Technology
- Character.ai launches Stories to keep teens engaged as it scales back open-ended chat for under-18s
- 3 of the best Disney+ movies to stream in December 2025, including an 80s sci-fi classic
- Nvidia admits the $100bn 'biggest AI infrastructure project in history' OpenAI deal still isn't finalized
- The search for transparency and reliability in the AI era
- New Windows 11 'PC you can talk to' ad pushing Copilot is proving divisive – and I can see it seriously backfiring
Custom Search
News
- Your glitchy video calls may make people mistrust you
- One year on from martial law crisis, South Korea celebrates its democracy's resilience
- Dems seek to limit who can be immigration judges. And, the GOP wins House election
- A Palestinian convicted in bombing plot is now an award-winning novelist, and free
- Belgium rejects EU plan to use frozen Russian assets for Ukraine
Technology
Reviews
- I tested this genuine leather office chair - and the Eureka Ergonomic Nox is the perfect fit for executives
- Octopath Traveler 0 is yet another fantastic RPG for the series, but it’s less Octopath than ever
- Can’t wait for Virgin River season 7? Watch new Netflix Christmas movie My Secret Santa – you won’t be disappointed
- FiiO's wired FT13 over-ear headphones offer unique design and an organized sound, they just lack a bit of bite
- Metroid Prime 4: Beyond was worth the wait – even if it occasionally gets lost in the desert
New forum topics
Today's NYT Connections Hints, Answers and Help for Aug. 14, #795
Here are some hints and the answers for the NYT Connections puzzle No. 795 for Thursday, Aug. 14.
Categories: Technology
Today's Wordle Hints, Answer and Help for Aug. 14, #1517
Here are hints and the answer for today's Wordle for Aug. 14, No. 1,517
Categories: Technology
Best Budget Earbuds for 2025: Cheap Wireless Picks
An increasing number of cheap true-wireless earbuds deliver surprisingly good performance. Based on my extensive hands-on testing, these are my current top bargain picks that cost less than $100.
Categories: Technology
Best Internet Providers in Charlotte, North Carolina
AT&T Fiber is our top ISP recommendation in Charlotte. However, there are more options if you want to explore.
Categories: Technology
New Study Shows Smartwatch Stress Sensors Have No Idea What They're Doing
Dutch researchers found that not only are stress sensors inaccurate, but they sometimes report the opposite of user experiences.
Categories: Technology
AI Company Tensor Debuts a Robocar You Can Own
The vehicles are slated to ship next year.
Categories: Technology
AI Agents Make Up a Third of All Search Traffic Toward Brands, Report Says
As people turn to AI for shopping research and recommendations in large numbers, brands will start optimizing for AI tools.
Categories: Technology
Docker could still be hosting a whole load of potentially malicious images - putting users at risk
- XZ-Utils backdoor was found over a year ago
- Despite warnings, some Linux images still contain it
- Debian won't budge as the images are "historical artifacts"
At least 35 Linux images hosted on Docker Hub contain dangerous backdoor malware, which could put software developers and their products at risk of takeover, data theft, ransomware, and more.
At least some of the images, however, will remain on the site and will not be removed, since they are outdated anyway and shouldn’t be used.
In March 2024, the open source community was stunned when security researchers spotted “XZ Utils”, a piece of malicious code, in the upstream xz-utils releases 5.6.0 and 5.6.1 (the liblzma.so library) that briefly propagated into some Linux distro packages (not their stable releases). The backdoor was inserted by a developer named ‘Jia Tan’ who, in the two years leading up to that moment, built significant credibility in the community through various contributions.
Debian, Fedora, and othersNow, security researchers at Binarly have said malicious xz-utils packages containing the backdoor were distributed in certain branches of several Linux distributions, including Debian, Fedora and OpenSUSE.
“This had serious implications for the software supply chain, as it became challenging to quickly identify all the places where the backdoored library had been included.” “This had serious implications for the software supply chain, as it became challenging to quickly identify all the places where the backdoored library had been included.”
Binarly's experts are now saying several Docker images, built around the time of the compromise, also contain the backdoor. It says that at first glance, it might not seem alarming since if the distribution packages were backdoored, then any Docker images based on them would be backdoored, as well.
However, the researchers said some of the compromised images are still available on Docker Hub, and were even used in building other images which have also been transitively infected. Binarly said it found “only” 35 images because it focused solely on Debian images:
“The impact on Docker images from Fedora, OpenSUSE, and other distributions that were impacted by the XZ Utils backdoor remains unknown at this time.”
Debian said it wouldn’t be removing the malicious images since they’re outdated anyway and shouldn’t be used. They will be left as “historical artifacts”.
Via BleepingComputer
You might also like- Latest Ubuntu beta and other Linux distros delayed by xz-utils security issues
- Take a look at our guide to the best authenticator app
- We've rounded up the best password managers
Categories: Technology
Humidifier vs. Purifier: How to Pick the Right Option for Yourself
Humidifiers and air purifiers can both help prevent certain indoor allergies and these are the best options for you.
Categories: Technology
Pages
Custom Search