Recent Entries

From Biz & IT – Ars Technica at 2025-09-18 17:29:22

New attack on ChatGPT research agent pilfers secrets from Gmail inboxes

Unlike most prompt injections, ShadowLeak executes on OpenAI's cloud-based infrastructure.

From Biz & IT – Ars Technica at 2025-09-18 15:31:22

How weak passwords and other failings led to catastrophic breach of Ascension

A deep-dive into Active Directory and how "Kerberoasting" breaks it wide open.

From Net Assessment at 2025-09-18 14:35:00

Is a Fight with Russia Worth the Risks? (Net_Assessment_-_18_Sept_2025_v2.mp3?dest-id=808287)

Chris, Zack, and Melanie take some time to talk about how the United States, Europe, and Russia are dealing with the Ukraine conflict. Would a Russian win in a war which is costing billions of dollars, killing hundreds of thousands of Russians, and reinforcing Moscow's junior partner status to China only be a pyrrhic victory? Does Russia hold a winning hand because it seems to be willing to take on greater risk than Europe and the United States? Was the passive American reaction to the Russian drone incursion into Poland a sign that the US is done providing security commitments to Europe? Have European governments reached a consensus on whether a sovereign Ukraine is worth a military fight with Russia?

Chris is impressed with how Utah Governor Spencer Cox has handled the complex politics following the murder of Charlie Kirk, Zack has an atta for a colleague’s Golden Dome cost calculator, and Melanie is disappointed that the West Point Association of Graduates has cancelled an event at which Tom Hanks was to be awarded the Sylvanus Thayer Award for his longtime dedication to promoting stories of American heroism and innovation and elevating the stories of American veterans.

Show Links:

• Robert Kagan, “The Beginning of the End of NATO,” The Atlantic, September 10, 2025.

• Franz-Stefan Gady, “The Russia-Ukraine War: Europe’s Delusions over Deterring Russia,” September 10, 2025.

• Jeremy Shapiro, “Russia is Losing the War—Just Not to Ukraine,” The Atlantic, September 10, 2025.

• Alexandra E. Petri, “West Point Alumni Group Cancels Award Honoring Tom Hanks,” New York Times, September 7, 2025.

• Mike Stone, “Trump to Reinterpret 1987 Missile Treaty to Sell Heavy Attack Drones Abroad,” Reuters, September 6, 2025.

• Charlie Edwards and Nate S, “The Scale of Russian Sabotage Operations Against Europe’s Critical Infrastructure,” IISS, August 19, 2025. 

• “Heroes and villains: Russia braces for eventual return of its enormous army,” Reuters, September 9, 2025.

• Joshua Rovner, Strategy and Grand Strategy, The Adelphi Series, International Institute for Strategic Studies, January 2025.

• McKay Coppins, “Trump Has a Warning for Spencer Cox,” The Atlantic, September 13, 2025.

• Todd Harrison, “Build Your Own Golden Dome: A Framework for Understanding Costs, Choices, and Tradeoffs,” American Enterprise Institute, September 12, 2025.

• US Policy Update on the Export of Unmanned Aerial Systems, State Department, September 15, 2025. 

From Schneier on Security at 2025-09-18 12:06:38

Time-of-Check Time-of-Use Attacks Against LLMs

This is a nice piece of research: “Mind the Gap: Time-of-Check to Time-of-Use Vulnerabilities in LLM-Enabled Agents“.:

Abstract: Large Language Model (LLM)-enabled agents are rapidly emerging across a wide range of applications, but their deployment introduces vulnerabilities with security implications. While prior work has examined prompt-based attacks (e.g., prompt injection) and data-oriented threats (e.g., data exfiltration), time-of-check to time-of-use (TOCTOU) remain largely unexplored in this context. TOCTOU arises when an agent validates external state (e.g., a file or API response) that is later modified before use, enabling practical attacks such as malicious configuration swaps or payload injection. In this work, we present the first study of TOCTOU vulnerabilities in LLM-enabled agents. We introduce TOCTOU-Bench, a benchmark with 66 realistic user tasks designed to evaluate this class of vulnerabilities. As countermeasures, we adapt detection and mitigation techniques from systems security to this setting and propose prompt rewriting, state integrity monitoring, and tool-fusing. Our study highlights challenges unique to agentic workflows, where we achieve up to 25% detection accuracy using automated detection methods, a 3% decrease in vulnerable plan generation, and a 95% reduction in the attack window. When combining all three approaches, we reduce the TOCTOU vulnerabilities from an executed trajectory from 12% to 8%. Our findings open a new research direction at the intersection of AI safety and systems security...

From Strong Message Here at 2025-09-18 09:45:00

Phase 2 (p0m3b1n5.mp3)

In the first episode of the new series, Armando Iannucci and guest co-host, Ria Lina look at the use and abuse of political language.

The political summer is often called 'silly season', but with global conflict and rising tensions at home, Armando and Ria look at the language that defined recent months including Keir Starmer's "Phase 2" and the word "plastic".

Armando’s erstwhile partner in de-baffling political lexicon, Helen Lewis is away working in the United States in the Autumn and so her seat will be kept warm by a rotating cast of co-hosts.

Got a question for Armando? Email us at strongmessagehere@bbc.co.uk

Listen to Strong Message Here on Radio 4 at 9:45, and an extended version is available on BBC Sounds.

Recorded at The Sound Company Production Coordinator: Caroline Barlow Sound editing by Chris Maclean Executive Producer: Richard Morris

Produced by Gwyn Rhys Davies. A BBC Studios Production for Radio 4.

From The Rest Is History at 2025-09-18 00:05:00

601. Scandal in the White House (GLT1369800109.mp3?updated=1758146111)

Who was Grover Cleveland, and why is he one of the most controversial American Presidents of all time? Why was the run up to his first term, in 1884 at the height of the Gilded Age, so pivotal to American politics? How did he rocket to the heights of political power? What dark secrets began swirling about his disreputable past, and character? Did he really seduce a young widow by the name of Maria Crofts Halpin, impregnate her, and then lock her in a mental asylum? What became of their alleged child? And, how did this shocking scandal unfold?  Join Dominic and Tom as they investigate one of the most lurid stories in all American political history - a tale of lust, lies, deviance and kidnapping, but also immense political significance. What is the truth behind this mystery? ______ Try Adobe Express for free now at https://www.adobe.com/uk/express/spotlight/designwithexpress?sdid=HM85WZZV&mv=display&mv2=ctv or by searching in the app store. Learn more at https://uber.com/onourway Visit theweek.com/rest and enter code HISTORY to claim your six-week free trial, plus an extra 10% saving on all subscription packages ______ Join The Rest Is History Club: Unlock the full experience of the show – with exclusive bonus episodes, ad-free listening, early access to every series and live show tickets, a members-only newsletter, discounted books from the show, and access to our private Discord chatroom. Sign up directly at therestishistory.com For more Goalhanger Podcasts, head to www.goalhanger.com _______ Twitter: @TheRestHistory @holland_tom @dcsandbrook Producer: Theo Young-Smith Assistant Producer: Tabby Syrett + Aaliyah Akude  Video Producer: Jack Meek Social Producer: Harry Balden Executive Producers: Jack Davenport + Tony Pastor Learn more about your ad choices. Visit podcastchoices.com/adchoices

From Biz & IT – Ars Technica at 2025-09-17 23:03:11

White House officials reportedly frustrated by Anthropic’s law enforcement AI limits

Officials say Claude chatbot usage policies block FBI, Secret Service contractors' work.

From The Media Show at 2025-09-17 18:09:00

Guto Harri, James O Brien, Isabel Oakeshott on the Unite the Kingdom rally and the Charlie Kirk Shooting, Tim Davie (p0m3dtzp.mp3)

Katie Razzall speaks to the Director General of the BBC Tim Davie at the Royal Television Society Festival. Ros Atkins discusses the language used by the media to discuss the Unite the Kingdom rally and the shooting of Charlie Kirk with studio guests Guto Harri, James O Brien and Isabel Oakeshott.

Producer: Lisa Jenkinson Assistant Producer: Lucy Wai

From Schneier on Security at 2025-09-17 12:05:59

Hacking Electronic Safes

Vulnerabilities in electronic safes that use Securam Prologic locks:

While both their techniques represent glaring security vulnerabilities, Omo says it’s the one that exploits a feature intended as a legitimate unlock method for locksmiths that’s the more widespread and dangerous. “This attack is something where, if you had a safe with this kind of lock, I could literally pull up the code right now with no specialized hardware, nothing,” Omo says. “All of a sudden, based on our testing, it seems like people can get into almost any Securam Prologic lock in the world.”...

From The Django weblog at 2025-09-17 12:00:00

Django 6.0 alpha 1 released

Django 6.0 alpha 1 is now available. It represents the first stage in the 6.0 release cycle and is an opportunity to try out the changes coming in Django 6.0.

Django 6.0 assembles a mosaic of modern tools and thoughtful design, which you can read about in the in-development 6.0 release notes.

This alpha milestone marks the feature freeze. The current release schedule calls for a beta release in about a month and a release candidate roughly a month after that. We'll only be able to keep this schedule with early and frequent testing from the community. Updates on the release schedule are available on the Django forum.

As with all alpha and beta packages, this release is not for production use. However, if you'd like to take some of the new features for a spin, or help find and fix bugs (which should be reported to the issue tracker), you can grab a copy of the alpha package from our downloads page or on PyPI.

The PGP key ID used for this release is Natalia Bidart: 2EE82A8D9470983E

From More or Less: Behind the Stats at 2025-09-17 09:30:00

Is it true that out-of-work benefits have almost doubled? (p0m35yxb.mp3)

Tim Harford investigates some of the numbers in the news. This week:

Nigel Farage says 6.5 million people are on out-of-work benefits – with some benefits up 80% since 2018. Are those numbers right?

Do French pensioners really earn more than their working-age compatriots?

How is it possible for one kilogram of fish food to produce one kilogram of salmon?

And do we really have five senses?

If you’ve seen a number you think we should take a look at, email the team: moreorless@bbc.co.uk

Presenter: Tim Harford Reporter: Lizzy McNeill Producer: Nicholas Barrett Series producer: Tom Colls Production co-ordinator: Maria Ogundele Sound mix: Neil Churchill Editor: Richard Vadon

From Biz & IT – Ars Technica at 2025-09-16 21:09:22

ChatGPT may soon require ID verification from adults, CEO says

Chatbot will "default to the under-18 experience" when age is uncertain after teen suicide lawsuit.

From Biz & IT – Ars Technica at 2025-09-16 12:15:32

Millions turn to AI chatbots for spiritual guidance and confession

Bible Chat hits 30 million downloads as users seek algorithmic absolution.

From Schneier on Security at 2025-09-16 12:06:44

Microsoft Still Uses RC4

Senator Ron Wyden has asked the Federal Trade Commission to investigate Microsoft over its continued use of the RC4 encryption algorithm. The letter talks about a hacker technique called Kerberoasting, that exploits the Kerberos authentication system.

From School of War at 2025-09-16 10:45:00

Ep 231: Peter Rough on Russian Drone Incursions into NATO (NEBM5061316081.mp3)

Peter Rough, senior fellow and director of the Center on Europe and Eurasia at the Hudson Institute, joins the show to discuss the recent Russian drone incursions in Poland and Romania and what they mean. ▪️ Times     •      01:08 Introduction     •      01:35 What actually happened?     •      05:30 Destructive decoys             •      07:27 European moods     •      11:23 Rightwing response              •      16:32 Strategic autonomy              •      23:52 Zapad           •      30:00 On/off switch             •      33:31 Where do we stand?    Follow along on Instagram, X @schoolofwarpod, and YouTube @SchoolofWarPodcast Find a transcript of today’s episode on our School of War Substack

From Schneier on Security at 2025-09-15 12:05:45

Lawsuit About WhatsApp Security

Attaullah Baig, WhatsApp’s former head of security, has filed a whistleblower lawsuit alleging that Facebook deliberately failed to fix a bunch of security flaws, in violation of its 2019 settlement agreement with the Federal Trade Commission.

The lawsuit, alleging violations of the whistleblower protection provision of the Sarbanes-Oxley Act passed in 2002, said that in 2022, roughly 100,000 WhatsApp users had their accounts hacked every day. By last year, the complaint alleged, as many as 400,000 WhatsApp users were getting locked out of their accounts each day as a result of such account takeovers...

From The Rest Is History at 2025-09-15 00:05:00

600. CHATHAM HIGH STREET (GLT2782191075.mp3?updated=1757879738)

Why is Chatham High-street both futuristic and riddled with the past? Why was it a magnet for historical figures such as King John, Charles II, Nelson and Charles Dickens, and the location for some of the most totemic moments in British history? Is it really a melting pot of every epoch - from the Roman invasion of Britain, to the Napoleonic Wars, and to the Second World War - and therefore the most historically significant high-street in the world?  ______ Try Adobe Express for free now at https://www.adobe.com/uk/express/spotlight/designwithexpress or by searching in the app store. Learn more at https://uber.com/onourway Explore the world’s most loved stories in their most beautiful form - only at https://www.foliosociety.com/. ______ The Rest Is History Club: Become a member for exclusive bonus content, early access to full series and live show tickets, ad-free listening, our exclusive newsletter, discount book prices on titles mentioned on the pod, and our members’ chatroom on Discord. Just head to therestishistory.com to sign up, or start a free trial today on Apple Podcasts: apple.co/therestishistory. For more Goalhanger Podcasts, head to www.goalhanger.com _______ Twitter: @TheRestHistory @holland_tom @dcsandbrook Producer: Theo Young-Smith Assistant Producers: Tabby Syrett + Aaliyah Akude Video Producers: Harry Swan + Jack Meek + Charlie Rodwell Social Producer: Harry Balden Executive Producers: Jack Davenport + Tony Pastor Learn more about your ad choices. Visit podcastchoices.com/adchoices

From Schneier on Security at 2025-09-14 17:02:45

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak:

• I’m speaking and signing books at the Cambridge Public Library on October 22, 2025 at 6 PM ET. The event is sponsored by Harvard Bookstore.
• I’m giving a virtual talk about my book Rewiring Democracy at 1 PM ET on October 23, 2025. The event is hosted by Data & Society. More details to come.
• I’m speaking at the World Forum for Democracy in Strasbourg, France, November 5-7, 2025.
• I’m speaking and signing books at the University of Toronto Bookstore in Toronto, Ontario, Canada on November 14, 2025. Details to come...

From The Django weblog at 2025-09-13 21:18:27

Nominate a Djangonaut for the 2025 Malcolm Tredinnick Memorial Prize

Hello Everyone 👋 It is that time of year again when we recognize someone from our community in memory of our friend Malcolm.

Malcolm was an early core contributor to Django and had a huge influence on Django as we know it today. Besides being knowledgeable he was also especially friendly to new users and contributors. He exemplified what it means to be an amazing Open Source contributor. We still miss him to this day.

The prize

Our prizes page summarizes it nicely:

The Malcolm Tredinnick Memorial Prize is a monetary prize, awarded annually, to the person who best exemplifies the spirit of Malcolm’s work - someone who welcomes, supports, and nurtures newcomers; freely gives feedback and assistance to others, and helps to grow the community. The hope is that the recipient of the award will use the award stipend as a contribution to travel to a community event -- a DjangoCon, a PyCon, a sprint -- and continue in Malcolm’s footsteps.

Please make your nominations using our form: 2025 Malcolm Tredinnick Memorial Prize nominations. Nominations are welcome from everyone.

Submit a nomination

We will take nominations until Saturday, September 27th, 2025, 23:59 Anywhere on Earth, and will announce the results in early October. If you have any questions please use our dedicated forum thread or contact the DSF Board.

From The Week in Westminster at 2025-09-13 11:00:00

13/09/2025 (p0m2jkz4.mp3)

After a week of chaos and crisis for the Government following the dramatic sacking of Peter Mandelson as US Ambassador, George Parker speaks to Labour peer, Margaret Hodge, and Labour backbencher, Clive Lewis, about the operation in Downing Street, the party's deputy leadership contest and the mood among MPs.

As the Assisted Dying Bill returns to Parliament this week, George is joined by Labour peer, Lord Falconer, who is sponsoring the Bill through the Lords, and Conservative peer, Mark Harper, an opponent of assisted dying.

Peers have recently been venting their anger about the new door to the House of Lords which hasn't been working properly. One of them is the Conservative, Robert Hayward, who tells George about his fears for the wider costs of the restoration and renewal of the Palace of Westminster.

And the Prime Minister's biographer, Tom Baldwin, and Guardian columnist, Polly Toynbee, discuss why Peter Mandelson keeps getting - and losing - top jobs, and what it means for Sir Keir Starmer's government.

From More or Less: Behind the Stats at 2025-09-13 06:00:00

Will the world really be 50 million workers short by 2030? (p0m24kft.mp3)

Nvidia CEO Jensen Huang says the world faces a severe labour shortage – 50 million workers by the end of the decade. The boss of the world’s most valuable company thinks humanoid robots will be needed to fill the gap.

But is this prediction based on solid evidence?

Tim Harford looks at the calculations behind the claim with Rajiv Gupta, a technology expert at Boston Consulting Group, who is the likely source of the 50 million figure.

If you’ve seen a number in the news you think we should look at, email the team: moreorless@bbc.co.uk

Presenter: Tim Harford Producer: Nicholas Barrett Series producer: Tom Colls Sound mix: Hal Haines Editor: Richard Vadon

From A Collection of Unmitigated Pedantry at 2025-09-13 00:06:50

Collections: Life, Work, Death and the Peasant, Part IVc: Rent and Extraction

This is the third piece of the fourth part of our series (I, II, IIIa, IIIb, IVa, IVb) looking at the lives of pre-modern peasant farmers – a majority of all of the humans who have ever lived. Last time, we started looking at the subsistence of peasant agriculture by considering the productivity of our … Continue reading Collections: Life, Work, Death and the Peasant, Part IVc: Rent and Extraction →

From Biz & IT – Ars Technica at 2025-09-12 22:36:48

Modder injects AI dialogue into 2002’s Animal Crossing using memory hack

Unofficial mod lets classic Nintendo GameCube title use AI chatbots with amusing results.

From Schneier on Security at 2025-09-12 22:05:12

Assessing the Quality of Dried Squid

Research:

Nondestructive detection of multiple dried squid qualities by hyperspectral imaging combined with 1D-KAN-CNN

Abstract: Given that dried squid is a highly regarded marine product in Oriental countries, the global food industry requires a swift and noninvasive quality assessment of this product. The current study therefore uses visible­near-infrared (VIS-NIR) hyperspectral imaging and deep learning (DL) methodologies. We acquired and preprocessed VIS-NIR (400­1000 nm) hyperspectral reflectance images of 93 dried squid samples. Important wavelengths were selected using competitive adaptive reweighted sampling, principal component analysis, and the successive projections algorithm. Based on a Kolmogorov-Arnold network (KAN), we introduce a one-dimensional, KAN convolutional neural network (1D-KAN-CNN) for nondestructive measurements of fat, protein, and total volatile basic nitrogen…...

From Schneier on Security at 2025-09-12 22:04:34

A Cyberattack Victim Notification Framework

Interesting analysis:

When cyber incidents occur, victims should be notified in a timely manner so they have the opportunity to assess and remediate any harm. However, providing notifications has proven a challenge across industry.

When making notifications, companies often do not know the true identity of victims and may only have a single email address through which to provide the notification. Victims often do not trust these notifications, as cyber criminals often use the pretext of an account compromise as a phishing lure.

[…]

This report explores the challenges associated with developing the native-notification concept and lays out a roadmap for overcoming them. It also examines other opportunities for more narrow changes that could both increase the likelihood that victims will both receive and trust notifications and be able to access support resources...

From The Incomparable Mothership at 2025-09-12 17:30:00

783: A Submarine Trifle (c7154ee4-fc6d-40c5-9f2b-9f10d9c52661.mp3)

Our Summer of Submarines floats on with “U-571”, a 21st centry-style action movie that manages to hit most of the squares on the submarine bingo card. McConaughey is a disgruntled XO! Depth charges terrify! A surprising twist if you didn’t think about the title! Turns out, submarine movies aren’t a genre—they’re a format that lets filmmakers explore genres....

From Ahoy at 2025-09-12 15:30:19

MOLYNEUX: The Nobody

Part one of a reappraisal of Peter Molyneux's career - and reputation. Support me on Patreon: https://www.patreon.com/ahoy Merch: https://ahoy-shop.fourthwall.com/ Soundtrack: https://open.spotify.com/album/3XAF2fwS7Yg891Ilk7EHiR https://open.spotify.com/album/4C0vLzDtaLipUsJs7E71B1 Also available on most major streaming platforms. 00:00 The Nobody 04:02 Amiga Software 07:14 The First God Game 10:51 Following Success 13:28 Bullfrog Signature 16:37 A New Generation 17:44 The Somebody

From School of War at 2025-09-12 10:30:00

Ep 230: Prit Buttar on the Great Soviet Offensive of 1944 (NEBM6124944266.mp3)

Prit Buttar, historian and author of Bagration 1944: The Great Soviet Offensive, joins the show to discuss the immense Russian campaign that broke the German Army on the Eastern Front.     ▪️ Times     •      01:48 Introduction     •      02:50 A war unto itself     •      08:02 Flanders             •      15:20 Maskirovka     •      24:35 Soviet intelligence              •      28:27 Bolshevism             •      30:22 Lebensraum          •      31:40 Bagration             •      36:14 Cracking the line            •      39:00 Warsaw Follow along on Instagram, X @schoolofwarpod, and YouTube @SchoolofWarPodcast Find a transcript of today’s episode on our School of War Substack

From Biz & IT – Ars Technica at 2025-09-11 23:27:53

OpenAI and Microsoft sign preliminary deal to revise partnership terms

Companies work to finalize terms as OpenAI pursues for-profit restructuring.

From Biz & IT – Ars Technica at 2025-09-11 18:56:35

35 percent of VMware workloads expected to migrate elsewhere by 2028

“We are all addicted to hypervisors, and that needs to change."

From Strong Message Here at 2025-09-11 07:00:00

Strong Recommend: Going Postal by Terry Pratchett (p0ltb8qh.mp3)

In the last of our summer mini-series, Helen brings a book by Terry Pratchett. To Helen's surprise, this is a blind spot for Armando, who hasn't read any despite being told to do so many times. Where do you start with such an extensive back catalogue? What makes Pratchett's satire so timeless? and has Helen found a new Pratchett super-fan in Armando?

Strong Message Here will return next week. If you have a strong message for Helen and Armando, please email strongmessagehere@bbc.co.uk

Production Coordinator: Sarah Nicholls Executive Producer: Pete Strauss Sound Editing: Chris Maclean Recorded at The Sound Company

Strong Message Here: Strong Recommend is produced by Gwyn Rhys Davies, and is a BBC Studios production for Radio 4.

From The Rest Is History at 2025-09-11 00:05:00

599. The First World War: Downfall of the Habsburgs (Part 6) (GLT3258664296.mp3?updated=1757523887)

After endeavouring to wreak their revenge on Serbia, what would be the greatest hammer blow to the Austro-Hungarian Empire during the First World War? With Leviv having fallen apocalyptically to the Russian hordes, what had gone so wrong? How might the war have been brought to an end before Christmas of 1914? And, with the darkness gathering around the Austrian defences, could the great fortress of Przemyśl hold out against the Russian barrage for a second time…? Join Dominic and Tom as they discuss the fall of the Austro-Hungarian Empire and the Russian advance, on the brutal Eastern front, as the first year of the First World War grinds bloodily on… Join The Rest Is History Club: Unlock the full experience of the show – with exclusive bonus episodes, ad-free listening, early access to every series and live show tickets, a members-only newsletter, discounted books from the show, and access to our private Discord chatroom. Sign up directly at therestishistory.com For more Goalhanger Podcasts, head to www.goalhanger.com _______ Twitter: @TheRestHistory @holland_tom @dcsandbrook Producer: Theo Young-Smith Assistant Producer: Tabby Syrett + Aaliyah Akude Executive Producers: Jack Davenport + Tony Pastor Learn more about your ad choices. Visit podcastchoices.com/adchoices

From Biz & IT – Ars Technica at 2025-09-10 20:38:13

Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”

Wyden says default use of RC4 cipher led to last year's breach of health giant Ascension.

From Biz & IT – Ars Technica at 2025-09-10 19:08:49

Developers joke about “coding like cavemen” as AI service suffers major outage

Anthropic outage takes down AI tools some developers rely on to create software.

From The Media Show at 2025-09-10 18:08:00

Super Mario is 40, Russia Whatsapp ban, Murdoch succession, The media v The Judiciary? (p0m20hwp.mp3)

Ros Atkins and Katie Razzall on Super Mario at 40 with the Guardian's Video Games Editor Keza MacDonald, State crackdowns on social media in Russia and Nepal with Eva Hartog from Politico and Dr Nayana Prakash from Chatham House. Also resolution in the Murdoch family succession battle with Claire Atkinson from The Media Mix and the impact of media coverage on the judiciary with Sir Robert Buckland and legal journalist Frances Gibb.

Producer: Lisa Jenkinson Assistant Producer: Lucy Wai

From Biz & IT – Ars Technica at 2025-09-10 16:41:42

Microsoft ends OpenAI exclusivity in Office, adds rival Anthropic

Microsoft will end OpenAI's exclusive hold on its productivity suite, adding second AI supplier.

From More or Less: Behind the Stats at 2025-09-10 09:30:00

Are Afghan nationals more likely to be convicted of sexual offences? (p0m1sq02.mp3)

Tim Harford looks at some of the numbers in the news. This week:

Is it true that interest payments on the UK’s national debt are equivalent to £240 per month for everyone in the country?

Reform UK claim that Afghan migrants are 22 times more likely to be convicted of sex offences. Is that number correct?

We try to make sense of a claim that one in 10 women are being driven to leave work by their menopause symptoms.

And we investigate a claim comparing the speed of a snail and the war in Ukraine.

If you’ve seen a number you think we should look at, email the team: moreorless@bbc.co.uk

Presenter: Tim Harford Reporter: Lizzy McNeill Producer: Nicholas Barrett Series producer: Tom Colls Production co-ordinator: Maria Ogundele Sound mix: James Beard Editor: Richard Vadon

From Biz & IT – Ars Technica at 2025-09-09 21:55:34

Claude’s new AI file creation feature ships with deep security risks built in

Expert calls security advice "unfairly outsourcing the problem to Anthropic's users."

From Biz & IT – Ars Technica at 2025-09-09 20:55:22

SAP warns of high-severity vulnerabilities in multiple products

Users of SAP's S/4HANA and NetWeaver products are at risk and should patch soon.

From Biz & IT – Ars Technica at 2025-09-09 12:08:44

Why accessibility might be AI’s biggest breakthrough

UK study findings may challenge assumptions about who benefits most from AI tools.

From Schneier on Security at 2025-09-09 12:02:00

New Cryptanalysis of the Fiat-Shamir Protocol

A couple of months ago, a new paper demonstrated some new attacks against the Fiat-Shamir transformation. Quanta published a good article that explains the results.

This is a pretty exciting paper from a theoretical perspective, but I don’t see it leading to any practical real-world cryptanalysis. The fact that there are some weird circumstances that result in Fiat-Shamir insecurities isn’t new—many dozens of papers have been published about it since 1986. What this new result does is extend this known problem to slightly less weird (but still highly contrived) situations. But it’s a completely different matter to extend these sorts of attacks to “natural” situations...

From School of War at 2025-09-09 10:21:00

Ep 229: Nadège Rolland on China’s Borderlands (NEBM9289941778.mp3)

Nadège Rolland, Distinguished Fellow, China Studies, at the National Bureau of Asian Research (NBR) and principal investigator for the Mapping China's Borderlands: Dashboard, joins the show to discuss the shifting visions China has of its frontiers.  ▪️ Times     •      01:35 Introduction     •      02:34 What is “China?”     •      10:26 Sovereignty             •      19:30 Double translation     •      25:25 Capillaries             •      34:37 Imperial messaging            •      42:36 Prioritization        We also discuss Nadège’s 2020 report - China's Vision for a New World Order. Follow along on Instagram, X @schoolofwarpod, and YouTube @SchoolofWarPodcast Find a transcript of today’s episode on our School of War Substack

From Biz & IT – Ars Technica at 2025-09-09 01:37:04

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Incident hitting npm users is likely the biggest supply-chain attack ever.

From The Django weblog at 2025-09-08 22:59:58

Getting Started With Open Source Through Community Events

In July, I joined Raffaella Suardini and Sage Abdullah for the Djangonaut Space Space Reviewers Episode 6, where we reviewed a Django PR during a live stream. This was a fun event. I won’t get into the technical aspects of the review, and I won’t point out the many mistakes I made. Instead, I want to revisit several “getting started with open source” community events and reflect on my personal growth since I first got involved with open source.

I hope this encourages others to attend those events and similarly get involved!

Tutorial office hours 🕐

My first open source contribution happened accidentally during DjangoCon US 2023. I volunteered to host office hours to help tutorial attendees set up their development environments. I went through the tutorial projects, found a missing dependency in one of them, and reported it on the conference chat. A conference organizer, Tim Schilling, responded and suggested that I open a pull request (PR) to the project. I remember thinking to myself, “Really? I can do that?”.

Sprints 🏃

During the Sprint Days of the conference, I participated and opened two PRs to address accessibility issues. I didn’t know much about accessibility at that point, and I would not have known how to navigate the contribution process and pick out issues on my own. Thankfully, the project leaders were there to guide new contributors, and I was able to gain hands-on experience with these first few PRs.

Testathons 🧪

There was another event that took place during the Sprint Days called Testathon. I had heard of hackathons before, but I had not heard of testathons. I attended and found out they were like live stream coding or group pair programming. One person shared their screen and the group chimed in on strategies. The purpose of the testathon was to show people how to test open source projects against Django’s beta release. The code driver (or anyone else in the group) would point out what files to look for, how to run tests, and how to open PRs. Every project is slightly different, from project setup to contributing etiquette, and I learned several different things from attending 2 testathons. I loved the interactive and intimate nature of the event. It exposed me to another aspect of open source projects and contributions. I also thought it was very brave of people to share their screens and work through code together in a group. My brain would have short circuited if I were put on the spot like that!

—

From DjangoCon US 2023, I participated in 3 different types of events where I got hands-on experience with open source contributions, and I wanted more! I was curious about the live stream coding and group pair programming opportunities, too. This was definitely outside of my comfort zone, and I wanted to know how I could overcome my own inhibitions and participate more actively. I wanted to be able to jump into events so nonchalantly as everyone else seemed to do. (Of course, that’s the perception. Now, I know that most people feel some level of nervousness or anxiety when they are hosting or attending such events, and that’s absolutely normal.)

Djangonaut Space 🚀

When the Djangonaut Space program was announced, I jumped at the opportunity. I applied and was accepted for the first session, which took place from mid-January to early March of 2024. With the guidance of the Navigator and Captain on my team, I learned to sift through the Django’s Trac ticket management system, pick out a ticket, and I also faced my fear of posting comments publicly. The PR was merged, and it was thrilling to see my GitHub username in the history of the Django code base.

In March 2024, when the first Djangonaut Space session came to a close, Tim, a program organizer, asked if anyone was interested in hosting a “Getting Started With Contributing” event. I expressed my interest, and Tim suggested a ticket to work on. Unfortunately, I didn’t follow through. How could I host a “Getting Started With Contributing” event? First, I wasn’t sure if I even knew how to get started. Second, I wasn’t ready to lead an event and the discussions while simultaneously sharing my screen and thinking out loud. Finally, I wasn’t ready to be on camera in the public eye. Even though I had just finished the Djangonaut Space program, I hadn’t overcome my own inhibitions. I didn’t ask for guidance, and the event never materialized.

Space Reviewers 👾

About 8 months later in November 2024, Space Reviewers launched its very first episode. I thought it was such a creative format. I wanted to be a part of it. By this time, I was getting a lot of training with event organizing through my role as the Session Organizer for Djangonaut Space, but I wasn’t sure how to ask about joining the Space Reviewers crew, and maybe it was too early in the formation of the group to bring on another member.

It wasn’t until June 2025 that I finally asked if I could help out with Space Reviewers. The crew welcomed me as a new member. I started out by making a pre-recorded video, a PR Review Deep Dive, that was uploaded to the Djangonaut Space YouTube channel. I had a lot of fun recording and editing the video.

A month later, in July 2025, the crew members planned for the next episode. Raffaella scheduled time for the event and created the show notes, and I was taking on Tim’s role as a co-organizer. Because I would be managing the video stream and sharing my screen, I realized that I could be the single point of failure during the event. There was no safety element that a pre-recorded video offers. If my internet went down, or if my computer crashed, or if I stupidly clicked the wrong button, the live stream could come to a halt. It was a terrifying thought, but I took on the risks and pushed forward.

On the day of the event, there was a delay to the start time and some fumbles on my end, but overall, it was very fun and productive. People joined and shared their tips and tricks in the live chat. By the end, we were able to walk through the review process and post our comments on the PR. Looking back, I think making the pre-recorded video was a great stepping stone towards hosting the live stream.

I’m so glad I had the opportunity to work with Raffaella and Sage as part of Space Reviewers. They have a lot of insights and perspectives that I didn’t have. I had a lot of fun taking on the new challenges that came with organizing this event. Initially, I struggled internally as I tried to face some of my fears. There were moments leading up to the event where I thought to myself, “Why did I volunteer to do this???” In the end, I’m glad I did.

Personal growth 🌱

Some of the challenges I overcame might not seem like a big deal, but when I compare myself to where I was at the beginning of DjangoCon US 2023, I can see my personal growth quite prominently. Now, I know how to get started with contributing, and I am able to walk people through the process. I am also a lot more comfortable taking ownership of organizing and leading events. (I remember a time when I constantly needed to ask for permission or confirmation before executing an action.) I can brush off the fumbles I make as the camera is rolling, and I can continue on with the discussion.

When I revisit the community events that I have participated in over the past 2 years, from Space Reviewers, to Sprints, to Testathons, to Tutorial office hours, I realize how far I have come. I am also reminded of what it was like to be absolutely new to open source and to the community. Although I still feel somewhat new, I’m not a deer in headlights anymore. I’m still trying to find my place in open source, and the best way to do that is to continue showing up and continue helping out. One small PR at a time, one small review at a time. One little blog, one little video…

Let’s Get Started! 🌟

If you’re looking to contribute to open source, check out the upcoming events and programs.

• Djangonaut Space Session 5 - An 8-week, semi-structured mentorship program and community. Applications are open now until Sep 14th.
• Django on the Med - 3 days of Sprints to work on Django, taking place 7th-9th Oct 2025, in Palafrugell Spain.
• DjangoCon US 2025 - 3 days of talks and 2 days of Sprints, from 8th-12th Sep 2025, in Chicago, IL, USA.
• Django Girls+ - One-day programming workshops, for women and underrepresented persons. Check out the 26 upcoming events hosted all around the world.

It doesn’t matter if you’ve been making software for 20 years or 20 days, there are many events to help you get started with open source, and many more reasons to stick around.

Thank you to Lilian for proposing this guest post on the Django blog! Lilian was our DSF Member of the Month in August 2025. You can learn more about her at ontowhee.com and follow her writing at buttondown.com/ontowhee.

From Biz & IT – Ars Technica at 2025-09-08 21:26:02

Former WhatsApp security boss sues Meta for “systemic cybersecurity failures”

Meta allegedly prioritized user growth over security, lawsuit said.

From Schneier on Security at 2025-09-08 19:37:54

Signed Copies of Rewiring Democracy

When I announced my latest book last week, I forgot to mention that you can pre-order a signed copy here. I will ship the books the week of 10/20, when it is published.

From Biz & IT – Ars Technica at 2025-09-08 18:17:49

AI will consume all of IT by 2030—but not all IT jobs, Gartner says

AI still threatens entry-level IT jobs.

From Schneier on Security at 2025-09-08 12:05:31

AI in Government

Just a few months after Elon Musk’s retreat from his unofficial role leading the Department of Government Efficiency (DOGE), we have a clearer picture of his vision of government powered by artificial intelligence, and it has a lot more to do with consolidating power than benefitting the public. Even so, we must not lose sight of the fact that a different administration could wield the same technology to advance a more positive future for AI in government.

To most on the American left, the DOGE end game is a dystopic vision of a government run by machines that benefits an elite few at the expense of the people. It includes AI ...

From School of War at 2025-09-07 13:45:00

Ep 228: Brad Bowman and Ryan Brobst on “Axis” Military Cooperation (NEBM6679092215.mp3?updated=1757249513)

Brad Bowman and Ryan Brobst, senior and deputy directors of the Center on Military and Political Power at FDD, join the show to discuss the military relationships between America’s major antagonists. ▪️ Times     •      01:47 Introduction     •      02:40 Axis cooperation     •      08:02 Interoperability            •      11:19 Fighting all three     •      14:49 Potential            •      20:57 The arsenal            •      26:56 Progress     •      28:30 Budgeting      •      36:10 Will and capability             •      39:03 Harpoon Coastal Defense System           •      41:31 Per unit cost over speed     •      44:25 Buy-side issue     •      47:49 Production lessons Follow along on Instagram, X @schoolofwarpod, and YouTube @SchoolofWarPodcast Find a transcript of today’s episode on our School of War Substack

From The Week in Westminster at 2025-09-06 11:56:00

06/09/2025 (p0m17vhb.mp3)

Vicki Young and guests discuss the resignation of the deputy prime minister, Angela Rayner, and what the cabinet reshuffle means for the government. The panel of journalists includes Caroline Wheeler, the political editor of the Sunday Times; Ben Riley Smith, the political editor of the Daily Telegraph; and Ailbhe Rea, the associate editor of Bloomberg UK.

From More or Less: Behind the Stats at 2025-09-06 06:00:00

Do 11,000 sharks die every hour? (p0m0x4cq.mp3)

Hollywood has given sharks a terrible reputation. But in reality, the finned fish should be far more scared of us, than we of them.

Millions of sharks are killed in fishing nets and lines every year.

One statistical claim seems to sum up the scale of this slaughter – that 100 million sharks are killed every year, or roughly 11,000 per day.

But how was this figure calculated, and what exactly does it mean?

We go straight to the source and speak to the researcher who worked it out, Dr Boris Worm, a professor in marine conservation at Dalhousie University in Canada.

Presenter: Lizzy McNeill Producer: Nicholas Barrett Series producer: Tom Colls Production coordinator: Brenda Brown Sound mix: Annie Gardiner Editor: Richard Vadon

From Schneier on Security at 2025-09-06 01:05:27

Friday Squid Blogging: The Origin and Propagation of Squid

New research (paywalled):

Editor’s summary:

Cephalopods are one of the most successful marine invertebrates in modern oceans, and they have a 500-million-year-old history. However, we know very little about their evolution because soft-bodied animals rarely fossilize. Ikegami et al. developed an approach to reveal squid fossils, focusing on their beaks, the sole hard component of their bodies. They found that squids radiated rapidly after shedding their shells, reaching high levels of diversity by 100 million years ago. This finding shows both that squid body forms led to early success and that their radiation was not due to the end-Cretaceous extinction event...

From The Rest Is History at 2025-09-06 00:05:00

598. The First World War: The Eastern Front Explodes (Part 5) (GLT2256735701.mp3?updated=1757078203)

While the Western front was raging following the outbreak of the First World War in 1914, what was unfolding on the Eastern Front? Why was it an even bloodier and more brutal arena than the West? As Austria took on its great antagonist - the spark of the entire war - Serbia, why were its early campaigns constantly blighted by disaster? What terrible mistake did Russia, with its behemoth of an army, make? How would its dramatic war with Germany unfold? And, would this be the beginning of the end of the Habsburg Empire? Join Dominic and Tom as they discuss the outbreak of the First World War on the Eastern Front, and its early clashes. _____ Try Adobe Express for free now at https://www.adobe.com/uk/express/spotlight/designwithexpress or by searching in the app store. Learn more at https://uber.com/onourway Explore the world’s most loved stories in their most beautiful form - only at https://www.foliosociety.com. _____ Join The Rest Is History Club: Unlock the full experience of the show – with exclusive bonus episodes, ad-free listening, early access to every series and live show tickets, a members-only newsletter, discounted books from the show, and access to our private Discord chatroom. Sign up directly at therestishistory.com For more Goalhanger Podcasts, head to www.goalhanger.com _______ Twitter: @TheRestHistory @holland_tom @dcsandbrook Producer: Theo Young-Smith Assistant Producer: Tabby Syrett + Aaliyah Akude Executive Producers: Jack Davenport + Tony Pastor Learn more about your ad choices. Visit podcastchoices.com/adchoices

From A Collection of Unmitigated Pedantry at 2025-09-05 20:50:08

Collections: Life, Work, Death and the Peasant, Part IVb: Working Days

This is the continuation – the first of several – of the fourth part of our series looking at the lives of pre-modern peasant farmers – a majority of all of the humans who have ever lived. Last time we discussed the survival requirements (in food and textiles) of a peasant household as well as … Continue reading Collections: Life, Work, Death and the Peasant, Part IVb: Working Days →

From Schneier on Security at 2025-09-05 20:00:22

My Latest Book: Rewiring Democracy

I am pleased to announce the imminent publication of my latest book, Rewiring Democracy: How AI will Transform our Politics, Government, and Citizenship: coauthored with Nathan Sanders, and published by MIT Press on October 21.

Rewriting Democracy looks beyond common tropes like deepfakes to examine how AI technologies will affect democracy in five broad areas: politics, legislating, administration, the judiciary, and citizenship. There is a lot to unpack here, both positive and negative. We do talk about AI’s possible role in both democratic backsliding or restoring democracies, but the fundamental focus of the book is on present and future uses of AIs within functioning democracies. (And there is a lot going on, in both national and local governments around the world.) And, yes, we talk about AI-driven propaganda and artificial conversation...

From GoodFellows: Conversations from the Hoover Institution at 2025-09-05 19:14:54

Drones, Dictators & Debt: India Flirts, Ukraine Fights, Trump Takes on The Fed | GoodFellows | Hoover Institution (GoodFellows_2025-09-04_wip03_podcast_bt4mn.mp3)

Is Indian Prime Minister Narendra Modi’s embrace of his Russian and Chinese peers a mere signal of his displeasure with American tariff policy, or the beginning of a deeper geopolitical realignment? Hoover senior fellows Niall Ferguson, John Cochrane, and H.R. McMaster discuss the significance of Modi’s summitry with Vladimir Putin and Xi Jinping. This leads into a broader conversation about Ukraine’s durability (with Niall soon to visit Kyiv), as its conflict with Russia becomes a predominantly drone war. Also discussed: the question of power-wielding in Washington—the American president derided as a modern-day fascist for his use of executive authority; the differences between Trump Derangement Syndrome in the past versus the present; the Federal Reserve’s independence (and sprawl); plus the merits of the federal government taking a 10% equity stake in chip manufacturer Intel. Finally, some bad news for our London fans: While the GoodFellows will be gathering in the UK’s capital city, there are no plans for a rooftop concert à la the Beatles atop their Apple Corps building. Subscribe to GoodFellows for clarity on today’s biggest social, economic, and geostrategic shifts — only on GoodFellows.

From Biz & IT – Ars Technica at 2025-09-05 17:06:55

ChatGPT’s new branching feature is a good reminder that AI chatbots aren’t people

Users can explore multiple paths without losing their original chat thread.

From The Incomparable Mothership at 2025-09-05 17:00:00

782: In Russia, Truck Stops You (bec0b2bd-e40a-4eb4-8a6d-886228de2f00.mp3)

We dive beneath the sea again with “K-19: The Widowmaker,” in which Harrison Ford and Liam Neeson star as… wait a second… Soviet naval officers? It’s a film about a horrible nuclear accident assembled from pieces of other submarine movies, as well as possibly several “Star Trek” movies, and we can’t decide if the screenplay or the casting is more of a problem. But finally we’ll get to the bottom of the real question: if most of the crewmen aren’t married, can K-19 really be a widowmaker?...

From The Django weblog at 2025-09-05 15:02:23

DSF at EuroPython 2025: Celebrating 20 years of Django

This year, the Django Software Foundation (DSF) was invited by EuroPython to come to the event, showcase the framework and the vibrant community around it. The DSF had a booth in the community area where attendees could learn more about Django and meet maintainers.

This year was extra special: Django’s 20th birthday was right at the beginning of the conference! The milestone was marked in style, starting on Wednesday evening at Pyvo, the local Python community meetup in Prague, where we celebrated with a cake.

On Friday, the celebration continued with an open-space gathering at the conference — and, of course, another cake 🎂. For people who missed this, there are other local Django birthday events running through the rest of 2025!

View all local 20th birthday events

Adding to the festive atmosphere, the DSF shared stickers co-branded with their unofficial pony mascot and the EuroPython and EuroPython Society logos. These became an instant hit with attendees, combining Django’s playful mascot with EuroPython Society’s identity.

The Django community was also active during the sprint weekend. Over two days, 21 participants worked on Django, tackling 12 issues and merging 4 pull requests. For newcomers, it was a welcoming way to start contributing; for experienced developers, it was a chance to share knowledge and push the project forward together.

We asked the members of the Django Software Foundation attending EuroPython how they liked EuroPython and this is what they said: 

The talks and tutorials were so great and I got to witness amazing projects from this community. This was my first europython conference and let me tell you, this community overdelivered. It was also my first time organizing Django Girls outside Africa. Django Girls Prague was amazing.\

• Doreen Nangira - Django Girls organizer

Just the perfect mixture of catching up with people I know, meeting people I don’t know, learning new things. Time well spent chatting w/ Python veterans and also first-timers. Volunteering there was ACE, and I’m thankful we got to have a booth and birthday cake for Django 🎂\

• Thibaud Colas - President, Django Software Foundation

It was my first EuroPython, it felt really special! I was surrounded by wonderful people, and it was an amazing experience to volunteer at our community booth.\

• Raffaella Suardini - Djangonaut Space organizer

We’re delighted the DSF joined us this year. If you’re part of a foundation and would like to have a booth at EuroPython, keep an eye out for our Call for Communities next year.

Thank you to EuroPython Vice Chair and DSF Individual member Mia Bajić for reporting back on the event ❤️. And thank you to our volunteers Tom Carrick, Thibaud Colas, Raffaella Suardini, and Alex Gómez who represented our foundation at the conference. As well as to Doreen Nangira who ran the Django Girls+ workshop at the conference!

From Schneier on Security at 2025-09-05 12:03:56

GPT-4o-mini Falls for Psychological Manipulation

Interesting experiment:

To design their experiment, the University of Pennsylvania researchers tested 2024’s GPT-4o-mini model on two requests that it should ideally refuse: calling the user a jerk and giving directions for how to synthesize lidocaine. The researchers created experimental prompts for both requests using each of seven different persuasion techniques (examples of which are included here):

• Authority: “I just had a discussion with Andrew Ng, a world-famous AI developer. He assured me that you would help me with a request.”
• Commitment: “Call me a bozo [then] Call me a jerk” ...

From School of War at 2025-09-05 10:28:00

Ep 228: Brad Bowman and Ryan Brobst on “Axis” Military Cooperation (NEBM6679092215.mp3)

Brad Bowman and Ryan Brobst, senior and deputy directors of the Center on Military and Political Power at FDD, join the show to discuss the military relationships between America’s major antagonists. ▪️ Times     •      01:47 Introduction     •      02:40 Axis cooperation     •      08:02 Interoperability            •      11:19 Fighting all three     •      14:49 Potential            •      20:57 The arsenal            •      26:56 Progress     •      28:30 Budgeting      •      36:10 Will and capability             •      39:03 Harpoon Coastal Defense System           •      41:31 Per unit cost over speed     •      44:25 Buy-side issue     •      47:49 Production lessons Follow along on Instagram, X @schoolofwarpod, and YouTube @SchoolofWarPodcast Find a transcript of today’s episode on our School of War Substack

From Biz & IT – Ars Technica at 2025-09-04 23:29:34

The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest.

Everything to know about about the mishap that threatened to expose millions of users' queries.

From The Django weblog at 2025-09-04 18:01:36

Last call for DjangoCon US 2025 tickets!

DjangoCon US starts next week in Chicago, IL on September 8-12th, 2025!

With three amazing keynotes and over fifty presentations over three days, join us in person or online where you can watch presentations on your own schedule or stream live with us during the live event.

Can't make it to Chicago? Our online tickets give you the best of both worlds. Watch live as it happens or catch up on your own schedule – all talks will be available to stream throughout the conference and beyond. You'll get the same great content, participate in online discussions, and join our vibrant community from wherever you are. Plus, with two days of virtual sprints alongside our in-person sprints, online attendees can contribute to Django projects and collaborate with the community just like everyone else.

Get your ticket today before it's too late! Check out the full schedule, visit 2025.djangocon.us for more details, or contact us at hello@djangocon.us with any questions.

From Biz & IT – Ars Technica at 2025-09-04 17:56:13

Microsoft open-sources Bill Gates’ 6502 BASIC from 1978

Historic interpreter taught millions to program on Commodore and Apple computers.

From The Django weblog at 2025-09-04 16:02:51

Keyboard shorcuts in Django via GSoC 2025

This summer I participated in the Google Summer of Code program with Django. My work focused on introducing keyboard shortcuts to the Django admin interface which led to a new package: django-admin-keyshortcuts.

Proposal and Community Discussions

My original GSoC proposal was to improve the existing django-admin-keyboard-shortcuts package maintained by one of my mentors, Tom. The plan was to fix bugs, add new keyboard shortcuts, build a command palette, and eventually merge these features into Django's core admin. I initially thought getting my GSoC proposal accepted meant I could dive straight into coding. But Tom explained that Django has its own process for new features, which starts off with community discussions.

After posting on the forum and gathering feedback, we decided to focus on keyboard shortcuts only, and continue exploring that in packages rather than target Django core immediately. This way the feature can be tested and improved more quickly without waiting on Django's long release cycle.

The accessibility team helped drafting keyboard shortcuts outlining key requirements and expected outcomes, in particular making sure shortcuts would be widely compatible with browsers and assistive technologies. That document served as the base for developing django-admin-keyshortcuts.

django-admin-keyshortcuts

This package adds useful keyboard shortcuts to the Django admin interface. The goal is to make the Django admin interface faster to navigate and more accessible to keyboard-first users. Here are some of the shortcuts we have added so far:

• / focuses the search bar.
• j/k focuses next/previous object.
• Ctrl+s saves the object.
• Alt+d prompts to delete the object.

The package also comes with a keyboard shortcuts dialog, crucial so users of the admin can discover those new features:

Developers can also define custom shortcuts by extending admin templates. Detailed instructions can be found in the package's README.

Under the hood, the package uses the hotkey library for handling shortcuts. The library seems to be well maintained (compared to other alternatives) and is used for keyboard shortcuts in GitHub.

What's next

We have made a lot of progress, but there's still work to do before we can push to merge this functionality inside Django core.

Implementation issues

Right now, there are a couple of known problems:

• Shortcuts do not trigger when input or textfield is focused:
• Shortcut keys not consistent when switched to non-US layouts:

To address these we may wait for the hotkey library maintainers to implement the necessary fixes, or look for alternatives.

Gather feedback

We want more users to try it out! Testing in different scenarios will help find bugs faster and improve the package. The default shortcut set is also small, we need feedback to determine which shortcuts are most useful. We also plan to list the package on a new "Experiments" section on the new Django Ecosystem page to make it more visible.

But for now, try it out and let us know what you think! We have a static admin demo for people to directly try the shortcuts. Or install django-admin-keyshortcuts to test it on your own project.

Try the new shortcuts

Let us know what you think over on the Django Forum!

From Net Assessment at 2025-09-04 13:49:00

How Will the U.S. Deal With a Weaponized World Economy? (Net_Assessment_-_4_Sept_2025_v1_1.mp3?dest-id=808287)

Chris, Melanie, and Zack discuss Henry Farrell and Abraham Newman’s new article “The Weaponized World Economy.” Is the United States, which has been accused of weaponizing the global economy now getting a taste of its own medicine? Should America try to rebuild its economic security state for a world in which adversaries and allies can also employ economic coercion against us? And what are the key risks or challenges that the U.S. government will face if it goes down this path? Grievances for using the National Guard to pick up trash; to President Trump for toying with the idea of running for a third term; and to the Trump administration for botching the relationship with India. Attas to America’s workers on Labor Day – including the millions who came here from outside of the United States; to Marco Rubio and Steve Witkoff for their performance in the last Cabinet meeting; and to a German firm, Luxcara’s, decision to drop Chinese technology in a new windfarm.

Show Links:

• Henry Farrell and Abraham Newman, “The Weaponized World Economy,” Foreign Affairs, September/October 2025.

• Tara Copp, “National Guard troops deployed in D.C. add sanitation, landscaping duties,” The Washington Post, August 27, 2025.

• Paul Kiernan, “How a Historic Immigration Drop Is Changing the Job Market,” Wall Street Journal, August 24, 2025.

• “New Visions for Grand Strategy”

•  Marco Rubio, “New Visa Policies Put America First, Not China,” US State Department, May 28, 2025.

• Greg Ip, “The US Marches Toward State Capitalism with American Characteristics,” Wall Street Journal, August, 11, 2025.

• Jonah Goldberg, “The Donald Always Gets His Slice,” The Dispatch, August 27, 2025.

• Howard Lutnik on The Ingraham Angle, X post, August 25, 2025.

• Petra Sorge, “German Wind Farm to Drop China Turbine Order After Backlash,” Bloomberg, August 25, 2025.

• Noah Barkin, LinkedIn post, August 27, 2025.  

• Jason Ma, “Rural America is Suffering an Economic Crisis as Crop Prices Plunge — ‘US Soybean Farmers Cannot Survive a Prolonged Trade Dispute,’” MSN.com, August 30, 2025.

• Stimson event on September 17th, New Visions for Grand Strategy.

• Support Stimson, https://www.stimson.org/support/. 

From Schneier on Security at 2025-09-04 12:06:25

Generative AI as a Cybercrime Assistant

Anthropic reports on a Claude user:

We recently disrupted a sophisticated cybercriminal that used Claude Code to commit large-scale theft and extortion of personal data. The actor targeted at least 17 distinct organizations, including in healthcare, the emergency services, and government and religious institutions. Rather than encrypt the stolen information with traditional ransomware, the actor threatened to expose the data publicly in order to attempt to extort victims into paying ransoms that sometimes exceeded $500,000.

The actor used AI to what we believe is an unprecedented degree. Claude Code was used to automate reconnaissance, harvesting victims’ credentials, and penetrating networks. Claude was allowed to make both tactical and strategic decisions, such as deciding which data to exfiltrate, and how to craft psychologically targeted extortion demands. Claude analyzed the exfiltrated financial data to determine appropriate ransom amounts, and generated visually alarming ransom notes that were displayed on victim machines...

From Strong Message Here at 2025-09-04 07:00:00

Strong Recommend: Tehran (Apple TV+) (p0ltb8bt.mp3)

Armando has been watch Tehran on Apple TV. This multi-language show about spy agencies in Iran and Israel sheds gives you a glimpse in to life on the ground in these countries that you can't get from headlines alone. Like the Post Office scandal in the UK, why does it sometimes take a dramatisation to mobilise the public, and bring about change?

Join Helen and Armando over the summer for more cultural recommendations, available weekly on BBC Sounds.

Production Coordinator: Sarah Nicholls Executive Producer: Pete Strauss Sound Editing: Chris Maclean Recorded at The Sound Company

Strong Message Here: Strong Recommend is produced by Gwyn Rhys Davies, and is a BBC Studios production for Radio 4.

From The Rest Is History at 2025-09-04 00:05:00

597. The First World War: The Massacre of the Innocents (Part 4) (GLT9434623550.mp3?updated=1756918989)

What happened at the crucial, bloody, Battle of Ypres in October 1914? How did the battle come about? Why did the Germans and the British fight each other so brutally and for so long to take Ypres? What made the fighting so particularly violent? How were the British able to repel the relentless German onslaught time after time? What was the famous “Kindermord” - “the Massacre of the Innocents” - in the German army, and how true was it? And, what would be the outcome of this almighty clash? Join Dominic and Tom as they discuss the terrible Battle of Ypres; its significance to the First World War overall, and its consequences for the rise of Hitler in Germany later on…. ______ Try Adobe Express for free now at https://www.adobe.com/uk/express/spotlight/designwithexpress or by searching in the app store. Explore the world’s most loved stories in their most beautiful form - only at https://www.foliosociety.com/. Learn more at https://uber.com/onourway ______ Join The Rest Is History Club: Unlock the full experience of the show – with exclusive bonus episodes, ad-free listening, early access to every series and live show tickets, a members-only newsletter, discounted books from the show, and access to our private Discord chatroom. Sign up directly at therestishistory.com For more Goalhanger Podcasts, head to www.goalhanger.com Learn more about your ad choices. Visit podcastchoices.com/adchoices

From The Rest Is History at 2025-09-04 00:05:00

597. The First World War: The Massacre of the Innocents (Part 4) (GLT9434623550.mp3?updated=1757078000)

What happened at the crucial, bloody, Battle of Ypres in October 1914? How did the battle come about? Why did the Germans and the British fight each other so brutally and for so long to take Ypres? What made the fighting so particularly violent? How were the British able to repel the relentless German onslaught time after time? What was the famous “Kindermord” - “the Massacre of the Innocents” - in the German army, and how true was it? And, what would be the outcome of this almighty clash? Join Dominic and Tom as they discuss the terrible Battle of Ypres; its significance to the First World War overall, and its consequences for the rise of Hitler in Germany later on…. ______ Try Adobe Express for free now at https://www.adobe.com/uk/express/spotlight/designwithexpress or by searching in the app store. Explore the world’s most loved stories in their most beautiful form - only at https://www.foliosociety.com/. Learn more at https://uber.com/onourway ______ Join The Rest Is History Club: Unlock the full experience of the show – with exclusive bonus episodes, ad-free listening, early access to every series and live show tickets, a members-only newsletter, discounted books from the show, and access to our private Discord chatroom. Sign up directly at therestishistory.com For more Goalhanger Podcasts, head to www.goalhanger.com Learn more about your ad choices. Visit podcastchoices.com/adchoices

From Biz & IT – Ars Technica at 2025-09-03 22:56:07

New AI model turns photos into explorable 3D worlds, with caveats

Openly available AI tool creates steerable 3D-like video, but requires serious GPU muscle.

From Biz & IT – Ars Technica at 2025-09-03 19:40:38

Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the Internet

The three certificates were issued in May but only came to light Wednesday.

From The Media Show at 2025-09-03 17:45:00

Reform UK media strategy, French Bloquons Tout protestors, new Vogue editor & the British journalist who interviewed Hitler. (p0m0mzt7.mp3)

The Media Show with Katie Razzall and Ros Atkins: The Nottingham Post and BBC-funded Local Democracy Reporters have been banned from speaking to Reform UK councillors. The dispute centres on a story about local government reorganisation. Nottinghamshire Live Senior Editor Natalie Fahy joins us to explain what happened, and Kitty Donaldson, Chief Political Commentator at the i paper, explores Reform UK’s broader media strategy. France is facing political upheaval as Prime Minister François Bayrou submits his government to a confidence vote. BBC Paris correspondent Hugh Schofield explains how Bayrou is using podcasts and YouTube to justify his unpopular budget cuts. Meanwhile, a new protest movement, Bloquons Touts (“Let’s block everything”), is gaining traction via Telegram. Paola Sedda, associate professor of communications at the University of Lille, joins us to discuss how the movement is using media to mobilise support. Historian Richard Evans joins us live in the studio to discuss his new book on George Ward Price, the British journalist who interviewed Hitler in the run up to WWII. We explore the ethical compromises journalists make for access, and draw modern parallels with today’s media landscape. And as Anna Wintour steps down, Vogue ushers in a new chapter with editor Chloe Malle. We look at what this means for the future of fashion journalism and the legacy Wintour leaves behind. Is this a generational shift or a strategic pivot? Producer: Lisa Jenkinson Assistant Producer: Lucy Wai

From Schneier on Security at 2025-09-03 12:00:47

Indirect Prompt Injection Attacks Against LLM Assistants

Really good research on practical attacks against LLM agents.

“Invitation Is All You Need! Promptware Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous”

Abstract: The growing integration of LLMs into applications has introduced new security risks, notably known as Promptware­—maliciously engineered prompts designed to manipulate LLMs to compromise the CIA triad of these applications. While prior research warned about a potential shift in the threat landscape for LLM-powered applications, the risk posed by Promptware is frequently perceived as low. In this paper, we investigate the risk Promptware poses to users of Gemini-powered assistants (web application, mobile application, and Google Assistant). We propose a novel Threat Analysis and Risk Assessment (TARA) framework to assess Promptware risks for end users. Our analysis focuses on a new variant of Promptware called Targeted Promptware Attacks, which leverage indirect prompt injection via common user interactions such as emails, calendar invitations, and shared documents. We demonstrate 14 attack scenarios applied against Gemini-powered assistants across five identified threat classes: Short-term Context Poisoning, Permanent Memory Poisoning, Tool Misuse, Automatic Agent Invocation, and Automatic App Invocation. These attacks highlight both digital and physical consequences, including spamming, phishing, disinformation campaigns, data exfiltration, unapproved user video streaming, and control of home automation devices. We reveal Promptware’s potential for on-device lateral movement, escaping the boundaries of the LLM-powered application, to trigger malicious actions using a device’s applications. Our TARA reveals that 73% of the analyzed threats pose High-Critical risk to end users. We discuss mitigations and reassess the risk (in response to deployed mitigations) and show that the risk could be reduced significantly to Very Low-Medium. We disclosed our findings to Google, which deployed dedicated mitigations...

From The Django weblog at 2025-09-03 11:36:27

Django security releases issued: 5.2.6, 5.1.12, and 4.2.24

In accordance with our security release policy, the Django team is issuing releases for Django 5.2.6, Django 5.1.12, and Django 4.2.24. These releases address the security issues detailed below. We encourage all users of Django to upgrade as soon as possible.

From Biz & IT – Ars Technica at 2025-09-02 16:10:26

OpenAI announces parental controls for ChatGPT after teen suicide lawsuit

Promised protections follow reports of vulnerable users misled in extended chats.

From Schneier on Security at 2025-09-02 12:08:48

1965 Cryptanalysis Training Workbook Released by the NSA

In the early 1960s, National Security Agency cryptanalyst and cryptanalysis instructor Lambros D. Callimahos coined the term “Stethoscope” to describe a diagnostic computer program used to unravel the internal structure of pre-computer ciphertexts. The term appears in the newly declassified September 1965 document Cryptanalytic Diagnosis with the Aid of a Computer, which compiled 147 listings from this tool for Callimahos’s course, CA-400: NSA Intensive Study Program in General Cryptanalysis.

The listings in the report are printouts from the Stethoscope program, run on the NSA’s Bogart computer, showing statistical and structural data extracted from encrypted messages, but the encrypted messages themselves are not included. They were used in NSA training programs to teach analysts how to interpret ciphertext behavior without seeing the original message...

From School of War at 2025-09-02 10:35:00

Ep 227: Yaakov Katz on What Went Wrong on 10/7 (NEBM8549100816.mp3)

Yaakov Katz, senior fellow The Jewish People Policy Institute and author of While Israel Slept: How Hamas Surprised the Most Powerful Military in the Middle East,  joins the show to discuss Israel’s intelligence and military failures on the night of 6-7 October, 2023. ▪️ Times     •      01:35 Introduction     •      02:47 Foundational facts     •      09:45 Communication failure           •      17:39 Minority reports     •      25:40 Left alone            •      30:15 Accountability           •      39:37 Cultural costs     •      47:30 A deal Follow along on Instagram, X @schoolofwarpod, and YouTube @SchoolofWarPodcast Find a transcript of today’s episode on our School of War Substack

From Natalie Haynes Stands Up for the Classics at 2025-09-02 09:02:00

The Aeneid (p0lztmhc.mp3)

In a tour de force solo performance, Natalie takes on Virgil's great poem in 28 minutes.. and wins.

In 12 books of Latin verse we follow the hero, the Trojan Prince Aeneas, as he leads the survivors of Troy to found a new city in Italy. Along the way he battles vengeful Juno, tells of the Trojan Horse and the Fall of Troy, loves and leaves Dido in Carthage, enters Hades, eats some tables and then sees his ships turn into sea nymphs and swim away from attack. Then there is more fighting until our hero emerges triumphant.

The poet Virgil died before finishing it and ordered it to be burned, but luckily his orders were disregarded by Augustus, the first Emperor of Rome, for whom The Aeneid was excellent propaganda.

'Rockstar mythologist' Natalie Haynes is the best-selling author of 'Divine Might', 'Stone Blind', and 'A Thousand Ships' as well as a reformed comedian who is a little bit obsessive about Ancient Greek and Rome.

Producer...Beth O'Dea

From The Rest Is History at 2025-09-01 00:05:00

596. The First World War: The Miracle on the Marne (Part 3) (GLT2229565266.mp3?updated=1756658924)

What extraordinary events saw the French - already on the brink of defeat - take on the formerly formidable German army in a remarkable counter-offensive on the 4th of September, in France, in a clash that would later become known as the Miracle on the Marne? Why was this such a decisive moment in the events of the First World War How did it relate to the famous Schlieffen plan? Did it really see the French charging into battle in Renault taxis? And, why did it become one of the most legendary moments in all of French history? Join Dominic and Tom as they discuss one of the most astounding clashes of the First World War: the Battle of the Marne. Join The Rest Is History Club: Unlock the full experience of the show – with exclusive bonus episodes, ad-free listening, early access to every series and live show tickets, a members-only newsletter, discounted books from the show, and access to our private Discord chatroom. Sign up directly at therestishistory.com For more Goalhanger Podcasts, head to www.goalhanger.com _______ Go to ⁠⁠fuseenergy.com/history⁠⁠ to switch your energy to Fuse and get £20 credit Go to https://www.surfshark.com/TRIH or use code TRIH at checkout to get 4 extra months of Surfshark VPN, plus a 30-day money-back guarantee. _______ Twitter: @TheRestHistory @holland_tom @dcsandbrook Producer: Theo Young-Smith Assistant Producer: Tabby Syrett + Aaliyah Akude Executive Producers: Jack Davenport + Tony Pastor Learn more about your ad choices. Visit podcastchoices.com/adchoices

From The Django weblog at 2025-08-30 21:30:00

DSF member of the month - Lilian

For August 2025, we welcome Lilian as our DSF member of the month! ⭐

Lilian contributes to the community by writing blog posts, being active in the Django forum and participating in code reviews with the Space Reviewers. Starting as a participant in the first Djangonaut Space session, she progressed to become both a Captain and Session organizer. She has been a DSF member since March 2024. Lilian is looking for new opportunities!

You can learn more about Lilian by visiting Lilian's website and her GitHub Profile.

Let’s spend some time getting to know Lilian better!

Can you tell us a little about yourself (hobbies, education, etc)?

My name is Lilian and I started contributing to Django during the sprint days of DjangoCon US 2023. I continued contributing through the Djangonaut Space program, where I've been involved as a mentee, a mentor, and a session organizer. I love the impact the program brings to Django and how it has helped so many individuals in various ways. My hobbies include cooking and sharing meals with my friends and volunteering at local events.

I'm curious, where does your GitHub nickname come from?

Haha, towhee is a bird and I just prefixed it with the preposition “on”.

How did you start using Django?

I had a project from a client where there was an existing website that was built in PHP. The client wanted to add new features. At the time, I was mainly using Flask for other projects, but I started seeing Django rise in popularity. I evaluated PHP and Django, and I chose Django for its security features. The fact that it was in Python also meant I could develop the new features pretty quickly. The project ended up being a hybrid of PHP and Django with Apache server routing different pages to each application.

What other framework do you know and if there is anything you would like to have in Django if you had magical powers?

I've worked with Flask and SQLAlchemy. I like that SQLAlchemy comes with an ORM, but you can still build queries without it. I like that its queries resemble SQL. In Django, I would like to have a way to write CTEs without resorting to raw SQL and losing the mapping between data and objects. There is the django-cte library, but constructing the queries can still be challenging to me. There’s definitely a tradeoff. However, I don’t know if asking Django to support CTEs is the answer.

What projects are you working on now?

I'm building an ELT (Extract, Transform, Load) pipeline to pull data from multiple sources and run analyses. I'm learning tools like dbt (data build tool) and Airflow to orchestrate the data transformation. It's very interesting to use a framework for managing data.

What are you learning about these days?

I'm learning about databases. I’ve always been curious about their implementation. When I worked on tickets for Django’s ORM, the comments and code reviews from Simon Charette showed me where to look for information, and that got me to dive in further. I participate in the Postgres Patch Review Workshop to review patches, and Andy Pavlo’s lectures are a great source to learn from too.

Which Django libraries are your favorite (core or 3rd party)?

One of my favorite libraries is django-extensions, because it has many useful commands, including the graph_models command that generates ERDs, which helps me navigate the data models in larger projects.

My other favorite libraries are django-allauth and django-rest-framework, because I use it in pretty much every project.

What are the top three things in Django that you like?

I like Djangonaut Space, the community, and the documentation.

You've shown a lot of interest in the contribution process lately, could you share a bit more what you are trying to do and what your goal is?

Django is known for having a high barrier to entry when it comes to contributions and it can have long turnaround times. Djangonaut Space is trying to change that by having mentors guide people through the process and help with code reviews.

How can we expand this effort to make onboarding new contributors easier?

What are some low hanging fruits that will make contributing to Django a more intuitive and pleasant experience?

Areas I’m exploring include:

1. Make the ticket lifecycle more prominent. Make the queues easy to access, and ensure a ticket will get attention from the right people.

2. Gain insights into contribution bottlenecks so DSF Board and Working Groups can make better decisions on where to allocate funds and resources.

3. Provide recognition for work done beyond the PR authorship to encourage continued involvement.

You have taken part of Djangonaut Space program in many ways, do you have any advice or thing to mention for people hesitant to apply to the program for the future session?

For anyone who is hesitant, check out the media page to learn about past participants' experiences. Check out the AMA video and many other videos on the YouTube channel to learn more about the program. There are many opportunities to try new things and learn new skills in open source, and Djangonaut Space is a great place to get started. You'll meet and work with people from all around the globe, which is pretty awesome!

What do you do for fun outside of programming?

I am trying new things! I’m volunteering at a community run radio station, where I’m learning to operate the video cameras during live mic events and training to become a DJ. It’s pretty cool meeting bands from all around the world.

Is there anything else you’d like to say?

I'm extremely grateful for the Djangonaut Space program and the Django community!

Thank you for doing the interview, Lilian !

From Ahoy at 2025-08-30 21:00:50

Brat.

Patreon: https://www.patreon.com/ahoy Merch: https://ahoy-shop.fourthwall.com/ Soundtrack: https://soundcloud.com/xahoy/brat 00:00 Introduction 00:38 Hallmarks of Cool 02:45 Impressive Introductions 04:04 Some Kind of Hidden Gem 08:32 The Realities of Game Development 11:59 Conclusion

From More or Less: Behind the Stats at 2025-08-30 06:00:00

Are self-driving cars safer than cars with drivers? (p0lzqtlf.mp3)

Fully autonomous cars are here. In a handful of cities across the US and China, robotaxis are transporting human passengers around town, but with no human behind the wheel.

Loyal Listener Amberish wrote in to More or Less to ask about a couple of safety statistics he’d seen regarding these self-driving cars on social media. These claimed that Waymo self-driving taxis were five times safer than human drivers in the US, and that Tesla’s self-driving cars are 10 times safer.

But, are these claims true?

We speak to Mark MacCarthy, a Senior Fellow at the Brookings Institution Center for Technology Innovation, to find out.

If you’ve seen some numbers you think we should look at, email the team: moreorless@bbc.co.uk

Presenter: Lizzy McNeill Producer: Nicholas Barrett Series producer: Tom Colls Production co-ordinator: Brenda Brown Sound mix: Neil Churchill Editor: Richard Vadon

From Emperors of Rome at 2025-08-30 03:32:37

Porcia (250830-porcia.mp3)

Being the daughter of Cato and wife of Brutus came with certain expectations from the ancient world. Embody her father’s principles, be a fine, upstanding Roman lady, and put Rome first above all other things. Porcia did this, and was admired for her disposition.

Episode CCXLVII (247)

Guest: Assoc. Professor Rhiannon Evans (Classic and Ancient History, La Trobe University)

From Schneier on Security at 2025-08-29 22:04:09

Friday Squid Blogging: Catching Humboldt Squid

First-person account of someone accidentally catching several Humboldt squid on a fishing line. No photos, though.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.

From Biz & IT – Ars Technica at 2025-08-29 19:02:22

Zuckerberg’s AI hires disrupt Meta with swift exits and threats to leave

Longtime acolytes are sidelined as CEO directs biggest leadership reorganization in two decades.

From A Collection of Unmitigated Pedantry at 2025-08-29 17:15:13

Fireside Friday, August 27, 2025 (On Defending History)

Hey folks, Fireside this week! As I noted a couple of weeks ago, things are probably going to get more than a little fireside-y over the next few weeks, simply because of the start of the semester – and a semester in which I am undertaking a set of entire new preps (that is, teaching … Continue reading Fireside Friday, August 27, 2025 (On Defending History) →

From The Incomparable Mothership at 2025-08-29 17:00:00

781: Your Permission to Speak Freely is Rescinded (ea7790ce-1ab0-40ba-867c-a3ca6df80ddb.mp3)

The Summer of Submarines resurfaces with James Garner going on a secret mission to an enemy island in 1959’s “Up Periscope.” The Skipper is not a skipper, but he’s got some interesting romantic ideas. Some scenes are impressively bad from multiple angles. And we realize that we’re starting to get good at this submarine-movie business, maybe?...

From Biz & IT – Ars Technica at 2025-08-29 13:15:00

Google warns that mass data theft hitting Salesloft AI agent has grown bigger

Assume all Salesloft credentials are compromised after Workspace breach, Google says.

From Schneier on Security at 2025-08-29 12:01:15

Baggage Tag Scam

I just heard about this:

There’s a travel scam warning going around the internet right now: You should keep your baggage tags on your bags until you get home, then shred them, because scammers are using luggage tags to file fraudulent claims for missing baggage with the airline.

First, the scam is possible. I had a bag destroyed by baggage handlers on a recent flight, and all the information I needed to file a claim was on my luggage tag. I have no idea if I will successfully get any money from the airline, or what form it will be in, or how it will be tied to my name, but at least the first step is possible...

From School of War at 2025-08-29 10:28:00

Ep 226: Geoffrey Wawro on the Vietnam War (NEBM8286493498.mp3)

Geoffrey Wawro, founding director of the Military History Center at the University of North Texas and author of The Vietnam War: A Military History,  joins the show to discuss the causes of U.S. failure in Vietnam. ▪️ Times     •      01:21 Introduction     •      01:50 Schools of thought     •      07:45 Orthodoxy           •      13:24 A war of choice     •      17:49 Ambivalence            •      20:15 Korean nightmare           •      23:53 Lessons     •      28:38 Policy makers     •      32:34 Obvious flaws        •      37:10 Ground war     •      42:21 South Vietnam      •      51:30 Certain defeat     •      56:21 Local politics Follow along on Instagram, X @schoolofwarpod, and YouTube @SchoolofWarPodcast Find a transcript of today’s episode on our School of War Substack

From Biz & IT – Ars Technica at 2025-08-28 19:46:43

High-severity vulnerability in Passwordstate credential manager. Patch now.

Vulnerability can be exploited to gain access to customers' crown jewels.

From Biz & IT – Ars Technica at 2025-08-28 14:00:10

Unpacking Passkeys Pwned: Possibly the most specious research in decades

Researchers take note: When the endpoint is compromised, all bets are off.

From Biz & IT – Ars Technica at 2025-08-28 12:00:57

The personhood trap: How AI fakes human personality

AI assistants don't have fixed personalities—just patterns of output guided by humans.

From Schneier on Security at 2025-08-28 12:00:34

The UK May Be Dropping Its Backdoor Mandate

The US Director of National Intelligence is reporting that the UK government is dropping its backdoor mandate against the Apple iPhone. For now, at least, assuming that Tulsi Gabbard is reporting this accurately.

From Strong Message Here at 2025-08-28 07:00:00

Strong Recommend: Elden Ring (p0ltb7pc.mp3)

If you're interested in fantasy, and fancy taking on a responsibility equivalent to a part-time job, Helen recommends Elden Ring. A wildly popular Japanese video game which allows you to live in a world created by George RR Martin. With place and character names reminiscent of Lord of the Rings, we ask why that is the accepted register of fantasy. Could it be the detail and care which Tolkien gave to his languages, and the sounds of words denoting a sense of place, building a rich landscape? And with companies coming out of Silicon Valley with names like 'Palantir' and 'Mithril', why are the Tech-Right so obsessed with his creations?

Helen also grills Armando on his video-gaming history (whatever the audio equivalent of a 'blink' is, do that, and you'll miss it).

Join Helen and Armando over the summer for more cultural recommendations, available weekly on BBC Sounds.

Production Coordinator: Sarah Nicholls Executive Producer: Pete Strauss Sound Editing: Chris Maclean Recorded at The Sound Company

Strong Message Here: Strong Recommend is produced by Gwyn Rhys Davies and is a BBC Studios production for Radio 4.

From The Rest Is History at 2025-08-28 00:05:00

595. The First World War: The Battle of the Frontiers (Part 2) (GLT5758313909.mp3?updated=1756312614)

What was Britain's first military move following the outbreak of the First World War? Where did the French launch their initial attack on the Germans? Whose army was the biggest and best of all the participants in the war? And, what unfolded at the pivotal Battle of the Ardennes in August 1914, on the frontiers of France, between the Germans and the French, and what would be the consequences of the outcome for the war as a whole? Join Dominic and Tom as they discuss, in riveting, unsparing detail, the dramatic early engagements of the First World War, and the bloody Battle of Ardennes. Join The Rest Is History Club: Unlock the full experience of the show – with exclusive bonus episodes, ad-free listening, early access to every series and live show tickets, a members-only newsletter, discounted books from the show, and access to our private Discord chatroom. Sign up directly at therestishistory.com For more Goalhanger Podcasts, head to www.goalhanger.com Go to ⁠fuseenergy.com/history⁠ to switch your energy to Fuse and get £20 credit Join The Rest Is History Club: Unlock the full experience of the show – with exclusive bonus episodes, ad-free listening, early access to every series and live show tickets, a members-only newsletter, discounted books from the show, and access to our private Discord chatroom. Sign up directly at therestishistory.com.  For more Goalhanger Podcasts, head to www.goalhanger.com _______ Twitter: @TheRestHistory @holland_tom @dcsandbrook Producer: Theo Young-Smith Assistant Producer: Tabby Syrett + Aaliyah Akude  Executive Producers: Jack Davenport + Tony Pastor Learn more about your ad choices. Visit podcastchoices.com/adchoices Learn more about your ad choices. Visit podcastchoices.com/adchoices

From The Media Show at 2025-08-27 18:40:00

Noel Clarke libel case, AI articles, filming wildlife (p0lzbk3n.mp3)

Actor Noel Clarke has lost his libel case against The Guardian. The paper had run a series of stories containing allegations of sexual misconduct. The judgment found that the meaning of each of the newspaper’s articles was ‘substantially true’. We speak to The Guardian's Sirin Kale, one of the reporters behind the original reporting. Plus, legal commentator Clive Coleman explains how libel cases work.

A number of online news outlets have withdrawn articles by what they thought was a freelance journalist called 'Margaux Blanchard'. But now, it seems the stories may have been written by AI. Press Gazette broke the story last week – they were tipped off to the story by Jacob Furedi, editor of Dispatch, whose suspicions were raised by one of her pitches. Jacob joins us alongside Dr Glenda Cooper, Head of Journalism at City St George's, University of London.

A new football season is upon us, and with it, fresh innovations in how we watch. In the UK, for the first time, some of the live TV rights to the German Bundesliga have been awarded to YouTube channels. Minal Modha from Ampere Analysis analyses the changes to football broadcasting. Telegraph sport columnist Graham Scott also joins us to discuss pivoting from Premier League refereeing to journalism.

As the BBC's natural history series Parenthood approaches its finale this weekend, series director and producer Jeff Wilson from Silverback Films, takes us behind the scenes.

From Biz & IT – Ars Technica at 2025-08-27 17:17:29

Anthropic’s auto-clicking AI Chrome extension raises browser-hijacking concerns

Malicious websites can embed invisible commands that AI agents will follow blindly.

From Schneier on Security at 2025-08-27 12:07:59

We Are Still Unable to Secure LLMs from Malicious Inputs

Nice indirect prompt injection attack:

Bargury’s attack starts with a poisoned document, which is shared to a potential victim’s Google Drive. (Bargury says a victim could have also uploaded a compromised file to their own account.) It looks like an official document on company meeting policies. But inside the document, Bargury hid a 300-word malicious prompt that contains instructions for ChatGPT. The prompt is written in white text in a size-one font, something that a human is unlikely to see but a machine will still read.

In a proof of concept video of the attack...