Three years ago security researcher Eaton Zveare discovered a vulnerability in Jacuzzi's SmartTub interface allowing access to the personal data of every hot tub owner.

Now Zverae says flaws in an unnamed carmaker's dealership portal "exposed the private information and vehicle data of its customers," reports TechCrunch, "and could have allowed hackers to remotely break into any of its customers' vehicles." Zveare, who works as a security researcher at software delivery company Harness, told TechCrunch the flaw he discovered allowed the creation of a ["national"] admin account that granted "unfettered access" to the unnamed carmaker's centralized web portal. With this access, a malicious hacker could have viewed the personal and financial data of the carmaker's customers, tracked vehicles, and enrolled customers in features that allow owners — or the hackers — to control some of their cars' functions from anywhere.

Zveare said he doesn't plan on naming the vendor, but said it was a widely known automaker with several popular sub-brands.

In an interview with TechCrunch ahead of his talk at the Def Con security conference in Las Vegas on Sunday, Zveare said the bugs put a spotlight on the security of these dealership systems, which grant their employees and associates broad access to customer and vehicle information... The flaws were problematic because the buggy code loaded in the user's browser when opening the portal's login page, allowing the user — in this case, Zveare — to modify the code to bypass the login security checks. Zveare told TechCrunch that the carmaker found no evidence of past exploitation, suggesting he was the first to find it and report it to the carmaker.

When logged in, the account granted access to more than 1,000 of the carmakers' dealers across the United States, he told TechCrunch... With access to the portal, Zveare said it was also possible to pair any vehicle with a mobile account, which allows customers to remotely control some of their cars' functions from an app, such as unlocking their cars... "The takeaway is that only two simple API vulnerabilities blasted the doors open, and it's always related to authentication," said Zveare. "If you're going to get those wrong, then everything just falls down."
Zveare told TechCrunch the portals even included "telematics systems that allowed the real-time location tracking of rental or courtesy cars...

"Zveare said the bugs took about a week to fix in February 2025 soon after his disclosure to the carmaker."

Thanks to long-time Slashdot reader schwit1 for sharing the article.

"Phishing training for employees as currently practiced is essentially useless," writes SC World, citing the presentation of two researchers at the Black Hat security conference: In a scientific study involving thousands of test subjects, eight months and four different kinds of phishing training, the average improvement rate of falling for phishing scams was a whopping 1.7%. "Is all of this focus on training worth the outcome?" asked researcher Ariana Mirian, a senior security researcher at Censys and recently a Ph.D. student at U.C. San Diego, where the study was conducted. "Training barely works..."

[Research partner Christian Dameff, co-director of the U.C. San Diego Center for Healthcare Cybersecurity] and Mirian wanted scientifically rigorous, real-world results. (You can read their academic paper here.) They enrolled more than 19,000 employees of the UCSD Health system and randomly split them into five groups, each member of which would see something different when they failed a phishing test randomly sent once a month to their workplace email accounts... Over the eight months of testing, however, there was little difference in improvement among the four groups that received different kinds of training. Those groups did improve a bit over the control group's performance — by the aforementioned 1.7%...

[A]bout 30% of users clicked on a link promising information about a change in the organization's vacation policy. Almost as many fell for one about a change in workplace dress code... Another lesson was that given enough time, almost everyone falls for a phishing email. Over the eight months of the experiment, just over 50% failed at least once.
Thanks to Slashdot reader spatwei for sharing the article.

"As employers and tech companies rush to deploy AI software into workplaces to improve efficiency, labor unions are stepping up work with state lawmakers across the nation to place guardrails on its use..." reports the Washington Post.

"Union leaders say they must intervene to protect workers from the potential for AI to cause massive job displacement or infringe on employment rights." In Massachusetts, the Teamsters labor union is backing a proposed state law that would require autonomous vehicles to have a human safety operator who can intervene during the ride, effectively forbidding truly driverless rides. Oregon lawmakers recently passed a bill supported by the Oregon Nurses Association that prohibits AI from using the title "nurse" or any associated abbreviations. The American Federation of Labor and Congress of Industrial Organizations, a federation of 63 national and international labor unions, launched a national task force last month to work with state lawmakers on more laws that regulate automation and AI affecting workers... The AFL-CIO task force plans to help unions take on problematic use of AI in collective bargaining and contracts and in coming months to develop a slate of model legislation available to state leaders, modeled on recently passed and newly proposed legislation in places including California and Massachusetts.
The president of the California Federation of Labor Unions also supports a proposed state law "that would prevent employers from primarily relying on AI software to automate decisions like terminations or disciplinary actions," according to the article. "Instead, humans would have to review decisions. The law would also prohibit use of tools that predict workers' behaviors, emotional states and personality."

"Several cybersecurity companies debuted advancements in AI agents at the Black Hat conference last week," reports Axios, "signaling that cyber defenders could soon have the tools to catch up to adversarial hackers." - Microsoft shared details about a prototype for a new agent that can automatically detect malware — although it's able to detect only 24% of malicious files as of now.

- Trend Micro released new AI-driven "digital twin" capabilities that let companies simulate real-world cyber threats in a safe environment walled off from their actual systems.

- Several companies and research teams also publicly released open-source tools that can automatically identify and patch vulnerabilities as part of the government-backed AI Cyber Challenge.

Yes, but: Threat actors are now using those AI-enabled tools to speed up reconnaissance and dream up brand-new attack vectors for targeting each company, John Watters, CEO of iCounter and a former Mandiant executive, told Axios.
The article notes "two competing narratives about how AI is transforming the threat landscape." One says defenders still have the upper hand. Cybercriminals lack the money and computing resources to build out AI-powered tools, and large language models have clear limitations in their ability to carry out offensive strikes. This leaves defenders with time to tap AI's potential for themselves. [In a DEF CON presentation a member of Anthropic's red team said its Claude AI model will "soon" be able to perform at the level of a senior security researcher, the article notes later]

Then there's the darker view. Cybercriminals are already leaning on open-source LLMs to build tools that can scan internet-connected devices to see if they have vulnerabilities, discover zero-day bugs, and write malware. They're only going to get better, and quickly...

Right now, models aren't the best at making human-like judgments, such as recognizing when legitimate tools are being abused for malicious purposes. And running a series of AI agents will require cybercriminals and nation-states to have enough resources to pay the cloud bills they rack up, Michael Sikorski, CTO of Palo Alto Networks' Unit 42 threat research team, told Axios. But LLMs are improving rapidly. Sikorski predicts that malicious hackers will use a victim organization's own AI agents to launch an attack after breaking into their infrastructure.

ChatGPT now has nearly 700 million weekly users, OpenAI says. But after launching GPT-5 last week, critics bashed its less-intuitive feel, reports CNBC, "ultimately leading the company to restore its legacy GPT-4 to paying chatbot customers."

Yet GPT-5 was always about cracking the enterprise market "where rival Anthropic has enjoyed a head start," they write. And one week in, "startups like Cursor, Vercel, and Factory say they've already made GPT-5 the default model in certain key products and tools, touting its faster setup, better results on complex tasks, and a lower price." Some companies said GPT-5 now matches or beats Claude on code and interface design, a space Anthropic once dominated. Box, another enterprise customer, has been testing GPT-5 on long, logic-heavy documents. CEO Aaron Levie told CNBC the model is a "breakthrough," saying it performs with a level of reasoning that prior systems couldn't match...

Still, the economics are brutal. The models are expensive to run, and both OpenAI and Anthropic are spending big to lock in customers, with OpenAI on track to burn $8 billion this year. That's part of why both Anthropic and OpenAI are courting new capital... GPT-5 is significantly cheaper than Anthropic's top-end Claude Opus 4.1 — by a factor of seven and a half, in some cases — but OpenAI is spending huge amounts on infrastructure to sustain that edge. For OpenAI, it's a push to win customers now, get them locked in and build a real business on the back of that loyalty...

GPT-5 API usage has surged since launch, with the model now processing more than twice as much coding and agent-building work, and reasoning use cases jumping more than eightfold, said a person familiar with the matter who requested anonymity in order to discuss company data. Enterprise demand is rising sharply, particularly for planning and multi-step reasoning tasks.

GPT-5's traction over the past week shows how quickly loyalties can shift when performance and price tip in OpenAI's favor. AI-powered coding platform Qodo recently tested GPT-5 against top-tier models including Gemini 2.5, Claude Sonnet 4, and Grok 4, and said in a blog post that it led in catching coding mistakes. The model was often the only one to catch critical issues, such as security bugs or broken code, suggesting clean, focused fixes and skipping over code that didn't need changing, the company said. Weaknesses included occasional false positives and some redundancy.
JetBrains has also adopted GPT-5 as the default for its AI Assistant and for its new no-code tool Kineto, according to the article.

But Anthropic is still enjoying a great year too, with its annualized revenue growing 17x year-over-year (according to "a person familiar with the matter who requested anonymity")

Microsoft is updating its pricing approach for Online Services in Enterprise Agreements in the name of consistency and transparency, but could leave some customers paying more. From a report: Many customers, particularly larger ones, enjoy substantial discounts via volume licensing and the change, which will bring the Online Services pricing model into line with those already rolled out for services like Azure, "reflects our ongoing commitment to greater transparency and alignment across all purchasing channels." Online Services include products such as Dynamics 365 and Windows 365.

Exactly how big a discount customers enjoyed depends on the deal they scored. The change will mean that "pricing will align with the pricing published on Microsoft.com." According to Microsoft, "This change reduces licensing complexity, enabling partners to invest less time evaluating Microsoft pricing and programs and more time working with customers on their business needs. With simplified and standardized prices, partners can shift their focus to delivering unique services that will propel their customers' growth." The changes will take effect on November 1.

An anonymous reader quotes a report from The Guardian: Russian hackers took control of a Norwegian dam this year, opening a floodgate and allowing water to flow unnoticed for four hours, Norway's intelligence service has said. The admission, by the Norwegian Police Security Service (PST), marks the first time that Oslo has formally attributed the cyber-attack in April on Bremanger, western Norway, to Moscow. The attack on the hydropower dam, which produces electricity, released 500 liters (132 gallons) of water a second for four hours until the incident was detected and stopped.

The head of PST, Beate Gangas, said on Wednesday: "Over the past year, we have seen a change in activity from pro-Russian cyber actors." The Bremanger incident was an example of such an attack, she added. "The aim of this type of operation is to influence and to cause fear and chaos among the general population. Our Russian neighbor has become more dangerous." The incident did not cause any injuries or damage because the water level of the river and the dam, which is close to the town of Svelgen, was a long way below flood capacity. The alleged perpetrators reportedly published a three-minute video, watermarked with the name of a pro-Russian cybercriminal group, on Telegram on the day of the attack.

BrianFagioli shares a report from NERDS.xyz: If you run Plex Media Server, it's time to drop everything and update. The company has quietly patched a security issue that affects recent versions of its software, and users are being told to upgrade as soon as possible. According to an email Plex sent to affected customers, versions 1.41.7.x through 1.42.0.x are vulnerable. The newly released build, 1.42.1.10060 or later, contains the fix. Plex says the flaw was found through its bug bounty program, but sadly, it has not publicly shared details about how severe the issue is or whether it could be exploited remotely.

The next version of Windows will become "more ambient, pervasive, and multi-modal" as AI transforms how users interact with computers, Microsoft's Windows chief Pavan Davuluri said in a company video. Davuluri, Corporate Vice President and head of Windows, said that voice will emerge as a primary input method alongside keyboard and mouse, with the operating system gaining context awareness to understand screen content and user intent through natural language.

Windows interfaces, he said, will appear fundamentally different within five years as the platform becomes increasingly agentic. The transformation will rely on both local processing power and cloud computing capabilities to deliver seamless experiences where users can speak to their computers while simultaneously typing or inking.

BrianFagioli writes: Lenovo is starting its fiscal year with a major win, delivering record-breaking PC sales and claiming dominance in the AI PC space. For the first quarter of its 2025/26 fiscal year, the company reported $18.8 billion in revenue, which is 22 percent higher than the same period last year. Profit came in at $505 million, more than double the figure from a year ago.

The standout performer was Lenovo's PC and smart devices division. It posted its fastest growth in 15 quarters and secured a record 24.6 percent global market share. More than 30 percent of Lenovo's PCs shipped in the quarter were AI PCs, giving it the top position in the Windows AI PC segment with a 31 percent market share. This leadership is an important talking point for Lenovo as it continues to market AI features as a key reason for buyers to upgrade.

New York Attorney General Letitia James has sued Zelle's parent company, Early Warning Services, alleging it knowingly enabled over $1 billion in fraud from 2017 to 2023 by failing to implement basic safeguards. CNBC reports: "EWS knew from the beginning that key features of the Zelle network made it uniquely susceptible to fraud, and yet it failed to adopt basic safeguards to address these glaring flaws or enforce any meaningful anti-fraud rules on its partner banks," James' office said in the release. The lawsuit alleges that Zelle became a "hub for fraudulent activity" because the registration process lacked verification steps and that EWS and its partner banks knew "for years" that fraud was spreading and did not take actionable steps to resolve it, according to the press release.

James is seeking restitution and damages, in addition to a court order mandating that Zelle puts anti-fraud measures in place. "No one should be left to fend for themselves after falling victim to a scam," James said in the release. "I look forward to getting justice for the New Yorkers who suffered because of Zelle's security failures." A Zelle spokesperson called the lawsuit a "political stunt to generate press" and a "copycat" of the CFPB lawsuit, which was dropped in March.

"Despite the Attorney General's assertions, they did not conduct an investigation of Zelle," the spokesperson said. "Had they conducted an investigation, they would have learned that more than 99.95 percent of all Zelle transactions are completed without any report of scam or fraud -- which leads the industry."

Microsoft has made "Pull Print" for Universal Print generally available, letting users authenticate at any registered printer to release queued jobs and reducing the chance that confidential pages sit unattended.

The feature, also called "Universal Print Anywhere," supports two modes: direct print and secure release via QR codes that users scan with a phone camera or the Microsoft 365 app. Admins must register devices, enable secure release, and affix printed QR codes. Microsoft plans badge-based release.

spatwei shares a report from SC Media: Just as it had at BSides Las Vegas earlier in the week, the risks of artificial intelligence dominated the Black Hat USA 2025 security conference on Aug. 6 and 7. We couldn't see all the AI-related talks, but we did catch three of the most promising ones, plus an off-site panel discussion about AI presented by 1Password. The upshot: Large language models and AI agents are far too easy to successfully attack, and many of the security lessons of the past 25 years have been forgotten in the current rush to develop, use and profit from AI.

We -- not just the cybersecurity industry, but any organization bringing AI into its processes -- need to understand the risks of AI and develop ways to mitigate them before we fall victim to the same sorts of vulnerabilities we faced when Bill Clinton was president. "AI agents are like a toddler. You have to follow them around and make sure they don't do dumb things," said Wendy Nather, senior research initiatives director at 1Password and a well-respected cybersecurity veteran. "We're also getting a whole new crop of people coming in and making the same dumb mistakes we made years ago." Her fellow panelist Joseph Carson, chief security evangelist and advisory CISO at Segura, had an appropriately retro analogy for the benefits of using AI. "It's like getting the mushroom in Super Mario Kart," he said. "It makes you go faster, but it doesn't make you a better driver." Many of the AI security flaws resemble early web-era SQL injection risks. "Why are all these old vulnerabilities surfacing again? Because the GenAI space is full of security bad practices," said Nathan Hamiel, senior director of research and lead prototyping engineer at Kudelski Security. "When you deploy these tools, you increase your attack surface. You're creating vulnerabilities where there weren't any."

"Generative AI is over-scoped. The same AI that answers questions about Shakespeare is helping you develop code. This over-generalization leads you to an increased attack surface." He added: "Don't treat AI agents as highly sophisticated, super-intelligent systems. Treat them like drunk robots."

An anonymous reader shares a report: Microsoft is starting to roll out lightweight taskbar apps for Microsoft 365 users on Windows 11. These taskbar apps will automatically launch at startup and provide quick access to contacts, file search, and calendar straight from the Windows taskbar.

The Microsoft 365 companion apps, as Microsoft calls them, are starting to roll out to business users of Microsoft 365 this month. The People companion provides a browsable org chart, as well as the ability to look up anyone in your company. You can also quickly start a Teams message or call with a contact, or email them directly.

darwinmac writes: Firefox 141 rolled out a shiny new AI-powered smart tab grouping feature (it tries to auto-organize your tabs using a local model), but it turns out the local "Inference" process that powers it is acting like an energy-sucking monster. Users are reporting massive CPU spikes and battery drain and calling the feature "garbage" that's ruining their browsing experience.

New submitter darwinmac writes: Kapitano, a user-friendly GTK4 frontend for the ClamAV scanner on Linux, has been killed by its developer 'zynequ' following a wave of harsh, personal attacks from a user. The tool was meant to simplify virus scanning but quickly became a flashpoint when a user claimed it produced malware.

After defending the code calmly, the developer was nonetheless met with escalating accusations and hostility, leading to burnout. The project is now marked as "not maintained," its code released into the public domain under The Unlicense, and it's being delisted from Flathub.

zynequ said: "This was always a hobby project, created in my free time with none of the financial support. Incidents like this make it hard to stay motivated."

An anonymous reader shares a report: Starbucks patrons in South Korea are setting up de facto offices at the coffee chain, bringing along their desktop computers and printers. The company implemented a new policy banning bulky items from store locations. In South Korea, where office space is scant, remote workers are using cafes as a cheap place to work.

Starbucks South Korea is experiencing this exact phenomenon and is now banning patrons from bringing in large pieces of work equipment, treating the cafes like their own amenity-stuffed office space. "While laptops and smaller personal devices are welcome, customers are asked to refrain from bringing desktop computers, printers, or other bulky items that may limit seating and impact the shared space," a Starbucks spokesperson told Fortune in a statement.

Former NSA and Cyber Command chief Paul Nakasone told the Defcon security conference this month that technology companies will find it "very, very difficult" to remain neutral through 2025 and 2026.

Speaking with Defcon founder Jeff Moss in Las Vegas, Nakasone, now an OpenAI board member, addressed the intersection of technology and politics following the Trump administration's removal of cybersecurity officials deemed disloyal and revocation of security clearances for former CISA directors Chris Krebs and Jen Easterly. Nakasone also called ransomware "among the great scourges that we have in our country," stating the U.S. is "not making progress against ransomware."

Since 2023 the Python Software Foundation has had a Security Developer-in-Residence (sponsored by the Open Source Security Foundation's vulnerability-finding "Alpha-Omega" project). And he's just published a new 11-page white paper about open source's "phantom dependencies" problem — suggesting a way to solve it.

"Phantom" dependencies aren't tracked with packaging metadata, manifests, or lock files, which makes them "not discoverable" by tools like vulnerability scanners or compliance and policy tools. So Python security developer-in-residence Seth Larson authored a recently-accepted Python Enhancement Proposal offering an easy way for packages to provide metadata through Software Bill-of-Materials (SBOMs). From the whitepaper: Python Enhancement Proposal 770 is backwards compatible and can be enabled by default by tools, meaning most projects won't need to manually opt in to begin generating valid PEP 770 SBOM metadata. Python is not the only software package ecosystem affected by the "Phantom Dependency" problem. The approach using SBOMs for metadata can be remixed and adopted by other packaging ecosystems looking to record ecosystem-agnostic software metadata...

Within Endor Labs' [2023 dependencies] report, Python is named as one of the most affected packaging ecosystems by the "Phantom Dependency" problem. There are multiple reasons that Python is particularly affected:

- There are many methods for interfacing Python with non-Python software, such as through the C-API or FFI. Python can "wrap" and expose an easy-to-use Python API for software written in other languages like C, C++, Rust, Fortran, Web Assembly, and more.

- Python is the premier language for scientific computing and artificial intelligence, meaning many high-performance libraries written in system languages need to be accessed from Python code.

- Finally, Python packages have a distribution type called a "wheel", which is essentially a zip file that is "installed" by being unzipped into a directory, meaning there is no compilation step allowed during installation. This is great for being able to inspect a package before installation, but it means that all compiled languages need to be pre-compiled into binaries before installation...


When designing a new package metadata standard, one of the top concerns is reducing the amount of effort required from the mostly volunteer maintainers of packaging tools and the thousands of projects being published to the Python Package Index... By defining PEP 770 SBOM metadata as using a directory of files, rather than a new metadata field, we were able to side-step all the implementation pain...

We'll be working to submit issues on popular open source SBOM and vulnerability scanning tools, and gradually, Phantom Dependencies will become less of an issue for the Python package ecosystem.
The white paper "details the approach, challenges, and insights into the creation and acceptance of PEP 770 and adopting Software Bill-of-Materials (SBOMs) to improve the measurability of Python packages," explains an announcement from the Python Software Foundation. And the white paper ends with a helpful note.

"Having spoken to other open source packaging ecosystem maintainers, we have come to learn that other ecosystems have similar issues with Phantom Dependencies. We welcome other packaging ecosystems to adopt Python's approach with PEP 770 and are willing to provide guidance on the implementation."

"What happens when cybercriminals stop thinking small and start thinking like a Fortune 500 company?" asks a blog post from Koi Security. "You get GreedyBear, the attack group that just redefined industrial-scale crypto theft."

"150 weaponized Firefox extensions [impersonating popular cryptocurrency wallets like MetaMask and TronLink]. Nearly 500 malicious executables. Dozens of phishing websites. One coordinated attack infrastructure. According to user reports, over $1 million stolen." They upload 5-7 innocuous-looking extensions like link sanitizers, YouTube downloaders, and other common utilities with no actual functionality... They post dozens of fake positive reviews for these generic extensions to build credibility. After establishing trust, they "hollow out" the extensions — changing names, icons, and injecting malicious code while keeping the positive review history. This approach allows GreedyBear to bypass marketplace security by appearing legitimate during the initial review process, then weaponizing established extensions that already have user trust and positive ratings. The weaponized extensions captures wallet credentials directly from user input fields within the extension's own popup interface, and exfiltrate them to a remote server controlled by the group...

Alongside malware and extensions, the threat group has also launched a network of scam websites posing as crypto-related products and services. These aren't typical phishing pages mimicking login portals — instead, they appear as slick, fake product landing pages advertising digital wallets, hardware devices, or wallet repair services... While these sites vary in design, their purpose appears to be the same: to deceive users into entering personal information, wallet credentials, or payment details — possibly resulting in credential theft, credit card fraud, or both. Some of these domains are active and fully functional, while others may be staged for future activation or targeted scams...

A striking aspect of the campaign is its infrastructure consolidation: Almost all domains — across extensions, EXE payloads, and phishing sites — resolve to a single IP address: 185.208.156.66 — this server acts as a central hub for command-and-control, credential collection, ransomware coordination, and scam websites, allowing the attackers to streamline operations across multiple channels... Our analysis of the campaign's code shows clear signs of AI-generated artifacts. This makes it faster and easier than ever for attackers to scale operations, diversify payloads, and evade detection.

This isn't a passing trend — it's the new normal.
The researchers believe the group "is likely testing or preparing parallel operations in other marketplaces."