fidzu : computers

Forbes describes it as "definitely already out there, and under active exploitation according to the U.S. Cybersecurity and Infrastructure Security Agency, urging all organizations to prioritize timely remediation as the attack vector poses a significant risk." "We have issued CVE-2026-42897 to address a spoofing vulnerability affecting Exchange Outlook Web Access (OWA)," Microsoft told SecurityWeek. "We recommend customers enable EEMS to be better protected, and to follow our guidance available here." Microsoft this week patched 137 vulnerabilities with its Patch Tuesday updates and the cybersecurity industry was surprised to see that the latest updates did not address any zero-days. However, a zero-day was disclosed just 48 hours later, on May 14... described as a spoofing and XSS issue affecting Exchange Server Subscription Edition, 2016, and 2019. "Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network," Microsoft said in its advisory. The company noted that the vulnerability affects Exchange Outlook Web Access (OWA) and an attacker can exploit it by sending a specially crafted email to the targeted user. "If the user opens the email in Outlook Web Access and certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context," Microsoft explained. CSO Online shares more details. "Admins should note there are known issues once the mitigation is applied either manually or automatically through the EM Service." - OWA Print Calendar functionality might not work. As a workaround, copy the data or screenshot the calendar you want to print, or use Outlook Desktop client. - Inline images might not display correctly in the recipient's OWA reading pane. As a workaround, send images as email attachments or use Outlook Desktop client... - Admins may get a message saying "Mitigation invalid for this Exchange version." in mitigation details. This issue is cosmetic and the mitigation does apply successfully if the status is shown as "Applied". Microsoft is investigating how to address this glitch. Forbes notes "It's been something of a rough few days for Microsoft Exchange on the security vulnerability front," since this week also saw a zero-day demonstrated at the Pwn2Own Berlin hacking event, "which has been responsibly disclosed and not released into the wild." The Berlin event got off to a flying start on May 14 as Windows 11 was hit by no less than three zero-day exploits. On day two, hacking teams were no less successful, chaining together three new vulnerabilities in Microsoft Exchange in order to achieve the holy grail of SYSTEM-level remote code execution. Such was the level of this achievement that Orange Tsai from the DEVCORE Research Team was rewarded with a $200,000 bounty payment in return for immediately handing over all the technical details to the event organizers. "This is, in fact, good news," Forbes writes, since "full details of the vulnerabilities underlying the exploits, along with the technical nature of the exploit code itself, will be handed over to Microsoft, which will then have 90 days to provide a fix before any details are made public."

Read more of this story at Slashdot.

17 May 2026 8:56pm GMT

"We may have accidentally detected dark matter back in 2019," writes ScienceAlert. "What if instead of trying to see dark matter, scientists attempted to hear it instead?" asks Space.com: New research suggests dark matter could leave a tiny but discernible imprint in the cacophony of ripples in spacetime called "gravitational waves" that ring through the cosmos when two black holes slam together and merge... Fortunately, when it comes to detecting gravitational waves from colliding black holes, humanity's instruments, such as LIGO (Laser Interferometer Gravitational-Wave Observatory), are getting more and more sensitive all the time... Vicente and colleagues searched through data gathered by LIGO and its fellow gravitational wave detectors, KAGRA (Kamioka Gravitational Wave Detector) and Virgo, focusing on 28 of the clearest signals from merging black holes. Of these, 27 appeared to have come from mergers that occurred in the relative vacuum of space. One signal, however, GW190728, first heard on July 19, 2019, and the result of merging binary black holes with a combined mass of 20 times that of the sun and located an estimated 8 billion light-years away, seemed to carry the telltale trace of this merger occurring in a region of dense, "buttery" dark matter. The team behind this research is quick to point out that this can't be considered a positive detection of dark matter, but does say it gives us a hint at what to look for and thus where to direct follow-up investigations... "We know that dark matter is around us. It just has to be dense enough for us to see its effects," said team leader Josu Aurrekoetxea, of the Massachusetts Institute of Technology (MIT) Department of Physics. "Black holes provide a mechanism to enhance this density, which we can now search for by analyzing the gravitational waves emitted when they merge." They published their results this week in the journal Physical Review Letters.

Read more of this story at Slashdot.

17 May 2026 7:09pm GMT

Test scores "are lower than they were a decade ago in school districts across the U.S.," reports Times magazine, citing new data released Wednesday by Stanford researchers. "Reading scores were down roughly 0.6 grades in 2025 compared to 2015, and math scores were down about 0.4 grades. This means that students were 60% of one school year behind where their peers were in reading a decade earlier and 40% of one school year behind in math." But Stanford's announcement notes that America's schools "were in a 'learning recession' for seven years before the COVID-19 pandemic, with student test scores in math and reading on a steady decline since 2013." This reversal ended two decades of progress, according to Sean Reardon, the Professor of Poverty and Inequality at Stanford Graduate School of Education, whose data forms the backbone of the new research... The study reframes the narrative of pandemic-era learning loss, arguing that the crisis of the last few years was an acceleration of a problem that was already underway. "The pandemic was the mudslide that followed seven years of erosion in student achievement," said Professor Tom Kane, faculty director of the Center for Education Policy Research at Harvard University, and a lead author of the report... The study found that the slowdown in learning coincided with two major shifts in American childhood and education policy: the widespread dismantling of test-based accountability systems that defined the No Child Left Behind era and the rise of social media use among young people. Reading scores, in particular, suffered consistently, with the average annual loss in the years just before the pandemic being just as large as the loss during it... Today, 8th-grade reading scores on national assessments are at their lowest point since 1990. Compounding the problem, chronic student absenteeism remains a major obstacle to improving learning. Though down from its pandemic peak, 23 percent of students were chronically absent in the 2024-25 school year, far above the pre-pandemic rate of 15 percent. More context from Time magazine: Reading scores were down roughly 0.6 grades in 2025 compared to 2015, and math scores were down about 0.4 grades. This means that students were 60% of one school year behind where their peers were in reading a decade earlier and 40% of one school year behind in math... "The decline started around the time that social media's use among teens was exploding, and this was also occurring in a number of other countries," says Thomas Kane, one of the authors of the Educational Scorecard report and a professor at Harvard University... [H]e maintains that it is at the core of the decline in reading achievement. He points out that social media use was shown to be heaviest among the lowest achieving students. "Some states and school districts are making progress," notes the Associated Press, "largely by shifting toward phonics-based instruction and providing extra support for struggling readers." And "The picture is also brighter in math. Almost every state in the analysis saw improvements in math test scores from 2022 to 2025."

Read more of this story at Slashdot.

17 May 2026 5:34pm GMT

Almost exactly 21 years ago, in June 2005, at a mere 20 years old, I took over the managing editor role at OSNews from Eugenia. I had already published a few articles in the years prior, and had given Eugenia enough confidence to suggest me as her replacement. It was, and is, a great honour. In those 21 years and more than 20000 posts, I've seen a lot of beautiful things. Linux grew from a curiosity among nerds into a popular desktop operating system, and often a better choice for gaming than Windows. The BSDs flourish steadily, growing into even stronger and capable alternatives to desktop Linux than they already were. On the commercial side of things, new offerings challenged the hegemony of Microsoft and Windows. While Android and Chrome OS are at best merely tolerated, the idea that a newcomer would produce not one, but two operating systems that would successfully take on Microsoft and Apple seemed unimaginable when I started in 2005. While many alternative operating systems of the early 2000s faded away, we've also seen success stories there. Haiku evolved from an unusable, unstable promise on the horizon into a stable, daily-drivable operating system. The unique Genode Framework and Sculpt OS keep exploring and redefining the boundaries of what a general purpose operating system should be. Redox has exploded onto the scene, and keeps making massive strides almost every month. OS/2 is still actively updated, maintained, and sold. The Amiga will outlast us all. Internet culture, too, is changing, and while things definitely look bleak right now, there are sparks of hope and joy. The general attitude towards the big technology companies among the general public has shifted from admiration to mistrust and dislike, corporate social media seems to be crumbling, and the youngest generations absolutely despise the latest hype, "AI". All is certainly not lost, and sometimes I feel shimmers of hope that the pendulum may swing back to a more people-focused web, a web we've been part of since 1997. In those 21 years and more than 20000 posts, I've also seen a lot of hypes come and go, hypes that if I didn't embrace them, I'd surely be left behind. The "pivot to video", the cryptocurrency mania, NFTs, virtual reality and the metaverse, "AI" - all technologies and concepts I recognised for the hypes that they were, and consequently ridiculed and ignored, much to the dismay of many believers. I've got the angry emails and comments to prove it. This illustrates something about OSNews that I value and hold dear: OSNews doesn't jump on bandwagons, doesn't frantically try to follow the latest trends, doesn't cave under the pressure of big money interests. OSNews is constant, stable, deliberate, patient. Since 1997, we've covered the technology industry with interest, excitement, and wonder - tempered by a healthy dose of skepticism. When you follow this industry for almost three decades, you learn to spot the patterns and see the threads before anyone else does. That's not to say we haven't gone through changes. The most significant changes to OSNews happened in recent years, where instead of working on the site on a mostly voluntary basis with a pittance of ad revenue coming my way, I've turned my work for OSNews into my job. As part of this change, I removed all advertising from our website, morphing OSNews into a fully reader-funded endeavour. No ads, no corporate interests, no media network breathing down my neck. OSNews is a truly independent technology news website, a rarity these days. I don't have to keep corporate overlords or advertisers happy, and you'd be surprised to learn just how rare that is on the modern web. The OSNews website itself is fairly unchanging too, having gone through only a handful of redesigns since its founding in 1997. We've been using our current design, developed by Adam Scheinberg, for as long as I can remember (10-15 years?), and thanks to our independent, ad-free nature, any possible future redesign would only make the site simpler and even faster than it already is. There's no redesign in the cards at the moment, but rest assured, if it ever comes, we'll buck the trend of websites getting ever more complex and demanding and make OSNews lighter and even faster. And yes, despite commenters making up far less than one percent of our readership, I'll always opt to keep them. We might be a site of lurkers, but comments are a core part of OSNews. Even the annoying ones. Especially the annoying ones. That being said, there's going to be a small change to our design, rolling out today (it might take a few reloads for it to appear). To mark my 21 years and 20000 posts, OSNews is getting a new-ish logo, which combines the classic, intertwined beveled "O-S" from the early 2000s with the modern logo we've been using over the past 15 years or so. The O and S are intertwined once again, highlighting the continuity and stability I want OSNews to bring in this chaotic industry (I can write corporatese if I want to). Fun fact: this "new" logo was actually designed like 20 years ago, and we've had it in our back pocket ever since. Why create something new and of the times, when you've got something great sitting right there? Aside from the new logo, I'll be running a big fundraiser to mark this occasion early next week, with some silly incentives at various thresholds. If we reach the ultimate goal - a euro for every story I've posted - I'll overcome some very deep-rooted fears and anxieties, and tattoo the OSNews logo on my body, as my very first tattoo. OSNews has been part of my life for more than two decades, and I have every intention to add at least another two - having such a core part of my life immortalised on my body only makes sense. I've written about my anxiety disorder and how it affects me

16 May 2026 2:32pm GMT

The Commodity Futures Trading Commission wants us to know it's taking this very seriously.

16 May 2026 11:00am GMT

Universities promise no frontline duty and perks if students enlist in military.

15 May 2026 10:19pm GMT

Lawyers accused of rushing historic settlement to seize $320 million in fees.

15 May 2026 9:51pm GMT

Google recently launched something called Health Coach, an "AI" thing that's part of the company's new Fitbit products. Let's check in with how that's going. Put simply, Google's paid replacement for Fitbit Premium immediately began hallucinating, even admitting to having made up the data before asking if, you know, maybe I'm the one who actually forgot to input a run. Remember, this is my very first report from this thing, making for an awful first impression. Even after this correction, the run data continues to exist within the AI-powered home screen layout, despite no record actually appearing within my account. It's not exactly a great advertisement for a platform that costs $10 per month or $100 annually. ↫ Will Sattelberg at 9To5Google The entire US' - and thus much of the world's - economic growth is built on this trash. What could possibly go wrong?

15 May 2026 8:53pm GMT

One of the top pieces of customer feedback in the graphics driver area is clear: "Windows Update downgrades my drivers." Today, we are announcing a policy change to how display drivers are published through Windows Update - allowing 2-Part HWID + Computer Hardware ID (CHID) targeting for new devices. This change gives customers more control over their display driver of choice while preserving OEM control over the devices they ship. ↫ Garrettd at Microsoft's Hardware Dev Center Windows Update randomly downgrading your graphics drivers seems to be a common enough occurrence that its supposed fix deserves its own feature announcement and blog post. This is a real operating system that runs on most of the world's PCs.

15 May 2026 8:47pm GMT

Just trying to answer one simple question: What if the terminal was 3D?

11 May 2026 12:00am GMT

Break the pattern today or the loop will repeat tomorrow.

18 Apr 2026 12:00am GMT

My thoughts on AI-assisted programming.

11 Apr 2026 12:00am GMT