crackdown-on-anthropic-models

[5] https://www.lutasecurity.com/post/the-fable-5-export-controls-harm-us-cyber-defense

The Federal Data Center Enhancement Act (FDCEA) is [1]set to expire in September without an apparent replacement , potentially ending requirements for federal agencies to report on data-center efficiency, resilience, energy and water use, and contractor sustainability. Wired reports:

> Despite the public backlash, the Office of Management and Budget (OMB), the government agency that sets guidance for how agencies implement policies in line with the president's agenda, is not providing any plans for how federal agencies should manage the sunset or continue to implement reporting beyond the timeline of the law. This, current and former workers at OMB and the General Services Administration (GSA) say, signals that the Trump administration is set to take an even more hands-off approach to data center oversight and regulation.

>

> A replacement for the requirements laid out in FDCEA would, in other administrations, have been in the works for months ahead of its expiration. An employee with the GSA, the agency that oversees the government's IT services and helps to implement the FDCEA, says that the lack of any sort of plan is highly uncommon. The employee spoke to WIRED on the condition of anonymity for fear of retaliation. "Never in the history of data center policies has a policy expired without another one having been painstakingly worked on for three years behind the scenes," says the GSA employee. "The technology has changed so much it's not about getting everything right, it's about doing the best they can and updating to a new policy. They claim they're going to make sure private companies pay their fare share, but they haven't explained how they'll do that."

>

> [...] There has been a burst of data-center-related legislation introduced in Congress this year, from bills that mandate environmental reviews of data centers to bills designed to protect local moratoriums. However, it appears that none of these bills are designed to address the requirements in FDCEA, nor do they specifically address federally run or leased data centers. [...] A search of [2]reginfo.gov , the OMB website that contains reports on the president's Unified Agenda, also turns up nothing for the FDCEA.

"By letting this expire, OMB is going to enter into this new age of prioritizing rapid AI development over any sort of centralized control or rigorous standards," says the anonymous GSA employee who spoke to Wired. "In the absence of a new policy from OMB, [GSA] has no directive or measurable standards with which to point agencies towards managing data centers efficiently."



[1] https://www.wired.com/story/the-us-government-is-letting-a-key-data-center-regulation-expire/

[2] https://reginfo.gov/

[1]alternative_right shares a report from The Hill:

> The FBI [2]released an urgent security warning to the public about a fast-acting scam targeting Microsoft 365 users on Teams, Outlook and OneDrive. The agency warned that the hacking platform Kali365 seeks out OAuth device codes, [3]allowing scammers to sneak past multi-factor authentication codes , and without the need for a password, to access Microsoft accounts. Scammers will send a phishing email impersonating a trusted document-sharing service with a device code and instructions on how to verify, according to the FBI.

>

> "Kali365 lowers the barrier of entry, providing less-technical attackers access to AI-generated phishing lures, automated campaign templates, real-time targeted individual/entity tracking dashboards, and OAuth token capture capabilities," the FBI stated. The platform is sold to scammers with a $250 per month subscription. The FBI, which first detected Kali365 in April, described the hacking platform as an "emerging Phishing-as-a-Service platform." Hackers with limited skills can access advanced phishing tools through the platform, [4]according to NordPass .



[1] https://slashdot.org/~alternative_right

[2] https://www.ic3.gov/PSA/2026/PSA260521

[3] https://thehill.com/policy/technology/5924655-microsoft-365-phishing-threat/

[4] https://nordpass.com/blog/phishing-as-a-service/

Google is removing Chrome's last remaining workarounds for Manifest V2 extensions, effectively [1]ending support for legacy ad blockers such as the original uBlock Origin. 9to5Google reports:

> CyberNews [2]points out a [3]Chromium commit that removes support for the "kExtensionManifestV2Disabled" flag, which is referred to as "dead code" seeing as Chrome no longer supports Manifest V2 extensions. This removal acts as the final stop for many Manifest V2-based ad blocker extensions that were still in use today -- the flag was effectively a loophole to continue using these extensions.

>

> A Googler on the commit [4]explains : "MV2 extensions are no longer allowed in any supported version of Chrome, and we are removing support for them and the associated functionality. We won't be able to provide / maintain this functionality indefinitely due to the complexity and tech debt, as well as the security risks it entails (we've actually found a number of bugs that are specific to MV2 lately). Of course, other browsers can continue supporting these if they so desire."

>

> This will also impact other Chromium-based browsers, though the comment notes that "other browsers can continue supporting these if they so desire." Neowin [5]points out that Microsoft Edge and Opera are likely to follow suit. Chrome 150, set to be released later this month, will remove this flag, while other leftover bits of Manifest V2 will be removed in the v151 release.



[1] https://9to5google.com/2026/06/15/google-chromes-next-update-will-mark-the-end-of-popular-ad-blockers/

[2] https://cybernews.com/security/chrome-update-disables-adblockers-manifest-v3/

[3] https://chromium-review.googlesource.com/c/chromium/src/+/7813942

[4] https://chromium-review.googlesource.com/c/chromium/src/+/7813942

[5] https://www.neowin.net/news/google-chrome-is-killing-all-ublock-origin-bypasses-microsoft-edge-opera-to-follow/

An anonymous reader quotes a report from Ars Technica:

> A decade ago, AMD added a protection to its high-end CPUs to protect them against cold boot attacks and other types of physical exploits that siphon sensitive data out of the connected memory chips. Short for Transparent Secure Memory Encryption, TSME encrypts the entire contents stored in memory, making the data useless to physical attackers. Over time, AMD added TSME to lower-end processors, including the consumer version of its Ryzen chips, a CPU that costs less than the Pro version. Over the years, users of these lower-end chips have gotten used to the added security. Recently and without warning or notice, this lower-end line of AMD chips [1]suddenly dropped the protection , and did so in a way that was impossible to detect on Windows machines and required a fair amount of technical work when using Linux.

>

> AMD has yet to say why TSME worked on these CPUs, or even to confirm the change. AMD declined to answer questions sent by email other than to say TSME "is a security feature only applied to PRO CPUs as part of AMD PRO Technologies." The statement is the first known time the chipmaker has explicitly made this restriction public. [...] There's no indication that AMD ever advertised or marketed TSME as being available in consumer CPUs. AMD has long said that a related memory protection, Secure Memory Encryption (SME), is available only in the Pro and Epyc CPU tiers. SME is OS-managed. It uses a single key and allows the OS to selectively encrypt individual memory pages. TSME is firmware-managed. It encrypts all RAM with no OS involvement. When active, it provides protection against physical attacks, including cold boot exploits, DRAM interface snooping, and memory module removal. It activates silently when enabled in the BIOS, making it the more practically useful of the two protections.

Ben Kilpatrick, a self-described "privacy-conscious Linux hobbyist," [2]discovered that TSME had stopped working on his consumer Ryzen processor despite remaining enabled in the BIOS. He spent months investigating, persuaded MSI engineers to test multiple CPUs, motherboards, and firmware versions, and filed a public AMD [3]bug report that traced the change to newer AGESA firmware apparently disabling TSME on consumer chips while retaining it on Pro and EPYC models.

"AMD engineers' comments, such as those mentioned above, and the years of TSME working just fine in the lower-cost tier processors, have understandably conditioned Kilpatrick and other users to reasonably regard it as an expected part of the chip package," reports Ars Technica. "AMD quietly removing it and providing no acknowledgment or explanation strikes these users as something of a betrayal."

Joe Fitzgerald, an expert in silicon-level security, said in an interview: "They could have not realized they did it leading to their cagey responses, or they could have done it intentionally and tried to get away with it, leading to the same cagey responses. But I really feel like an explanation should be in order, even if it was 'TSME was never supposed to be supported. We did ship some firmwares that erroneously enabled it, but you shouldn't use them since we can't guarantee it'll work properly.'"



[1] https://arstechnica.com/security/2026/06/users-cry-foul-after-amd-stripped-memory-crypto-from-its-consumer-cpus/

[2] https://github.com/AMDESE/AMDSEV/issues/292

[3] https://github.com/AMDESE/AMDSEV/issues/292