A new hacking group has been rampaging the Internet in a persistent campaign that spreads a self-propagating and never-before-seen backdoor — and curiously a data wiper that targets Iranian machines. The group, tracked under the name TeamPCP, first gained visibility in December, when researchers from security firm Flare observed it unleashing a worm that targeted cloud-hosted platforms that weren’t properly secured. The objective was to build a distributed proxy and scanning infrastructure and then use it to compromise servers for exfiltrating data, deploying ransomware, conducting extortion, and mining cryptocurrency. The group is notable for its skill in large-scale automation and integration of well-known attack techniques.

More recently, TeamPCP has waged a relentless campaign that uses continuously evolving malware to bring ever more systems under its control. Late last week, it compromised virtually all versions of the widely used Trivy vulnerability scanner in a supply-chain attack after gaining privileged access to the GitHub account of Aqua Security, the Trivy creator. Over the weekend, researchers said they observed TeamPCP spreading potent malware that was also worm-enabled, meaning it had the potential to spread to new machines automatically, with no interaction required of victims behind the keyboard. […]

As the weekend progressed, CanisterWorm [as Aikido has named the malware] was updated to add an additional payload: a wiper that targets machines exclusively in Iran. When the updated worm infects machines, it checks if the machine is in the Iranian timezone or is configured for use in that country. When either condition was met, the malware no longer activated the credential stealer and instead triggered a novel wiper that TeamPCP developers named Kamikaze. Eriksen said in an email that there’s no indication yet that the worm caused actual damage to Iranian machines, but that there was “clear potential for large-scale impact if it achieves active spread.”

The cuts, along with more than $500 million in savings from lower contracting and marketing spending and unfilled roles would put the company in “a more stable place,” Sweeney said in a note to employees. […]

“We’ve had challenges delivering consistent Fortnite magic,” Sweeney said, adding “market conditions today are the most extreme” since the early days of the company founded in 1991.

The move marks Epic’s second major round of layoffs in three years. In September 2023, the company cut about 830 jobs, or roughly 16% of its workforce. It was not immediately clear what percentage of staff would be impacted by Tuesday’s announcement.

The U.S. Federal Communications Commission said on Monday it was banning the import of all new foreign-made consumer routers, the latest crackdown on Chinese-made electronic gear over security concerns. China is estimated to control at least 60% of the U.S. market for home routers, boxes that connect computers, phones, and smart devices to the internet. The FCC order does not impact the import or use of existing models, but will ban new ones.

The agency said a White House-convened review deemed imported routers pose “a severe cybersecurity risk that could be leveraged to immediately and severely disrupt U.S. critical infrastructure.” It said malicious actors had exploited security gaps in foreign-made routers “to attack households, disrupt networks, enable espionage, and facilitate intellectual property theft,” citing their role in major hacks like Volt and Salt Typhoon. The determination includes an exemption for routers the Pentagon deems do not pose unacceptable risks.

An appeals court invalidated the Biden-era Federal Trade Commission’s attempt to punish Intuit for allegedly deceptive ads that pitched TurboTax as free. Under then-Chair Lina Khan, the FTC determined in 2024 that the TurboTax maker violated US law with deceptive advertising and ordered it to stop telling consumers, without more obvious disclaimers, that TurboTax or other products are free. The FTC’s chief administrative law judge had previously found that Intuit’s ads violated prohibitions on deceptive advertising because the firm “advertised to consumers that they could file their taxes online for free using TurboTax, when in truth, for approximately two-thirds of taxpayers, the advertised claim was false.”

Intuit appealed in the conservative-leaning US Court of Appeals for the 5th Circuit and got a resounding victory on Friday in a 3-0 ruling issued (PDF) by a panel of judges. “Following the Supreme Court’s decision in SEC v. Jarkesy, we hold that adjudication of a deceptive advertising claim before an administrative law judge violated the constitutional separation of powers,” the 5th Circuit panel said. The Supreme Court’s June 2024 ruling (PDF) in Securities and Exchange Commission v. Jarkesy held that the SEC system for issuing fines violated the right to a jury trial. The 5th Circuit panel said the Jarkesy decision confirms that the FTC must pursue deceptive advertising claims in courts rather than its own administrative process. […]

The 5th Circuit ruling acknowledged that most people can’t use TurboTax for free. “TurboTax ‘Free Edition’ has been part of the TurboTax range for more than a decade, available to taxpayers for what Intuit refers to as ‘simple tax returns,’" the ruling said. “Most American taxpayers do not have ‘simple tax returns.’ The TurboTax website is designed so that any individual taxpayer can begin preparing a tax return in TurboTax Free Edition, but those who enter disqualifying information are prompted before filing to upgrade to a paid product.” Although the court noted that Intuit stopped the specific ads challenged by the FTC, the ruling said the cease-and-desist order issued by the agency could have far-reaching effects on Intuit marketing. “The cease-and-desist order is remarkably broad: it prohibits Intuit for the next twenty years from advertising ‘any goods or services’ as free unless specific, extensive, and arguably unworkable requirements are satisfied. The order is not confined to tax-preparation solutions and extends to all products sold by Intuit,” the ruling said.

The 5th Circuit said the FTC’s deceptive advertising claims are “traditional actions at law and equity and thus involve private rights that demand adjudication in an Article III court.” The court rejected the FTC’s argument that the claims involve public rights that may be adjudicated by administrative agencies. “In sum, there is overwhelming evidence that Section 5 of the FTC Act did not create a new duty for merchants to refrain from deceptive advertising,” the 5th Circuit said. “That duty long predated the FTC Act and could be enforced by private parties in actions at common law or equity for fraud, deceit, or unfair competition.”

Canonical has joined the Rust Foundation as a Gold Member, signaling a deeper investment in the Rust programming language and its role in modern infrastructure. The company already maintains an up-to-date Rust toolchain for Ubuntu and has begun integrating Rust into parts of its stack, citing memory safety and reliability as key drivers. By joining at a higher tier, Canonical is not just adopting Rust but also stepping closer to its governance and long-term direction.

The move also highlights ongoing tensions in Rust’s ecosystem. While Rust can reduce entire classes of bugs, it often depends heavily on external crates, which can introduce complexity and auditing challenges, especially in enterprise environments. Canonical appears aware of that tradeoff and is positioning itself to influence how the ecosystem evolves, as Rust continues to gain traction across Linux and beyond.

Intoxalock, an automotive breathalyzer maker that says it’s used daily by 150,000 drivers across the U.S., last week reported that it had been the target of a cyberattack, resulting in its “systems currently experiencing downtime,” according to an announcement posted to its website. Meanwhile, drivers that use the breathalyzers have reported being stranded due to the devices’ inability to connect to the company’s services. “Our vehicles are giant paperweights right now through no fault of ours,” one wrote on Reddit. “I’m being held accountable at work and feel completely helpless.”

The lockouts appear to be the result of Intoxalock’s breathalyzers needing periodic calibrations that require a connection to the company’s servers. Drivers who are due for a calibration and can’t perform one due to the company’s downtime have been stuck, though the company now states on its website that it’s offering 10-day extensions on those calibrations due to its cybersecurity disruption, as well as towing services in some cases. In the meantime, Intoxalock hasn’t explained what sort of cyberattack it’s facing or whether hackers have obtained any of the company’s user data.

The Trump administration will pay $1 billion to a French company to walk away from two U.S. offshore wind leases as the administration ramps up its campaign against offshore wind and other renewable energy. TotalEnergies has agreed to what’s essentially a refund of its leases for projects off the coasts of North Carolina and New York, and will invest the money in fossil fuel projects instead, the Department of Interior announced Monday.

The Trump administration has tried to halt offshore wind construction, but federal judges overturned those orders. Environmental groups denounced the TotalEnergies deal as an alternate way to block wind projects. President Donald Trump has gone all in on fossil fuels, which he says is the way to lower costs for families, increase reliability and help the U.S. maintain global leadership in artificial intelligence.

TotalEnergies pledged to not develop any new offshore wind projects in the United States. TotalEnergies CEO Patrick Pouyanne said in a statement that the company renounced offshore wind development in the United States in exchange for the reimbursement of the lease fees, “considering that the development of offshore wind projects is not in the country’s interest.” Pouyanne said the refunded lease fees will finance the construction of a liquefied natural gas plant in Texas and the development of its oil and gas activities, calling it a “more efficient use of capital” in the U.S. After it makes those investments, TotalEnergies will be reimbursed, up to the amount paid in lease purchases for offshore wind, according to the DOI.

Although Huang is striking a more conciliatory tone, much of his response is similar to what we heard at GTC [where Huang said gamers were "completely wrong.”] The artist determines the geometry, we are completely truthful to the geometry… so every single frame, it enhances, but it doesn’t change anything.” There was some confusion about how DLSS 5 worked when it was first announced, and although the inner workings of it still aren’t clear on a technical level, Huang has said that it isn’t a general-purpose generative AI model. He describes it as “content-controlled generative AI.” On the other end of the spectrum, Huang also said that it isn’t a post-processing filter. The technical details of DLSS 5 live somewhere between that space, and we likely won’t know them until later this year when the feature is set to release.

“The question about enhancing, DLSS 5… in the future, you could even prompt it. You know, I want it to be a toon shader. I want it to look like this, kind of. You could even give it an example and it would generate in the style of that, all consistent with the artistry, the style, the intent of the artist,” Huang continued. “All of that is done for the artist so they can create something that is more beautiful but still in the style that they want.” Although the talking points about DLSS 5 remain unchanged, it seems that Huang has at least heard the criticism. “I think that they got the impression that the games are going to come out the way the games are… and then we’re going to post-process it. That’s not what DLSS is intended to do.”

Huang also made assertions that DLSS is “integrated” with the artist, and suggested that it would put the power of generative AI in the hands of artists working in game development […]. Although DLSS 5 looks like it’s doing a lot, Huang said that it’s just another tool, not an essential feature. “The gamers might also appreciate that, in the last couple of years, we introduced skin shaders to game developers, and many of those games have skin shaders that include sub-surface scattering that makes skin look more skin-like… [DLSS 5] is just one more tool. They can decide what to use,” Huang ended the conversation about DLSS 5. Immediately after, without missing a beat, he said 1993’s Doom was the most influential video game ever made.

Senators Adam Schiff (D-CA) and John Curtis (R-UT) introduced (PDF) a bill on Monday that could prevent prediction market platforms Kalshi and Polymarket from allowing users to wager money on sports events or play casino-style games. This bipartisan bill would not apply to FanDuel and DraftKings, which are subject to state-by-state gambling laws, rather than federal ones. “Sports prediction contracts are sports bets — just with a different name. And yet, these contracts are currently offered in all fifty states in clear violation of state and federal law,” Schiff said in a statement.

Prediction markets like Kalshi and Polymarket are regulated under the Commodity Futures Trading Commission (CFTC), which is why Schiff and Curtis are able to address them under federal jurisdiction, rather than leaving them to state-regulated sportsbooks. But these senators argue that there isn’t much of a difference in practice between betting on sports via federally or state-regulated apps. Kalshi’s Super Bowl trading volume, for instance, reached over $1 billion this year — a 2700% increase year-over-year. “Too many young people in Utah are getting exposed to addictive sports betting and casino-style gaming contracts that belong under state control, not under federal regulators,” Curtis said in a statement.

Going back to its inaugural deliveries, Wing ferried office supplies across Google’s Mountain View campus in the Bay Area with its automated drones. It was still a startup out of Google’s X, The Moonshot Factory incubator at the time, but early users were already asking for home delivery services, according to Wing. Now, Wing’s latest delivery drones can deliver groceries, food, or whatever else fits in a small package weighing up to five pounds in 30 minutes or less to Bay Area residents.

Apple will make an announcement as soon as March. This will bring ads to search queries within the navigation app, which will operate similar to Google’s advertising system. Retailers and brands will be able to bid for ad spots located against search queries for specific terms, such as types of food or services. The winning bid will be able to show an ad at the top of the results, pointing to a related location for that business.

While Chinese autos hit the highways of Europe, Latin America and even Canada, the U.S. government has effectively banned the cars with tariffs exceeding 100%, out of concerns over data security and protecting American jobs. In places like Europe, a number of Chinese EVs sell at prices under $30,000. Some of those cars include amenities like advanced driving assistance software, a built-in mini fridge, and the option to sing karaoke with your fellow passengers. “The technology they offer for those lower price tags was astounding,” said Clint Simone, senior features editor for car-shopping website Edmunds, who drove several Chinese vehicles while at the CES trade show earlier this year. […]

Consumers have some concerns over allowing Chinese car imports, though, including over data security and protecting U.S. businesses, survey results from The Harris Poll as well as Cox show. Rhett Ricart, an Ohio car dealer who sells several brands, including Ford, Chevrolet and Hyundai, said he has no doubt customers would snap up Chinese models if they became available. He and other dealers don’t want that to happen yet, according to a recent Cox Automotive survey, which found that just 15% of dealers supported the entry of Chinese auto brands into the U.S., and just 26% trust that they would comply with U.S. safety standards.

Not meeting U.S. safety standards is one reason Chinese EVs cannot yet be owned permanently in the U.S. But those obstacles haven’t quieted the buzz. The Cox survey polled 802 U.S. consumers who expect to buy a car in the next two years. Nearly half — 49% — rated Chinese cars as having very good or excellent value, and 40% say they support the idea of Chinese auto brands in the U.S. market. Rich Benoit, a car enthusiast whose YouTube videos reviewing Chinese models garner millions of views, said the most compelling feature is the price. “That’s what a lot of people are looking for: efficient, quiet and low cost,” he said. “They want to ‘get to work— not everyone is a car enthusiast.” He’s considering buying a BYD model in Mexico and driving it across the border. “That’s the only way to get one,” Benoit said. “They’ve been selling in Mexico for years… “I want to own a Chinese EV in America.”

Mark Zuckerberg wants everyone inside and outside his company to eventually have his or her own personal artificial-intelligence agent. He is starting with himself. Zuckerberg, the chief executive of Meta Platforms, is building a CEO agent to help him do his job (source paywalled; alternative source), according to a person familiar with the project. The agent, which is still in development, is currently helping Zuckerberg get information faster — for instance, by retrieving answers for him that he would typically have to go through layers of people to get, the person familiar with the project said.

[…] Use of AI tools has spread quickly through the ranks at Meta — in part because it is now a factor in employees’ performance reviews. Meta’s internal message board is filled with posts from employees sharing new AI use cases they have found and new tools they have built using AI, according to people familiar with the matter. […] Employees have started using personal agent tools such as My Claw that have access to their chat logs and work files and can go talk to colleagues — or their colleagues’ own personal agents — on their behalf, the people said. Another AI tool called Second Brain that is somewhere between a chatbot and an agent is also gaining momentum internally, according to people familiar with the matter. Second Brain was built by a Meta employee on top of Claude and can index and query documents for projects, among other uses. On the internal post announcing it to staff, the employee said it is “meant to be like an AI chief of staff.”

There is even a group on the internal messaging board where employees’ personal agents talk to each other, some of the people said. (Separately, Meta acquired Moltbook, the social-media site for AI agents, and hired its founders in a deal earlier this month.) Meta also recently acquired Manus, a Singapore-based startup that makes personal agents that can execute tasks for its users, and is using the tool internally, some of the people said. Meta recently established a new applied AI engineering organization that is tasked with using AI to help speed up development of the company’s large language models. Those teams will have an ultraflat structure of as many as 50 individual contributors reporting to one manager, The Wall Street Journal previously reported. […] Employees across the company said they have been encouraged to attend AI tutorial meetings several times a week and frequent AI hackathons, and to create their own AI tools to speed up their work.

Starting in November, Walmart offered about 200,000 products through OpenAI’s Instant Checkout. Users could complete purchases inside ChatGPT without visiting Walmart’s site. Daniel Danker, Walmart’s EVP of product and design, said those in-chat purchases converted at one-third the rate of click-out transactions. He called the experience “unsatisfying” and confirmed Walmart is moving away from it.

Instant Checkout was designed to let users complete purchases directly inside ChatGPT without visiting a retailer’s website. However, earlier this month, OpenAI confirmed it was phasing out Instant Checkout in favor of app-based checkout handled by merchants. Walmart will embed its own chatbot, Sparky, inside ChatGPT. Users will log into Walmart, sync carts across platforms, and complete purchases within Walmart’s system. A similar integration is coming to Google Gemini next month.

Leonid Radvinsky, the owner of adult-content platform OnlyFans, has died of cancer at the age of 43, the company said in a statement on Monday. “We are deeply saddened to announce the death of Leo Radvinsky. Leo passed away peacefully after a long battle with cancer,” an OnlyFans spokesperson said. “His family have requested privacy at this difficult time.”


Radvinsky, a Ukrainian-American entrepreneur, acquired Fenix International Limited, the parent company of OnlyFans, in 2018 and served as its director and majority shareholder. He also runs Leo, a venture capital fund he founded in 2009 that focuses primarily on investments in technology companies.