fidzu : geek

Longtime Slashdot reader Himmy32 writes: GitHub has announced on X that their internal repositories have been breached through a compromised VS Code Extension on an employee's workstation. Bleeping Computer reported that the attack is linked to TeamPCP who have been in the news for a recent campaign affecting Checkmarx, Trivy, SAP, TanStack, and Bitwarden. The group appears to be attempting to sell the stolen code on cybercrime forums. "Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately," the company said. "Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker's current claims of ~3,800 repositories are directionally consistent with our investigation so far." Although the investigation remains ongoing, GitHub says it has "no evidence of impact to customer information stored outside of GitHub's internal repositories." The company has also not said whether it's in contact with the hackers or if it's received a ransom demand.

Read more of this story at Slashdot.

20 May 2026 8:00pm GMT

It could be one way to make your old PC play nicely with a high-end GPU.

20 May 2026 7:19pm GMT

Google publishes exploit code before patch, reported 29 months earlier, is fixed.

20 May 2026 7:10pm GMT

An anonymous reader quotes a report from TorrentFreak: A coalition of thirteen major publishers has won a massive $19.5 million default judgment against shadow library Anna's Archive. A New York federal judge fully approved the publishers' requests, issuing a broad permanent injunction that orders more than twenty specific global registries, hosts, and service providers to immediately disable the site's remaining domains. [...] At first glance, the damages award is the headline figure. Judge Rakoff granted the maximum statutory damages of $150,000 for each of the 130 "Works in Suit." This brings the final damages bill amount to a staggering $19,500,000. However, as with the $322 million judgment won by the music industry against Anna's Archive in the related Spotify case, it's highly unlikely that this money will be recouped. For now, the operators of Anna's Archive remain strictly anonymous, which doesn't help either. The default judgment (PDF) addresses this and requires the operators to unmask their identities and provide a sworn statement with valid contact information to the court within 10 days. However, since the operators have previously stated they hide their identities to avoid "decades of prison time," it is safe to assume that the operators will simply ignore this request. The true power of this default judgment lies in the permanent injunction. Anna's Archive is known to evade enforcement and change domain names when needed, so the injunction targets the technical intermediaries that keep the site online. Specifically, the injunction orders "all domain name registries and registrars of record" to permanently disable access to Anna's Archive's domains and prevent their transfer to anyone other than the publishers or the music industry plaintiffs in the related case. In addition to domain name services, the order also extends to international hosting providers, who are also ordered to stop working with the site. Leaving no room for interpretation, the order specifically names more than twenty companies and organizations. This includes familiar names like Cloudflare, Njalla, and DDOS-Guard, as well as the domain name registries of the site's current active domains [...]. The names include some intermediaries that were already listed in the Spotify default judgment, as well as new ones.

Read more of this story at Slashdot.

20 May 2026 7:00pm GMT

President asks $1B from taxpayers to secure his $400M privately funded ballroom.

20 May 2026 6:59pm GMT

Seagate CEO Dave Mosley said Monday that building new memory chip factories or adding capacity would "take too long" to keep up with AI-driven storage demand. "If we took the teams off and started building new factories or bringing up new machines, that would just take too long. You would end up with more capacity, but then you'd slow the rate of growth on that technology," Mosely said. CNBC reports: Memory chip stocks have soared in recent months as a flood of AI investing has sent demand soaring, with the chips a key part of the AI buildout in data centers. Chip production cycles stretch over many quarters for a single unit, and investors are increasingly wary of how long the leading memory makers can capture demand. CME Group is launching a new futures market for semiconductors, enabling more traders to lock in prices and hedge against the rising prices of computing power. At Monday's conference, Mosely also addressed the "very long lead times" and maintaining predictability with its clients. "We know what's coming out a year from now," he said. "And we've basically gone to the customers and said, 'Look, if you want to plan this really well, which it should be for your data centers, we know what's coming out. You can buy this stuff up to a certain period.' And so we want to keep that four or five quarters of visibility very, very solid for what's being built. But the demand is significantly higher than that."

Read more of this story at Slashdot.

20 May 2026 6:00pm GMT

This is a virtual museum of operating systems (and standalone applications) running under emulation, implemented as a Linux VM for QEMU, VirtualBox, or UTM. A custom emulator-independent launcher is provided, and all OSes and emulators are pre-installed and pre-configured. The launcher includes a snapshot feature to quickly revert broken installations back to a working state. Hypervisor installers and shortcuts to run the VM on Windows, macOS, and Linux are also included. ↫ Andrew Warkentin's Virtual OS Museum These types of preconfigured archives exist in the gaming world, but I've never seen something like this for operating systems. The amount of love, work, and care that have gone into this effort must've been immense, as it contains more than 1700 installs, more than 520 platforms, and more than 570 distinct operating systems, all wrapped into a single download, with a nice launcher on top to make using all of this as easy as possible. You can either download the full offline version at 121GB zipped, or a version that downloads each image as you fire them up for the first time at 14GB zipped. The contents span just about everything from early mainframes to desktop operating systems to all kinds of mobile platforms, from the late 1940s to today. I haven't yet found the time to download the whole thing, but I am absolutely going to, as there are so many names in here that I've been wanting to play around with for ages, but just never got the time to set up virtual machines or emulators for. This is going to be an amazing resource for the kinds of people who read OSNews.

19 May 2026 10:57pm GMT

We can inter Google Search to the Google Graveyard. At its Google I/O conference on Tuesday, Google unveiled an AI-powered overhaul of Search centered around a reimagined "intelligent search box" - what the company describes as the biggest change to this entry point to the web since the search box debuted more than 25 years ago. Instead of returning a simple list of links, Google Search will drop users into AI-powered interactive experiences at times. Google is also introducing tools that can dispatch "information agents" to gather information on a user's behalf, along with tools that let users build personalized mini apps tailored to their needs. ↫ Sarah Perez at TechCrunch The attack on online search has been ongoing for a long time, and it has already resulted in most people with a higher-than-average interest in technology to either no longer use Google, or just to not use online search at all. I used DuckDuckGo for a long time, until I switched to Startpage somewhere last year, and I have never looked back. Startpage (and many others like it) is a very simple, basic search engine: it just gives you a list of links. That's it. That's all I ever want from a search engine, as the task of then vetting each link for relevancy, accuracy, trustworthiness, and so on, is up to me, where it very well belongs. I do not want - and the world should not want - a massive technology corporation like Google, with a deeply vested, existential interest in guiding you towards websites from the companies that pay them for ads, to guide your online browsing experience. Google Search is already riddled with ads, but at least they're labeled and somewhat obvious. With these new "AI" chatbot-style interfaces, not only are its sources nebulous and tucked away, if they even exist at all, but they also just make shit up, fail at the most basic of tasks, and generally just suck at what they're supposed to be doing. This will make online search with Google worse. Worse yet, this will make it even easier for the billionaire Epstein class to sow dissent among the population, creating rifts and hatred where none should exist, solely to keep the peasants occupied fighting each other so they don't turn their anger towards the real reason their lives suck. Panem et circenses has transformed into divide et impera, and these nebulous chatbots with complex, invisible levers and dials will only make the divide easier.

19 May 2026 9:36pm GMT

The following is a hands-on introduction to Futhark through a collection of commented programs, listed in roughly increasing order of complexity. You can load the programs into the interpreter to experiment with them. For a conventional introduction to the language, Parallel Programming in Futhark may be a better choice. For more examples, you can check our implemented benchmarks. We also maintain a list of projects using Futhark. Some of the example programs use directives for plotting or rendering graphics. ↫ Futhark homepage As a non-programmer, I just think the name is cool.

19 May 2026 9:13pm GMT

Just trying to answer one simple question: What if the terminal was 3D?

11 May 2026 12:00am GMT

Break the pattern today or the loop will repeat tomorrow.

18 Apr 2026 12:00am GMT

My thoughts on AI-assisted programming.

11 Apr 2026 12:00am GMT