Feed aggregator

Article URL: https://github.com/microsoft/markitdown

Comments URL: https://news.ycombinator.com/item?id=48489166

Points: 2

# Comments: 0

Article URL: https://www.nytimes.com/2024/02/14/learning/creating-photo-essays-about-community-a-guide-to-our-where-we-are-contest.html

Comments URL: https://news.ycombinator.com/item?id=48489162

Points: 1

# Comments: 0

Article URL: https://www.kpler.com/blog/geopolitics-fuel-grain-market-volatility

Comments URL: https://news.ycombinator.com/item?id=48489155

Points: 1

# Comments: 0

Article URL: https://marewolf.me/posts/draupnir/26/software-productive-infrastructure.html

Comments URL: https://news.ycombinator.com/item?id=48489151

Points: 1

# Comments: 0

Disclosed in March, the security defect enables unauthenticated attackers to write files to arbitrary locations on the system.

The post Hackers Exploit Langflow Vulnerability for Remote Code Execution appeared first on SecurityWeek.

A PowerShell script included in patch files appears to be triggering false positives by multiple security engines.

The post Siemens Says Desigo CC Files Flagged as Malware by Security Engines appeared first on SecurityWeek.

AI innovation moves quickly, unlike the speed of innovation in the military. How can AI be used to improve the UK armed forces?

VRChat, Inc. has filed a data breach notice revealing that the information of more than 2.4 million users was involved in a data breach.

According to the notice, VRChat experienced unauthorized access to some account data between May 10 and May 12, 2026. The access happened in VRChat’s cloud environment and involved user profile and login-related data.

The information exposed varied by account, but may have included:

• VRChat username
• Email address associated with the VRChat account
• VRChat+ subscription status
• Login history, including device information, hardware identifiers, and IP addresses

VRChat explicitly states that passwords, credit card numbers or other payment information, and government ID documents used for age verification were not compromised.

VRChat is a social platform designed primarily for virtual reality headsets, allowing users to interact with others through user-created 3D avatars and worlds. Users can access VRChat through Steam for PC, the Meta Quest Store, or as an Android app for compatible devices.

With no passwords or payment card data exposed, direct card fraud or immediate takeover of payment methods via this breach alone is unlikely. But even without passwords or card data, the combination of identifiers, emails, and IP/device data creates several risks for affected users.

Potential risks Phishing

Cybercriminals may use VRChat usernames and email addresses in targeted phishing attempts. For example, users may receive phishing emails or in‑platform messages claiming to be from “VRChat Support,” with fake security alerts or prompts to “confirm your age verification” via a malicious link.

Knowledge of VRChat+ subscription status could make scams more convincing. A scammer could send tailored lures like “billing issue with your VRChat+ subscription” or refund scams, which tend to have higher click-through rates among paying users.

Account take-over

Cybercriminals may combine usernames and email addresses from this breach with passwords stolen in other data breaches and try them against VRChat accounts. This technique, known as credential stuffing, takes advantage of people who reuse passwords across multiple sites.

Valuable accounts may then be sold to other players or used for scams.

Identity correlation

Steam and Meta user IDs linked to VRChat accounts can help cybercriminals connect identities across gaming and social platforms, especially if the same email or profile name is reused.

IP addresses, login history, device information, and other identifiers can also help build a more detailed advertising or tracking profile of a user.

How to stay safe

VRChat says it has implemented additional security controls and engaged professionals to monitor for further threats. If you were affected by the breach, here are some steps you can take to protect yourself:

First and foremost, be cautious of emails, texts, or calls claiming to come from VRChat or the gaming platforms you used it on, as cybercriminals often exploit breaches with phishing scams.

If you’ve used your VRChat password anywhere else, change those accounts immediately, and set up two-factor authentication (2FA) on your VRChat account if you haven’t already.

More general advice can be found in our article on what to do when you find out you’re involved in a data breach.

Let’s face it, an incognito window can only do so much. 
 
Breaches, dark web trading, credit fraud. Malwarebytes Identity Theft Protection monitors for all of it, alerts you fast, and comes with identity theft insurance. 

Meal kits can simplify week night dinners, just ensure you have these tools to get you started.

The 13 websites purported to be affiliated with consulting companies that advertised job openings for current and former holders of security clearances

The post FBI Seizes 13 Websites That Officials Say Were Used by China to Target and Recruit US Workers appeared first on SecurityWeek.

Build something that doesn’t exist. Don’t collect any data while you do it. Get it wrong and the CEO could face criminal charges. That’s close to the ultimatum the UK government handed Apple and Google on June 8. The two companies have three months to introduce device-level protections blocking nudity across every smartphone and tablet sold in the UK. If they don’t, the government will legislate—including fines and, as a last resort, criminal liability for tech bosses.

Prime Minister Keir Starmer announced the move at London Tech Week, telling the firms:

“If they choose not to, then we will act and change the law.”

The policy reads cleanly. The execution doesn’t.

What’s already on your child’s phone, and what isn’t

Both companies already do something to prevent children interacting with nudes. Apple’s Communication Safety feature warns children with a Child Account when they send or receive images and videos containing nudity across Messages, AirDrop, FaceTime, and other apps. It updated the feature with new functionality at its Worldwide Developer Conference (WWDC) this week.

Google’s Sensitive Content Warnings blur sensitive imagery in Google Messages for supervised users and signed-in unsupervised teens—though the feature covers images only, not video.

Apple will soon require people to confirm that they are over 18 in the UK and some other countries to access certain features on their phones. That will involve age assurance through government ID, payment information, or other verification methods depending on region.

These measures aren’t enough, according to the UK government. It complains that existing nudity detection isn’t applied to the camera or other apps, third-party messaging services, or search functions. So in other words, the protections miss most of the phone. The camera, WhatsApp, Signal, Safari, and the photo library all sit outside the protective bubble parents may assume already exists.

Is privacy-respecting scanning possible?

The announcement also contains a line that’s hard to reconcile with the rest of it:

“Companies must introduce these measures without threatening privacy or collecting any data.”

Adults can opt out, but only by completing age verification.

That’s a tall order. Privacy advocates argue that age verification inevitably creates new data collection risks, even when companies try to minimize the information they store. Whatever Apple and Google build, some form of record-keeping seems likely. If executives can face personal liability for non-compliance, someone has to be able to demonstrate what the system did and when.

The government’s proof that any of this is achievable rests on a single product: SafeToNet’s HarmBlock, which the Home Office calls “a proven example” of safe-by-default device protection. HarmBlock’s source code (which isn’t public) analyzes images and live streams entirely on-device.

Digital privacy groups were not happy with the announcement. Big Brother Watch pointed out that children could easily access adult-registered devices, and warned that mandatory ID checks for adults would mean “the death of anonymity and internet privacy.”

Private messaging app Signal said promises the scanning would run only on-device were “cold comfort” because wherever the system runs, its reach would ultimately be determined by government, not technology:

“Its scope will be defined by the whims and proscriptions of the government to detect nudity today and political speech tomorrow.”

Apple has been here before. In 2021, it announced a separate plan to detect known child sexual abuse imagery on devices by matching image hashes against a database of known material, and quietly shelved it after sustained backlash from privacy advocates.

What families can do today

September will end in voluntary compliance or hurried legislation. Either way, none of that changes what’s on your child’s phone right now. Today, the messaging channels most heavily used by teenagers aren’t protected. Many grooming and sextortion cases begin on apps that operate outside the operating system’s built-in safety features. Parents and kids can take extra steps for protection:

• Turn on Communication Safety on iPhones with a Child Account, and Sensitive Content Warnings on supervised Android Messages. They might only blunt the problem at one narrow point, but it’s better than nothing.
• Talk to your kids about coerced sharing. The Internet Watch Foundation reported that 91% of reports it assessed in 2024 contained self-generated content submitted by children themselves. Children are often coerced into sending explicit material to abusers online. The Internet Watch Foundation has a list of resources for people who are being coerced into sending intimate images online.
• Cover the basics that outlive any policy: put unique passwords on all accounts, and add multi-factor authentication.
• Be careful when sharing images of children you know online. Increasingly, criminals can use non-explicit images to create sexual content using AI that can in turn be used for extortion.

“One of the best cybersecurity suites on the planet.” 

According to CNET. Read their review →

The security defects could allow attackers to create or modify arbitrary files and access and modify protected resources.

The post Splunk, Palo Alto Networks Patch Severe Vulnerabilities appeared first on SecurityWeek.

Article URL: https://theagora.com/about/

Comments URL: https://news.ycombinator.com/item?id=48488445

Points: 1

# Comments: 0

we are onai https://onai.studio

Comments URL: https://news.ycombinator.com/item?id=48488440

Points: 1

# Comments: 0

Article URL: https://huggingface.co/MiniMaxAI/MiniMax-M2.7/discussions/33

Comments URL: https://news.ycombinator.com/item?id=48488434

Points: 1

# Comments: 0

Article URL: https://www.technologyreview.com/2026/06/11/1138502/job-titles-natures-drug-designer-tim-cernak/

Comments URL: https://news.ycombinator.com/item?id=48488432

Points: 1

# Comments: 0

Article URL: https://daringfireball.net/2026/06/swiftui_only_makes_it_easy_to_develop_bad_apps

Comments URL: https://news.ycombinator.com/item?id=48488427

Points: 1

# Comments: 0

Article URL: https://www.summerwordsearch.com/

Comments URL: https://news.ycombinator.com/item?id=48488426

Points: 1

# Comments: 0

Article URL: https://www.vincentschmalbach.com/anthropics-ai-jobs-paper/

Comments URL: https://news.ycombinator.com/item?id=48488424

Points: 1

# Comments: 0

Article URL: https://github.com/owenselles/CloudNow

Comments URL: https://news.ycombinator.com/item?id=48488423

Points: 1

# Comments: 0