Publisher claims misconfigured Salesforce-hosted page leaked data Textbook giant McGraw Hill has landed on a ransomware crew's leak site after an alleged Salesforce-linked misconfiguration spilled 13.5 million records into the wild.

Giant UAV package will include strike, recon, logistics, and maritime systems The UK government says it will deliver at least 120,000 drones to Ukraine this year to help it fight against Russia.

Just migrate already, would you? But if you can't, Redmond will take your cash Microsoft will keep delivering security updates for old versions of Exchange Server and Skype for Business Server, after admitting that some customers aren't ready to make the move to newer products.

Deciphering the third transport protocol's four RFCs is a task to rival the proverbial blind man trying to understand an elephant While Larry was producing most of the content for the "Request/Reponse" chapter for the next edition of our book, I took the lead on writing a section on QUIC, since I have closely followed its development.

Backup and Sync may be dead, but it still knows how to kill the buzz before the ukuleles start Bork!Bork!Bork! Sweden is arguably the home of bork think the Swedish Chef from The Muppets so we are delighted to note an example of the breed turning up north of Stockholm.

Biz as usual for Brit public sector: ESN replacement is 12 years late and 3B over budget UK police tech buyers have awarded a 25 million no-competition contract for communications technology first commissioned in 2000, with the replacement project 12 years behind schedule and 3 billion over budget.

Here comes 'enterprise vibe coding' as CRM giant aims to open development to anyone on the platform Salesforce has introduced what it calls Headless 360 at its developer event TDX, which starts today in San Francisco, designed to expand the reach of its app-building tools beyond traditional developers.

Your cybersecurity is only as good as the physical security of the servers PWNED Welcome back to Pwned, the column where we immortalize the worst vulns that organizations opened up for themselves. If youre the kind of person who leaves your car doors unlocked with a pile of cash in the center console, this weeks story is for you.

Private Shinkansen suites are pulling up to the station in October Some Japanese bullet trains will soon be equipped with private suites that include windows with embedded 5G antennas and noise-cancelling technology that envelops passengers in a bubble of quiet.

Services giants staff accused of assaults, inappropriate religious practices Police in the Indian city of Nashik conducted a sting operation at Tata Consultancy Services and allegedly found instances of sexual harassment and other revolting behavior.

Browser fingerprinting is everywhere Google markets its Chrome browser by citing its superior safety features, but according to privacy consultant Alexander Hanff, Chrome does not protect against browser fingerprinting a method of tracking people online by capturing technical details about their browser.

Like the majority of the companies participating, it remains a mystery Last week, Anthropic surprised the world by declaring that its latest model, Mythos, is so good at finding vulns that it would create chaos if released. Now, under the title of Project Glasswing, over 50 selected companies and orgs are allowed to test the hyped up LLM to find security holes in their own products. But just how many problems have they really discovered?

'LLMs should not be trusted for patient-facing diagnostic reasoning,' boffins advise People ask AI for all kinds of advice, including the kind of questions you'd ask a physician. However, the next time you're tempted to query ChatGPT if that growth on your face is skin cancer, consider this: research shows today's leading AI models fail at early differential diagnosis in more than 8 out of 10 cases.

Repair of bug that undercounted token usage leads to rapid exhaustion of subscription allowance Microsoft's GitHub last week told Copilot customers that they'd have to reduce their use of the AI service to ease the strain on company servers. This follows the company's discovery last month of a token counting bug that appears to have broken the company's pricing model.

Following in the footsteps of Long Island Iced Tea OPINION Back in December 2017, an obscure American soft drinks company changed its name from Long Island Iced Tea to Long Blockchain.

No reports of active exploitation (yet) Watch out for more Fortinet vulns! Two critical bugs in Fortinet's sandbox could allow unauthenticated attackers to bypass authentication or execute unauthorized code on vulnerable systems.

Kamila Szewczyk prefers old software, as back then people understood something could actually be finished No one can tell software developer Kamila Szewczyk that newer is better: She just fixed a 20-year-old bug in Enlightenment E16, the old-school Linux window manager she favors partly because, she tells us, it is actually finished software.

Some customer orgs tell staff to block inbound email from the provider Autovista confirms that it called in outside support to help clean up a ransomware infection currently affecting systems in Europe and Australia.

Report says authorities are flouting rules by failing to disclose revenue lost to server farm subsidies Many US states and local authorities are violating generally accepted accounting principles (GAAP) by failing to disclose revenue lost to datacenter tax subsidy schemes, according to Good Jobs First.

Y'all been focusing on compute and forgot about how the data moves around AI is reshaping the demands on network infrastructure, and many organizations are not prepared including some of the so-called neocloud providers offering AI services.

We've all been there Bork!Bork!Bork! Windows is doing what it does best in California, with a Blue Screen of Death on the wall of a fast food restaurant where order progress is supposed to be.

Latest in a string of cases that have earned France an unfortunate title A mother and her ten-year-old son are now free after being kidnapped for around 20 hours while the father was being extorted for hundreds of thousands of euros.

Some on the Moon's surface, some in orbit. How does 5 years sound? Do-able, right nerds? The nukes-in-space ambitions of the current US administration have taken a step forward and the US Office of Science and Technology Policy has just published its hopes for who does what.

Vuln old enough to drive lands on CISA's exploited list While Microsoft was rolling out its bumper Patch Tuesday updates this week, US cybersecurity agency CISA was readying an alert about a 17-year-old critical Excel flaw now under exploit.

Command prefix will require password by default The latest version of Raspberry Pi OS now requires a password for sudo by default.

Open Rights Group says years of reliance on US giants have left Britain exposed Britain has spent years wiring its public sector into US Big Tech, and a new report says that dependence could quickly become a national security headache.

Armed with 2.5B, UKAEA sets out technical hurdles it wants cracked by end of decade Brit boffins have a 2.5 billion ($3.4 billion) budget for fusion power research and development, and the government agency leading the effort has published a roadmap of targets to hit before the decade is out.

Google sibling takes on the Big Smoke with a human hand on the wheel Waymo has started letting its software take the wheel on London streets, with trained specialists on standby as it gradually accelerates toward a fully driverless ride-hailing launch.

Analysts reckon 70 percent of projects will fail, and 75 percent of vendors in the field will go away Most mainframe users who turn to AI for help migrating legacy code to alternative platforms are going to be very disappointed, according to analyst firm Gartner.

Researchers who found the flaws scored beer money bounties and warn the problem is probably pervasive Exclusive Security researchers hijacked three popular AI agents that integrate with GitHub Actions by using a new type of prompt injection attack to steal API keys and access tokens, and the vendors who run agents didnt disclose the problem.

Needs SpaceX et al to drop prices and give competitors a ride into space to make it work A startup called Orbital has revealed a plan to build a 10,000-satellite neocloud in space if Elon Musk delivers on his ambitious plans to increase launch capacity and reduce costs.

The perfect combination of hardware and experiences will arrive, no matter what Zuck and Neal Stephenson think Opinion Could the recent death of Meta's unloved and unused Horizon Worlds signal the demise of the wider metaverse?

Supply chain and engineering woes keep the supply of new planes sputtering Boeing has delivered more commercial planes in a quarter than Airbus for the first time in seven years.

Plus Anthropic has redesigned its Claude app Anthropic has made it easier to automate Claude-oriented tasks without relying on autonomous agent software.

One CVE under attack, one already disclosed by angry bug hunter, and 163 more Attackers exploited a spoofing vulnerability in Microsoft SharePoint Server before Redmond issued a fix as part of April's mega Patch Tuesday.

The company's new software keeps an eye on your agents and backs up data. Keep your agents close and your agent-monitoring software closer. Commvaults new AI Protect can discover and monitor AI agents running inside AWS, Azure, and GCP environments and even roll back their actions when something goes wrong.

Long languishing API gets love from Mozilla Firefox will soon be able to communicate directly with your 3D printer. Thirteen years after the idea was initially proposed, the Web Serial API has landed in Firefox Nightly, Mozilla's work-in-progress channel for its browser.

Veterans think Congress may swat cuts again, but uncertainty could still do lasting damage exclusive As NASA's Artemis II mission headed for the Moon, the Trump administration unveiled another attempt to cut the agency's science budget. Yet some insiders, perhaps buoyed by dj vu and a little post-traumatic resilience, are less alarmed than you might expect.

One error in every thousand operations is one too many Quantum computers promise major speedups for problems in materials science, logistics, and financial modeling, but first they need to be made reliable, something Nvidia believes its AI models can help with. When you've got a GPU hammer, every problem starts to look like an AI nail.

With grid hookups slow and turbines scarce, on-site power is starting to look less optional Bloom Energy says it has an expanded remit from Oracle to provide the energy for its US datacenter buildout plans with up to 2.8 GW of fuel cell systems.