An anonymous reader quotes a report from SecurityWeek: Hundreds of printer models from Brother and other vendors are impacted by potentially serious vulnerabilities discovered by researchers at Rapid7. The cybersecurity firm revealed on Wednesday that its researchers identified eight vulnerabilities affecting multifunction printers made by Brother. The security holes have been found to impact 689 printer, scanner and label maker models from Brother, and some or all of the flaws also affect 46 Fujifilm Business Innovation, five Ricoh, six Konica Minolta, and two Toshiba printers. Overall, millions of enterprise and home printers are believed to be exposed to hacker attacks due to these vulnerabilities.

The most serious of the flaws, tracked as CVE-2024-51978 and with a severity rating of 'critical', can allow a remote and unauthenticated attacker to bypass authentication by obtaining the device's default administrator password. CVE-2024-51978 can be chained with an information disclosure vulnerability tracked as CVE-2024-51977, which can be exploited to obtain a device's serial number. This serial number is needed to generate the default admin password. "This is due to the discovery of the default password generation procedure used by Brother devices," Rapid7 explained. "This procedure transforms a serial number into a default password. Affected devices have their default password set, based on each device's unique serial number, during the manufacturing process."

Having the admin password enables an attacker to reconfigure the device or abuse functionality intended for authenticated users. The remaining vulnerabilities, which have severity ratings of 'medium' and 'high', can be exploited for DoS attacks, forcing the printer to open a TCP connection, obtain the password of a configured external service, trigger a stack overflow, and perform arbitrary HTTP requests. Six of the eight vulnerabilities found by Rapid7 can be exploited without authentication. Brother has patched most of the flaws, but CVE-2024-51978 requires a new manufacturing process to fully resolve, which will apply only to future devices.

alternative_right shares a report from Phys.Org: A new study from the University of Bath's School of Management has found that individuals with a higher IQ make more realistic predictions, which supports better decision-making and can lead to improved life outcomes. The research, published in the Journal of Personality and Social Psychology, shows that people with a low IQ (the lowest 2.5% of the population) make forecasting errors that are more than twice as inaccurate as those made by people with a high IQ (the top 2.5% of the population).

The research used data from a nationally representative sample of people over 50 in England (English Longitudinal Study of Aging ELSA), assessing their ability to predict their own life expectancy. Individuals were asked to predict their probability of living to certain ages, and these estimates were compared with the probabilities taken from Office for National Statistics life tables (a demographic tool used to analyze death rates and calculate life expectancies at various ages). The study controlled for differences in lifestyle, health, and genetic longevity.

By analyzing participants' scores on a variety of cognitive tests, as well as genetic markers linked to intelligence and educational success, Chris Dawson, Professor of Economics and Behavioral Science at the University of Bath, showed that smarter individuals tend to have more accurate beliefs about uncertain future events - they are more skilled at assessing probability. Individuals with a higher IQ are significantly better at forecasting, making fewer errors (both positive and negative) and showing more consistent judgment compared to those with a lower IQ.

The UK government has rejected the 25 billion ($34.39 billion) pound Morocco-UK Power Project, citing a preference for domestic renewable initiatives that offer greater economic and strategic benefits. The project aimed to supply solar and wind energy from the Sahara to power up to seven million UK homes. Reuters reports: "The government has concluded that it is not in the UK national interest at this time to continue further consideration of support for the Morocco-UK Power Project," energy department minister Michael Shanks said in a written statement to parliament. He also said the project did not clearly align strategically with the government's mission to build homegrown power in the UK.

Xlinks' Morocco-UK power project would have tapped Moroccan renewable energy via what would have been the world's longest subsea power cable. The plan involved building 3,800 kilometers (2,361 miles) of high-voltage direct current subsea cables from Morocco to southwest England. The company had been seeking a guaranteed minimum price for the electricity supplied, known as contract for difference, from Britain's government.

The six largest UK accounting firms do not formally monitor how automated tools and AI impact the quality of their audits, the regulator has found, even as the technology becomes embedded across the sector. From a report: The Financial Reporting Council on Thursday published its first AI guide alongside a review of the way firms were using automated tools and technology, which found "no formal monitoring performed by the firms to quantify the audit quality impact of using" them.

The watchdog found that audit teams in the Big Four firms -- Deloitte, EY, KPMG and PwC -- as well as BDO and Forvis Mazars were increasingly using this technology to perform risk assessments and obtain evidence. But it said that the firms primarily monitored the tools to understand how many teams were using them for audits, "typically for licensing purposes," rather than to assess their impact on audit quality.

An anonymous reader quotes a report from Neuroscience News Science Magazine: Surgeons have performed the first fully robotic heart transplant in the U.S., using advanced robotic tools to avoid opening the chest. [...] Using a surgical robot, lead surgeon Dr. Kenneth Liao and his team made small, precise incisions, eliminating the need to open the chest and break the breast bone. Liao removed the diseased heart, and the new heart was implanted through preperitoneal space, avoiding chest incision.

"Opening the chest and spreading the breastbone can affect wound healing and delay rehabilitation and prolong the patient's recovery, especially in heart transplant patients who take immunosuppressants," said Liao, professor and chief of cardiothoracic transplantation and circulatory support at Baylor College of Medicine and chief of cardiothoracic transplantation and mechanical circulatory support at Baylor St. Luke's Medical Center. "With the robotic approach, we preserve the integrity of the chest wall, which reduces the risk of infection and helps with early mobility, respiratory function and overall recovery."

In addition to less surgical trauma, the clinical benefits of robotic heart transplant surgery include avoiding excessive bleeding from cutting the bone and reducing the need for blood transfusions, which minimizes the risk of developing antibodies against the transplanted heart. Before the transplant surgery, the 45-year-old patient had been hospitalized with advanced heart failure since November 2024 and required multiple mechanical devices to support his heart function. He received a heart transplant in early March 2025 and after heart transplant surgery, he spent a month in the hospital before being discharged home, without complications.

Apple's Swift programming language is expanding official support to Android through a new "Android Working Group" which will improve compatibility, integration, and tooling. "As it stands today, Android apps are generally coded in Kotlin, but Apple is looking to provide its Swift coding language as an alternative," notes 9to5Google. "Apple first launched its coding language back in 2014 with its own platforms in mind, but currently also supports Windows and Linux officially." From the report: A few of the key pillars the Working Group will look to accomplish include:

- Improve and maintain Android support for the official Swift distribution, eliminating the need for out-of-tree or downstream patches
- Recommend enhancements to core Swift packages such as Foundation and Dispatch to work better with Android idioms
- Work with the Platform Steering Group to officially define platform support levels generally, and then work towards achieving official support of a particular level for Android
- Determine the range of supported Android API levels and architectures for Swift integration
- Develop continuous integration for the Swift project that includes Android testing in pull request checks.
- Identify and recommend best practices for bridging between Swift and Android's Java SDK and packaging Swift libraries with Android apps
- Develop support for debugging Swift applications on Android
- Advise and assist with adding support for Android to various community Swift packages

Comcast is introducing new simplified, contract-free broadband plans that eliminate its unpopular 1.2TB data cap for residential customers. "The company began enforcing a data cap in 2008, when it set that limit at 250GB," notes PCMag. "Four years later, it raised that to 300GB, then lifted it to 1TB in 2016 and inched it up again to 1.25TB in 2020 after suspending it entirely during the early months of the pandemic." The report notes that existing customers will need to switch to these updated plans to benefit from the cap removal. PCMag reports: Steve Croney, Comcast's COO for connectivity and platforms, describes these new "everyday price plans" as "built on simplicity and transparency -- no hidden fees, no confusion." Comcast began showing the new plans on its sign-up pages Thursday morning. The monthly rates largely match those announced when Comcast advertised a rate-lock offer in April:

- 300Mbps downloads for $40 with a one-year lock or $55 with a five-year lock, then $70 a month
- 500Mbps for $55 with a one-year lock or $70 with a five-year lock, then $85
- 1Gbps for $70 with a one-year lock or $85 a month with a five-year lock, then $100
- 2Gbps for $100 with a one-year lock or $115 with a five-year lock, then $130

Upload speeds on those plans will vary by location but should start at 40Mbps. These plans also include one year of Xfinity Mobile wireless service, which combines Verizon's coverage with Comcast's Wi-Fi network.

Facing mounting competition from autonomous taxi services like Waymo, Uber is in early talks to help fund Travis Kalanick's potential acquisition of Pony.ai's U.S. subsidiary (source paywalled; alternative source). If completed, the deal would reunite Kalanick with Uber (now under CEO Dara Khosrowshahi) and position Pony.ai to operate independently of its Chinese parent amid rising U.S. regulatory pressures. The New York Times reports: The company, Pony.ai, was founded in Silicon Valley in 2016 but has its main presence in China, and has permits to operate robot taxis and trucks in the United States and China. The talks are preliminary, said the people, who were not authorized to speak about the confidential conversations. Mr. Kalanick will run Pony if the deal is completed, they said. It is unclear what role, if any, Uber would take in Pony as an investor. Financial details of the potential transaction could not be determined. Pony went public last year in the United States, raising $260 million in a share sale. Its market capitalization stands around $4.5 billion.

If the deal goes through, Mr. Kalanick, 48, will remain in his day job running CloudKitchens, a virtual restaurant start-up that he founded after leaving Uber in 2017. He would also work more closely with Dara Khosrowshahi, who took over as Uber's chief executive after Mr. Kalanick's ouster. The discussions are the starkest sign yet that Uber is under pressure from Waymo, the driverless car unit spun out of Google, and other autonomous car services. When Mr. Kalanick was Uber's chief executive, the company tried developing autonomous vehicle technology. It then bought Otto, a self-driving trucking start-up run by Anthony Levandowski, a former Google engineer. Google later sued Mr. Levandowski for theft of trade secrets and sued Uber to bar it from using its self-driving technology.

Under Mr. Khosrowshahi, Uber has taken a different tack to self-driving cars. The company has struck roughly 18 partnerships with autonomous vehicle companies like Wayve, May Mobility and WeRide to bring pilot programs for driverless car services into Europe, the Middle East and Asia. The goal, Mr. Khosrowshahi has said in podcast interviews, has been to put "as many cars on Uber's network as possible." He has maintained that while autonomous vehicles are growing steadily, ride-hailing networks will have both human and robot drivers for years.

An anonymous reader quotes a report from TechCrunch: Google's AI search features are killing traffic to publishers, so now the company is proposing a possible solution. On Thursday, the tech giant officially launched Offerwall, a new tool that allows publishers to generate revenue beyond the more traffic-dependent options, like ads.

Offerwall lets publishers give their sites' readers a variety of ways to access their content, including through options like micropayments, taking surveys, watching ads, and more. In addition, Google says that publishers can add their own options to the Offerwall, like signing up for newsletters. The new feature is available for free in Google Ad Manager after earlier tests with 1,000 publishers that spanned over a year. While no broad case studies were shared, India's Sakal Media Group implemented Google Ad Manager's Offerwall feature and saw a 20% revenue boost and up to 2 million more impressions in three months. Overall, publishers testing Offerwall experienced an average 9% revenue lift, with some seeing between 5% and 15%.

Michael Larabel writes via Phoronix: The upcoming Blender 5.0 3D modeling software application is introducing High Dynamic Range (HDR) display support on Linux when making use of Wayland -- no X11 support for HDR -- and Vulkan graphics accelerator. HDR support for Blender 5.0 on Linux is currently considered experimental. Enabling the HDR support on Linux for the Blender creator software requires having a High Dynamic Range display (of course) and be running on a Wayland desktop, enabling Vulkan API acceleration rather than OpenGL, and enabling the feature currently deemed experimental. Additional details can be found via this Blender DevTalk thread.

Google is bringing its AI Overviews-like feature to YouTube in the form of an "AI-powered search results carousel." The Verge reports: As shown in a video, the search results carousel will show a big video clip up top, thumbnails to a selection of other relevant video clips directly under that, and an AI-generated bit of text responding to your query. To see a full video, tap on the big clip at the top of the carousel.

The feature is currently only accessible on iOS and Android and for videos in English and will be available to test until July 30th, per the YouTube experiments page. Additionally, only a "randomly selected number of Premium members" will have access to it, YouTube says in a support document.

An anonymous reader quotes a report from Ars Technica: After sending cease-and-desist letters to VMware users whose support contracts had expired and who subsequently declined to subscribe to one of Broadcom's VMware bundles, Broadcom has started the process of conducting audits on former VMware customers. [...] Ars Technica reviewed a letter that a software provider and VMware user in the Netherlands received that is dated June 20 and informs the firm that it "has been selected for a formal audit of its use of VMware software and support services" [PDF]. The security professional who provided Ars with the letter asked to keep their name and their employers' name anonymous out of privacy concerns.

The anonymous employee told Ars that their company had been a VMware customer for "about" a decade before deciding not to sign up for a new contract with Broadcom's VMware a year ago. The company had been using VMware Cloud Foundation and vSphere. "Our CEO decided to not extend the support contract because of the costs," the employee said. "This already impacts us security-wise because we can no longer get updates (unless the CVSS score is critical)." The letter notes that an auditing firm, Connor Consulting, which is headquartered in San Francisco and has offices around the globe, will perform a review of the company's "VMware deployment and entitlements, which may include fieldwork or remote testing and meetings with members of your accounting, licensing, and management information systems functions." The letter informs its recipient that someone from Connor will reach out and that the VMware user should respond within three business days.

The letter, signed by Aiden Fitzgerald, director of global sales operations at Broadcom, claims that Broadcom will use its time "as efficiently and productively as possible to minimize disruption." Still, the security worker that Ars spoke with is concerned about the implications of the audit and said they "expect a big financial impact" for their employer. They added: "Because we are focusing on saving costs and are on a pretty tight financial budget, this will likely have impact on the salary negotiations or even layoffs of employees. Currently, we have some very stressed IT managers [and] legal department [employees] ..." The employee noted that they are unsure if their employer exceeded its license limits. If the firm did, it could face "big" financial repercussions, the worker noted.

Apple will allow developers in the European Union to distribute iOS apps outside its App Store, the company said Thursday in a bid to avoid escalating fines from Brussels regulators. The policy change came on the deadline for Apple to comply with EU rules or face new financial penalties that can reach up to 5% of average daily worldwide revenue.

The $3 trillion iPhone maker has been negotiating with the European Commission for two months after receiving a $585 million fine for breaching the EU's Digital Markets Act. The landmark legislation targets the power of Big Tech companies and requires Apple to open its mobile ecosystem to competitors.

The second change, set to go into effect in January 2026, would replace the current "core technology fee" model -- a separate charge imposed on developers -- with a commission-based structure.

PlayStation will continue withholding its first-party games from PlayStation Plus on launch day, despite Xbox offering day-one releases through Game Pass. Nick Maguire, PlayStation's vice president of global services, told Game File the company remains committed to its current approach of adding first-party titles to the subscription service 12 to 18 months after release. "We've sort of stayed true to our strategy across the board, where we're not looking to put games in day and date," Maguire said.

PlayStation instead selects four to five independent games annually for day-one PlayStation Plus releases, a strategy Maguire described as "working really well across the platform."

The Blue Screen of Death (BSOD) has held strong in Windows for nearly 40 years, but that's about to change. From a report: Microsoft revealed earlier this year that it was overhauling its BSOD error message in Windows 11, and the company has now confirmed that it will soon be known as the Black Screen of Death. The new design drops the traditional blue color, frowning face, and QR code in favor of a simplified black screen.

The simplified BSOD looks a lot more like the black screen you'd see during a Windows update. But it will list the stop code and faulty system driver that you wouldn't always see during a crash dump. IT admins shouldn't need to pull crash dumps off PCs and analyze them with tools like WinDbg just to find out what could be causing issues. The company will roll out this new BSOD design in an update to Windows 11 "later this summer."

An anonymous reader shares a report: Malaysia will ban plastic waste imports from the U.S. starting Tuesday because of America's failure to abide by the Basel Convention treaty on international waste transfers, in a move that could have significant consequences for California.

Malaysia emerged as a major destination for U.S. waste after China banned American waste imports in 2018. California shipped 864 shipping containers, or more than 10 million pounds of plastic waste, to Malaysia in 2024, according to the Basel Action Network, an advocacy group. That was second only to Georgia among U.S. states.

Under Malaysian waste guidelines announced last month, the country will no longer accept plastic waste and hazardous waste from nations that didn't ratify the Basel Convention, the international treaty designed to reduce the international movement of hazardous and other waste. The U.S. is one of just a handful of countries, including Fiji and Haiti, that hasn't signed the pact.

Microsoft is preparing to release a private preview of Windows changes that will move antivirus and endpoint detection and response apps out of the Windows kernel, nearly a year after a faulty CrowdStrike update crashed 8.5 million Windows-based machines worldwide.

The new Windows endpoint security platform is being developed in cooperation with CrowdStrike, Bitdefender, ESET, Trend Micro, and other security vendors. David Weston, Microsoft's vice president of enterprise and OS security, said dozens of partners have submitted papers detailing design requirements, some hundreds of pages long. The private preview will allow security vendors to request changes before the platform is finalized.

Accenture is facing mounting challenges as AI threatens to disrupt the consulting industry the company helped build. The Dublin-based firm, which made its fortune advising clients on adapting to new technologies from the internet to cloud computing, now confronts the same predicament as generative AI reshapes business operations.

The company's new generative AI contracts slowed to $100 million in the most recent quarter, down from $200 million per quarter last year. Technology partners including Microsoft and SAP are increasingly integrating AI directly into their offerings, allowing systems to work immediately without extensive consulting support. Newcomers like Palantir are embedding their own engineers with customers, enabling clients to bypass traditional consultants.

Between 2015 and 2024, Accenture generated a 370% total return by helping companies navigate technological transitions. The firm reached a $250 billion valuation in February before losing $60 billion in market value. CEO Julie Sweet insists that the company is reorganizing around "reinvention services." A recent survey found 42% of companies abandoned most AI initiatives, up from 17% a year ago.

Researchers at the University of Pennsylvania's Wharton School found that people who used large language models to research topics demonstrated weaker understanding and produced less original insights compared to those using Google searches.

The study, involving more than 4,500 participants across four experiments, showed LLM users spent less time researching, exerted less effort, and wrote shorter, less detailed responses. In the first experiment, over 1,100 participants researched vegetable gardening using either Google or ChatGPT. Google users wrote longer responses with more unique phrasing and factual references. A second experiment with nearly 2,000 participants presented identical gardening information either as an AI summary or across mock webpages, with Google users again engaging more deeply and retaining more information.

CareerBuilder + Monster, which once dominated the online recruitment industry, filed for Chapter 11 bankruptcy protection this week and said it plans to sell its businesses. From a report: Created through the September merger of CareerBuilder and Monster, the Chicago-based company said it agreed to sell its job board operations, its most recognizable business, to JobGet, which has an app for so-called gig workers.