An anonymous reader quotes a report from The Intercept: Less than a year after OpenAI quietly signaled it wanted to do business with the Pentagon, a procurement document obtained by The Intercept shows U.S. Africa Command, or AFRICOM, believes access to OpenAI's technology is "essential" for its mission. The September 30 document lays out AFRICOM's rationale for buying cloud computing services directly from Microsoft as part of its $9 billion Joint Warfighting Cloud Capability contract, rather than seeking another provider on the open market. "The USAFRICOM operates in a dynamic and evolving environment where IT plays a critical role in achieving mission objectives," the document reads, including "its vital mission in support of our African Mission Partners [and] USAFRICOM joint exercises."

The document, labeled Controlled Unclassified Information, is marked as FEDCON, indicating it is not meant to be distributed beyond government or contractors. It shows AFRICOM's request was approved by the Defense Information Systems Agency. While the price of the purchase is redacted, the approval document notes its value is less than $15 million. Like the rest of the Department of Defense, AFRICOM -- which oversees the Pentagon's operations across Africa, including local military cooperation with U.S. allies there -- has an increasing appetite for cloud computing. The Defense Department already purchases cloud computing access from Microsoft via the Joint Warfighting Cloud Capability project. This new document reflects AFRICOM's desire to bypass contracting red tape and buy immediatelyMicrosoft Azure cloud services, including OpenAI software, without considering other vendors. AFRICOM states that the "ability to support advanced AI/ML workloads is crucial. This includes services for search, natural language processing, [machine learning], and unified analytics for data processing." And according to AFRICOM, Microsoft's Azure cloud platform, which includes a suite of tools provided by OpenAI, is the only cloud provider capable of meeting its needs.

Microsoft began selling OpenAI's GPT-4 large language model to defense customers in June 2023. Earlier this year, following the revelation that OpenAI had changed its mind on military work, the company announced a cybersecurity collaboration with DARPA in January and said its tools would be used for an unspecified veteran suicide prevention initiative. In April, Microsoft pitched the Pentagon on using DALL-E, OpenAI's image generation tool, for command and control software. But the AFRICOM document marks the first confirmed purchase of OpenAI's products by a U.S. combatant command whose mission is one of killing. OpenAI's stated corporate mission remains "to ensure that artificial general intelligence benefits all of humanity." The AFRICOM document marks the first confirmed purchase of OpenAI's products by a U.S. combatant command whose mission is one of killing. "Without access to Microsoft's integrated suite of AI tools and services, USAFRICOM would face significant challenges in analyzing and extracting actionable insights from vast amounts of data," reads the AFRICOM document. "This could lead to delays in decision-making, compromised situational awareness, and decreased agility in responding to dynamic and evolving threats across the African continent." The document contains little information about how exactly the OpenAI tools will be used.

Canada is bracing for Indian government-backed hacking as the two nations' diplomatic relationship nosedives to its lowest ebb in a generation. From a report: "We judge that official bilateral relations between Canada and India will very likely drive Indian state-sponsored cyber threat activity against Canada," the Canadian Centre for Cyber Security said in its annual threat report published Wednesday, adding that such hackers are probably already conducting cyber-espionage.

This month, Prime Minister Justin Trudeau's cabinet and Canadian police have ramped up a remarkable campaign of public condemnations against India, accusing Narendra Modi's officials of backing a wave of violence and extortion against Canadians on Canadian soil -- particularly those who agitate for carving out a separate Sikh state in India called Khalistan. India has rejected the accusations and believes some Khalistan activists to be terrorists harbored by Canada.

Cryptocurrency firm Consensys said on Tuesday it would cut 20% of its total workforce, citing broader macroeconomic pressures and ongoing regulatory challenges facing the industry. From a report: The decision will impact 162 of a total of 828 employees at the company, Consensys CEO Joseph Lubin told Reuters in a mailed statement. Crypto companies have frequently accused the Securities and Exchange Commission of regulatory overreach and exceeding its jurisdiction, while the agency argues that the industry is disregarding securities laws designed to protect investors and other market participants.

"Multiple cases with the SEC, including ours, represent meaningful jobs and productive investment lost due to the SEC's abuse of power and Congress's inability to rectify the problem," Lubin said in a blog post, opens new tab. "Such attacks from the U.S. government will end up costing many companies that have been investigated, sued, or sent Wells Notices, many millions of dollars," he added.

Russia has enacted a new law expanding control over cryptocurrency mining, granting multiple federal agencies access to digital currency identifier addresses, among other things. The country is also advancing its regulatory framework and experimenting with crypto in international trade. From a report: Taking effect on Nov. 1, the legislation includes several amendments designed to strengthen oversight and impose limitations on crypto mining activities based on regional needs. The law enables the Russian government to implement mining restrictions by location and define specific procedures and circumstances for banning mining operations. A notable provision in the law gives the government the power to stop digital currency mining pools from functioning in certain areas. Additionally, the government now has the authority to regulate infrastructure providers supporting mining operations.

This legislation also grants multiple federal agencies, beyond the Federal Financial Monitoring Service (Rosfinmonitoring), access to digital currency identifier addresses. This expansion includes federal executive agencies and law enforcement, bolstering their capability to track transactions that may be linked to money laundering or terrorist financing activities. Moreover, the amendments transfer responsibility for the national mining register from the Ministry of Digital Development to the Federal Tax Service, which will now oversee mining registrations for businesses and remove those with repeated infractions. While individual miners can continue without registering if they adhere to specific electricity consumption limits, companies and individual entrepreneurs must comply with new registration requirements.

Indonesia has banned sales of Apple's iPhone 16, citing the tech giant's failure to meet local investment requirements, the country's Ministry of Industry said. The ministry said Apple's local unit has not fulfilled the mandatory 40% local content threshold for smartphones, making imported iPhone 16 units illegal for sale in Southeast Asia's largest economy.

About 9,000 iPhone 16 devices have entered Indonesia through passenger luggage since last month's launch. "These phones entered legally, but will be illegal if traded," the ministry said. Apple has invested 1.48 trillion rupiah ($108 million) of its 1.71 trillion rupiah commitment in Indonesia. The company operates four developer academies but no manufacturing facilities in the country, despite government pressure to expand its presence.

When it comes to introducing liability for software products, "the EU and U.S. are taking very different approaches," according to Lawfare's cybersecurity newsletter. "While the U.S. kicks the can down the road, the EU is rolling a hand grenade down it to see what happens." Under the status quo, the software industry is extensively protected from liability for defects or issues, and this results in systemic underinvestment in product security. Authorities believe that by making software companies liable for damages when they peddle crapware, those companies will be motivated to improve product security... [T]he EU has chosen to set very stringent standards for product liability, apply them to people rather than companies, and let lawyers sort it all out.

Earlier this month, the EU Council issued a directive updating the EU's product liability law to treat software in the same way as any other product. Under this law, consumers can claim compensation for damages caused by defective products without having to prove the vendor was negligent or irresponsible. In addition to personal injury or property damages, for software products, damages may be awarded for the loss or destruction of data. Rather than define a minimum software development standard, the directive sets what we regard as the highest possible bar. Software makers can avoid liability if they prove a defect was not discoverable given the "objective state of scientific and technical knowledge" at the time the product was put on the market.

Although the directive is severe on software makers, its scope is narrow. It applies only to people (not companies), and damages for professional use are explicitly excluded. There is still scope for collective claims such as class actions, however. The directive isn't law itself but sets the legislative direction for EU member states, and they have two years to implement its provisions. The directive commits the European Commission to publicly collating court judgements based on the directive, so it will be easy to see how cases are proceeding.

Major software vendors used by the world's most important enterprises and governments are publishing comically vulnerable code without fear of any blowback whatsoever. So yes, the status quo needs change. Whether it needs a hand grenade lobbed at it is an open question. We'll have our answer soon.

The cost of cleaning up the U.K.'s largest nuclear site, "is expected to spiral to £136 billion" (about $176 billion), according to the Guardian, creating tension with the country's public-spending watchdog.

Projects to fix the state-owned buildings with hazardous and radioactive material "are running years late and over budget," the Guardian notes, with the National Audit Office suggesting spending at the Sellafield site has risen to more than £2.7 billion a year ($3.49 billion). Europe's most hazardous industrial site has previously been described by a former UK secretary of state as a "bottomless pit of hell, money and despair". The Guardian's Nuclear Leaks investigation in late 2023 revealed a string of cybersecurity problems at the site, as well as issues with its safety and workplace culture. The National Audit Office found that Sellafield was making slower-than-hoped progress on making the site safe and that three of its most hazardous storage sites pose an "intolerable risk".

The site is a sprawling collection of buildings, many never designed to hold nuclear waste long-term, now in various states of disrepair. It stores and treats decades of nuclear waste from atomic power generation and weapons programmes, has taken waste from countries including Italy and Sweden, and is the world's largest store of plutonium.

Sellafield is forecast to cost £136bn to decommission, which is £21.4bn or 18.8% higher than was forecast in 2019. Its buildings are expected to be finally torn down by 2125 and its nuclear waste buried deep underground at an undecided English location. The underground project's completion date has been delayed from 2040 to the 2050s at the earliest, meaning Sellafield will need to build more stores and manage waste for longer. Each decade of delay costs Sellafield between £500m and £760m, the National Audit Office said.

Meanwhile, the government hopes to ramp up nuclear power generation, which will create more waste.
"Plans to clean up three of its worst ponds — which contain hazardous nuclear sludge that must be painstakingly removed — are running six to 13 years later than forecast when the National Audit Office last drew up a report, in 2018... "

"One pond, the Magnox swarf storage silo, is leaking 2,100 litres of contaminated water each day, the NAO found. The pond was due to be emptied by 2046 but this has slipped to 2059."

Thanks to long-time Slashdot reader AmiMoJo for sharing the news.

"The world's largest renewable energy and transmission project has received key approval from government officials," reports New Atlas.

Solar power from Australia will be carried 2,672 miles (4,300 kilometers) to Singapore over undersea cables in what's being called "the Australia-Asia Power Link project." Reuters reports that SunCable "aims to produce 6 gigawatts of electricity at a vast solar farm in Northern Australia and ship about a third of that to Singapore via undersea cable."

More from New Atlas: [The project] will start by constructing a mammoth solar farm in Australia's Northern Territory to transmit around-the-clock clean power to [the Australian city] Darwin, and also export "reliable, cost-competitive renewable energy" to Singapore... with a clean energy generation capacity of up to 10 gigawatts, plus utility scale onsite storage. [The recently-obtained environmental approval] also green lights an 800-km (~500-mile) overhead transmission line between the solar precinct and Murrumujuk near Darwin...

If all of the dominoes line up perfectly, supply of the first clean electricity is estimated to start in the early 2030s. An overview graphic on the project page shows that the eventual end game for the Powell Creek development appears to be the generation of up to 20 GW of peak solar power and have some 36-42 GWh of battery storage on site.
Thanks to long-time Slashdot reader AmiMoJo for sharing the news.

Slashdot reader samleecole writes: Privacy advocates gained access to a powerful tool bought by U.S. law enforcement agencies that can track smartphone locations around the world. Abortion clinics, places of worship, and individual people can all be monitored without a warrant.

An investigation into tracking tool Locate X shows in the starkest terms yet how it and others — based on smartphone location data sold to various U.S. government law enforcement agencies, including state entities — could be used to monitor abortion clinic patients. This comes as more states contemplate stricter or outright bans on abortion...

In 2004 Alaa Abd El Fattah answered questions from Slashdot's readers about organizing the first-ever Linux installfest in Egypt.

In 2014 he was arrested for organizing poltical protests without requesting authorization, according to Wikipedia, and then released on bail — but then sentenced to five years in prison upon retrial. He was released in late March of 2019, but then re-arrested again in September by the National Security Agency, convicted of "spreading fake news" and jailed for five years...

Wikipedia describes Abd El-Fattah as an "Egyptian-British blogger, software developer and a political activist" who has been "active in developing Arabic-language versions of software and platforms." But this week an EFF blog post noticed that his released date had recently passed — and yet he was still in prison: It's been 28 days since September 29, the day that should have seen British-Egyptian blogger, coder, and activist Alaa Abd El Fattah walk free. Egyptian authorities refused to release him at the end of his sentence, in contradiction of the country's own Criminal Procedure Code, which requires that time served in pretrial detention count toward a prison sentence. [Human Rights Watch says Egyptian authorities are refusing to count more than two years of pretrial detention toward his time served. Amnesty International has also called for his release.] In the days since, Alaa's family has been able to secure meetings with high-level British officials, including Foreign Secretary David Lammy, but as of yet, the Egyptian government still has not released Alaa...

Alaa deserves to finally return to his family, now in the UK, and to be reunited with his son, Khaled, who is now a teenager. We urge EFF supporters in the UK to write to their MP to place pressure on the UK's Labour government to use their power to push for Alaa's release.
Last month the EFF wrote:: Over 20 years ago Alaa began using his technical skills to connect coders and technologists in the Middle East to build online communities where people could share opinions and speak freely and privately. The role he played in using technology to amplify the messages of his fellow Egyptians — as well as his own participation in the uprising in Tahrir Square — made him a prominent global voice during the Arab Spring, and a target for the country's successive repressive regimes, which have used antiterrorism laws to silence critics by throwing them in jail and depriving them of due process and other basic human rights.

Alaa is a symbol for the principle of free speech in a region of the world where speaking out for justice and human rights is dangerous and using the power of technology to build community is criminalized...

The Librarian of Congress has granted a DMCA exemption allowing independent repair of soft-serve machines, addressing the persistent issue of restricted repairs on McDonald's frequently malfunctioning machines. ExtremeTech reports: Section 1201 of the DMCA makes it illegal to bypass a digital lock protecting copyrighted work. That can be the DRM on a video file you download from iTunes, the carrier locks that prevent you from using a phone on other networks, or even the software running a McDonald's soft serve machine that refuses to accept third-party repairs. By locking down a product with DRM, companies can dictate when and how items are repaired under threat of legal consequences. This is an ongoing issue for people who want to fix all those busted ice cream machines.

Earlier this year, iFixit and Public Knowledge submitted their request for an exemption that would have covered a wide swath of industrial equipment. The request included everything from building management software to the aforementioned ice cream machines. Unfortunately, the Copyright Office was unconvinced on some of these points. However, the Librarian of Congress must be just as sick as the rest of us to hear the ice cream machine is broken. The office granted an exception for "retail-level food preparation equipment."

That means restaurant owners and independent repair professionals will be able to bypass the software locks that keep kitchen machinery offline until the "right" repair services get involved. This should lower prices and speed up repairs in such situations. Public Knowledge and iFixit express disappointment that the wider expansion was not granted, but they're still celebrating with some delicious puns (and probably ice cream). "There's nothing vanilla about this victory; an exemption for retail-level commercial food preparation equipment will spark a flurry of third-party repair activity and enable businesses to better serve their customers," said Meredith Rose, Senior Policy Counsel at Public Knowledge.

A government-controlled wallet that had been drained of $20 million on Thursday received most of its funds back Friday, adding another layer of mystery to transactions flagged by blockchain analysts as likely being connected to a high-profile theft. From a report: The pseudonymous blockchain sleuth ZachXBT had said in a tweet Thursday that the transfers resembled the playbook of a bad actor. Engaging with several decentralized finance protocols, the wallet had also tapped so-called instant exchanges after funds were moved across a series of transfers that "looked nefarious." About $19.3 million worth of funds had been returned to the wallet early Friday, per on-chain data collected by Arkham Intelligence, including Ethereum and the stablecoin USDC. Still, ZachXBT said in his Telegram community that funds transferred to exchanges had not yet been returned.

UnitedHealth Group said a ransomware attack in February resulted in more than 100 million individuals having their private health information stolen. The U.S. Department of Health and Human Services first reported the figure on Thursday. TechCrunch reports: The ransomware attack and data breach at Change Healthcare stands as the largest known digital theft of U.S. medical records, and one of the biggest data breaches in living history. The ramifications for the millions of Americans whose private medical information was irretrievably stolen are likely to be life lasting. UHG began notifying affected individuals in late July, which continued through October. The stolen data varies by individual, but Change previously confirmed that it includes personal information, such as names and addresses, dates of birth, phone numbers and email addresses, and government identity documents, including Social Security numbers, driver's license numbers, and passport numbers. The stolen health data includes diagnoses, medications, test results, imaging and care and treatment plans, and health insurance information -- as well as financial and banking information found in claims and payment data taken by the criminals.

The cyberattack became public on February 21 when Change Healthcare pulled much of its network offline to contain the intruders, causing immediate outages across the U.S. healthcare sector that relied on Change for handling patient insurance and billing. UHG attributed the cyberattack to ALPHV/BlackCat, a Russian-speaking ransomware and extortion gang, which later took credit for the cyberattack. The ransomware gang's leaders later vanished after absconding with a $22 million ransom paid by the health insurance giant, stiffing the group's contractors who carried out the hacking of Change Healthcare out of their new financial windfall. The contractors took the data they stole from Change Healthcare and formed a new group, which extorted a second ransom from UHG, while publishing a portion of the stolen files online in the process to prove their threat.

There is no evidence that the cybercriminals subsequently deleted the data. Other extortion gangs, including LockBit, have been shown to hoard stolen data, even after the victim pays and the criminals claim to have deleted the data. In paying the ransom, Change obtained a copy of the stolen dataset, allowing the company to identify and notify the affected individuals whose information was found in the data. Efforts by the U.S. government to catch the hackers behind ALPHV/BlackCat, one of the most prolific ransomware gangs today, have so far failed. The gang bounced back following a takedown operation in 2023 to seize the gang's dark web leak site. Months after the Change Healthcare breach, the U.S. State Department upped its reward for information on the whereabouts of the ALPHV/BlackCat cybercriminals to $10 million.

Ahead of Georgia's parliamentary elections, Georgian authorities raided the homes of disinformation researchers Eto Buziashvili and Sopo Gelava, seizing personal devices. The Record: Eto Buziashvili and Sopo Gelava, both employees of the Atlantic Council think tank, had their homes searched and their own and their family members' personal devices seized by investigators working for the country's Ministry of Finance, according to friends of the pair who spoke to Recorded Future News. Both women are said to be safe, although there are concerns about the security of their devices and online accounts. The searches come a day after Buziashvili published an article detailing how the Kremlin was influencing Georgian politics by supporting the incumbent government and interfering in the upcoming elections.

Local media reported that the offices of outsourcing company Concentrix and other Georgian citizens were also subject to searches. The Ministry of Finance claimed on Facebook it launched searches of "specific facilities" related to "call centers" alleged to be engaged in illegal activity. The investigations come ahead of an election that is being seen as a bellwether of the country's future direction, either pursuing closer ties to Russia under the current prime minister Irakli Kobakhidze or moving towards the West through opposition figures. Graham Brookie, the Atlantic Council's vice president for technology programs and strategy, said the organization "is deeply concerned about this development and its impact on our staff's work shortly before Georgian elections. [Gelava and Buziashvili] are engaged in independent, non-partisan work aimed at defending and strengthening democracy from those who would undermine it in online spaces, including research related to foreign influence efforts, the targeting of marginalized communities, and other online harms."

"We trust that Georgian authorities will provide more clarity on their actions, ensure the safety and security of our staff, return their property, and allow them to continue their contributions to Georgian democracy."

The White House is directing the Pentagon and intelligence agencies to increase their adoption of AI, expanding the Biden administration's efforts to curb technological competition from China and other adversaries. From a report: The edict is part of a landmark national security memorandum published Thursday. It aims to make government agencies step up experiments and deployments of AI. The memo also bans agencies from using the technology in ways that "do not align with democratic values," according to a White House news release.

"This is our nation's first ever strategy for harnessing the power and managing the risks of AI to advance our national security," national security adviser Jake Sullivan said in a speech Thursday. Sullivan called the speed of change in AI "breathtaking" and said it had the potential to affect fields ranging from nuclear physics to rocketry and stealth technology. The White House believes that providing clear rules for using AI will make it easier for government agencies to use the technology, according to a briefing with senior administration officials who spoke on the condition of anonymity to discuss details of the report before its publication.

An anonymous reader quotes a report from Wired: As November 5 draws closer, the Microsoft Threat Analysis Center (MTAC) warned on Wednesday that malicious foreign influence operations launched by Russia, China, and Iran against the US presidential election are continuing to evolve and should not be ignored even though they have come to feel inevitable. In the group's fifth report, researchers emphasize the range of ongoing activities (source may be paywalled; alternative source) as well as the inevitability that attackers will work to stoke doubts about the integrity of the election in its aftermath.

In spite of escalating conflict in the Middle East, Microsoft says that Iran has been able to keep up its operations targeting the US election, particularly targeting the Trump campaign and attempting to foment anti-Israel sentiment. Russian actors, meanwhile, have been focused on targeting the Harris campaign with character attacks and AI-generated content, including deepfakes. And China has shifted its focus in recent weeks, researchers say, to target down-ballot Republican candidates as well as sitting members of Congress who promote policies adversarial to China or in conflict with its interests.

Crucially, MTAC says it is all but certain that these actors will attempt to stoke division and mistrust in vote security on Election Day and in its immediate aftermath. "As MTAC observed during the 2020 presidential cycle, foreign adversaries will amplify claims of election rigging, voter fraud, or other election integrity issues to sow chaos among the US electorate and undermine international confidence in US political stability," the researchers wrote in their report. As the 2024 campaign season enters its final phase, the researchers say that they expect to see AI-generated media continuing to show up in new campaigns, particularly because content can spread so rapidly in the charged period immediately around Election Day. The report also notes that Microsoft has detected Iranian actors probing election-related websites and media outlets, "suggesting preparations for more direct influence operations as Election Day nears." "History has shown that the ability of foreign actors to rapidly distribute deceptive content can significantly impact public perception and electoral outcomes," wrote MTAC general manager Clint Watts. "With a particular focus on the 48 hours before and after Election Day, voters, government institutions, candidates and parties must remain vigilant to deceptive and suspicious activity online."

Norway plans to enforce a strict minimum social media age of 15 to protect children from harmful content and the influence of algorithms. The Guardian reports: The Scandinavian country already has a minimum age limit of 13 in place. Despite this, more than half of nine-year-olds, 58% of 10-year-olds and 72% of 11-year-olds are on social media, according to research by the Norwegian media authority. The government has pledged to introduce more safeguards to prevent children from getting around the age restrictions -- including amending the Personal Data Act so that social media users must be 15 years old to agree that the platform can handle their personal data, and developing an age verification barrier for social media.

"It sends quite a strong signal," the prime minister told the newspaper VG on Wednesday. "Children must be protected from harmful content on social media. These are big tech giants pitted against small children's brains. We know that this is an uphill battle, because there are strong forces here, but it is also where politics is needed." While he said he understood that social media could offer lonely children a community, self-expression must not be in the power of algorithms. "On the contrary, it can cause you to become single-minded and pacified, because everything happens so fast on this screen," he added. "It is also about giving parents the security to say no," said Kjersti Toppe, the minister for children and families. "We know that many people really want to say no, but don't feel they can."

Water companies in England could be banned from making a profit under plans for a complete overhaul of the system. The Guardian: The idea is one of the options being considered by a new commission set up by the Department for Environment, Food and Rural Affairs (Defra) amid public fury over the way firms have prioritised profit over the environment. Sources at the department said they would consider forcing the sale of water companies in England to firms that would run them as not-for-profits. Unlike under nationalisation, the company would not be run by the government but by a private company, run for public benefit. The nonprofit model, which is widely used in other European countries, allows staff to be paid substantial salaries and bonuses but any profits on top of that are returned to the company.

An anonymous reader shares a report: T-Mobile promised users who bought certain mobile plans that it would never raise their prices for as long as they lived -- but then raised their prices this year. So it's no surprise that 2,000 T-Mobile customers complained to the government about a price hike on plans that were advertised as having a lifetime price lock. "I am still alive and T-Mobile is increasing the price for service by $5 per line. How is this a lifetime price lock?" one customer in Connecticut asked the Federal Communications Commission in a complaint that we obtained through a public records request.

"I am not dead yet," a customer in New York wrote bluntly, saying they had bought a plan with a "guarantee for life." Both of those customers said they purchased T-Mobile's senior plan marketed to people aged 55 and up. While the price hikes apply to customers on various plans regardless of their age, many of the complaints to the FCC came from people in the 55+ age group. Some pointed out that if T-Mobile simply waits long enough, the carrier won't have to serve 55-and-up customers forever.

Applications to MBA programs jumped 12% in 2024, with full-time programs surging 32% to decade-high levels, WSJ is reporting, citing the Graduate Management Admission Council's latest survey. Top-tier U.S. schools reported significant gains, with Columbia Business School seeing a 27% rise and Harvard Business School applications climbing 21%. So what's behind the surge? The story adds: Today, the U.S. job market is strong, and unemployment remains low. But lower wage positions in retail and dining, as well as healthcare and government, have fueled much of the labor market's growth over the past two years.

A white-collar job market downturn that began with tech workers in 2022 has spread to other sectors. Major employers including Goldman Sachs, Lyft, Microsoft and PricewaterhouseCoopers have laid off a combined tens of thousands of workers this year. Hiring for roles that usually require a bachelor's degree dropped below 2019 levels in recent months, according to payroll provider ADP. That slump has been steeper for 20-somethings, who are running into a bottleneck on the lower rungs of the corporate ladder as more established professionals stay put.