Plex is raising the price of a new Lifetime Plex Pass from $249.99 to $749.99 on July 1. That’s a $500 increase for media server software. Plex says it needs the money for “long-term development” and future features, but a lot of self-hosting folks are already wondering if this is basically a soft way of killing the Lifetime option without officially removing it. At nearly $750, are people just going to move to Jellyfin instead?

The company will also offer digital assistants, known as agents, to automate searches so that someone who may be apartment hunting can be notified of a new listing without opening a real estate site like Zillow. The search features will be powered by a new artificial intelligence model, Gemini 3.5 Flash. Google said the model had improved on creating software code and performing autonomous tasks, worked faster and was less expensive to run than comparable models.

[…] Google is also bringing one of A.I.‘s biggest breakthroughs — software coding — to search. When people research complex topics like astrophysics, Gemini can build interactive graphics and simulations behind the scenes to provide a deeper answer than its previous listing of websites. Google said it was introducing an alternative to the agents powered by Anthropic’s Claude Code and OpenAI’s Codex. Called Gemini Spark, the service is embedded in Gmail, Docs and other Google products, where it can turn meeting notes spread across emails and chats into a single document. It can also read and draft emails.

A proposed merger of the largest utility in the country by market value, NextEra Energy, with the sixth-largest, Dominion, would create a megacompany at a time when data centers and rapid increases in electricity demand are reshaping the industry. The proposal, announced Monday morning and contingent on state and federal regulatory approval, would result in a company that leads in nearly every aspect of the US power and utility industry, including overall electricity generation, natural gas generation, and renewables. The $67 billion deal combines NextEra’s size and reach with Dominion’s positioning as the local utility for the world’s largest concentration of data centers in northern Virginia. But the results are likely bad for consumers and the environment, creating a company with enormous financial and political strength that will be difficult to effectively regulate, according to consumer advocates and analysts.

For perspective, only Exxon Mobil and Chevron would be larger based on market value among US-based energy companies. “Mergers are not about consumers; they’re about shareholders,” said Ari Peskoe, director of the Electricity Law Initiative at Harvard Law School. “For the Dominion shareholders, they are selling their shares at a premium. The executives are getting massive payouts for facilitating this, assuming it all goes through, and obviously NextEra believes the transaction is going to add value to the company. Ratepayers are all an afterthought.” The deal makes financial sense for both companies, said Andrew Bischof, an equity analyst for Morningstar. “We view the transaction as allowing NextEra to accelerate its data center ambitions, which had trailed those of its regulated peers, by using Dominion’s expertise and relationships to expedite NextEra’s data center hub plans,” he said in a note to clients.

NextEra, based in Juno Beach, Florida, includes Florida Power & Light, the largest regulated electricity utility in the state, and NextEra Energy Resources, a wholesale electricity supplier that owns power plants across the nation. Dominion, based in Richmond, Virginia, includes regulated utilities serving much of Virginia, parts of North Carolina and South Carolina, and other assets across the country. The company would be called NextEra Energy, and NextEra CEO John W. Ketchum would serve in the same role after the deal closes. Robert M. Blue, Dominion’s CEO, would be the CEO for regulated utilities for the merged company. The parties said they expect regulatory approvals to take 12 to 18 months. NextEra shareholders would own 74.5 percent and Dominion shareholders would own 25.5 percent, respectively, of the combined company in the all-stock transaction.

Karpathy will start this week on Anthropic’s pre-training team, which is responsible for the massive training runs that give Claude its core knowledge and capabilities, according to Anthropic. Karpathy will help launch a new team focused on using Claude itself to accelerate pretraining research — an increasingly important frontier as AI companies race to automate parts of AI development. “I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D,” Karpathy said in a post on X.

Karpathy is a rare AI figure with credibility across research, industry and education. He was a founding member of OpenAI before serving as Tesla’s director of AI, where he led the computer vision team behind Autopilot. Karpathy coined the term “vibe coding" and recently described himself as being in a “state of AI psychosis” since December — embracing “tokenmaxxing” and aggressively stress-testing frontier models.

The cuts, alongside higher shareholder return targets announced in a strategy update, come as StanChart is at the tail-end of a decade-long effort to transform itself from a potential takeover target to a steadily profitable lender. Its London-listed shares, which have risen 65% in the last 12 months, fell 0.5% in early trading, as analysts said the new targets were at the conservative end of their expectations.

“In a world full of uncertainty, performance may prove more challenging further out,” said Ed Firth, analyst at Keefe, Bruyette & Woods, citing how the bank has benefited in recent years from high interest rates and huge wealth flows. StanChart’s move to streamline operations and rein in costs comes as more global firms slash jobs by deploying AI to improve efficiency. Japanese lender Mizuho in March unveiled up to 5,000 job cuts over a decade. And banks globally are scrambling to integrate frontier AI models and fend off rising cyber threats.

The most affected roles will be in the bank’s back-office centres, including those in Chennai, Bengaluru, Kuala Lumpur and Warsaw, according to Winters. “Of course we’re using AI along the way and AI will be a huge facilitator and enabler of that,” he added, referring to its ongoing revamp to automate more of its core banking system. StanChart said it would deliver over 15% return on tangible equity in 2028, more than three percentage points higher than in 2025, and building to about 18% in 2030.

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history. On May 15, KrebsOnSecurity heard from Guillaume Valadon, a researcher with the security firm GitGuardian. Valadon’s company constantly scans public code repositories at GitHub and elsewhere for exposed secrets, automatically alerting the offending accounts of any apparent sensitive data exposures. Valadon said he reached out because the owner in this case wasn’t responding and the information exposed was highly sensitive.

The GitHub repository that Valadon flagged was named “Private-CISA,” and it harbored a vast number of internal CISA/DHS credentials and files, including cloud keys, tokens, plaintext passwords, logs and other sensitive CISA assets. Valadon said the exposed CISA credentials represent a textbook example of poor security hygiene, noting that the commit logs in the offending GitHub account show that the CISA administrator disabled the default setting in GitHub that blocks users from publishing SSH keys or other secrets in public code repositories. “Passwords stored in plain text in a csv, backups in git, explicit commands to disable GitHub secrets detection feature,” Valadon wrote in an email. “I honestly believed that it was all fake before analyzing the content deeper. This is indeed the worst leak that I’ve witnessed in my career. It is obviously an individual’s mistake, but I believe that it might reveal internal practices.”

This time around Microsoft is refreshing its Surface Pro and Surface Laptop models with Intel’s latest Core Ultra Series 3 processors first, ahead of similar models with Qualcomm’s new Snapdragon X2 processors later this year. The new Surface Pro 12, or as Microsoft calls it the Surface Pro for Business 13-inch (12th Edition), will be available for businesses today, starting at an eye-watering $1,949.99. The base model will include an Intel Core Ultra 5 processor, 16GB of RAM, 256GB of storage, and the regular 13-inch PixelSense LCD display.

Businesses will have to pay extra for models with Intel’s Core Ultra 7 processor, up to 64GB of RAM, and up to 1TB of storage. The top spec Surface Pro 12 with a Core Ultra 7, 64GB of RAM, and 1TB of storage will be priced at $4,399.99, and there are also OLED screen options and models with 5G connectivity. The Surface Pro 12 5G starts at $2,249.99, with a Core Ultra 5, 16GB of RAM, and 256GB of storage. […] Microsoft is also launching two new versions of the Surface Laptop for businesses today. The Surface Laptop 8, or Surface Laptop for Business 13.8 or 15-inch (8th Edition) as Microsoft calls it, will also be available with a range of Intel’s Core Ultra Series 3 chips. It launches alongside a smaller 13-inch model, which is confusingly labeled the Surface Laptop for Business 13-inch (1st Edition).

The 13.8-inch model starts at $1,949.99, and includes Intel’s Core Ultra 5 processor, 16GB of RAM, and 256GB of storage. While Surface devices for businesses have typically had higher pricing than consumer models, the $1,949.99 starting price for a Surface Laptop 8 is almost double the original price of the Surface Laptop 7. RAMageddon really has come for Microsoft’s Surface Pro and Surface Laptop devices, after recent price increases meant the existing consumer models are now $500 more expensive than their original starting price. The max configuration for the 13.8-inch Surface Pro 8 will include a Core Ultra 7, 64GB of RAM, and 1TB of storage for $4,299.99. A similar version of the 15-inch model (with an x7 processor) will be priced at $4,499.99.

Until now, [Lachlan Everson, Microsoft’s Principal Program Manager on Azure’s open-source team] noted, “we had Azure Linux only available to third-party customers through AKS specifically, and that was Azure Linux 3.0.” Going forward, this will be ACL. Everson emphasized that Azure Linux 4.0 is the culmination of years of internal usage and the evolution of the earlier Mariner distribution. “So we’ve been running Azure Linux for many years internally, and we got through to 3.0, and we only allowed it on as a container host on AKS. What we’ve done is make it a general-purpose, so this is all the learnings that we’ve had in the heritage of Mariner.”

Under the hood, Azure Linux 4.0 is based on Fedora Linux and is delivered as an open distribution on GitHub. This code is available now. Yes, Red Hat knows that Microsoft has done this. Everson continued, “So, we made a decision to use Fedora as an upstream, so it’s using RPMs in the Fedora ecosystem. Microsoft curates the packages and the supply chain to fit Azure’s cloud platform.” Microsoft also created “it to be purpose-built for Azure, which integrates vertically into all of our infrastructure to give you the best Azure Linux experience on Azure.” While Azure Linux will ship as a VM image, Microsoft is already preparing a developer-friendly path onto Windows desktops: “And as of today, we have it as a VM image for your VM host on Azure. We’re going to announce WSL images as well.”

While developers will be able to run Azure Linux locally through WSL, Microsoft is not positioning it as a traditional desktop Linux. Asked whether he could run it on his laptop, Everson said: “I will be able to run it on my laptop, or what have you. Yes, on Windows 11.” However, when pressed about a desktop experience, Everson was clear that there are “no plans” for a graphical environment. “It’s optimized for server-side in the cloud,” he said, adding that even on a developer machine, users should expect a lean environment. “Minimal packages, yeah. The idea is that we offer you a consistent experience to do your development on your machine, and that you can take your workloads as you develop them on your machine and run them with VS Code. You can run your applications on that, and know that the platform is the same that you’re running on the cloud, so that you have that kind of consistency between environments.”

Flatcar itself remains the upstream project, but Microsoft is packaging it for Azure customers. Everson described Flatcar as “purpose-built, immutable, secure by default, production-ready operating system, and Azure Container Linux is the productization of that, but we’re still investing in the upstream Flatcar ecosystem and pulling that downstream into a productized exterior experience just for container workloads, so it’s a container hosting in AKS.” To underscore the immutable model, he added that “Everything’s baked in, so there is no package manager. We bake the bits into the immutable, and they’re in the immutable version. So Azure Container Linux is the immutable version. So you shouldn’t be changing any system packages or any application packages. Anything that you need to change is customer workloads run in containers.”

Meta told employees on Monday that it was reassigning 7,000 workers to focus on new initiatives around artificial intelligence, the latest change in a company transformation spurred by the powerful technology. Employees will be moved to four new organizations focused on building new A.I. tools and apps, Janelle Gale, Meta’s head of human resources, said in an internal memo. The organizations will use “A.I. native design structures” and have fewer managers per employee than other parts of the company, she said, adding that company leaders will send details about the new roles on Wednesday. The restructuring “will make us more productive and make the work more rewarding,” Ms. Gale wrote. Meta declined to comment further on the changes.

Seemingly to dispel the notion that these “podcasts” will be AI audio slop, Amazon emphasized that it has deals with major news organizations to ensure “accurate, real-time news and information.” Those include the Associated Press, Reuters, the Washington Post, Time magazine, Forbes, Business Insider, Politico and USA Today; publications from Conde Nast, Hearst and Vox Media; and more than 200 local newspapers across the U.S.

In an example clip shared by Amazon of the new Alexa Podcasts feature, the two AI-generated hosts discuss “the latest music releases.” A male Alexa+ narrator says more than 50% of music listening now comes from unsigned artists. “The monoculture is just gone,” a female-voiced Alexa+ narrator chimes in. The male Alexa+ host says there has been “stoner metal,” indie pop and experimental hip-hop music “all dropping on the same Friday,” and adds, “That’s not chaos — that’s the healthiest the music ecosystem has ever been.”

[…] To use Alexa Podcasts, users can simply tell Alexa what topic they’re curious about and “it does the rest in minutes.” Alexa+ will provide an overview of what it plans to cover, and let you adjust the length and direction before it generates the podcast. When your episode is ready, you’ll get a notification on your Echo Show device and the Alexa app.

Lithuanian space and defense biz Astrolight says that it has commissioned a new optical ground station in Greece that will support ESA-backed CubeSat missions testing laser-based communications between satellites and Earth. The Holomondas Optical Ground Station was built through the PeakSat project, led by the Aristotle University of Thessaloniki with backing from the European Space Agency and Greece’s Ministry of Digital Governance. Its job is to receive data from satellites via infrared laser links rather than the radio systems that space operators have relied on for decades.

PeakSat and ERMIS-3, two Greek CubeSats launched in March under ESA’s wider Greek IOD/IOV mission program, both carry Astrolight’s ATLAS-1 optical communication terminal. Astrolight also built the ground segment, giving the project a fully integrated end-to-end optical communications setup. […] The company says the station uses an 808-nanometer laser beacon and an optical C-band receiver capable of receiving data at up to 2.5 Gbps. Unlike traditional RF systems, optical links use tightly focused infrared beams that are harder to intercept or jam while also supporting significantly higher throughput.

Sony reportedly won’t release its major single-player PlayStation games on PC anymore. According to Bloomberg’s Jason Schreier, Hermen Hulst, who heads up PlayStation’s studios business, informed employees in a town hall on Monday about the change in strategy. Schreier had previously reported on the shift in March, saying that Sony scrapped plans to launch PC versions of last year’s Ghost of Ytei and “other internally developed games.” Online games will still come to multiple platforms following this change in strategy, Schreier reported at the time.

In recent years, Sony has released many of its biggest games on PC, including Spider-Man 2, Ghost of Tsushima, both The Last of Us games, Horizon Zero Dawn Remastered, and multiplayer titles like Helldivers 2 and Marathon. Two years ago, Hulst committed to releasing PlayStation’s live-service games “day and date” on PC and PS5, but its single-player PC releases have been less consistent, with Hulst saying that the company takes a “more strategic approach.”

“The FBI has a crucial need for accessible LPRs to provide a diverse and reliable range of collections across the United States. This data should be available across major highways and in an array of locations for maximum usefulness to law enforcement,” a statement of work, which describes what data the FBI is seeking access to, reads. ALPR cameras generally work by constantly scanning the color, brand, model, and license plate of vehicles that drive by. This creates a timestamped record of where a particular vehicle was at a specific time that law enforcement can then query, effectively letting them see exactly where someone drove across time. The technology has existed for decades, but has become more pervasive in recent years.

The FBI says it is looking for a vendor that will let it log into a Software-as-a-Service system and then query the collected ALPR data with license plate information, a description of the vehicle, a time or date, and geolocation information. The FBI says it is looking for ALPR coverage in the following areas: Eastern 48 (East of the Mississippi River); Western 48 (West of the Mississippi River); Hawaii; Puerto Rico; Alaska; and outlying areas such as Guam, the U.S. Virgin Islands, or Tribal Territories. In effect, the FBI is looking for ALPR data nationwide and even beyond. An attached price template indicates the FBI is willing to pay $6 million for each of those broad areas, bringing the total to $36 million.

The FBI says it intends to award the contract to a single vendor, but if any such vendor is unable to fulfill all of the requirements, the agency may award the contract to up to two vendors. The contract is specifically for the FBI’s Directorate of Intelligence, which oversees the agency’s intelligence mission. The FBI is not only a law enforcement agency, but also part of the Intelligence Community.

At the time, the flaw was assigned the CVE-2020-17103 identifier and reportedly fixed in December 2020. “After investigating, it turns out the exact same issue that was reported to Microsoft by Google project zero is actually still present, unpatched,” explains Chaotic Eclipse. “I’m unsure if Microsoft just never patched the issue or the patch was silently rolled back at some point for unknown reasons. The original PoC by Google worked without any changes.”

BleepingComputer tested the exploit on a fully patched Windows 11 Pro system running the latest May 2026 Patch Tuesday updates. In our test, we used a standard user account, and after running the exploit, it opened a command prompt with SYSTEM privileges, as shown in the image [here]. Will Dormann, principal vulnerability analyst at Tharros, also confirmed the exploit works in his tests on the latest public version of Windows 11. However, he said that the flaw does not work in the latest Windows 11 Insider Preview Canary build.

The exploit appears to abuse how the Windows Cloud Filter driver handles registry key creation through an undocumented CfAbortHydration API. Forshaw’s original report said that the flaw could allow arbitrary registry keys to be created in the .DEFAULT user hive without proper access checks, potentially enabling privilege escalation. While Microsoft reports having fixed the bug as part of its December 2020 Microsoft Patch Tuesday, Chaotic Eclipse now claims the vulnerability can still be exploited.

The Japan Patent Office (JPO) has now made a new monster-catching patent application by Nintendo public. Patent Application No. 2026-019762 covers monster-catching of the kind already asserted against the PC and console versions of Palworld and is from the same patent family as two of the three patents Nintendo is already asserting against Palworld, but with a touchscreen focus. Potential targets are the upcoming Palworld Mobile game and Tencent’s Roco Kingdom: World, which is presently available only in China but likely to expand internationally. Nintendo filed the application this year with a request for a fast-tracked review. The JPO has indeed been quick, and the response is that Nintendo’s application lacks an inventive step over the prior art.

Nintendo already amended the claims in February and can try to amend them again. It can try to persuade the examiner and potentially appeal the decision. But the initial rejection suggests that Nintendo will not obtain the desired touchscreen monster-catching patent quickly. The rejection was communicated on April 24, 2026. Nintendo could abandon the application now, but Nintendo being Nintendo, they are more likely to try to persuade the examiner to arrive at a different conclusion, even though the reasons for the rejection are strong. In many patent examination processes, the initial rejection is essentially just an invitation to present one’s best arguments. Here, however, the rejection notice is so well-reasoned that it will be an uphill battle for Nintendo.