A dating site launched last week by Belgian artist Dries Depoorter matches potential partners based on their internet browsing histories rather than curated profiles or photos. Browser Dating requires users to download a Chrome or Firefox extension that exports and uploads their recent search data, creating matches based on shared online behaviors and interests rather than traditional dating app metrics.

Less than 1,000 users have signed up since the platform's launch, paying a one-time fee of $10.3 for unlimited matches or using a free tier limited to five connections. Depoorter, known for digital art projects exploring surveillance and technology, says the concept emerged from a 2016 workshop where participants shared a year of search history data. The platform processes browsing data locally using Google's Firebase tools.

Hong Kong authorities have invoked national security laws for the first time to ban the Taiwan-made video game Reversed Front: Bonfire, accusing it of promoting "secessionist agendas, such as 'Taiwan independence' and 'Hong Kong independence.'" Engadget reports: Reversed Front: Bonfire was developed by a group known as ESC Taiwan, who are outspoken critics of the China's Communist Party. The game disappeared from the Apple App Store in Hong Kong less than 24 hours after authorities issued the warning. Google already removed the game from the Play Store back in May, because players were using hate speech as part of their usernames. ESC Taiwan told The New York Times that that the game's removal shows that apps like theirs are subject to censorship in mainland China. The group also thanked authorities for the free publicity on Facebook, as the game experienced a surge in Google searches.

The game uses anime-style illustrations and allows players to fight against China's Communist Party by taking on the role of "propagandists, patrons, spies or guerrillas" from Hong Kong, Taiwan, Tibet, Mongolia and Xinjiang, which is home to ethnic minorities like the Uyghur. That said, they can also choose to play as government soldiers. In its warning, Hong Kong Police said that anybody who shares or recommends the game on the internet may be committing several offenses, including "incitement to secession, "incitement to subversion" and "offenses in connection with seditious intention." Anybody who has downloaded the game will be considered in "possession of a publication that has a seditious intention," and anybody who provides financial assistance to it will be violating national security laws, as well. "Those who have downloaded the application should uninstall it immediately and must not attempt to defy the law," the authorities wrote.

Apple executives defended the company's AI strategy this week after acknowledging that major Siri features announced at last year's Worldwide Developers Conference remain undelivered and were quietly pulled from development plans. Craig Federighi, Apple's senior vice president of software engineering, told the Wall Street Journal that the company is rebuilding Siri from the ground up, admitting that while Apple had working software for the promised features, "it didn't converge in the way quality-wise that we needed it to."

The missing capabilities included Siri's ability to search through apps and respond to on-screen activities, features that were demonstrated a year ago but never shipped to users. In the upcoming iOS 26, Apple has instead incorporated more OpenAI technology, allowing users to interact with ChatGPT through camera and screenshots and generate images using OpenAI's tools. Federighi defended the strategy by comparing Apple's position to the early internet era, when the company focused on making other services accessible rather than building competing platforms.

An anonymous reader quotes a report from TorrentFreak: Fresh data released by piracy tracking outfit MUSO shows that pirate sites remain popular. In a report released today, MUSO reveals that there were 216 billion pirate site visits globally in 2024, a slight decrease compared to the 229 billion visits recorded a year earlier. TV piracy remains by far the most popular category, representing over 44.6% of all website visits. This is followed by the publishing category with 30.7%, with film, software and music all at a respectable distance. Pirate site visitors originate from all over the world, but one country stands tall above all the rest: America. The United States remains the top driver of pirate site traffic accounting for more than 12% of all traffic globally, good for 26.7 billion visits in 2024. India has been steadily climbing the ranks for years and currently sits in second place with 17.6 billion annual visits, with Russia, Indonesia, and Vietnam completing the top five. As a country with one of the largest populations worldwide, it's not a complete surprise that the U.S. tops the list. If we counted visits per internet user, Canada and Ukraine would top the list.

While pirate site visits dipped by more than 5% in 2024, one category saw substantial growth. Visits to publishing-related pirate sites increased 4.3% from 63.6 to 66.4 billion. The increase is largely driven by the popularity of manga, which accounts for more than 70% of all publishing piracy. Traditional book piracy, meanwhile, is stuck at 5%. The publishing piracy boom is relatively new. Over the past five years, the category grew by more than 100% while the overall number of global pirate site visits remained relatively flat. Looking at the global demand, we see that the U.S. also leads the charge here, followed by Indonesia and Russia. Notably, Japan, the home of manga, ranks fifth in the publishing category. This stands out because Japan is not listed in the global top 15 in terms of total pirate site visits.

In the other content categories, MUSO's data shows a dip in pirate site visits. The changes are relatively modest for TV (-6.8%) and software (-2.1%) but the same isn't true for the music and film categories. In 2024, there were 18% fewer visits for pirated movies compared to a year earlier. MUSO notes that this is due to a "lighter blockbuster calendar" which reduced piracy peaks. "The drop in demand is as much about what wasn't released as it is about access," the report explains. The music category saw a 19% decline in piracy visits year over year, with a more uplifting explanation for rightsholders. According to MUSO, the drop can be partly attributed to "secure app ecosystems" and the "wide adoption of licensed platforms like Spotify and Apple Music."

"It is true, Google AI is stomping on the entire internet," writes Slashdot reader TheWho79, sharing a report from the Wall Street Journal. "From HuffPost to the Atlantic, publishers prepare to pivot or shut the doors. ... Even highly regarded old school bullet-proof publications like Washington Post are getting hit hard." From the report: Traffic from organic search to HuffPost's desktop and mobile websites fell by just over half in the past three years, and by nearly that much at the Washington Post, according to digital market data firm Similarweb. Business Insider cut about 21% of its staff last month, a move CEO Barbara Peng said was aimed at helping the publication "endure extreme traffic drops outside of our control." Organic search traffic to its websites declined by 55% between April 2022 and April 2025, according to data from Similarweb.

At a companywide meeting earlier this year, Nicholas Thompson, chief executive of the Atlantic, said the publication should assume traffic from Google would drop toward zero and the company needed to evolve its business model. [...] "Google is shifting from being a search engine to an answer engine," Thompson said in an interview with The Wall Street Journal. "We have to develop new strategies."

The rapid development of click-free answers in search "is a serious threat to journalism that should not be underestimated," said William Lewis, the Washington Post's publisher and chief executive. Lewis is former CEO of the Journal's publisher, Dow Jones. The Washington Post is "moving with urgency" to connect with previously overlooked audiences and pursue new revenue sources and prepare for a "post-search era," he said.

At the New York Times, the share of traffic coming from organic search to the paper's desktop and mobile websites slid to 36.5% in April 2025 from almost 44% three years earlier, according to Similarweb. The Wall Street Journal's traffic from organic search was up in April compared with three years prior, Similarweb data show, though as a share of overall traffic it declined to 24% from 29%. Further reading: Google's AI Mode Is 'the Definition of Theft,' Publishers Say

Connor Jones reports via The Register: Security researchers managed to access the live feeds of 40,000 internet-connected cameras worldwide and they may have only scratched the surface of what's possible. Supporting the bulletin issued by the Department of Homeland Security (DHS) earlier this year, which warned of exposed cameras potentially being used in Chinese espionage campaigns, the team at Bitsight was able to tap into feeds of sensitive locations. The US was the most affected region, with around 14,000 of the total feeds streaming from the country, allowing access to the inside of datacenters, healthcare facilities, factories, and more. Bitsight said these feeds could potentially be used for espionage, mapping blind spots, and gleaning trade secrets, among other things.

Aside from the potential national security implications, cameras were also accessed in hotels, gyms, construction sites, retail premises, and residential areas, which the researchers said could prove useful for petty criminals. Monitoring the typical patterns of activity in retail stores, for example, could inform robberies, while monitoring residences could be used for similar purposes, especially considering the privacy implications. "It should be obvious to everyone that leaving a camera exposed on the internet is a bad idea, and yet thousands of them are still accessible," said Bitsight in a report. "Some don't even require sophisticated hacking techniques or special tools to access their live footage in unintended ways. In many cases, all it takes is opening a web browser and navigating to the exposed camera's interface."

HTTP-based cameras accounted for 78.5 percent of the total 40,000 sample, while RTSP feeds were comparatively less open, accounting for only 21.5 percent.

To protect yourself or your company, Bitsight says you should secure your surveillance cameras by changing default passwords, disabling unnecessary remote access, updating firmware, and restricting access with VPNs or firewalls. Regularly monitoring for unusual activity also helps to prevent your footage from being exposed online.

A NASA-backed project using observations from the James Webb Space Telescope (JWST) has released more than 1.5 TB of data for open science, offering the largest view deep into the universe available to date. From a report: The Cosmic Evolution Survey (COSMOS), a joint project from the University of California, Santa Barbara and Rochester Institute of Technology, has launched a searchable dataset for budding astrophysics enthusiasts worldwide.

As well as a catalog of galaxies, the dataset includes an interactive viewer that users can search for images of specific objects or click them to view their properties, covering approximately 0.54 square degrees of sky with the Near Infrared Camera (NIRCam) and a 0.2 square degree area with the Mid Infrared Instrument (MIRI). Although the raw data was already publicly available to the science community, the aim of the COSMOS-Web project was to make it more usable for other scientists.

Cisco is updating its networking and security products to make AI networks speedier and more secure, part of a broader push to capitalize on the AI spending boom. From a report: A new generation of switches -- networking equipment that links computer systems -- will offer a 10-fold improvement in performance, the company said on Tuesday. That will help prevent AI applications from suffering bottlenecks when transferring data, Cisco said. Networking speed has become a bigger issue as data center operators try to manage a flood of AI information -- both in the cloud and within the companies' own facilities. Slowdowns can hinder AI models, Cisco President and Chief Product Officer Jeetu Patel said in an interview. That applies to the development phase -- known as training -- and the operation of the models, a stage called inference. A massive build-out of data centers has made Cisco more relevant, he said. "AI is going to be network-bound, both on training and inference," Patel said. Having computer processors sit idle during training because of slow networks is "just throwing away money."

Blue Origin is falling far short of its goal to launch the New Glenn rocket eight times in 2025, with its second flight now delayed until at least mid-August. Key leadership changes were also announced, including the departure of the New Glenn program head, as the company faces pressure to increase launch cadence and compete with SpaceX for federal contracts and Amazon's Project Kuiper deployments. Ars Technica reports: The mission, with an undesignated payload, will be named "Never Tell Me the Odds," due to the attempt to land the booster. "One of our key mission objectives will be to land and recover the booster," [chief executive of Blue Origin, Dave Limp] wrote. "This will take a little bit of luck and a lot of excellent execution. We're on track to produce eight GS2s this year, and the one we'll fly on this second mission was hot-fired in April."

In this comment, GS2 stands for "Glenn stage 2," or the second stage of the large rocket. It is telling that Limp commented on the company tracking toward producing eight second stages, which would match the original launch cadence planned for this year. This likely is a fig leaf offered to Bezos, who, two sources said, was rather upset that Blue Origin would not meet (or even approach) its original target of eight launches this year. One person familiar with the progress on the vehicle told Ars that even a launch date in August is unrealistic -- this too may have been set aggressively to appease Bezos -- and that September is probably the earliest the rocket is likely to be ready for launch. Blue Origin has not publicly stated what the payload will be, but this second flight is expected to carry the ESCAPADE mission for NASA.

On May 28, a couple of days after Limp's all-hands meeting, the chief executive emailed his entire team to announce an "organizational update." As part of this, the company's senior vice president of engines, Linda Cova, was retiring. Multiple sources confirmed this retiring was expected and that the company's program to produce BE-4 rocket engines is going well. However, the other name in the email raised some eyebrows, coming so soon after the announcement that New Glenn's cadence would be significantly slower than expected. Jarrett Jones, the senior vice president running the New Glenn program, was said to be "stepping away from his role and taking a well deserved year off" starting on August 15. It is unclear whether this departure was linked to Bezos' displeasure with the rocket program. One company official said Jones' sabbatical had been planned, but the timing is curious. A search for internal and external candidates to fill his role is ongoing.

The Internet Corporation for Assigned Names and Numbers (ICANN) has called for changes to the roster of officials appointed to oversee the forthcoming election at the African Network Information Centre (AFRINIC), the latest twist in a conflict that stretches back years and has left the African regional internet registry in limbo. From a report: AFRINIC is one of the world's five regional internet registries, the governance bodies that delegate and manage IP addresses and autonomous systems numbers in co-ordination with ICANN. The African organization has essentially been dead in the water, operating without a board or CEO since 2022. The problems started in 2020 when AFRINIC alleged that one of its members -- a company called Cloud Innovation -- had breached its agreement with the registry in ways that could lead AFRINIC to reclaim the company's IP address holdings.

Cloud Innovation countered that AFRINIC acted improperly and launched multiple lawsuits in Mauritius, the Indian Ocean nation the registry calls home. Other parties also sued AFRINIC for similar reasons. The lawsuits left AFRINIC's bank accounts frozen and meant it was unable to convene a board or run elections. In February 2025, the Supreme Court of Mauritius appointed a receiver to secure AFRINIC's assets and reconstitute its board.

The Atlantic makes that case that "the foundation of the AI industry is a scam" and that AI "is not what its developers are selling it as: a new class of thinking — and, soon, feeling — machines." [OpenAI CEO Sam] Altman brags about ChatGPT-4.5's improved "emotional intelligence," which he says makes users feel like they're "talking to a thoughtful person." Dario Amodei, the CEO of the AI company Anthropic, argued last year that the next generation of artificial intelligence will be "smarter than a Nobel Prize winner." Demis Hassabis, the CEO of Google's DeepMind, said the goal is to create "models that are able to understand the world around us." These statements betray a conceptual error: Large language models do not, cannot, and will not "understand" anything at all. They are not emotionally intelligent or smart in any meaningful or recognizably human sense of the word. LLMs are impressive probability gadgets that have been fed nearly the entire internet, and produce writing not by thinking but by making statistically informed guesses about which lexical item is likely to follow another.
A sociologist and linguist even teamed up for a new book called The AI Con: How to Fight Big Tech's Hype and Create the Future We Want, the article points out: The authors observe that large language models take advantage of the brain's tendency to associate language with thinking: "We encounter text that looks just like something a person might have said and reflexively interpret it, through our usual process of imagining a mind behind the text. But there is no mind there, and we need to be conscientious to let go of that imaginary mind we have constructed."

Several other AI-related social problems, also springing from human misunderstanding of the technology, are looming. The uses of AI that Silicon Valley seems most eager to promote center on replacing human relationships with digital proxies. Consider the ever-expanding universe of AI therapists and AI-therapy adherents, who declare that "ChatGPT is my therapist — it's more qualified than any human could be." Witness, too, how seamlessly Mark Zuckerberg went from selling the idea that Facebook would lead to a flourishing of human friendship to, now, selling the notion that Meta will provide you with AI friends to replace the human pals you have lost in our alienated social-media age....

The good news is that nothing about this is inevitable: According to a study released in April by the Pew Research Center, although 56 percent of "AI experts" think artificial intelligence will make the United States better, only 17 percent of American adults think so. If many Americans don't quite understand how artificial "intelligence" works, they also certainly don't trust it. This suspicion, no doubt provoked by recent examples of Silicon Valley con artistry, is something to build on.... If people understand what large language models are and are not; what they can and cannot do; what work, interactions, and parts of life they should — and should not — replace, they may be spared its worst consequences.

Mike Judge always seemed to have secret geek sympathies. He co-created the HBO series Silicon Valley, as well as the movie Office Space (reviewed in 1999 by Slashdot contributor Jon Katz).

Now comes the word that besides rebooting Buffy the Vampire Slayer — and an animated scifi/action/horror film called Predator: Killer of Killers — Hulu is also relaunching Judge's animated series King of the Hill on August 4th. And Cinemablend notes they took great pains to ensure the inclusion of internet-loving neighbor Dale Gribble despite the death of voice actor Johnny Hardwick: Co-creators Mike Judge and Greg Daniels joined the cast of returning voice actors for a revealing Q&A at ATX Fest while also revealing longtime cast member Toby Huss took over the role of Dale Gribble... Hardwick passed away in August 2023 at 64, with fans and co-stars paying tribute soon after. It was revealed at the time that he'd recorded some audio for the new season, but it was clear that another actor would be needed to fill those intimidating and conspiracy-obsessed shoes. Among other characters, Huss provided the voice of Cotton Hill and Kahn Sr. in the O.G. run, and feels to me like a natural fit to take over as Dale. And he sounds humbled to have been given the task, telling the ATX Fest crowd:

"Johnny was one-of-a-kind and a wonderful fellow. I'm not trying to copy Johnny...I guess I'm trying to be Johnny. He laid down a really wonderful goofball character...he had a lot of weird heart to him and that's a credit to Johnny. So all I'm trying to do is hold on to his Dale-ness. We love our guy Johnny and it's so sad that he's not here...."

I can already hear Dale himself questioning why he sounds different, and whether or not the government has replaced him with a lizard creature or some other sentient organism... In the immediate aftermath of Johnny Hardwick's death, the word was that the actor had filmed a couple of episodes' worth of material for the Hulu revival, but Mike Judge went on the record at ATX Fest to reveal that initial assessment undershot things entirely. From the voice of Hank Hill himself: "Johnny Hardwick is in six episodes. He's still going to be in the show."
Hulu uploaded the new opening credits to YouTube eight days ago — and it's already been viewed 2.1 million times, attracting 55,000 upvotes and 7,952 comments...

Long-time Slashdot reader theodp shared the official blurb describing the new show: After years working a propane job in Saudi Arabia to earn their retirement nest egg, Hank and Peggy Hill return to a changed Arlen, Texas to reconnect with old friends Dale, Boomhauer and Bill. Meanwhile, Bobby is living his dream as a chef in Dallas and enjoying his 20s with his former classmates Connie, Joseph and Chane.

An anonymous reader quotes a report from BleepingComputer: The FBI is warning that the BADBOX 2.0 malware campaign has infected over 1 million home Internet-connected devices, converting consumer electronics into residential proxies that are used for malicious activity. The BADBOX botnet is commonly found on Chinese Android-based smart TVs, streaming boxes, projectors, tablets, and other Internet of Things (IoT) devices. "The BADBOX 2.0 botnet consists of millions of infected devices and maintains numerous backdoors to proxy services that cyber criminal actors exploit by either selling or providing free access to compromised home networks to be used for various criminal activity," warns the FBI.

These devices come preloaded with the BADBOX 2.0 malware botnet or become infected after installing firmware updates and through malicious Android applications that sneak onto Google Play and third-party app stores. "Cyber criminals gain unauthorized access to home networks by either configuring the product with malicious software prior to the users purchase or infecting the device as it downloads required applications that contain backdoors, usually during the set-up process," explains the FBI. "Once these compromised IoT devices are connected to home networks, the infected devices are susceptible to becoming part of the BADBOX 2.0 botnet and residential proxy services4 known to be used for malicious activity."

Once infected, the devices connect to the attacker's command and control (C2) servers, where they receive commands to execute on the compromised devices, such as [routing malicious traffic through residential IPs to obscure cybercriminal activity, performing background ad fraud to generate revenue, and launching credential-stuffing attacks using stolen login data]. Over the years, the malware botnet continued expanding until 2024, when Germany's cybersecurity agency disrupted the botnet in the country by sinkholing the communication between infected devices and the attacker's infrastructure, effectively rendering the malware useless. However, that did not stop the threat actors, with researchers saying they found the malware installed on 192,000 devices a week later. Even more concerning, the malware was found on more mainstream brands, like Yandex TVs and Hisense smartphones. Unfortunately, despite the previous disruption, the botnet continued to grow, with HUMAN's Satori Threat Intelligence stating that over 1 million consumer devices had become infected by March 2025. This new larger botnet is now being called BADBOX 2.0 to indicate a new tracking of the malware campaign. "This scheme impacted more than 1 million consumer devices. Devices connected to the BADBOX 2.0 operation included lower-price-point, 'off brand,' uncertified tablets, connected TV (CTV) boxes, digital projectors, and more," explains HUMAN.

"The infected devices are Android Open Source Project devices, not Android TV OS devices or Play Protect certified Android devices. All of these devices are manufactured in mainland China and shipped globally; indeed, HUMAN observed BADBOX 2.0-associated traffic from 222 countries and territories worldwide."

An anonymous reader quotes a report from KrebsOnSecurity: Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of Ukrainian Internet address space are now in the hands of shadowy proxy and anonymity services that are nested at some of America's largest Internet service providers (ISPs). The findings come in a report that examines how the Russian invasion has affected Ukraine's domestic supply of Internet Protocol Version 4 (IPv4) addresses. Researchers at Kentik, a company that measures the performance of Internet networks, found that while a majority of ISPs in Ukraine haven't changed their infrastructure much since the war began in 2022, others have resorted to selling swathes of their valuable IPv4 address space just to keep the lights on.

For example, Ukraine's incumbent ISP Ukrtelecom is now routing just 29 percent of the IPv4 address ranges that the company controlled at the start of the war, Kentik found. Although much of that former IP space remains dormant, Ukrtelecom told Kentik's Doug Madory they were forced to sell many of their address blocks "to secure financial stability and continue delivering essential services." "Leasing out a portion of our IPv4 resources allowed us to mitigate some of the extraordinary challenges we have been facing since the full-scale invasion began," Ukrtelecom told Madory.

Madory found much of the IPv4 space previously allocated to Ukrtelecom is now scattered to more than 100 providers globally, particularly at three large American ISPs -- Amazon (AS16509), AT&T (AS7018), and Cogent (AS174). Another Ukrainian Internet provider -- LVS (AS43310) -- in 2022 was routing approximately 6,000 IPv4 addresses across the nation. Kentik learned that by November 2022, much of that address space had been parceled out to over a dozen different locations, with the bulk of it being announced at AT&T. Ditto for the Ukrainian ISP TVCOM, which currently routes nearly 15,000 fewer IPv4 addresses than it did at the start of the war. Madory said most of those addresses have been scattered to 37 other networks outside of Eastern Europe, including Amazon, AT&T, and Microsoft.

Circle Internet Group surged 168% in its NYSE debut, raising nearly $1.1 billion after pricing its IPO at $31 and opening at $69. "At one point, shares traded as high as $103.75," notes CNBC. From the report: The New York-based company priced its IPO late Wednesday far above this week's expected range of $27 to $28, and an initial range last week of between $24 and $26, valuing the company at some $6.8 billion before trading began. Trading volume by the end of the session was about 46 million, far exceeding the number of freely floating shares available for trading.

Circle joins Coinbase, Mara Holdings and Riot Platforms as one of the few pure-play crypto companies to list in the U.S. This marks the company's second attempt at going public. A prior merger with a special purpose acquisition company collapsed in late 2022 amid regulatory challenges. "To realize our vision, we needed to forge relationships with governments, we needed to work with policymakers ... because if you want this to work for mainstream, it's got to work in mainstream society and you need to have those rules of the road," CEO Jeremy Allaire told CNBC's "Money Movers" on Thursday. "We've been one of the most licensed, regulated, compliant, transparent companies in the entire history of this industry, and that's served us well."

China's southernmost province of Hainan is piloting a programme to grant select corporate users broad access to the global internet, a rare move in a country known for having some of the world's most restrictive online censorship, as the island seeks to transform itself into a global free-trade port. From a report: Employees of companies registered and operating in Hainan can apply for the "Global Connect" mobile service through the Hainan International Data Comprehensive Service Centre (HIDCSC), according to the agency, which is overseen by the state-run Hainan Big Data Development Centre.

The programme allows eligible users to bypass the so-called Great Firewall, which blocks access to many of the world's most-visited websites, such as Google and Wikipedia. Applicants must be on a 5G plan with one of the country's three major state-backed carriers -- China Mobile, China Unicom or China Telecom -- and submit their employer's information, including the company's Unified Social Credit Code, for approval. The process can take up to five months, HIDCSC staff said.

California law prohibits "operating" a mobile phone while driving. And that makes it illegal for a driver to hold a cellphone in order to look at a map, a state appeals court ruled this week. From a report: In a 2016 law intended to strengthen previous restrictions, "the Legislature intended to prohibit all handheld functions of wireless telephones while driving" and "to encourage drivers to keep their eyes on the road," said the 6th District Court of Appeal.

A Superior Court panel had reversed a driver's conviction for a traffic infraction and $158 fine in San Jose, ruling that the law prohibited only "actively using or manipulating" a hand-held phone for actions such as talking or listening, browsing the internet or playing video games while driving. The appeals court reinstated the conviction and the fine, in a ruling that could set a statewide standard unless it is narrowed or overturned on appeal.

An anonymous reader quotes a report from Bloomberg: Corporate investigators found evidence that Chinese hackers broke into an American telecommunications company in the summer of 2023, indicating that Chinese attackers penetrated the US communications system earlier than publicly known. Investigators working for the telecommunications firm discovered last year that malware used by Chinese state-backed hacking groups was on the company's systems for seven months starting in the summer of 2023, according to two people familiar with the matter and a document seen by Bloomberg News. The document, an unclassified report sent to Western intelligence agencies, doesn't name the company where the malware was found and the people familiar with the matter declined to identify it.

The 2023 intrusion at an American telecommunications company, which hasn't been previously reported, came about a year before US government officials and cybersecurity companies said they began spotting clues that Chinese hackers had penetrated many of the country's largest phone and wireless firms. The US government has blamed the later breaches on a Chinese state-backed hacking group dubbed Salt Typhoon. It's unclear if the 2023 hack is related to that foreign espionage campaign and, if so, to what degree. Nonetheless, it raises questions about when Chinese intruders established a foothold in the American communications industry. "We've known for a long time that this infrastructure has been vulnerable and was likely subject to attack," said Marc Rogers, a cybersecurity and telecommunications expert. "What this shows us is that it was attacked, and that going as far back as 2023, the Chinese were compromising our telecom companies." Investigators linked the sophisticated rootkit malware Demodex to China's Ministry of State Security, noting it enabled deep, stealthy access to systems and remained undetected on a U.S. defense-linked company's network until early 2024.

A Chinese government spokesperson denied responsibility for cyberattacks and accused the U.S. and its allies of spreading disinformation and conducting cyber operations against China.

"It appears as though Meta (aka: Facebook's parent company) and Yandex have found a way to sidestep the Android Sandbox," writes Slashdot reader TheWho79. Researchers disclose the novel tracking method in a report: We found that native Android apps -- including Facebook, Instagram, and several Yandex apps including Maps and Browser -- silently listen on fixed local ports for tracking purposes.

These native Android apps receive browsers' metadata, cookies and commands from the Meta Pixel and Yandex Metrica scripts embedded on thousands of web sites. These JavaScripts load on users' mobile browsers and silently connect with native apps running on the same device through localhost sockets. As native apps access programmatically device identifiers like the Android Advertising ID (AAID) or handle user identities as in the case of Meta apps, this method effectively allows these organizations to link mobile browsing sessions and web cookies to user identities, hence de-anonymizing users' visiting sites embedding their scripts.

This web-to-app ID sharing method bypasses typical privacy protections such as clearing cookies, Incognito Mode and Android's permission controls. Worse, it opens the door for potentially malicious apps eavesdropping on users' web activity.

While there are subtle differences in the way Meta and Yandex bridge web and mobile contexts and identifiers, both of them essentially misuse the unvetted access to localhost sockets. The Android OS allows any installed app with the INTERNET permission to open a listening socket on the loopback interface (127.0.0.1). Browsers running on the same device also access this interface without user consent or platform mediation. This allows JavaScript embedded on web pages to communicate with native Android apps and share identifiers and browsing habits, bridging ephemeral web identifiers to long-lived mobile app IDs using standard Web APIs. This technique circumvents privacy protections like Incognito Mode, cookie deletion, and Android's permission model, with Meta Pixel and Yandex Metrica scripts silently communicating with apps across over 6 million websites combined.

Following public disclosure, Meta ceased using this method on June 3, 2025. Browser vendors like Chrome, Brave, Firefox, and DuckDuckGo have implemented or are developing mitigations, but a full resolution may require OS-level changes and stricter enforcement of platform policies to prevent further abuse.

T-Mobile announced Tuesday it will expand its fiber internet service to more than 500,000 households nationwide, offering three symmetrical speed tiers with five-year price locks starting June 5th. The plans range from 500 Mbps at $80 monthly to 2 Gbps at $110 monthly, with $5 autopay discounts for debit card payments. The expansion follows T-Mobile's joint venture with fiber provider Lumos and its pending Metronet acquisition, positioning the wireless carrier to reach 12 to 15 million households by 2030 as it challenges AT&T and Verizon's multibillion-dollar fiber investments.