mjfisher.net

Latest News

Last updated 07 May, 11:38 PM

BBC News

When will we know the results for the England, Scotland and Wales elections? - Millions have voted in parliamentary elections in Scotland and Wales, and local elections in England.

Labour expected to lose Senedd after century of winning elections in Wales - Labour sources have told the BBC the party's century-long winning run is expected to come to an end.

Hantavirus outbreak on cruise ship not start of pandemic, UN health agency says - Ther World Health Organization says it is not in the same situation as with Covid-19 because hantavirus spreads differently.

Man charged with allegedly threatening Andrew Mountbatten-Windsor - Alex Jenkinson, 39, of Stowmarket, Suffolk, has been remanded in custody ahead of a court appearance.

English clubs reach all three European finals for first time - English teams have reached the finals of three different European competitions in the same season for the first time.

www.theregister.com - Articles

Dyna Software's AI assistant promises to massage your toughest ServiceNow configs - The tool is meant to take the place of 80% of the work that requires ServiceNow dev teams

Fake IT workers rented laptops to Nork scammers, got prison time - Matthew Isaac Knoot and Erick Ntekereze Prince will each do 18 months for hosting laptops used by North Korean IT workers to remotely infiltrate US companies

Anthropic response to 1-click pwn: Shouldn't have clicked 'ok' - Security biz Adversa AI argues users of AI tools need clearer warnings

60% of MD5 password hashes are crackable in under an hour - Happy World Password Day! Maybe it's finally time to kill this holiday in favor of World No-More-Passwords Day?

IBM Cloud evaporates as datacenter loses power - Customers say services were down for at least 4 hours, while status page showed no issues

New Scientist - Home

Hantavirus outbreak will not cause a covid-style pandemic, says WHO - The World Health Organization sought to quell worldwide fears over the hantavirus outbreak on the cruise ship MV Hondius and reassure the public that the risk of widespread transmission is low

PCOS postpones perimenopause and allows pregnancies at older ages - Only 3 per cent of those with polycystic ovary syndrome reach perimenopause by the age of 46, which may allow them to conceive when older

Coffee's mood-boosting effects aren't just down to caffeine - A comprehensive study exploring coffee’s physiological effects finds that some of its benefits are down to polyphenols and their influence on gut bacteria

What to read this week: the excellent Beyond Belief by Helen Pearson - Solving society's problems with evidence is a work in progress, argues a must-read new book. The process is surprisingly new – and riddled with complexities, finds Michael Marshall

Where has the deadly hantavirus come from and how does it spread? - Three passengers on the cruise ship MV Hondius have died due to an outbreak of hantavirus, a rare illness transmitted by rodents

Hacker News

Dirtyfrag: Universal Linux LPE - Comments

Canvas (Instructure) LMS Down in Ongoing Ransomware Attack - Comments

The Burning Man MOOP Map - Comments

Agents need control flow, not more prompts - Comments

AlphaEvolve: Gemini-powered coding agent scaling impact across fields - Comments

Slashdot

IMF Warns New AI Models Risk 'Systemic' Shock To Finance - The IMF is warning that advanced AI-powered cyberattacks pose a serious threat to global financial stability. "IMF analysis suggests that extreme cyber-incident losses could trigger funding strains, raise solvency concerns, and disrupt broader markets," the lender warned in a new report. The report urged greater international cooperation and emphasized resilience, since breaches are "inevitable" -- particularly for emerging economies with weaker defenses. Agence France-Presse reports: The study's authors highlighted the risks posed by the highly interconnected nature of the global financial system, with advanced AI models able to "dramatically reduce" the time and cost of exploiting vulnerabilities. [...] The IMF warned that emerging and developing countries, "which often have more severe resource constraints, may be disproportionately exposed to attackers targeting regions with weaker defenses." The risks, the authors said, were systemic, cut across sectors and came with the threat of contagion, with the reliance on a small number of platforms and cloud providers likely to increase "the impact of any single exploited weakness." "Defenses will inevitably be breached, so resilience must also be a priority, specifically to limit how far incidents spread and ensure rapid recovery," the report said. IMF chief Kristalina Georgieva warned last month that the global financial system was not ready for the cybersecurity threats posed by AI. "We are very keen to see more attention to the guardrails that are necessary to protect financial stability in a world of AI," she told CBS News, seeking global collaboration on the issue. Read more of this story at Slashdot.

60% of MD5 Password Hashes Are Crackable In Under an Hour - In honor of World Password Day, Kaspersky researchers revisited their study on the crackability of real-world passwords and found that 60% of MD5-hashed passwords could be cracked in under an hour with a single Nvidia RTX 5090, and 48% could be cracked in under a minute. "The bottom line is that passwords protected only by fast hashing algorithms such as MD5 are no longer safe if attackers obtain them in a data breach," reports The Register. From the report: Much of the reason password hashes have become so easy to crack is password predictability. Per Kaspersky, its analysis of more than 200 million exposed passwords revealed common patterns that attackers can use to optimize cracking algorithms, significantly reducing the time needed to guess the character combinations that grant access to target accounts. In case you're wondering whether there's a trend to compare this to, Kaspersky ran a prior iteration of this study in 2024, and bad news: Passwords are actually a bit easier to crack in 2026 than they were a couple of years ago. Not by much, mind you -- only a few percent -- but it's still a move in the wrong direction. "Attackers owe this boost in speed to graphics processors, which grow more powerful every year," Kaspersky explained. "Unfortunately, passwords remain as weak as ever." "This World Password Day, the main message ought not to be to the users, who often have no choice but to use passwords anyway, but to the sites and providers that are requiring them to do so," said senior IEEE member and University of Nottingham cybersecurity professor Steven Furnell. His advice is that providers need to modernize their login systems and enforce stronger protections, because users are often stuck with whatever security options they're given. Read more of this story at Slashdot.

CEOs Want Tariff Refunds As Earnings Take a Hit - Companies including Philips and Pandora say they plan to seek tariff reimbursements after the Supreme Court ruled Trump's sweeping duties illegal, with the U.S. potentially facing up to $175 billion in refunds. Many firms say tariffs hurt earnings, but CFO survey results suggest companies applying for refunds are unlikely to pass savings back to consumers through lower prices. CNBC reports: Companies across Europe are flagging disruption from tariffs as a factor contributing to a skewed earnings picture. "We will ask for a rebate of tariffs in line with the government policies," Roy Jakobs, CEO of healthtech firm Philips, told CNBC's "Squawk Box Europe" on Wednesday morning. "We have been saying that of course we prefer a world without tariffs, without trade barriers, because we want to serve patients." Philips included the cost of tariffs within its full-year guidance and did not assume the impact from any potential refunds. Danish jeweler Pandora also announced its intention to apply for a rebate on Wednesday, with CEO Berta de Pablos-Barbier telling CNBC that tariffs were a "headwind" to earnings in the first quarter. "We have no news yet, so we cannot count on any of that refund," she told CNBC's "Squawk Box Europe." "Let's wait and see." De Pablos-Barbier noted that the biggest factor impacting Pandora's profit this quarter is the cost of silver, which more than quadrupled in the last 18 months. She reiterated the firm's pivot from pure silver to platinum as a way of reducing costs. BMW, Daimler, Renishaw, Smith & Nephew and Continental all flagged tariffs as negatively impacting results in a slew of earnings updates on Wednesday, but the companies did not say whether they are applying for rebates. Businesses often bear some of the cost of tariffs, with some costs passing on to consumers through price hikes. Tariffs have had an overall inflationary impact on the economy, economists have told CNBC. Despite the refund process potentially covering more than 330,000 importers on roughly 53 million entries, per court documents, consumers are unlikely to benefit, according to the results of the latest CNBC CFO Council quarterly survey. Twelve of the 25 chief financial officers interviewed said their company plans to apply for tariff refunds, however, none intend to lower prices in response. Read more of this story at Slashdot.

Microsoft Issues Warning About Linux 'Copy Fail' Vulnerability - joshuark shares a report from Linux Magazine: Microsoft has issued a warning that a vulnerability with a CVSS score of 7.8 has been found in the Linux kernel. The vulnerability in question is tagged CVE-2026-31431 and, according to the Cybersecurity and Infrastructure Security Agency (CISA), "This Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise." The distributions affected are Ubuntu, Red Hat, SUSE, Debian, Fedora, Arch Linux, and Amazon Linux. This could also affect any distribution based on those in the list, which means pretty much every Linux distro that isn't independent. The flaw is found in the Linux kernel cryptographic subsystem's algif_aead module of AF_ALG. The problem is that a particular optimization has led to the kernel reusing the source memory as the destination during cryptographic operations. What this means is that attackers can take advantage of interactions between the AF_ALG socket interface and a splice() system call. Until patches are released, Microsoft is advising that the affected crypto feature should be disabled, or AF_ALG socket creation should be blocked. The vulnerability is also known as "Copy Fail," which has been shared on Slashdot and detailed in a technical report. The vulnerability affects almost every version of the Linux OS and is now being exploited in the wild. U.S. cybersecurity agency CISA has ordered all civilian federal agencies to patch any affected systems by May 15. Read more of this story at Slashdot.

Google Unveils Screenless Fitbit Air, Google Health App To Replace Fitbit - An anonymous reader quotes a report from Ars Technica: Wearables have really come full circle. The early Fitbits didn't have screens, but the move to smartwatches put a screen on everyone's wrist. Now, devices like Whoop and Hume are designed as data trackers first and foremost without so much as a clock. Google's newest wearable jumps on that trend: The Fitbit Air doesn't have a screen, but it does have a suite of health sensors that pipe data into the new Google Health app. And if you want, Google has a new AI-powered health coach in the app ready to tell you what that data means (maybe). The Fitbit Air itself is a small plastic puck about 1.4 inches long and 0.7 inches wide. It slots into various bands that hold the bottom-mounted sensors against your wrist. There's no display pointing upward, so the entire device is covered by the fabric or plastic of the band. It's a streamlined and potentially stylish look -- in uncharacteristic fashion, Google has plenty of colors and style options available, including a special-edition Steph Curry version. You may have heard chatter about Curry being seen teasing a new screenless Fitbit, and this is it. [...] The Fitbit app is getting a major makeover and a new name. An update in the coming weeks will transform that app into Google Health, featuring a new interface with a more extensive Material Expressive aesthetic and redesigned menus and tabs. You also won't see Fitbit branding in as many places -- the Fitbit Premium subscription will become Google Health Premium. Without a subscription, the app still does all the basic things, like tracking your health stats, automatically logging workouts, and showing it all in a pretty dashboard. With the Premium subscription, you get all the features from Fitbit Premium plus the new AI Health Coach. It's a chatbot, so you can ask it about any health or wellness topics, and the answers are grounded in your health data. The Fitbit Air launches May 26 for $99.99, includes a Performance Loop band, and comes with three months of the new Google Health Premium that replaces Fitbit Premium and adds Google's AI Health Coach. Meanwhile, Google Health Premium will cost $10 per month or $100 per year, though it's included with AI Pro or AI Ultra. Non-subscribers can still use basic tracking features. Ars also notes that when Google Fit shuts down later this year, users will need to migrate their data to Google Health. Read more of this story at Slashdot.