An anonymous reader quotes a report from KrebsOnSecurity: The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams known as "pig butchering." In January 2025, KrebsOnSecurity detailed how Funnull was being used as a content delivery network that catered to cybercriminals seeking to route their traffic through U.S.-based cloud providers. "Americans lose billions of dollars annually to these cyber scams, with revenues generated from these crimes rising to record levels in 2024," reads a statement from the U.S. Department of the Treasury, which sanctioned Funnull and its 40-year-old Chinese administrator Liu Lizhi. "Funnull has directly facilitated several of these schemes, resulting in over $200 million in U.S. victim-reported losses."

The Treasury Department said Funnull's operations are linked to the majority of virtual currency investment scam websites reported to the FBI. The agency said Funnull directly facilitated pig butchering and other schemes that resulted in more than $200 million in financial losses by Americans. Pig butchering is a rampant form of fraud wherein people are lured by flirtatious strangers online into investing in fraudulent cryptocurrency trading platforms. Victims are coached to invest more and more money into what appears to be an extremely profitable trading platform, only to find their money is gone when they wish to cash out. The scammers often insist that investors pay additional "taxes" on their crypto "earnings" before they can see their invested funds again (spoiler: they never do), and a shocking number of people have lost six figures or more through these pig butchering scams.

KrebsOnSecurity's January story on Funnull was based on research from the security firm Silent Push, which discovered in October 2024 that a vast number of domains hosted via Funnull were promoting gambling sites that bore the logo of the Suncity Group, a Chinese entity named in a 2024 UN report (PDF) for laundering millions of dollars for the North Korean state-sponsored hacking group Lazarus. Silent Push found Funnull was a criminal content delivery network (CDN) that carried a great deal of traffic tied to scam websites, funneling the traffic through a dizzying chain of auto-generated domain names and U.S.-based cloud providers before redirecting to malicious or phishous websites. The FBI has released a technical writeup (PDF) of the infrastructure used to manage the malicious Funnull domains between October 2023 and April 2025.

sinij shares a report from the BBC: France's National Assembly has voted to abolish low-emission zones, a key measure introduced during President Emmanuel Macron's first term to reduce city pollution. So-called ZFEs (zones a faibles emissions) have been criticized for hitting those who cannot afford less-polluting vehicles the hardest. A handful of MPs from Macron's party joined opposition parties from the right and far right in voting 98-51 to scrap the zones, which have gradually been extended across French cities since 2019. [...]

The low-emission zones began with 15 of France's most polluted cities in 2019 and by the start of this year had been extended to every urban area with a population of more than 150,000, with a ban on cars registered before 1997. Those produced after 1997 need a round "Crit'Air" sticker to drive in low-emission zones, and there are six categories that correspond to various types of vehicle. The biggest restrictions have been applied in the most polluted cities, Paris and Lyon, as well as Montpellier and Grenoble. The BBC notes that while the abolition is expected to pass France's Senate, it must still be included in a broader bill approved by the lower house in June and cleared by the Constitutional Council, which isn't guaranteed.

The SEC on Thursday voluntarily dismissed its lawsuit against Binance, the world's largest cryptocurrency exchange. It brings an end to one of the last remaining crypto enforcement actions brought by the agency. Reuters reports: The SEC had accused the defendants in 2023 of artificially inflating trading volumes, diverting customer funds, failing to restrict U.S. customers from Binance's platform, and misleading investors about its market surveillance controls. It also accused Binance of unlawfully facilitating trading of several tokens that prior SEC leadership deemed unregistered securities. Developing...

An anonymous reader quotes a report from SC Media: Thousands of ASUS routers have been compromised with malware-free backdoors in an ongoing campaign to potentially build a future botnet, GreyNoise reported Wednesday. The threat actors abuse security vulnerabilities and legitimate router features to establish persistent access without the use of malware, and these backdoors survive both reboots and firmware updates, making them difficult to remove.

The attacks, which researchers suspect are conducted by highly sophisticated threat actors, were first detected by GreyNoise's AI-powered Sift tool in mid-March and disclosed Thursday after coordination with government officials and industry partners. Sekoia.io also reported the compromise of thousands of ASUS routers in their investigation of a broader campaign, dubbed ViciousTrap, in which edge devices from other brands were also compromised to create a honeypot network. Sekoia.io found that the ASUS routers were not used to create honeypots, and that the threat actors gained SSH access using the same port, TCP/53282, identified by GreyNoise in their report. The backdoor campaign affects multiple ASUS router models, including the RT-AC3200, RT-AC3100, GT-AC2900, and Lyra Mini.

GreyNoise advises users to perform a full factory reset and manually reconfigure any potentially compromised device. To identify a breach, users should check for SSH access on TCP port 53282 and inspect the authorized_keys file for unauthorized entries.

Anthropic co-founder and CEO Dario Amodei is warning that AI could eliminate half of all entry-level white-collar jobs within the next five years -- and overall unemployment potentially spiking between 10 and 20% during that period.

The prediction comes as new data from venture capital firm SignalFire shows Big Tech companies have already reduced their hiring of new graduates by approximately 50% compared to pre-pandemic levels, with AI adoption cited as a contributing factor. Amodei told Axios that AI companies and government officials are "sugarcoating" the risks of mass job displacement in technology, finance, law, and consulting sectors.

A security researcher has discovered an exposed database containing 184 million login credentials for major services including Apple, Facebook, and Google accounts, along with credentials linked to government agencies across 29 countries. Jeremiah Fowler found the 47-gigabyte trove in early May, but the database contained no identifying information about its owner or origins.

The records included plaintext passwords and usernames for accounts spanning Netflix, PayPal, Discord, and other major platforms. A sample analysis revealed 220 email addresses with government domains from countries including the United States, China, and Israel. Fowler told Wired he suspects the data was compiled by cybercriminals using infostealer malware. World Host Group, which hosted the database, shut down access after Fowler's report and described it as content uploaded by a "fraudulent user." The company said it would cooperate with law enforcement authorities.

An anonymous reader quotes a report from The Verge: Secretary of State Marco Rubio announced Wednesday that the U.S. would restrict visas for "foreign nationals who are responsible for censorship of protected expression in the United States." He called it "unacceptable for foreign officials to issue or threaten arrest warrants on U.S. citizens or U.S. residents for social media posts on American platforms while physically present on U.S. soil" and "for foreign officials to demand that American tech platforms adopt global content moderation policies or engage in censorship activity that reaches beyond their authority and into the United States."

It's not yet clear how or against whom the policy will be enforced, but seems to implicate Europe's Digital Services Act, a law that came into effect in 2023 with the goal of making online platforms safer by imposing requirements on the largest platforms around removing illegal content and providing transparency about their content moderation. Though it's not mentioned directly in the press release about the visa restrictions, the Trump administration has slammed the law on multiple occasions, including in remarks earlier this year by Vice President JD Vance.

The State Department's homepage currently links to an article on its official Substack, where senior advisor for the Bureau of Democracy, Human Rights, and Labor Samuel Samson critiques the DSA as a tool to "silence dissident voices through Orwellian content moderation." He adds, "Independent regulators now police social media companies, including prominent American platforms like X, and threaten immense fines for non-compliance with their strict speech regulations." "We will not tolerate encroachments upon American sovereignty," Rubio says in the announcement, "especially when such encroachments undermine the exercise of our fundamental right to free speech."

An anonymous reader quotes a report : Washington is joining a growing list of states trying to tear down barriers for consumers who want to repair their electronics rather than buy new ones. Gov. Bob Ferguson last week signed the state's new "Right to Repair" policy, House Bill 1483, into law. It was a yearslong effort to get the law approved. "This is a win for every person in Washington state," said the bill's prime sponsor, Rep. Mia Gregerson, D-SeaTac.

In 2021, the Federal Trade Commission reported that consumers with broken electronics don't have much choice but to replace them because repairs require specialized tools, unique parts and inaccessible proprietary software. And those restrictions, the FTC found, disproportionately burden communities of color and low-income communities. Some companies engage in a practice called "parts pairing" that can make replacing parts of a device impossible. Washington's new law would largely outlaw this tactic.

Starting Jan. 1, 2026, the law will require manufacturers to make tools, parts and documentation needed for diagnostics and maintenance available to independent repair businesses. The requirement applies to digital electronics, like computers, cellphones and appliances, sold in Washington after July 1, 2021. Manufacturers won't be able to use parts that inhibit repairs. The state attorney general's office could enforce violations of the new law under the Consumer Protection Act.

Multiple readers shared the following report about the executive departures at CISA: Virtually all of the top officials at the Cybersecurity and Infrastructure Security Agency (CISA) have departed the agency or will do so this month, according to an email obtained by Cybersecurity Dive, further widening a growing void in expertise and leadership at the government's lead cyber defense force at a time when tensions with foreign adversaries are escalating.

Five of CISA's six operational divisions and six of its 10 regional offices will have lost top leaders by the end of the month, the agency's new deputy director, Madhu Gottumukkala, informed employees in an email on Thursday. [...] The exits of these leaders could undermine the efficiency and strategic clarity of CISA's partnerships with critical infrastructure operators, private security firms, foreign allies, state governments and local emergency managers, experts say.

"Do we need publicly-owned social networks to escape Silicon Valley?" asks an opinion piece in Spain's El Pais newspaper.

It argues it's necessary because social media platforms "have consolidated themselves as quasi-monopolies, with a business model that consists of violating our privacy in search of data to sell ads..." Among the proposals and alternatives to these platforms, the idea of public social media networks has often been mentioned. Imagine, for example, a Twitter for the European Union, or a Facebook managed by media outlets like the BBC. In February, Spanish Prime Minister Pedro Sánchez called for "the development of our own browsers, European public and private social networks and messaging services that use transparent protocols." Former Spanish prime minister José Luis Rodríguez Zapatero — who governed from 2004 until 2011 — and the left-wing Sumar bloc in the Spanish Parliament have also proposed this. And, back in 2021, former British Labour Party leader Jeremy Corbyn made a similar suggestion.

At first glance, this may seem like a good idea: a public platform wouldn't require algorithms — which are designed to stimulate addiction and confrontation — nor would it have to collect private information to sell ads. Such a platform could even facilitate public conversations, as pointed out by James Muldoon, a professor at Essex Business School and author of Platform Socialism: How to Reclaim our Digital Future from Big Tech (2022)... This could be an alternative that would contribute to platform pluralism and ensure we're not dependent on a handful of billionaires. This is especially important at a time when we're increasingly aware that technology isn't neutral and that private platforms respond to both economic and political interests.
There's other possibilities. Further down they write that "it makes much more sense for the state to invest in, or collaborate with, decentralized social media networks based on free and interoperable software" that "allow for the portability of information and content." They even spoke to Cory Doctorow, who they say "proposes that the state cooperate with the software systems, developers, or servers for existing open-source platforms, such as the U.S. network Bluesky or the German firm Mastodon." (Doctorow adds that reclaiming digital independence "is incredibly important, it's incredibly difficult, and it's incredibly urgent."

The article also acknowledges the option of "legislative initiatives — such as antitrust laws, or even stricter regulations than those imposed in Europe — that limit or prevent surveillance capitalism." (Though they also figures showing U.S. tech giants have one of the largest lobbying groups in the EU, with Meta being the top spender...)

"In the 1970s, the USSR used nuclear devices to try to send water from Siberia's rivers flowing south, instead of its natural route north..." remembers the BBC. [T]he Soviet Union simultaneously fired three nuclear devices buried 127m (417ft) underground. The yield of each device was 15 kilotonnes (about the same as the atomic bomb dropped on Hiroshima in 1945). The experiment, codenamed "Taiga", was part of a two-decade long Soviet programme of carrying out peaceful nuclear explosions (PNEs).

In this case, the blasts were supposed to help excavate a massive canal to connect the basin of the Pechora River with that of the Kama, a tributary of the Volga. Such a link would have allowed Soviet scientists to siphon off some of the water destined for the Pechora, and send it southward through the Volga. It would have diverted a significant flow of water destined for the Arctic Ocean to go instead to the hot, heavily populated regions of Central Asia and southern Russia. This was just one of a planned series of gargantuan "river reversals" that were designed to alter the direction of Russia's great Eurasian waterways...

Years later, Leonid Volkov, a scientist involved in preparing the Taiga explosions, recalled the moment of detonation. "The final countdown began: ...3, 2, 1, 0... then fountains of soil and water shot upward," he wrote. "It was an impressive sight." Despite Soviet efforts to minimise the fallout by using a low-fission explosive, which produce fewer atomic fragments, the blasts were detected as far away as the United States and Sweden, whose governments lodged formal complaints, accusing Moscow of violating the Limited Test Ban Treaty...

Ultimately, the nuclear explosions that created Nuclear Lake, one of the few physical traces left of river reversal, were deemed a failure because the crater was not big enough. Although similar PNE canal excavation tests were planned, they were never carried out. In 2024, the leader of a scientific expedition to the lake announced radiation levels were normal.
"Perhaps the final nail in the coffin was the Chernobyl nuclear disaster in 1986, which not only consumed a huge amount of money, but pushed environmental concerns up the political agenda," the article notes.

"Four months after the Number Four Reactor at the Chernobyl Nuclear Power Plant exploded, Soviet Premier Mikhail Gorbachev cancelled the river reversal project."

And a Russian blogger who travelled to Nuclear Lake in the summer of 2024 told the BBC that nearly 50 years later, there were some places where the radiation was still significantly elevated.

Longtime Slashdot reader sinij shares a press release from the White House, outlining a series of executive orders that overhaul the Nuclear Regulatory Commission and speed up deployment of new nuclear power reactions in the U.S.. From a report: The NRC is a 50-year-old, independent agency that regulates the nation's fleet of nuclear reactors. Trump's orders call for a "total and complete reform" of the agency, a senior White House official told reporters in a briefing. Under the new rules, the commission will be forced to decide on nuclear reactor licenses within 18 months. Trump said Friday the orders focus on small, advanced reactors that are viewed by many in the industry as the future. But the president also said his administration supports building large plants. "We're also talking about the big plants -- the very, very big, the biggest," Trump said. "We're going to be doing them also."

When asked whether NRC reform will result in staff reductions, the White House official said "there will be turnover and changes in roles." "Total reduction in staff is undetermined at this point, but the executive orders do call for a substantial reorganization" of the agency, the official said. The orders, however, will not remove or replace any of the five commissioners who lead the body, according to the White House. Any reduction in staff at the NRC would come at time when the commission faces a heavy workload. The agency is currently reviewing whether two mothballed nuclear plants, Palisades in Michigan and Three Mile Island in Pennsylvania, should restart operations, a historic and unprecedented process. [...]

Trump's orders also create a regulatory framework for the Departments of Energy and Defense to build nuclear reactors on federal land, the administration official said. "This allows for safe and reliable nuclear energy to power and operate critical defense facilities and AI data centers," the official told reporters. The NRC will not have a direct role, as the departments will use separate authorities under their control to authorize reactor construction for national security purposes, the official said. The president's orders also aim to jump start the mining of uranium in the U.S. and expand domestic uranium enrichment capacity, the official said. Trump's actions also aim to speed up reactor testing at the Department of Energy's national laboratories.

Spain's grid operator has accused some large power plants of not doing their job to help regulate the country's electricity system in the moments before last month's catastrophic blackout across the Iberian peninsula. From a report: Beatriz Corredor, chair of grid operator Red Electrica's parent company, said power plants fell short in controlling the voltage of the electricity system.

However, the heads of Spain's biggest plant owners linked the blackout to a lack of grid investment and insufficient efforts to boost electricity demand. The public blame game over the outage is intensifying as more than three weeks after 60 million people were left without power, Spanish government investigators insisted they needed more time to establish the root cause.

Harvard University's Galileo Project is using AI to automate the search for unidentified anomalous phenomena, marking a significant shift in how academics approach what was once considered fringe research. The project operates a Massachusetts observatory equipped with infrared cameras, acoustic sensors, and radio-frequency analyzers that continuously scan the sky for unusual objects.

Researchers Laura Domine and Richard Cloete are training machine learning algorithms to recognize all normal aerial phenomena -- planes, birds, drones, weather balloons -- so the system can flag genuine anomalies for human analysis. The team uses computer vision software called YOLO (You Only Look Once) and has generated hundreds of thousands of synthetic images to train their models, though the software currently identifies only 36% of aircraft captured by infrared cameras.

The Pentagon is pursuing parallel efforts through its All-domain Anomaly Resolution Office, which has examined over 1,800 UAP reports and identified 50 to 60 cases as "true anomalies" that government scientists cannot explain. AARO has developed its own sensor suite called Gremlin, using similar technology to Harvard's observatory. Both programs represent the growing legitimization of UAP research following 2017 Defense Department disclosures about military encounters with unexplained aerial phenomena.

An interesting piece on Construction Physics that examines how Japan transformed discarded American wartime shipbuilding techniques into a revolutionary manufacturing system that captured nearly half the global market by 1970. The story reveals the essential ingredients for industrial dominance: government backing, organizational alignment, relentless will to improve, and the systematic coordination needed to turn existing technologies into something entirely new. A few excerpts: During WWII, the US constructed an unprecedented shipbuilding machine. By assembling ships from welded, prefabricated blocks, the US built a huge number of cargo ships incredibly quickly, overwhelming Germany's u-boats and helping to win the war. But when the war was over, this shipbuilding machine was dismantled. Industrialists like Henry Kaiser and Stephen Bechtel, who operated some of the US's most efficient wartime shipyards, left the shipbuilding business. Prior to the war, the US had been an uncompetitive commercial shipbuilder producing a small fraction of commercial oceangoing ships, and that's what it became again. At the height of the war the US was producing nearly 90% of the world's ships. By the 1950s, it produced just over 2%.

But the lessons from the US's shipbuilding machine weren't forgotten. After the war, practitioners brought them to Japan, where they would continue to evolve, eventually allowing Japan to build ships faster and cheaper than almost anyone else in the world.

[...] The third strategy that formed the core of modern shipbuilding methods was statistical process control. The basic idea behind process control is that it's impossible to make an industrial process perfectly reliable. There will always be some variation in what it produces: differences in part dimensions, material strength, chemical composition, and so on. But while some variation is inherent to the process (and must be accepted), much of the variation is from specific causes that can be hunted down and eliminated. By analyzing the variation in a process, undesirable sources of variation can be removed. This makes a process work more reliably and predictably, reducing waste and rework from parts that are outside acceptable tolerances.

An anonymous reader shares a report: Vietnam's technology ministry has instructed telecommunication service providers to block the messaging app Telegram for not cooperating in combating alleged crimes committed by its users, according to a government document reviewed by Reuters.

The document, dated May 21 and signed by the deputy head of the telecom department at the technology ministry, ordered telecommunication companies to take measures to block Telegram and report on them to the ministry by June 2.

The U.S. unsealed charges against 16 individuals behind DanaBot, a malware-as-a-service platform responsible for over $50 million in global losses. "The FBI says a newer version of DanaBot was used for espionage, and that many of the defendants exposed their real-life identities after accidentally infecting their own systems with the malware," reports KrebsOnSecurity. From the report: Initially spotted in May 2018 by researchers at the email security firm Proofpoint, DanaBot is a malware-as-a-service platform that specializes in credential theft and banking fraud. Today, the U.S. Department of Justice unsealed a criminal complaint and indictment from 2022, which said the FBI identified at least 40 affiliates who were paying between $3,000 and $4,000 a month for access to the information stealer platform. The government says the malware infected more than 300,000 systems globally, causing estimated losses of more than $50 million. The ringleaders of the DanaBot conspiracy are named as Aleksandr Stepanov, 39, a.k.a. "JimmBee," and Artem Aleksandrovich Kalinkin, 34, a.k.a. "Onix," both of Novosibirsk, Russia. Kalinkin is an IT engineer for the Russian state-owned energy giant Gazprom. His Facebook profile name is "Maffiozi."

According to the FBI, there were at least two major versions of DanaBot; the first was sold between 2018 and June 2020, when the malware stopped being offered on Russian cybercrime forums. The government alleges that the second version of DanaBot -- emerging in January 2021 -- was provided to co-conspirators for use in targeting military, diplomatic and non-governmental organization computers in several countries, including the United States, Belarus, the United Kingdom, Germany, and Russia. The indictment says the FBI in 2022 seized servers used by the DanaBot authors to control their malware, as well as the servers that stored stolen victim data. The government said the server data also show numerous instances in which the DanaBot defendants infected their own PCs, resulting in their credential data being uploaded to stolen data repositories that were seized by the feds.

"In some cases, such self-infections appeared to be deliberately done in order to test, analyze, or improve the malware," the criminal complaint reads. "In other cases, the infections seemed to be inadvertent -- one of the hazards of committing cybercrime is that criminals will sometimes infect themselves with their own malware by mistake." A statement from the DOJ says that as part of today's operation, agents with the Defense Criminal Investigative Service (DCIS) seized the DanaBot control servers, including dozens of virtual servers hosted in the United States. The government says it is now working with industry partners to notify DanaBot victims and help remediate infections. The statement credits a number of security firms with providing assistance to the government, including ESET, Flashpoint, Google, Intel 471, Lumen, PayPal, Proofpoint, Team CYRMU, and ZScaler.

The Internet Archive has begun livestreaming its microfiche digitization center on YouTube, showcasing the real-time preservation of fragile film cards into searchable public documents. The work is part of Democracy's Library, a global initiative to digitize and share millions of government records. 9to5Mac reports: The livestream was brought to life by Sophia Tung, who previously gained attention for her viral robotaxi depot stream. Her new video explains how and why this new livestream project came together [...].

The livestream features five scanning stations at work, with one shown in close-up as operators digitize microfiche cards in real time. Each card holds up to 100 pages of public records. High-resolution cameras capture the images, software stitches and crops the pages, and the results are made text-searchable and freely accessible through Democracy's Library. Live scanning takes place Monday through Friday, 7:30 a.m. to 3:30 p.m. PT, excluding U.S. holidays, with a second shift expected to begin soon.

The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region. From a report: The new proposal was announced by the chairman of the State Duma, Vyacheslav Volodin, who presented it as a measure to tackle migrant crimes. "The adopted mechanism will allow, using modern technologies, to strengthen control in the field of migration and will also contribute to reducing the number of violations and crimes in this area," stated Volodin.

Using a mobile application that all foreigners will have to install on their smartphones, the Russian state will receive the following information: Residence location, fingerprint, face photograph, real-time geo-location monitoring.

Sen. Ron Wyden (D-Ore.) revealed in a new letter to Senate colleagues Wednesday that AT&T, Verizon and T-Mobile failed to create systems for notifying senators about government surveillance on Senate-issued devices -- despite a requirement to do so. From a report: Phone service providers are contractually obligated to inform senators when a law enforcement agency requests their records, thanks to protections enacted in 2020. But in an investigation, Wyden's staff found that none of the three major carriers had created a system to send those notifications.

"My staff discovered that, alarmingly, these crucial notifications were not happening, likely in violation of the carriers' contracts with the [Senate Sergeant at Arms], leaving the Senate vulnerable to surveillance," Wyden said in the letter, obtained first by POLITICO, dated May 21. Wyden said that the companies all started providing notification after his office's investigation. But one carrier told Wyden's office it had previously turned over Senate data to law enforcement without notifying lawmakers, according to the letter.