An anonymous reader quotes a report from Wired: Earlier this month, Joseph Thacker's neighbor mentioned to him that she'd preordered a couple of stuffed dinosaur toys for her children. She'd chosen the toys, called Bondus, because they offered an AI chat feature that lets children talk to the toy like a kind of machine-learning-enabled imaginary friend. But she knew Thacker, a security researcher, had done work on AI risks for kids, and she was curious about his thoughts.

So Thacker looked into it. With just a few minutes of work, he and a web security researcher friend named Joel Margolis made a startling discovery: Bondu's web-based portal, intended to allow parents to check on their children's conversations and for Bondu's staff to monitor the products' use and performance, also let anyone with a Gmail account access transcripts of virtually every conversation Bondu's child users have ever had with the toy.

Without carrying out any actual hacking, simply by logging in with an arbitrary Google account, the two researchers immediately found themselves looking at children's private conversations, the pet names kids had given their Bondu, the likes and dislikes of the toys' toddler owners, their favorite snacks and dance moves. In total, Margolis and Thacker discovered that the data Bondu left unprotected -- accessible to anyone who logged in to the company's public-facing web console with their Google username -- included children's names, birth dates, family member names, "objectives" for the child chosen by a parent, and most disturbingly, detailed summaries and transcripts of every previous chat between the child and their Bondu, a toy practically designed to elicit intimate one-on-one conversation. More than 50,000 chat transcripts were accessible through the exposed web portal. When the researchers alerted Bondu about the findings, the company acted to take down the console within minutes and relaunched it the next day with proper authentication measures.

"We take user privacy seriously and are committed to protecting user data," Bondu CEO Fateen Anam Rafid said in his statement. "We have communicated with all active users about our security protocols and continue to strengthen our systems with new protections," as well as hiring a security firm to validate its investigation and monitor its systems in the future.

Google is letting outsiders experiment with DeepMind's Genie 3 "world model" via Project Genie, a tool for generating short, interactive AI worlds. The caveat: it requires a $250/month AI Ultra subscription, is U.S.-only, and has tight limits that make it more of a tech demo than a game engine. Engadget reports: At launch, Project Genie offers three different modes of interaction: World Sketching, exploration and remixing. The first sees Google's Nano Banana Pro model generating the source image Genie 3 will use to create the world you will later explore. At this stage, you can describe your character, define the camera perspective -- be it first-person, third-person or isometric -- and how you want to explore the world Genie 3 is about to generate. Before you can jump into the model's creation, Nano Banana Pro will "sketch" what you're about to see so you can make tweaks. It's also possible to write your own prompts for worlds others have used Genie to generate.

One thing to keep in mind is that Genie 3 is not a game engine. While its outputs can look game-like, and it can simulate physical interactions, there aren't traditional game mechanics here. Generations are also limited to 60 seconds, as is the presentation, which is capped at 24 frames per second and 720p.

NVIDIA has officially launched a native GeForce NOW client for Linux as a Flatpak, giving Linux gamers access to cloud-rendered RTX gaming. Phoronix reports: While confined to a Flatpak, for now NVIDIA is just "officially" supporting it on Ubuntu 24.04 LTS and later. Granted, thanks to Flatpak it should run on other non-Ubuntu distributions too but in terms of the official support and where they are qualifying their builds they are limiting it just to Ubuntu 24.04 LTS and later. [...] At launch the Flatpak build is also just for x86_64 Linux with no AArch64 Linux builds or similar at this time.

Running GeForce NOW on Linux while games are rendered in NVIDIA's cloud with Blackwell GPUs, you still need to be using a modern GPU with H.264 or H.265 Vulkan Video support NVIDIA isn't yet supporting Vulkan Video AV1 with GeForce NOW on Linux but just H.264/H.265. If you are using NVIDIA graphics the NVIDIA R580 series or newer is recommended while using the X.Org session. If you are using Intel or AMD Radeon graphics, Mesa 24.2+ is recommended and using the Wayland session.

When you are up and running with GeForce NOW on Linux, you have access to over 4,500 games. The free tier of GeForce NOW provides standard access to the gaming servers and limited session caps for an introductory-level experience. It's with the performance tier where you can enjoy RTX ray-tracing and 1440p @ 60 FPS performance and up to six hour sessions. With GeForce NOW's Ultimate tier is where you are running on GeForce RTX 5080 GPU servers with support for up to 5K @ 120 FPS gaming or 1080p @ 360 FPS with up to eight hour gaming sessions in length.

An anonymous reader quotes a report from Ars Technica, written by Dan Goodin: Two security professionals who were arrested in 2019 after performing an authorized security assessment of a county courthouse in Iowa will receive $600,000 to settle a lawsuit they brought alleging wrongful arrest and defamation. The case was brought by Gary DeMercurio and Justin Wynn, two penetration testers who at the time were employed by Colorado-based security firm Coalfire Labs. The men had written authorization from the Iowa Judicial Branch to conduct "red-team" exercises, meaning attempted security breaches that mimic techniques used by criminal hackers or burglars.

The objective of such exercises is to test the resilience of existing defenses using the types of real-world attacks the defenses are designed to repel. The rules of engagement for this exercise explicitly permitted "physical attacks," including "lockpicking," against judicial branch buildings so long as they didn't cause significant damage. [...] DeMercurio and Wynn's engagement at the Dallas County Courthouse on September 11, 2019, had been routine. A little after midnight, after finding a side door to the courthouse unlocked, the men closed it and let it lock. They then slipped a makeshift tool through a crack in the door and tripped the locking mechanism. After gaining entry, the pentesters tripped an alarm alerting authorities.

Within minutes, deputies arrived and confronted the two intruders. DeMercurio and Wynn produced an authorization letter -- known as a "get out of jail free card" in pen-testing circles. After a deputy called one or more of the state court officials listed in the letter and got confirmation it was legit, the deputies said they were satisfied the men were authorized to be in the building. DeMercurio and Wynn spent the next 10 or 20 minutes telling what their attorney in a court document called "war stories" to deputies who had asked about the type of work they do. When Sheriff Leonard arrived, the tone suddenly changed. He said the Dallas County Courthouse was under his jurisdiction and he hadn't authorized any such intrusion. Leonard had the men arrested, and in the days and weeks to come, he made numerous remarks alleging the men violated the law. A couple months after the incident, he told me that surveillance video from that night showed "they were crouched down like turkeys peeking over the balcony" when deputies were responding. I published a much more detailed account of the event here. Eventually, all charges were dismissed.

The preprint repository arXiv will require all submissions to be written in English or accompanied by a full English translation starting February 11, a policy change that explicitly permits the use of AI translators even as research suggests large language models remain inconsistent at the task.

Until now, authors only needed to submit an abstract in English. ArXiv hosts nearly 3 million preprints and receives more than 20,000 submissions monthly, though just 1% are in languages other than English.

Ralph Wijers, chair of arXiv's editorial advisory council, advises authors to verify any AI-generated translations. "Our own experience is that AI translation is good but not good enough," he says. A 2025 study from ByteDance Seed and Peking University ranked 20 LLMs on translation quality between Chinese and English; GPT-5-high scored nearly 77, just below the human expert benchmark of 80, but most models including GPT-4o, Claude 4, and Deepseek-V3 scored under 60.

An anonymous reader shares a report: The US is leading a huge global surge in new gas-fired power generation that will cause a major leap in planet-heating emissions, with this record boom driven by the expansion of energy-hungry datacenters to service AI, according to a new forecast.

This year is set to shatter the annual record for new gas power additions around the world, with projects in development expected to grow existing global gas capacity by nearly 50%, a report by Global Energy Monitor (GEM) found. The US is at the forefront of a global push for gas that is set to escalate over the next five years, after tripling its planned gas-fired capacity in 2025.

Much of this new capacity will be devoted to the vast electricity needs of AI, with a third of the 252 gigawatts of gas power in development set to be situated on site at datacenters. All of this new gas energy is set to come at a significant cost to the climate, amid ongoing warnings from scientists that fossil fuels must be rapidly phased out to avoid disastrous global heating.

An anonymous reader shares a report: U.S. life expectancy rose to a record high of 79 years in 2024, an increase of six months from the previous year, reflecting a sharp decline in deaths from COVID-19 and drug overdoses, the Centers for Disease Control and Prevention said on Thursday.

According to a report from the CDC's National Center for Health Statistics, life expectancy improved for both men and women across races and among Hispanics, surpassing the previous peak set in 2014.

Microsoft wants you to know that it knows that Windows 11, now used by a billion users, has been testing your patience and announced that its engineers are being redirected to urgently address the operating system's performance and reliability problems through an internal process the company calls "swarming."

"The feedback we're receiving from our community of passionate customers and Windows Insiders has been clear. We need to improve Windows in ways that are meaningful for people," Pavan Davuluri, president of Windows and devices, told The Verge. The company plans to spend the rest of 2026 focusing on pain points including system performance, reliability, and overall user experience.

January has been particularly rough for Windows 11. Microsoft issued an emergency out-of-band update to fix shutdown issues on some machines, then released a second out-of-band fix a week later to address OneDrive and Dropbox crashes. Some business PCs are also failing to boot after the January update because they were left in an "improper state" after December's monthly update failed to install. Users have also grown frustrated by aggressive Edge and Bing prompts, constant OneDrive upselling nags, and Microsoft's push to require Microsoft accounts.

The core members of the company's Windows Insider team recently moved to different roles. "Trust is earned over time and we are committed to building it back with the Windows community," Davuluri said.

The private equity industry is experiencing a quiet reckoning as hundreds of midsize firms find themselves trapped between investors who have lost patience and portfolios of companies they cannot sell at acceptable prices.

"There is existential risk for a number [of funds] because of the fundraising environment," said Sunaina Sinha Haldea, global head of private capital advisory at Raymond James. "If existing investors don't come and support them, new investors are highly unlikely to."

According to data from Preqin, the average buyout fund that closed in 2025 spent 23 months fundraising, up from 16 months in 2021, and the total number of funds raised fell to 1,191 from 2,679 over the same period. New York's Vestar Capital scrapped plans for its eighth fund in late 2024 and has not invested in a new portfolio company since 2023. The firm's assets under management dropped from $7 billion fifteen years ago to $3.3 billion in 2024.

Three-year annualized returns through June 2025 for the Cambridge Associates U.S. Private Equity Index stand at 7.4%, trailing the MSCI World stock index by 11 percentage points annually. The average holding period for buyout deals has stretched to 6.3 years from 5.1 years in 2020. Blue-chip megafunds continue raising capital normally, but smaller firms face existential pressure.

Apple has acquired Q.AI, a secretive Israeli startup whose technology can analyze facial skin micro-movements to interpret "silent speech," in a deal valued at close to $2 billion that marks the iPhone maker's second-largest acquisition ever, according to backer GV (formerly Google Ventures).

The four-year-old company was founded in Tel Aviv in 2022 by Aviad Maizels, Yonatan Wexler and Avi Barliya. Patents filed by Q.AI show its technology being deployed in headphones or smart glasses to enable non-verbal communication with an AI assistant. The acquisition comes as Meta's Ray-Ban smart glasses already let wearers talk to its AI, and Google and Snap are preparing to launch competing devices later this year.

An anonymous reader shares a report: Chat & Ask AI, one of the most popular AI apps on the Google Play and Apple App stores that claims more than 50 million users, left hundreds of millions of those users' private messages with the app's chatbot exposed, according to an independent security researcher and emails viewed by 404 Media. The exposed chats showed users asked the app "How do I painlessly kill myself," to write suicide notes, "how to make meth," and how to hack various apps.

The exposed data was discovered by an independent security researcher who goes by Harry. The issue is a misconfiguration in the app's usage of the mobile app development platform Google Firebase, which by default makes it easy for anyone to make themselves an "authenticated" user who can access the app's backend storage where in many instances user data is stored.

Harry said that he had access to 300 million messages from more than 25 million users in the exposed database, and that he extracted and analyzed a sample of 60,000 users and a million messages. The database contained user files with a complete history of their chats with the AI, timestamps of those chats, the name they gave the app's chatbot, how they configured the model, and which specific model they used. Chat & Ask AI is a "wrapper" that plugs into various large language models from bigger companies users can choose from, Including OpenAI's ChatGPT, Anthropic's Claude, and Google's Gemini.

Microsoft's Xbox hardware revenue fell 32% in the final quarter of 2025 and overall gaming revenue declined 9% year-over-year, according to the company's latest quarterly earnings, released as part of results showing Microsoft's total revenue exceeded $80 billion.

Xbox content and services revenue, which includes Game Pass, dropped 5%.

An anonymous reader shares a report: Windows 11 now has one billion users. Microsoft hit the milestone during the recent holiday quarter, meaning Windows 11 has managed to reach one billion users faster than Windows 10 did nearly six years ago.

"Windows reached a big milestone, 1 billion Windows 11 users," said Microsoft CEO Satya Nadella on the company's fiscal Q2, 2026 earnings call. "Up over 45 percent year-over-year." The growth of Windows 11 over the past quarter will be related to Microsoft's end of support for Windows 10, which also helped increase Microsoft's Windows OEM revenues.

A Waymo robotaxi struck a child near an elementary school in Santa Monica on January 23, according to the company. Waymo told the National Highway Traffic Safety Administration (NHTSA) that the child -- whose age and identity are not currently public -- sustained minor injuries. TechCrunch: The NHTSA has opened an investigation into the accident, and Waymo said in a blog post that it "will cooperate fully with them throughout the process."

Waymo said its robotaxi struck the child at 6 miles per hour, after braking "hard" from around 17 miles per hour. The young pedestrian "suddenly entered the roadway from behind a tall SUV, moving directly into our vehicle's path," the company said in its blog post. Waymo said its vehicle "immediately detected the individual as soon as they began to emerge from behind the stopped vehicle."

"Following contact, the pedestrian stood up immediately, walked to the sidewalk, and we called 911. The vehicle remained stopped, moved to the side of the road, and stayed there until law enforcement cleared the vehicle to leave the scene," Waymo wrote in the post.

Apple sold seven of the ten best-selling smartphones globally in 2025, a lopsided dominance that underscores how thoroughly the company controls the premium end of the mobile market.

The iPhone 16 was the single best-selling phone worldwide, and Apple's presence extended all the way down to the tenth spot where the iPhone 16e -- its newest budget-friendly option -- found consistent demand in Japan and the U.S., according to Counterpoint.

Samsung accounted for the remaining three positions, led by the Galaxy A16 5G as the best-selling Android device of the year. The Galaxy S25 Ultra also made the cut, marking the second straight year a Samsung flagship cracked the top ten. Together these ten phones from just two companies represented 19% of all smartphones sold during the year, continuing a four-year streak of Apple-Samsung exclusivity at the top.