Bitcoin briefly fell below $60,000 on Friday, "extending its weekly loss to nearly 20% and threatening to fall below $59,000," reports CoinDesk. Crypto was also hit by a 40%-plus plunge in Zcash after Shielded Labs disclosed a years-old bug that could have allowed undetected counterfeit ZEC creation. From the report: Now, with stocks in plunge mode -- the Nasdaq down nearly 4% on Friday -- bitcoin finds itself perfectly correlated. "Short term, Bitcoin feels like swallowing broken glass," wrote Jeff Swanson Friday. "The chart goes up. It goes down. It makes grown men cry into their Robinhood accounts and CNBC anchors smugly declare the funeral, for the eleventh time." "Here's what uncomfortable people don't understand: the discomfort is the yield. Every paper-handed panic seller is handing their future to someone with a longer time horizon and a colder storage device."

[...] Earlier, Shielded Labs, a nonprofit developer on the privacy token system, disclosed a critical vulnerability in Zcash's (ZEC) Orchard privacy pool that could have threatened the integrity of the token's supply. The vulnerability, if exploited, could have allowed an attacker to create an unlimited number of counterfeit ZEC tokens, completely undetected. "Think of it as someone secretly gaining access to the Federal Reserve's dollar printing press, except in this case, even the Fed wouldn't be able to tell these extra dollars were printed," wrote Omkar Godbole. Importantly, the vulnerability was discovered with help from Anthropic's recently released Opus 4.8 AI model, raising difficult questions for the entire crypto industry. More to come on that. ZEC is now down 42% over the past 24 hours. On Wednesday, the Zcash Foundation said: "The vulnerability was caught before any known exploitation occurred. There is no evidence of unauthorized value creation. Zcash's turnstile mechanism (which tracks the total ZEC balance across all value pools) confirmed that the total supply remained intact throughout. User privacy was not affected. Sapling and transparent transactions continued operating normally throughout the incident."

An anonymous reader quotes a report from Techdirt: Earlier this year Nieman Lab broke the story that major news publishers, including The New York Times, The Guardian, and USA Today Co., had started blocking the Internet Archive for fear that AI companies might scrape the nonprofit's repositories for training data. As one of the last bastions of archival history, that is, in case you're not aware, not very good for the public interest. Four months later and Nieman Lab now notes that the number of news outlets blocking the archive has soared to around 340 organizations:

"Our new analysis shows that more than 340 local news sites across the United States are now limiting the Internet Archive's ability to access and preserve their stories. Many sites in our sample are owned by five of the seven largest local news publishers in the country: USA Today Co., McClatchy, Advance Local, MediaNews Group, and Tribune Publishing. The latter two are both subsidiaries of the "vulture hedge fund" Alden Global Capital."

[...] Regardless of motivation, hiding whatever local news remains behind paywalls, then blocking it from the Internet Archive, in turn makes it harder for everyone else to do real journalism that relies on the historical record, local journalists tell Nieman Lab: "I cover news within a larger news desert in New York's Rockland, Sullivan, and Rockland counties. This means I need to heavily rely on archival data of old news articles from now deceased, or zombie-fied, media outlets," wrote B.J. Mendelson, the editor of The Monroe Gazette newsletter, in one recent petition signed by over 200 journalists. "Without the Internet Archive, my [work] would be incredibly difficult to do." The Internet Archive says it is listening to the concerns raised by local news outlets, while also partnering with journalism groups to train hundreds of newsrooms on archival preservation: "In December, the Internet Archive partnered with the Poynter Institute and Investigative Reporters and Editors to train a cohort of 33 local and national news outlets on how to develop and implement an archiving strategy. The initiative, funded through a Press Forward grant, aims to train 300 newsrooms in digital preservation and in using the Internet Archive's services by the end of 2027."

The UK's Government Digital Service is replacing Stripe with Dutch payments provider Adyen for many GOV.UK Pay transactions, including local authorities, police forces, and armed forces units. The three-year deal covers about 1,000 services and is meant to make payments more flexible while keeping the user experience largely unchanged. The Register reports: According to the tender notice published in February 2025, the contract covers around 17 percent of payments made through GOV.UK Pay but more than 70 percent of its organizations and includes the only option allowing users to start taking payments within one working day. At that point the contract had an estimated maximum value of £49 million, although with no guarantees over volume.

In a blogpost about the contract award on 2 June, GDS said it will migrate around 1,000 services to the new supplier. "We will make migration as straightforward as possible while complying with Know Your Customer legislation that protects everyone from fraud," wrote Alan Maddrell, senior content designer for the service. "Most importantly, there will be no discernible difference for paying users and no loss in functionality."

He added that the change of supplier will help introduce new options including pay by bank, which transfers money directly between bank accounts using open banking services and avoids the need to type in card details. GDS will continue to use WorldPay to process payments for central government, linked organizations and NHS bodies.

Longtime Slashdot reader Elektroschock writes: The American Business Software Alliance (BSA) does not consider mandatory open-source licensing to be an appropriate indicator of sovereignty. This is among the "pointed messages" they sent to the French government consultation (closed) today. "What protects Europe is the ability to govern, audit, and mitigate risk, not where a company files its corporate papers," said Thomas Boue of BSA. "Criteria of this kind raise costs, reduce access to best-in-class security solutions, and risk conflicting with the EU's international trade commitments."

An anonymous reader quotes a report from 9to5Google: There's been a lot of pushback in recent months around the impact of AI data centers on local communities, with the use of water being a key issue for many. Google, in an expansion of its "water stewardship" programs, is making commitments that include replenishing more water than it uses at its data center sites. AI data centers go through a lot of water use in cooling the hardware used to power models, and Google is no exception. While Google stands by saying that the impact of AI data centers on U.S. water consumption is "small," it also says it is focusing on "protecting local water resources in all aspects of our data center operations."

In a post, Google explains five new commitments regarding water use at its data centers in the U.S. These include replenishing more water than is consumed at data centers, helping local utilities to modernize water infrastructure, using air-cooled solutions in areas where watersheds are at risk, "transparently" reporting water use at data centers, and focusing on "alternative and reclaimed" water solutions. [...] In a linked paper (PDF), Google says it will replenish 120% of the water it uses at data center sites by 2030. Google is also committing $17 million to new water stewardship projects in Georgia, Iowa, Michigan, Minnesota, Missouri, Nebraska, and Texas in addition to 165 other projects already in place throughout the U.S.

Valve says its long-awaited Steam Machine and Steam Frame are both "shipping this summer." The company is also expanding its Verified program beyond Steam Deck to cover the new hardware. "Steam Verified is a developer-focused program where game makers ensure that their titles are capable of running on the Deck (meaning they'll run fine under Linux), that the UI elements and text are readable at standard resolutions, and that sensible default graphics settings are used," notes Tom's Hardware. From the report: The news should ease the worries of many an expecting gamer, given today's constant worries about AI servers slurping every RAM and NAND chip on the face of the earth, as well as Valve's own statements about component scarcity delaying the release. Plus, the company always works on its own schedule, so much so that Valve Time is a term.

The release of the Machine has been taking flak, given that while Valve was initially hoping for an estimated $600 to $800 price -- in the ballpark of the higher-end consoles -- the rumored pricing is climbing around or over $1000. This fact is somewhat corroborated by a February statement from a Valve executive who, like most anyone in the world, stated the price revision was due to the AI-driven component shortage.

NASA ordered astronauts on the International Space Station to shelter in their spacecraft and prepare for possible evacuation after a worsening air leak in the Russian Zvezda service module's transfer tunnel. The Guardian reports: The four astronauts of NASA's Crew-12 mission on the station -- two US astronauts, a French astronaut and a Russian cosmonaut -- received orders from NASA mission control at 9.04am ET (2pm BST) on Friday to enter their Crew Dragon spacecraft docked to the station and don their spacesuits in case the air leak warranted an emergency evacuation, a NASA official said.

NASA and Russia's space agency Roscosmos, the station's two primary operators, have debated for months over the cause and potential fixes of small air leaks onboard Russia's Zvezda service module, a key structure of the football-pitch-sized laboratory. The air leaks have been relatively minor in recent months. But on Monday the problem escalated from a pound of air per day to two pounds (0.9kg) a senior Nasa official told Reuters on condition of anonymity. UPDATE: "Roscosmos has paused Friday's structural repair efforts inside the Zvezda service module transfer tunnel, known as PrK, as more measurements and data is assessed," Bethany Stevens, a spokesperson for NASA, posted on X.

"Given this development, NASA has instructed the crew members inside the Dragon spacecraft to end the safe haven procedures and return to planned operations aboard the International Space Station. We look forward to working with Roscosmos on a collaborative approach to address the leaks."

Developing...

Waymo and B2U Storage Solutions have struck a "strategic supply agreement" to repurpose used batteries from Waymo's electric robotaxi fleet into stationary storage for California and Texas power grids. The arrangement could give robotaxi batteries a second life storing renewable energy after they're no longer suitable for vehicle use. It will also "support B2U projects in regions where Waymo's autonomous robotaxis operate -- meaning the used Waymo batteries could bolster the local power grids that Waymo vehicles rely upon for charging," reports Ars Technica. From the report: Waymo's "proactive maintenance" for its autonomous vehicles includes identifying opportunities to "refresh the battery to improve efficiency overall for our fleet," Adam Lenz, head of sustainability and environment at Waymo, told Ars. "That's when we look to these second-life applications, because there's still a lot of life left in the battery," he said.

Waymo did not specify the average mileage at which it swaps out batteries or retires vehicles from service. But Waymo robotaxis drive around much more each day than the typical EV, which means the Waymo fleet is likely to experience faster usage-related degradation of battery capacity over time. The company confirmed to Ars that "some of these vehicles have now been serving riders for years and have mileage beyond what a normal consumer drives."

[...] "Put a little haircut on that in terms of degradation and the effective capacity that would be left in those batteries when they're suitable for repurposing, and we're still talking about pretty significant capacity per battery," Hall said. The growing Waymo robotaxi fleet could lead to "pretty large numbers in terms of megawatt hours of capacity that can be deployed pretty quickly" for stationary energy storage supporting power grids, he suggested.

The agreement gives Waymo discretion over when and how many used batteries will be turned over to B2U. But the companies confirmed that B2U has "already started receiving smaller initial quantities of batteries" from the Waymo fleet. Over time, the agreement could give B2U "hundreds of megawatt-hours" of additional storage capacity from Waymo's thousands of electric vehicles, Lenz said.

An anonymous reader quotes a report from The Guardian: Bumblebees can use tools to solve a problem, according to experiments that demonstrate their remarkably advanced cognitive abilities. The bees were given an adapted version of an experiment that, 100 years ago, first demonstrated chimpanzees could work out how to retrieve an out-of-reach banana by stacking boxes. Since then, various other primates, elephants and crows have joined an elite cohort of species known to be capable of this level of insight and spontaneous problem solving. In the latest research, bees were shown to be able to roll a polystyrene ball to a specific location and climb on to it in order to access an artificial flower on a low ceiling. The findings challenge the longstanding assumption that insects operate purely on instinct and mindless trial-and-error learning. "Most people think insects are reflex-based machines," said Dr Olli Loukola, a behavioral ecologist at the University of Oulu, Finland, and senior author. "That they can't have any emotional states or feel pain. Some people don't even realize that they have brains. I hope that these results change the worldview about that."

"We are not claiming that bees think like humans," added Loukola. "But our findings show that miniature brains can generate flexible solutions to novel problems in ways we are only beginning to understand."

The findings are published in the journal Science.

Anthropic is urging leading AI labs to consider slowing development, warning that frontier models are advancing fast enough that they may soon be able to improve themselves without direct human intervention. The company says a global ability to pause or slow AI development would "likely be a good thing," citing internal data about accelerating model capabilities. From a blog post: Using public benchmarks and previously unreported data from within Anthropic, The Anthropic Institute is showing that AI is already accelerating the development of AI systems. To take just one example: today, Anthropic engineers on average ship 8x as much code per quarter as they did from 2021-2025.

The technical trends discussed in this piece suggest that AI systems are going to become much more capable in coming years. These trends have huge implications. AI that can build itself would be a major development in the history of technology -- one that could bring enormous good for the world in science, healthcare, and beyond. But full recursive self-improvement also might increase the risks of humans losing control over AI systems. If systems are capable of fully building their own successors, the ways we secure them, monitor them, and shape their behavior all grow much more important. [...]

If it were possible to effectively slow the development of this technology to give ourselves more time to deal with its immense implications, we think that would likely be a good thing. But if a slowdown simply lets the least cautious actors catch up technologically, it could leave everyone less safe. Without a global coordination mechanism, companies and governments will have to make difficult decisions about safety while under competitive and geopolitical pressures.

We believe it would be good for the world to have the option to slow or temporarily pause frontier AI development to enable societal structures and alignment research to keep up with the advance of the technology. The Anthropic Institute will conduct research -- in collaboration with many others -- and take actions to help build the systems that a credible slowdown or pause would require. These systems would enable frontier AI developers to verify that others globally have actually stopped or slowed, and that a bad actor could not use the auspices of a coordinated slowdown to jump ahead in secret. If such systems existed, we expect that we would slow down or temporarily pause, if other developers at or near the frontier also did so in a verifiable manner...

A new npm supply-chain attack has infected 36 packages with Rust-based infostealer malware called IronWorm. According to BleepingComputer, the malware "targets 86 environment variables (key-value pairs) and 20 credential files that may contain OpenAI, AWS, Anthropic, and npm credentials, vault configuration files, SSH keys, and Exodus cryptocurrency wallet files." From the report: According to researchers at supply-chain and devops company JFrog, IronWorm is written in Rust, hides behind an eBPF kernel rootkit, and communicates with the operator over the Tor network. The Rust-based malware self-propagates by using stolen credentials for publishing on npm; this includes secrets associated with npm's Trusted Publishing workflow. Once it compromises a developer or CI environment, it can publish trojanized versions of packages owned by the victim, which then infect additional developers and CI systems.

This behavior is conceptually similar to Shai Hulud, which had its code published on GitHub recently. Although JFrog researchers did not find a clear connection between IronWorm and Shai Hulud, they observed the same commit names in both supply-chain attacks. This opens the possibility that the new malware is an evolution of TeamPCP's payload, since IronWorm appears to be "a custom, carefully built implant from an operation with its own infrastructure."

[...] The company provides a list of all impacted package names and their versions in the report and recommends that developers upgrade to fixed releases, rotate their keys, and enable two-factor authentication (2FA) for all accounts. At the same time, Endor Labs and StepSecurity have spotted a very similar but distinct attack involving a JavaScript-based malware named binding.gyp, performing registry poisoning and GitHub Actions infection, unfolding during the same time-frame.

An anonymous reader quotes a report from 404 Media: The moderators of the biohacking subreddit say that peptide and hormone replacement therapy companies have been surreptitiously spamming Reddit in an attempt to get their posts scraped by AI chatbots. The strategy is an effort to systematically manipulate the answers provided by chatbots by manipulating the underlying source material that those chatbots will scrape -- in this case, a popular Reddit community. In a post last week, the moderators of r/biohackers said they would be banning new posts about peptides and hormone replacement therapy (HRT) because of attempted manipulation by the companies that make, market, and sell them. [...] "As AI search engines increasingly pull answers from Reddit, companies are using us for AEO. On top of that, there's been an explosion of peptide interest and AI usage flooding the sub. Together, this has put serious pressure on content quality," a post by the moderators read.

[...] It has become incredibly difficult to stop Reddit manipulation, because the firms doing it are getting more sophisticated. The moderator said that there are really standard and long-running strategies where brands will hop in the comments and suggest their products: "That type of marketing has always existed and if people want to try something new because the brand resonated with them, cool. That's the way marketing should flow in my mind," they said. "But what I'm seeing that is way scarier to me is that there are companies that will reverse-engineer the actual prompt patterns that are prioritized by LLMs, and so you'll see someone post a super clickbait, high-traction, vague question like 'Is all the hype around Vitamin D actually worth it?" they added. "And that thread will do really well because everyone on biohackers actually has an opinion, so it gets engagement and prioritized by LLMs, and then brands will sneak in and they'll embed their brand mentions in those threads in the exact right places in a seemingly organic way. But none of it is organic, the entire thing is a strategy by an agency to prioritize brand mentions or a narrative within an LLM."

The Reddit accounts that are doing this are "warmed up" or are made to seem human, meaning they have a posting history that is not just promotional. This makes them much harder to detect and moderate against. Some of the agencies doing this are paying real people to post promotional content, or have built communities where people are incentivized to post promotional content. The moderator said that Reddit's automated moderation tools have been helpful, but that the type of promotion happening has become so sophisticated that it has become more of a you-know-it-if-you-see it kind of thing. "A lot of it has become pattern recognition," they said. "You literally just sort of know what to look for. But the problem is you don't want to become punitive to the people who aren't doing this maliciously, and so I think the over-moderation risk is very real."

Meta has reportedly delayed the developer release of its Muse Spark AI model API multiple times, and as of Tuesday, had no scheduled launch date, according to the Wall Street Journal (paywalled). Reuters reports: A Meta spokesperson told Reuters on Wednesday that the company is already testing the Application Programming Interface (API) with some early partners and is looking forward to releasing it this month. "The muse spark API will be coming soon," Meta AI Chief Alexandr Wang announced in a post on X in April.

Meta unveiled Muse Spark in April as the first model built to close the gap with rivals. Muse Spark is the first in a new series of models created by the company's Superintelligence Labs. Earlier on Wednesday, Meta unveiled an AI agent aimed at helping businesses carry out day-to-day operations, hinting at the company's ambitions to compete with rivals such as OpenAI, Anthropic and Alphabet's Google.

The U.S. and its Five Eyes intelligence partners issued a joint warning (PDF) that Chinese military intelligence services are using LinkedIn and other professional networking sites to recruit people with access to government, military, foreign policy, or sensitive economic information. "These actors use an aggressive online recruitment strategy whereby intelligence officers or their affiliates pose as employees of private consultancies, think tanks or human resources firms, and place online job advertisements for foreign policy and defense analysts," the agencies said Wednesday. "China's military intelligence services ultimately seek to acquire privileged military, political and economic intelligence that can provide China with a strategic and tactical advantage over the Five Eyes." Bloomberg reports: China was targeting Five Eyes nationals with security clearance, particularly those working in foreign affairs, security and intelligence, and military personnel including people stationed in the Asia-Pacific region, it said. People with more peripheral access to government information, such as academics, journalists and think tank employees, were also being approached.

The Chinese embassy in the UK strongly condemned the accusations, calling the allegation of Chinese espionage threats "entirely fabricated" and "malicious slander." The "Five Eyes" members have "engaged in unscrupulous espionage and intelligence-gathering activities around the globe. Their activities are the real threat to peace-loving countries," the embassy said in a statement Thursday.

[...] According to the agencies, Chinese spies have commissioned reports to be written by those they've approached, paying them anywhere from a few hundred to several thousand dollars, with payments sometimes made in cryptocurrency. "Military members may be asked about their roles and unit activities, home base or naval vessel," the notice said. "Five Eyes agencies have identified individuals who have undertaken these activities, leading to criminal prosecutions, job losses, and security-clearance revocation," it warned.

An anonymous reader quotes a report from the Associated Press: The Supreme Court sided with the Trump administration Thursday in upholding the power of federal regulators to enforce data privacy laws on telecommunications companies. The 8-1 decision (PDF) preserved one of the Federal Communications Commission's key tools, though the companies also won a concession from the Republican administration that could shift the regulatory landscape.

The appeal from telecommunications giants Verizon and AT&T challenged a combined $100 million in penalties imposed after the agency determined that the companies had failed to safeguard customer location data. The companies argued that the FCC's process was unconstitutional because it gave them little opportunity to tell their side of the story in front of a jury. The administration defended the fines are an essential regulatory tool. But the government also said companies did not have to pay the penalties right away, a regulatory shift in the companies' favor.

The Supreme Court agreed, affirming the FCC's power to order fines when challenges are still available. "The orders at issue did not settle the carriers' legal obligations because, stated simply, they did not create an obligation to pay," Chief Justice John Roberts wrote for the majority. [...] Other agencies use similar enforcement methods, so a sweeping victory for AT&T and Verizon could have had widespread effects, advocates said.