Wednesday BleepingComputer reported that more than 30 WordPress plugins "have been compromised with malicious code that allows unauthorized access to websites running them." A malicious actor planted the backdoor code last year but only recently started pushing it to users via updates, generating spam pages and causing redirects, as per the instructions received from the command-and-control (C2) server. The compromise affects plugins with hundreds of thousands of active installations and was spotted by Austin Ginder, the founder of managed WordPress hosting provider Anchor Hosting, after receiving a tip about one add-on containing code that allowed third-party access.

Further investigation by Ginder revealed that a backdoor had been present in all plugins within the EssentialPlugin package since August 2025, after the project was acquired in a six-figure deal by a new owner.... "The injected code was sophisticated. It fetched spam links, redirects, and fake pages from a command-and-control server. It only showed the spam to Googlebot, making it invisible to site owners," explained Ginder.
"WordPress.org's v2.6.9.1 update neutralized the phone-home mechanism in the plugin," Ginder writes in a blog post. "But it did not touch wp-config.php. The SEO spam injection was still actively serving hidden content to Googlebot.

"And here is the wildest part. It resolved its C2 domain through an Ethereum smart contract, querying public blockchain RPC endpoints. Traditional domain takedowns would not work because the attacker could update the smart contract to point to a new domain at any time." This has happened before. In 2017, a buyer using the alias "Daley Tias" purchased the Display Widgets plugin (200,000 installs) for $15,000 and injected payday loan spam. That buyer went on to compromise at least 9 plugins the same way.... The WordPress plugin marketplace has a trust problem... The Flippa listing for Essential Plugin was public. The buyer's background in SEO and gambling marketing was public. And yet the acquisition sailed through without any review from WordPress.org.

WordPress.org has no mechanism to flag or review plugin ownership transfers. There is no "change of control" notification to users. No additional code review triggered by a new committer. The Plugins Team responded quickly once the attack was discovered. But 8 months passed between the backdoor being planted and being caught.
Thanks to Slashdot reader axettone for sharing the news.

The FBI searched the Texas home of a 20-year-old man accused of throwing a Molotov cocktail at Sam Altman's San Francisco residence. Authorities say the suspect also made threats at OpenAI's headquarters, and reports indicate he had written extensively about fears over AI and opposition to AI executives.

The suspect reportedly authored a Substack blog and was a member of the Discord server PauseAI, an activist group focused on banning the development of the most powerful AI models to protect the public. In one post, they wrote: "These machines have already shown themselves to be unaligned with the interest of the people creating them. Models have often been found lying, cheating on tasks, and blackmailing their own creators whenever convenient; let alone the broader question of aligning them to whatever general 'human interest' may be." The Houston Chronicle reports: The search happened hours before the Justice Department charged 20-year-old Daniel Moreno-Gama with possession of an unregistered firearm and damage and destruction of property by means of explosives. An FBI spokesperson on Monday morning confirmed agents were executing a search warrant in Spring, but provided no other information.

Around the same time, FOX News reported the search was being conducted at the home of Daniel Moreno-Gama, 20, who last week was arrested by San Francisco police suspicion of attempted murder, making criminal threats and possession of a destructive device. The charges were first reported by the Associated Press. When Moreno-Gama was arrested Friday, he was carrying a document that "identified views opposed to Artificial Intelligence (AI) and the executives of various AI companies," the Associated Press reported. Moreno-Gama has no criminal history in Harris or Montgomery counties, according to public records. [...] Agents had left the cul-de-sac by 1 p.m. It was unclear if they removed any items from the house. Another incident occurred outside Sam Altman's residence early Sunday morning. "Early Sunday morning, a car stopped and appears to have fired a gun at the Russian Hill home of OpenAI's CEO," reports The San Francisco Standard, citing reports from the local police department. Two suspects were arrested and booked for negligent discharge.

UPDATE: The suspect has been charged with attempted murder.

"Robotic bird decoys are being deployed at Grand Teton National Park," reports Interesting Engineering, "to influence the behavior of real sage grouse and help restore a declining population.". Robotics mentor Gary Duquette describes the machines as "kind of a Frankenbird." (SFGate shows one of the robot birds charging up with a solar panel... "Recorded breeding calls are played at the scene, with clucking and cooing beginning at 5 a.m. each day.")

Duquette builds the birds with a team of high school students, telling WyoFile that at school they "don't really get to experience real-world problems" where failures lurk. So while their robot birds may cost $150 in parts, the practical experience the students get "is priceless." Spikes in the electric currents burned out servo motors as the season of sagebrush serenades loomed, Duquette said. "The kids had to learn the difference between voltage and amperage...." To resolve the problem, the team wired a voltage converter in line with the Arduino controller and other elements on an electronic breadboard. "We pulled through and got it done in time," he said...

A noggin fabricated by a 3D printer tops the robo-grouse. Wyoming Game and Fish staffers in Pinedale supplied grouse wings from hunter surveys, and body feathers came from fly-tying supplies at an angling store. Packaging foam from a Hello Fresh meal kit replicates white breast feathers, accented by yellow air sacs...
The Independent wonders if more national parks would be visited by robot birds... During this year's breeding season, which runs through mid-May, researchers are using trail cameras to track whether real sage grouse respond to the robotic displays and return to the restored lek sites. If successful, officials say similar robotic systems could eventually be used in other national parks facing wildlife management challenges.

"Rust's rise shows signs of slowing," argues the CEO of TIOBE.

Back in 2020 Rust first entered the top 20 of his "TIOBE Index," which ranks programming language popularity using search engine results. Rust "was widely expected to break into the top 10," he remembers today. But it never happened, and "That was nearly six years ago...." Since then, Rust has steadily improved its ranking, even reaching its highest position ever (#13) at the beginning of this year. However, just three months later, it has dropped back to position #16. This suggests that Rust's adoption rate may be plateauing.

One possible explanation is that, despite its ability to produce highly efficient and safe code, Rust remains difficult to learn for non-expert programmers. While specialists in performance-critical domains are willing to invest in mastering the language, broader mainstream adoption appears more challenging. As a result, Rust's growth in popularity seems to be leveling off, and a top 10 position now appears more distant than before.
Or, could Rust's sudden drop in the rankings just reflect flaws in TIOBE's ranking system? In January GitHub's senior director for developer advocacy argued AI was pushing developers toward typed languages, since types "catch the exact class of surprises that AI-generated code can sometimes introduce... A 2025 academic study found that a whopping 94% of LLM-generated compilation errors were type-check failures." And last month Forbes even described Rust as "the the safety harness for vibe coding."

A year ago Rust was ranked #18 on TIOBE's index — so it still rose by two positions over the last 12 months, hitting that all-time high in January. Could the rankings just be fluctuating due to anomalous variations in each month's search engine results? Since January Java has fallen to the #4 spot, overtaken by C++ (which moved up one rank to take Java's place in the #3 position).

Here's TIOBE's current estimate for the 10 most popularity programming languages:

1. Python
2. C
3. C++
4. Java
5. C#
6. JavaScript
7. Visual Basic
8. SQL
9. R
10. Delphi/Object Pascal

TIOBE estimates that the next five most popular programming languages are Scratch, Perl, Fortran, PHP, and Go.

One crime ring scammed 2,000 elderly people of more than $27 million between 2021 and 2023 using tech support/bank impersonation/refund scams. "Victims were in their 70s and 80s," reports the U.S. Attorney's office for California's southern district. Victims were first told they'd received a refund (either online or via phone), but then told they'd been "over-refunded" a massive amount, and asked to return that amount.

But 42-year-old Jiandong Chen just admitted Thursday in a U.S. federal court that he was involved in the fraud and money laundering via cryptocurrency — pleading guilty to two charges with maximum penalties of 40 years in prison and a $1 million fine, plus 20 years in prison with a maximum fine of $500,000 or twice the amount laundered. "Chen, a Chinese national, is the second defendant charged in a five-defendant indictment." And what tripped him up seems to be that "Certain members of the conspiracy also did in-person pickups of money directly from victims..."

And so YouTube enters the story — when the scammers called pranksters with 1,790,000 subscribers to their "Trilogy Media" channel. In an elaborate three-hour video, the team of pranksters lured the scammer to a rented Airbnb where they're staging a fake funeral with a nun. (One of the men acting in the video remembers "we start doing a prayer... I'm holding the scammer's hand in my nun outfit...")

They convince the scammer to collect the cash from a dead man — "Is there anything you'd like to say to him?" Then there's demon voices. The scammer's victim resurrects from the dead. Did the cash mule bring holy water?

The end result was a video titled "CONFRONTING SCAMMERS WITH A FAKE FUNERAL (EPIC REACTIONS)". But two and a half years later, their "cash mule sting house" video has racked up over 1.3 million views, 22,000 likes, and 2,979 comments. ("This video is longer than Oppenheimer. Thanks for the laughs fellas.")

And the scammer is facing 60 years in prison.

ZipNada writes: Two software researchers recently demonstrated how modern AI tools can reproduce entire open-source projects, creating proprietary versions that appear both functional and legally distinct. The partly-satirical demonstration shows how quickly artificial intelligence can blur long-standing boundaries between coding innovation, copyright law, and the open-source principles that underpin much of the modern internet.

In their presentation, Dylan Ayrey, founder of Truffle Security, and Mike Nolan, a software architect with the UN Development Program, introduced a tool they call malus.sh. For a small fee, the service can "recreate any open-source project," generating what its website describes as "legally distinct code with corporate-friendly licensing. No attribution. No copyleft. No problems." It's a test case in how intellectual property law -- still rooted in 19th-century precedent -- collides with 21st-century automation. Since the US Supreme Court's Baker v. Selden ruling, copyright has been understood to guard expression, not ideas.

That boundary gave rise to clean-room design, a method by which engineers reverse-engineer systems without accessing the original source code. Phoenix Technologies famously used the technique to build its version of the PC BIOS during the 1980s. Ayrey and Nolan's experiment shows how AI can perform a clean-room process in minutes rather than months. But faster doesn't necessarily mean fair. Traditional clean-room efforts required human teams to document and replicate functionality -- a process that demanded both legal oversight and significant labor. By contrast, an AI-mediated "clean room" can be invoked through a few prompts, raising questions about whether such replication still counts as fair use or independent creation.

System76 isn't the only one criticizing new age-verification laws. The blog 9to5Linux published an "informal" look at other discussions in various Linux communities. Earlier this week, Ubuntu developer Aaron Rainbolt proposed on the Ubuntu mailing list an optional D-Bus interface (org.freedesktop.AgeVerification1) that can be implemented by arbitrary applications as a distro sees fit, but Canonical responded that the company does not yet have a solution to announce for age declaration in Ubuntu. "Canonical is aware of the legislation and is reviewing it internally with legal counsel, but there are currently no concrete plans on how, or even whether, Ubuntu will change in response," said Jon Seager, VP Engineering at Canonical. "The recent mailing list post is an informal conversation among Ubuntu community members, not an announcement. While the discussion contains potentially useful ideas, none have been adopted or committed to by Canonical."

Similar talks are underway in the Fedora and Linux Mint communities about this issue in case the California Digital Age Assurance Act law and similar laws from other states and countries are to be enforced. At the same time, other OS developers, like MidnightBSD, have decided to exclude California from desktop use entirely.
Slashdot contacted Hayley Tsukayama, Director of State Affairs at EFF, who says their organization "has long warned against age-gating the internet. Such mandates strike at the foundation of the free and open internet."

And there's another problem. "Many of these mandates imagine technology that does not currently exist." Such poorly thought-out mandates, in truth, cannot achieve the purported goal of age verification. Often, they are easy to circumvent and many also expose consumers to real data breach risk.

These burdens fall particularly heavily on developers who aren't at large, well-resourced companies, such as those developing open-source software. Not recognizing the diversity of software development when thinking about liability in these proposals effectively limits software choices — and at a time when computational power is being rapidly concentrated in the hands of the few. That harms users' and developers' right to free expression, their digital liberties, privacy, and ability to create and use open platforms...

Rather than creating age gates, a well-crafted privacy law that empowers all of us — young people and adults alike — to control how our data is collected and used would be a crucial step in the right direction.

Panasonic is handing over the manufacturing, marketing, and sales of its TVs to Shenzhen-based Skyworth, effectively exiting in-house TV production. Ars Technica reports: Skyworth is a Shenzhen-headquartered TV brand. The company claims to be "a top three global provider of the Android TV platform." In July, research firm Omdia reported that Skyworth was one of the top-five TV brands by sales revenue in Q1 2025; however, Skyworth hasn't been able to maintain that position regularly. Panasonic made its announcement at a "launch event," FlatpanelsHD reported today. During the event, a Panasonic representative reportedly said: "Under the agreement the new partner will lead sales, marketing, and logistics across the region, while Panasonic provide expertise and quality assurance to uphold its renowned audiovisual standards with full joint development on top-end OLED models."

Panasonic also said that it will provide support "for all Panasonic TVs sold up to March 2026 and all those available from April." Skyworth-made Panasonic TVs will be sold in the US and Europe. In the latter geography, the companies are aiming for double-digit market share. [...] The news means there's virtually no TV production happening in Japan anymore, as other Japanese companies, like Sharp, Toshiba, Hitachi, and Pioneer, have already exited TV production. Earlier this year, Sony announced that it was ceding control of its TV hardware business to TCL.

Imagine a 280-unit apartment complex offering no on-site leasing office with a human agent for questions. "Instead, the entire process has been outsourced to AI..." reports SFGate, "from touring to signing the lease to completing management tasks once you actually move in."

Now imagine it's far more than just one apartment complex... At two other Jack London Square apartment buildings, my initial interactions were also with a robot. At the Allegro, my fiance and I entered the leasing office for our tour and asked for "Grace P," the leasing agent who had emailed us. "Oh, that's just our AI assistant," the woman at the front desk told us... At Aqua Via, another towering apartment complex across the street, I emailed back and forth with a very helpful and polite "Sofia M." My pal Sofia seemed so human-like in her responses that I did not realize she was AI until I looked a little closer at a text she'd sent me. "Msgs may be AI or human generated...." [S]he continued to text me for weeks after I'd moved on, trying to win me back. When I looked at the fine print, I realized both of these complexes were using EliseAI, a leading AI housing startup that claims to be involved in managing 1 in 6 apartments in the U.S...

[50 corporate landlords have funded a VC named RET Ventures to invest in and deploy rental-automating AI, and SFGate's reporter spoke to partner Christopher Yip.] According to Yip, AI is common in large apartment complexes not just in the tech-centric Bay Area, but across the entire country. It all kicked off at the onset of the COVID-19 pandemic in 2020, he said, when contactless, self-guided apartment tours and completely virtual tours where people rented apartments sight unseen became commonplace. Technology's infiltration into the renting process has only grown deeper in the years since, Yip said, mirroring how pervasive AI has become in many other facets of our lives. "From an industry perspective, it's really about meeting the renter where they are," Yip said. He pointed to how many renters now prefer to interact through text and email, and want to tour apartments at their convenience — say, at 7 p.m. after work, when a typical leasing office might be closed.

The latest updates in technology not only allow you to take a self-guided tour with AI unlocking the door for you, but also to ask AI questions by conversing with voice AI as you wander through the kitchen and bedroom at your leisure. And while a human leasing agent might ghost you for days or weeks at a time, AI responds almost instantly — EliseAI typically responds within 30 seconds, [said Fran Loftus, chief experience officer at EliseAI]... [I]n some scenarios, the goal does seem to be to eliminate humans entirely. "We do have long-term plans of building fully autonomous buildings," Loftus said.... "We think there's a time and a place for that, depending on the type of property. But really right now, it's about helping with this crazy turnover in this industry."
The reporter says they missed the human touch, since "The second AI was involved, the interaction felt cold. When a human couldn't even be bothered to show up to give me a tour, my trust evaporated."

But they conclude that in the years ahead, human landlords offering tours "will probably go the way of landlines and VCRs."

A proposal within the Fedora Linux community suggests improving the kernel's DRM Panic screen to a more user-friendly, BSOD-style experience. Phoronix reports: Open-source developer Jose Exposito proposed today a nicer experience for DRM Panic integration on Fedora. Rather than using DRM Panic with just the kernel log contents being encoded in the QR code displayed when a kernel panic occurs, the proposal is to have a customized Fedora web-page with the encoded QR contents to be shown on that web page. Besides having a more pleasant UI/UX, from this web page the intent would also be to make it easier to report this error to the Fedora BugZilla. Being able to easily pass the kernel log to the Fedora bug tracker could help in making upstream aware of the problem(s) and seeing if other users are also encountering similar panics.

Right now this idea was just raised earlier today as a "request for comments" on the Fedora mailing list. While a prototype at this point, Exposito already developed a basic web interface for demoing the solution.

Created in 1993, Slackware is considered the oldest Linux distro that's still actively maintained. And more than three decades later... there's a new release! (And there's also a Slackware Live Edition that can run from a DVD or USB stick...) .

Slackware's latest version was released way back in 2016, notes the blog It's FOSS: The major highlight of Slackware 15 is the addition of the latest Linux Kernel 5.15 LTS. This is a big jump from Linux Kernel 5.10 LTS that we noticed in the beta release. Interestingly, the Slackware team tested hundreds of Linux Kernel versions before settling on Linux Kernel 5.15.19. The release note mentions... "We finally ended up on kernel version 5.15.19 after Greg Kroah-Hartman confirmed that it would get long-term support until at least October 2023 (and quite probably for longer than that)."

In case you are curious, Linux Kernel 5.15 brings in updates like enhanced NTFS driver support and improvements for Intel/AMD processors and Apple's M1 chip. It also adds initial support for Intel 12th gen processors. Overall, with Linux Kernel 5.15 LTS, you should get a good hardware compatibility result for the oldest active Linux distro.
Slackware's announcement says "The challenge this time around was to adopt as much of the good stuff out there as we could without changing the character of the operating system. Keep it familiar, but make it modern." And boy did we have our work cut out for us. We adopted privileged access management (PAM) finally, as projects we needed dropped support for pure shadow passwords. We switched from ConsoleKit2 to elogind, making it much easier to support software that targets that Other Init System and bringing us up-to-date with the XDG standards. We added support for PipeWire as an alternate to PulseAudio, and for Wayland sessions in addition to X11. Dropped Qt4 and moved entirely to Qt5. Brought in Rust and Python 3. Added many, many new libraries to the system to help support all the various additions.

We've upgraded to two of the finest desktop environments available today: Xfce 4.16, a fast and lightweight but visually appealing and easy to use desktop environment, and the KDE Plasma 5 graphical workspaces environment, version 5.23.5 (the Plasma 25th Anniversary Edition). This also supports running under Wayland or X11. We still love Sendmail, but have moved it into the /extra directory and made Postfix the default mail handler. The old imapd and ipop3d have been retired and replaced by the much more featureful Dovecot IMAP and POP3 server.
"As usual, the kernel is provided in two flavors, generic and huge," according to the release notes. "The huge kernel contains enough built-in drivers that in most cases an initrd is not needed to boot the system."

If you'd like to support Slackware, there's an official Patreon account. And the release announcement ends with this personal note: Sadly, we lost a couple of good friends during this development cycle and this release is dedicated to them. Erik "alphageek" Jan Tromp passed away in 2020 after a long illness... My old friend Brett Person also passed away in 2020. Without Brett, it's possible that there wouldn't be any Slackware as we know it — he's the one who encouraged me to upload it to FTP back in 1993 and served as Slackware's original beta-tester. He was long considered a co-founder of this project. I knew Brett since the days of the Beggar's Banquet BBS in Fargo back in the 1980's... Gonna miss you too, pal.
Thanks to long-time Slashdot reader rastos1 for sharing thre news.

"More than two years after the last major 9.1 release, the Vim project has announced Vim 9.2," reports the blog Linuxiac: A big part of this update focuses on improving Vim9 Script as Vim 9.2 adds support for enums, generic functions, and tuple types.

On top of that, you can now use built-in functions as methods, and class handling includes features like protected constructors with _new(). The :defcompile command has also been improved to fully compile methods, which boosts performance and consistency in Vim9 scripts.

Insert mode completion now includes fuzzy matching, so you get more flexible suggestions without extra plugins. You can also complete words from registers using CTRL-X CTRL-R. New completeopt flags like nosort and nearest give you more control over how matches are shown. Vim 9.2 also makes diff mode better by improving how differences are lined up and shown, especially in complex cases.
Plus on Linux and Unix-like systems, Vim "now adheres to the XDG Base Directory Specification, using $HOME/.config/vim for user configuration," according to the release notes.

And Phoronix Mcites more new features: Vim 9.2 features "full support" for Wayland with its UI and clipboard handling. The Wayland support is considered experimental in this release but it should be in good shape overall...

Vim 9.2 also brings a new vertical tab panel alternative to the horizontal tab line.

The Microsoft Windows GUI for Vim now also has native dark mode support.
You can find the new release on Vim's "Download" page.

"Research published in the World Journal of Men's Health found evidence that drugs such as Viagra and Cialis may also help with heart disease, stroke risk and diabetes," reports the Telegraph, "as well as enlarged prostate and urinary problems." Researchers found evidence that the same mechanism may benefit other organs, including the heart, brain, lungs and urinary system. The paper reviewed a wide range of published studies [and] identified links between PDE5 inhibitor use and improvements in cardiovascular health. Heart conditions were repeatedly cited as an area where improved blood flow and muscle relaxation may offer benefits. Evidence also linked PDE5 inhibitors with reduced stroke risk, likely to be related to improved circulation and vascular function. Diabetes was another condition where associations with improvement were identified... The review also found evidence of benefit for men with an enlarged prostate, a condition that commonly causes urinary symptoms.

"Technology companies spent part of the 2010s trying to convince us that we would want an 8K display one day..." writes Ars Technica.

"However, 8K never proved its necessity or practicality." LG Display is no longer making 8K LCD or OLED panels, FlatpanelsHD reported today... LG Electronics was the first and only company to sell 8K OLED TVs, starting with the 88-inch Z9 in 2019. In 2022, it lowered the price-of-entry for an 8K OLED TV by $7,000 by charging $13,000 for a 76.7-inch TV. FlatpanelsHD cited anonymous sources who said that LG Electronics would no longer restock the 2024 QNED99T, which is the last LCD 8K TV that it released.

LG's 8K abandonment follows other brands distancing themselves from 8K. TCL, which released its last 8K TV in 2021, said in 2023 that it wasn't making more 8K TVs due to low demand. Sony discontinued its last 8K TVs in April and is unlikely to return to the market, as it plans to sell the majority ownership of its Bravia TVs to TCL.

The tech industry tried to convince people that the 8K living room was coming soon. But since the 2010s, people have mostly adopted 4K. In September 2024, research firm Omdia reported that there were "nearly 1 billion 4K TVs currently in use." In comparison, 1.6 million 8K TVs had been sold since 2015, Paul Gray, Omdia's TV and video technology analyst, said, noting that 8K TV sales peaked in 2022. That helps explain why membership at the 8K Association, launched by stakeholders Samsung, TCL, Hisense, and panel maker AU Optronics in 2019, is dwindling. As of this writing, the group's membership page lists 16 companies, including just two TV manufacturers (Samsung and Panasonic). Membership no longer includes any major TV panel suppliers. At the end of 2022, the 8K Association had 33 members, per an archived version of the nonprofit's online membership page via the Internet Archive's Wayback Machine.
"It wasn't hard to predict that 8K TVs wouldn't take off," the article concludes. "In addition to being too expensive for many households, there's been virtually zero native 8K content available to make investing in an 8K display worthwhile..."

California tech executive Gordon Abas Goodarzi has been arrested and charged with murder in the death of his estranged wife, Aryan Papoli, whose body was found last November down an embankment off Highway 138 in San Bernardino County. Authorities initially believed the injuries were consistent with a fall, but the case was later ruled a homicide following a months-long investigation by the San Bernardino County Sheriff's Department. "Arrest records show that Goodarzi is currently in custody without bail and faces a murder charge and that he is set to appear in court Monday," reports SFGATE. From the report: Goodarzi, a California tech executive with ties to BattleBots, is publicly listed as the president and CEO of Magmotor, which describes itself as a "proud" supporter of the combat robot community and claims to support several teams each year. According to his LinkedIn, Goodarzi also previously worked as a research affiliate at UCLA's B. John Garrick Institute for the Risk Sciences since 2023.

Originally from Iran, Papoli and Goodarzi settled in Los Angeles County's verdant Rolling Hills community because of its tranquility and natural beauty, Papoli previously wrote. [...] She described her husband, Goodarzi, as a pioneer in the world of renewable energy, developing both electric and hybrid vehicles since the 1980s. According to Papoli, he also worked as the technical director at Hughes Electronics, which developed and manufactured the EV1, an early iteration of the electric car, in the 1990s.

California house hunters now have legal protection against the kind of real estate photo trickery that has long plagued the home-buying process, as a new state law requiring disclosure of digitally altered listing images took effect on January 1.

Assembly Bill 723 mandates that real estate agents and brokers include a "reasonably conspicuous" statement whenever photos have been altered using editing software or AI to add, remove, or change elements like furniture, appliances, flooring, views or landscaping. Agents must also provide access to the original, unaltered image through a QR code, link, or placement next to the altered photo.

The law does not cover wide-angle lenses -- a perennial complaint among buyers who find rooms smaller than they appeared -- nor does it apply to routine adjustments like cropping, color correction or exposure. California is the first state to require such disclosures, though Wisconsin passed a similar law in December that takes effect next year.

Ancient Slashdot reader jantangring shares a report from Swedish electronics industry news site Elektroniktidningen (translated to English), writing: "Open source code library cURL is removing the possibility to earn money by reporting bugs, hoping that this will reduce the volume of AI slop reports," reports etn.se. "Joshua Rogers -- AI wielding bug hunter of fame -- thinks it's a great idea." cURL maintainer Daniel Stenberg famously reported on the flood AI-generated bad bug reports last year -- "Death by a thousand slops." Now, cURL is removing the bounty payouts as of the end of January.

"We have to try to brake the flood in order not to drown," says cURL maintainer Daniel Stenberg [...]. "Despite being an AI wielding bug hunter himself, Joshua Rogers -- slasher of a hundred bugs -- thinks removing the bounty money is an excellent idea. [...] I think it's a good move and worth a bigger consideration by others. It's ridiculous that it went on for so long to be honest, and I personally would have pulled the plug long ago," he says to etn.se.

An anonymous reader quotes a report from the San Francisco Chronicle: A long stretch of curb in San Francisco's Mission District might contain a whole menagerie of parked vehicles: hatchbacks, SUVs, dusty pick-ups, chic Teslas. And recently, Waymo robotaxis. That's what Kyle Grochmal saw walking through the northeast Mission District on Monday afternoon. Cutting down York Street, he glimpsed a tell-tale white electric Jaguar in one of the coveted one-hour spots, its sensors spinning. The Waymo sat there for at least 20 minutes, Grochmal said. He whipped out his cell phone and started recording. After the Waymo drove off, another one showed up within an hour and took the same spot.

"This is something I started to notice about six months ago," Grochmal said, recalling how disorienting it was to be strolling down a largely deserted sidewalk, and suddenly hear the purring motor and soft click of autonomous vehicle cameras. He'd look up to see a Waymo "just sitting there, not loading anyone." But Waymo's use of public curb space raised questions for Grochmal, who wonders whether San Franciscans are prepared to have their infrastructure dominated by autonomous vehicles. "Say Tesla gets to self-driving, so people have personal AVs," he said. "So then do people from Palo Alto get dropped off in San Francisco and let their cars drive around all day searching for free parking?"

Such a future seems particularly unsettling in the northeast Mission, where snug streets couldn't handle much traffic, and competition for parking is already fierce. A recent influx of Artificial Intelligence companies brought many more workers and cars, as well as robotaxis that trawl the blocks, waiting for fares. It makes sense, to Grochmal, that some of them wind up squatting in one-hour spaces. [...] Still, it's conceivable that residents will lose patience with Waymo, and other AV companies, as the fleets scale up and the vehicles compete more aggressively with humans for parking.

Los Angeles Times (non-paywalled source): When police questioned Marvin Margolis following the murder of Elizabeth Short -- who became known as the Black Dahlia -- he lied about how well he had known her. The 22-year-old Short had been found mutilated in a weedy lot in South Los Angeles, severed neatly in half with what detectives thought was surgical skill. Margolis was on the list of suspects. He was a sullen 21-year-old premed student at USC, a shell-shocked World War II veteran who had expressed an eagerness to practice surgery. He was "a resentful individual who shows ample evidence of open aggression," a military psychiatrist had concluded.

At first, Margolis did not tell detectives that he had lived with Short for 12 days at a Hollywood Boulevard apartment, three months before her January 1947 murder. Margolis later admitted they had lived together in Apartment 726 at the Guardian Arms Apartments. But he soon moved to Chicago and changed his name, frustrating further attempts to question him. Among many suspects, a district attorney investigator would note, Margolis was "the only pre-medical student who ever lived as a boy friend with Beth Short."

A generation later and hundreds of miles north, a killer who called himself the Zodiac terrorized the San Francisco Bay Area with five seemingly random murders from 1968 to 1969, taunting police and media for years with letters and cryptograms. The toughest to decipher was the letter he sent in April 1970 to the San Francisco Chronicle, with the words "My name is -" followed by a 13-character string of letters and symbols. It came to be called the Z13 cipher, and its brevity has stymied generations of PhDs and puzzle prodigies.

Alex Baber, a 50-year-old West Virginia man who dropped out of high school and taught himself codebreaking, now says he has cracked the Zodiac killer's identity -- and in the process solved the Black Dahlia case as well. "It's irrefutable," said Baber, obsessive, hyperfocused and cocksure in manner, his memory encyclopedic and his speech a firehose of dates, locations and surprising linkages.

[...] To attack the problem, Baber used artifical intelligence and generated a list of 71 million possible 13-letter names. Using known details of the Zodiac killer, based on witness descriptions, he cross-checked those names against military, marriage, census and other public records. "This takes me nine months of working 18-20 hour days," he said. "I'm starting to kill this onion. I'm starting to eliminate layers: Too tall, too short, or wrong race." The candidates narrowed to 185, to 14, and then, he said, to one. The name he found buried in the Z13 code: "Marvin Merrill."

Tech giants Google and Apple are asking some employees with H-1B visas to reconsider international travel, as their legal teams warned that visa processing delays could keep employees abroad for months, according to Business Insider. From a report: Law firms representing the tech giants sent memos advising staff who require visa stamps for reentry to stay in the U.S., warning that international travel could entangle them in visa screening delays following the introduction of a new social media screening requirement, according to the news agency. The policy subjects H-1B workers and their dependents to reviews of their social media histories.

"Please be aware that some US Embassies and Consulates are experiencing significant visa stamping appointment delays, currently reported as up to 12 months," BAL Immigration Law, which represents Google, said in a memo obtained by Business Insider. The law firm said the delays were affecting H-1B, H-4, F, J and M visas.