Square has agreed to buy a majority stake in Tidal, the streaming music service led by rapper Jay-Z, as part of an effort to expand the company's suite of financial tools to musicians and emerging artists. From a report: Square will pay $297 million in a mix of cash and stock to become Tidal's "significant majority" owner, though Jay-Z and Tidal's other existing artist-shareholders will retain some ownership in the company. Tidal will operate independently within Square, according to a company release, and Jay-Z will join Square's board of directors. "New ideas are found at intersections, and we believe there's a compelling one between music and the economy," Square Chief Executive Officer Jack Dorsey said in a prepared statement. Bloomberg News previously reported that Dorsey and Jay-Z, who are friends, had discussed a potential deal. It's not immediately clear how Square will help Tidal build its business, but there is a lot of overlap between the music industry and Square's existing market, which includes payments and commerce, says Jesse Dorogusker, the Square executive who will serve as interim leader of Tidal inside its new parent company.

Read more of this story at Slashdot.

SpaceX has launched another batch of its Starlink satellites -- the usual complement of 60 of the low Earth orbit spacecraft, which will join the more than 1,000 already making up the existing constellation. This is the fifth launch of Starlink satellites for SpaceX this year, and the 20th overall. From a report: Earlier this year, SpaceX opened up Starlink access to anyone in a current or planned service area via a pre-order reservation system with a refundable up-front deposit. The company aims to continue launches like this one apace throughout 2021 in order to get the constellation to the point where it can serve customers over a much larger portion of the globe. SpaceX COO and President Gwynne Shotwell has previously said that the company expects it should have coverage over much of the globe at a constellation size of around 1,200 satellites, but the company has plans to launch more than 30,000 to fully build out its network capacity and speed. While SpaceX is making good progress on Starlink with its Falcon 9 launcher, it's also looking ahead to Starship as a key driver of the constellation's growth. Starship, SpaceX's next-generation launch vehicle currently under development in South Texas, will be able to deliver 400 Starlink satellites at a time to orbit, and it's also being designed with full reusability and fast turnaround in mind.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: US President Joe Biden has made the shift to electric vehicles an early focus of his administration. Days after his inauguration, he vowed to replace hundreds of thousands of federal civilian vehicles with electric versions. On Tuesday, Biden held a virtual meeting with CEOs from companies building charging infrastructure. The administration has set a goal to build more than 500,000 new electric vehicle charging stations by 2030. Also on Tuesday, a coalition of six electric utilities announced a new initiative that will help Biden achieve his goal. The companies are planning to build a "seamless network of charging stations" in and around the American South. The group plans to build chargers near major highways in every southern state, stretching as far west as Texas and as far north as Indiana, Ohio, and Virginia. This is not a joint venture. Each utility will build and run its own charging stations. But the goal is to make them appear to the customer as a unified network.

Read more of this story at Slashdot.

The first space hurricane ever was spotted in August 2014, consisting of "an eddy of plasma, a type of superhot, charged gas found throughout the solar system," reports Business Insider. "And instead of rain, this storm brought showers of electrons." From the report: In August 2014, satellites observed a swirling mass with a quiet center more than 125 miles above the North Pole. The space hurricane was more than 620 miles wide and high in the sky -- it formed in the ionosphere, between 50 and 600 miles up. Lockwood and his coauthors used the satellite data to create a 3D model of the storm. The space hurricane lasted eight hours, swirling counterclockwise. The researchers said it had several spiral arms snaking out from its center, a bit like a spiral galaxy. By plugging the satellite data into a computer model, Lockwood and his collaborators were able to reproduce the storm and figure out what caused it. They found that charged particles emitted by the sun's upper atmosphere, the corona, were to blame. This steady stream of solar particles and coronal plasma is known as solar wind. It moves at about 1 million miles an hour. As solar wind reaches Earth, it encounters the planet's magnetic field. Earth has such a field because of the swirling liquid iron and nickel in its outer core, which gives rise to electric currents. The magnetosphere protects the planet from deadly radiation from the sun but also retains a tiny layer of plasma from that solar wind. Typically, solar winds glance off this protective sheath. But sometimes the incoming charged particles and plasma interact with either the trapped plasma or the electrical currents generating the field. Such interactions create disturbances in the magnetosphere. The 2014 space hurricane was one such disturbance. Usually, magnetic fields don't mix. But if they do come close, portions of the fields can get realigned and even merge, forming a new pattern of magnetic energy. That's what likely happened on the day of the space storm: An influx of solar wind energy formed a new pattern above Earth's magnetic north pole. The storm acted as a channel from space into Earth's atmosphere, funneling some electrons down past the planet's armor. This particle rain could have wreaked havoc on our high-frequency radio communications, radar-detection systems, or satellite technology, the study's authors said. That's because charged solar particles that seep through Earth's magnetic field can cause malfunctions in computers and circuitry on satellites and the International Space Station. Luckily, in this case, no issues were observed.

Read more of this story at Slashdot.

An anonymous reader quotes a report from NBC News: The U.S. has issued an emergency warning after Microsoft said it caught China hacking into its mail and calendar server program, called Exchange. The perpetrator, Microsoft said in a blog post, is a hacker group that the company has "high confidence" is working for the Chinese government and primarily spies on American targets. The latest software update for Exchange blocks the hackers, prompting the U.S. Cybersecurity and Infrastructure Security Agency to issue a rare emergency directive that requires all government networks do so. CISA, the U.S.'s primary defensive cybersecurity agency, rarely exercises its authority to demand the entire U.S. government take protective steps to protect its cybersecurity. The move was necessary, the agency announced, because the Exchange hackers are able "to gain persistent system access." All government agencies have until noon Friday to download the latest software update. In a separate blog post, Microsoft Vice President Tom Burt wrote that the hackers have recently spied on a wide range of American targets, including disease researchers, law firms and defense contractors. There was no immediate indication that the hack led to significant exploitation of U.S. government computer networks. But the announcement marks the second instance in recent months that the U.S. scrambled to address a widespread hacking campaign believed be the work of foreign government spies.

Read more of this story at Slashdot.

A SpaceX rocket prototype, known as SN10, soared over South Texas during test flight Wednesday before swooping down to a pinpoint landing near its launch site. Approximately three minutes after landing, however, multiple independent video feeds showed the rocket exploding on its landing pad. CNN reports: SpaceX's SN10, an early prototype of the company's Starship Mars rocket, took off around 5:15 pm CT and climbed about six miles over the coastal landscape, mimicking two previous test flights SpaceX has conducted that ended in an explosive crash. Wednesday marked the first successful landing for a Starship prototype. "We've had a successful soft touch down on the landing pad," SpaceX engineer John Insprucker said during a livestream of the event. "That's capping a beautiful test flight of Starship 10." It was unclear what caused the rocket to explode after landing, and the SpaceX livestream cut out before the conflagration. He added that SpaceX has several other prototypes already in production and the next, SN11, will be ready to roll out for another test flight 'in the near future." SpaceX's first launch attempt on Wednesday, around 3 pm CT, was aborted at the last tenth of a second. SpaceX CEO Elon Musk said in a tweet that the abort was triggered by pre-set standards around the rocket's thrust, which Musk described as "slightly conservative." He added that the company would increase the rocket's thrust limit, giving the rocket more wiggle room for getting a go-ahead for liftoff. The company then recycled the SN10's fuel ahead of the second, successful attempt.

Read more of this story at Slashdot.

mi shares a report from ScienceAlert: The marshmallow test, or Stanford marshmallow experiment, is pretty straightforward. A child is placed in a room with a marshmallow. They are told, if they can manage not to eat the marshmallow for 15 minutes, they'll get a second marshmallow, and be allowed to eat both. This ability to delay gratification demonstrates cognitive abilities such as future planning, and it was originally conducted to study how human cognition develops; specifically, at what age a human is smart enough to delay gratification if it means a better outcome later. Because it's so simple, it can be adjusted for animals. Obviously you can't tell an animal they'll get a better reward if they wait, but you can train them to understand that better food is coming if they don't eat the food in front of them straight away. [...] The researchers found that all of the cuttlefish in the test condition decided to wait for their preferred food (the live shrimp), but didn't bother to do so in the control group, where they couldn't access it. "Cuttlefish in the present study were all able to wait for the better reward and tolerated delays for up to 50-130 seconds, which is comparable to what we see in large-brained vertebrates such as chimpanzees, crows and parrots," the researchers said. The other part of the experiment was to test how good the six cuttlefish were at learning. They were shown two different visual cues, a grey square and a white one. When they approached one, the other would be removed from the tank; if they made the "correct" choice, they would be rewarded with a snack. Once they had learnt to associate a square with a reward, the researchers switched the cues, so that the other square now became the reward cue. Interestingly, the cuttlefish that learnt to adapt to this change the quickest were also the cuttlefish that were able to wait longer for the shrimp reward. The team's research has been published in Proceedings of the Royal Society B.

Read more of this story at Slashdot.

MojoKid writes: AMD announced a new member of its Radeon RX 6000 series graphics card line-up today, dubbed Radeon RX 6700 XT. Based on AMD's RDNA 2 GPU architecture, the Radeon RX 6700 XT targets high frame rate 1440p gaming at max image quality with an MSRP of $479. The new GPU has 40 Compute Units (CUs) with 40 Ray Tracing Accelerators, 96MB of on-chip Infinity Cache, and 12Gb of GDDR6 memory. Game Clocks of up to 2424MHz will be possible and board power is rated for 230 watts. Versus NVIDIA's current competitive offerings, AMD is claiming wins for the Radeon RX 6700 XT across many titles at 1440p/max settings versus the GeForce RTX 3060 Ti and RTX 3070, but with the added benefit of a larger 12GB frame buffer, which should add a measure of future-proofing as games get more graphically complex. Finally, AMD also revealed that it will be doing something a bit different with the launch of the Radeon RX 6700 XT. AMD-built reference cards will be available directly from AMD.com and numerous partner boards will be available from retailers and system builders, all on March 18th.

Read more of this story at Slashdot.

An anonymous reader quotes a report from MacRumors: Apple this week introduced a new service that's designed to make it quick and easy for iCloud users to transfer their stored photos and videos to Google Photos. As outlined in an Apple support document, you can go to Apple's privacy website and sign in to see the "Transfer a copy of your data" option. If you select this and go through all the steps, Apple will transfer your iCloud photos and videos to Google Photos. Transferring photos and videos from iCloud Photos does not remove the content you have stored with Apple, but it provides a backup method and stores a copy of the content on Google Photos. The transfer process takes between three and seven days, with Apple verifying that the request was made by you. To do the transfer, you must have two-factor authentication turned on for your Apple ID account and you must have a Google Photos account with enough storage to complete the transfer. Smart Albums, Live Photos, photo stream content, some metadata, and some RAW photos are not able to be transferred.

Read more of this story at Slashdot.

Facebook will lift its ban on political ads on Thursday, ending a self-imposed prohibition that began immediately after the November 2020 general election and remained active for months. Politico reports: Facebook informed top political advertisers of its decision by phone and email on Wednesday, according to sources with knowledge of the announcement. The social media giant banned political and social issue-related ads in early November in an effort to curb misinformation around the general election. But the pause on political ads extended deep into the first months of the Biden administration, only partially lifted ahead of the Georgia Senate runoffs in early January. Facebook will now return political ads to its platform, one of the largest and most cost-effective ways for campaigns to reach voters and potential supporters. Digital strategists in both parties were sharply critical of Facebook's decision to cut off access to voters for the last several months, upending off-year campaign strategies. In an email sent to clients on Wednesday, Facebook representatives said, "while we are lifting the ad pause, our work is not over." "For the past several years, we invested heavily to fight misinformation, voter suppression and election interference, and remain committed to removing and reducing this type of content while connecting people with reliable information across our apps," the email continued, signed by two Facebook partners. "As a result, we plan to use the coming months to take a closer look at how these ads work on our service to see where further changes may be merited."

Read more of this story at Slashdot.

Are the TikTok deepfake videos of Tom Cruise doing magic and playing golf a threat to global democracy? Not exactly. "[T]he reality is that they took a lot of time, technical expertise, and the skilled performance of a real actor," reports VICE News. "Rather than predicting a dark future of disinformation for the masses, they're simply another example of what can be done with significant time and resources." From the report: The Tom Cruise videos, posted on the @deeptomcruise TikTok account, have been viewed over 11 million times on the app and millions more times on other platforms. The videos were suddenly deleted from the TikTok account on Wednesday morning, shortly after VICE News contacted the people who produced them. They show the fake Cruise playing golf, falling over while telling a story about former Soviet leader Mikhail Gorbachev, and finally, doing a close-up magic trick with a coin. There's no question the videos are really good. When scanned through several of the best publicly available deepfake detection tools, they avoided discovery. That led many to claim that a new threshold had been reached in deepfake sophistication, and that social media would soon be overwhelmed with similar videos. But that kind of analysis fails to take into account the amount of time, money, and skill it took to produce these videos. They are the work of Belgian visual effects artist Chris Ume, who is part of a group known as Deep Voodoo Studio, a team of the world's best deepfake artists assembled by the creators of the hit TV show "South Park," Trey Parker and Matt Stone. The team worked with English actor Peter Serafinowicz to produce a 2020 YouTube show called "Sassy Justice," which featured multiple deepfakes of celebrities and politicians. The Tom Cruise TikTok videos required not only the expertise of Ume and his team but also the cooperation of Miles Fisher, a well-known Tom Cruise impersonator who was behind a viral video in 2019 that purported to show Cruise announcing his candidacy for the 2020 election. Ume has even detailed some of the highly complex and involved technical processes he had to go through to produce previous deepfakes.

Read more of this story at Slashdot.

Okta, whose cloud software allows office workers to access all of their apps through a secure online service, said on Wednesday that it's spending $6.5 billion to acquire rival Auth0. CNBC reports: Okta's shares plunged about 13% in extended trading after the announcement. The all-stock deal equals about 21% of Okta's market cap as of Wednesday's close. Okta said it expects the transaction to close by the end of July. Okta co-founder and CEO Todd McKinnon was previously a vice president at Salesforce, working under Marc Benioff for over five years. McKinnon is now taking a page from Benioff's playbook, paying up for acquisitions while still focusing on internal growth. McKinnon wrote in a blog post that Auth0 will continue to operate independently. He said Auth0 CEO Eugenio Pace for years, calling him "an enthusiastic ally in establishing identity as a primary cloud." "Both Eugenio and I have devoted our careers to identity because we know that selecting an identity platform is one of the most critical technology investments an organization can make." McKinnon wrote.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TorrentFreak: Peter Sunde is one of the original Pirate Bay founders, but in recent years he's mostly known for his role in various Internet-related startups. This includes domain registrar Sarek, for which Sunde tried to get ICANN accreditation. However, this request was denied, apparently due to Sunde's "uncomfortable" background. Needless to say, Sunde was disappointed with the decision and he took his frustration to Twitter a few days ago. Initially, he assumed that the application was denied because ICANN concluded that he 'lied' about his background. The accreditation form requires applicants to tick a box if they have been convicted for fraud or something similar. Sunde didn't tick this box, as he was convicted for criminal copyright infringement. This 'error' was swiftly noticed by ICANN, which is also uneasy with other parts of the Pirate Bay founder's history. "After the background check I get a reply that I've checked the wrong boxes," Sunde wrote. "Not only that, but they're also upset I was wanted by Interpol." The Twitter thread didn't go unnoticed by ICANN who contacted Sunde over the phone to offer clarification. As it turns out, the 'wrong box' issue isn't the main problem, as he explains in a follow-up Twitter thread. "I got some sort of semi-excuse regarding their claim that I lied on my application. They also said that they agreed it wasn't fraud or similar really. So both of the points they made regarding the denial were not really the reason," Sunde clarifies. Over the phone, ICANN explained that the matter was discussed internally. This unnamed group of people concluded that the organization is 'not comfortable' doing business with him. "They basically admitted that they don't like me. They've banned me for nothing else than my political views. This is typical discrimination. Considering I have no one to appeal to except them, it's concerning, since they control the actual fucking center of the internet." Making matters worse, ICANN will also keep the registration fee, so this whole ordeal is costing money as well.

Read more of this story at Slashdot.

Samsung has announced imminent availability (most models will start shipping this month) for its high-end Micro LED and Mini LED TV lineup. ArsTechnica adds: We'll get to Micro LED in a minute, but let's start with the mainstream high end, which comprises the Mini LED TVs. Samsung is giving these a proprietary "Neo QLED" label. The top-end QN900A is the most tricked-out 8K option, with 65-inch ($5,000), 75-inch ($7,000), and 85-inch options ($9,000). One step down while keeping the 8K banner flying is the QN800A, offered in the same sizes but at $3,500, $4,700, and $6,500, respectively. Since there's hardly any 8K content out there to enjoy, most people who aren't just looking for bragging rights will want to opt for the 4K models. The flagship there is the QN90A, at 55 inches ($1,800), 65 inches ($2,600), 75 inches ($3,500), and 85 inches ($5,000). One step down gets you the QN85A, which comes in the same sizes as the QN90A at $1,600, $2,200, $3,000, and $4,500. While much of the hype in the world of TVs is currently focused on OLED, Samsung's LCD TVs remain the bestselling TVs in many regions, and in-depth technical reviewers like Rtings pretty consistently name Samsung's sets as the best non-OLED ones available in terms of picture quality, albeit not always in bang-for-buck. Samsung doesn't even make OLED TVs, though it produces OLED panels for other products. And to potentially battle OLED in the long term, Samsung is relying on Micro LED technology, which has individually emissive pixels just like OLED does. That means Micro LED matches OLED's chief advantage, which is that pixels of maximum brightness appear right next to pixels that are completely black. But Samsung claims the burn-in risk associated with OLED is not a factor in the same way with Micro LED. Plus, OLED TVs have been knocked for not matching the HDR peak brightness of the best traditional LED TVs. Micro LED is said to combine the best of both worlds: perfect blacks with very high peak brightness and all the granularity you'd expect in between. Micro LED TVs have been talked up as the future TV tech for years, and they've been commercially available in very limited contexts before, but this year marks Samsung's first quasi-mainstream attempt to sell a bunch of them. They still won't be for everyone, though. They're sure to be colossally expensive for one thing, but they'll also only come in 110- and 99-inch sizes to start. Later, we'll get 88- and 76-inch sizes, but even those are bigger than most people's living rooms can accommodate. So for its more mainstream flagship TVs, Samsung is leaning on Mini LED, which is not the same as similarly named Micro LED. Mini LED TVs are still fundamentally the same technology as any other LCD TV the company has sold for years, but with a new approach that allows much more granular backlighting to reduce blooming around bright objects and other problems associated with LCD TVs while still delivering strong peak brightness.

Read more of this story at Slashdot.

An anonymous reader shares a report: When Rehoboth McKinley Christian Health Care Services in Gallup, New Mexico, was hit with a cyberattack earlier this year, the hospital's staff had to revert to pen and paper to keep things running. Publicly available details about the hack are scarce, and the hospital has declined to comment beyond confirming that the security breach briefly forced its staff off its computers. But sensitive employee files posted online by a hacker group known for ransomware attacks and seen by NBC News indicated just how deep an attack the hospital had suffered: files on everything from job applications and background checks to staff injury reports. Ransomware attacks, in which hackers gain access to a private system to hold it hostage for payment, have been a problem for businesses for more than three years. Some hospitals have poor cybersecurity, and unscrupulous gangs see them as potentially flush with cash and easily coerced with the threat of leaked patient data. Last year, at least 560 health care facilities were infected with ransomware, according to a survey from the cybersecurity company Emsisoft. In October, amid a particularly brutal wave of attacks, several federal agencies issued warnings of "an increased and imminent cybercrime threat" to hospitals. An advisory from the American Hospital Association laid out how the Covid-19 pandemic had encouraged cybercriminals "to exploit, victimize and profit" from ransomware attacks.

Read more of this story at Slashdot.

Social media app Parler has dropped its federal case against Amazon.com for cutting off its web-hosting services and filed a separate lawsuit against the company and its web services unit in a Washington state court, according to court documents from late Tuesday. From a report: The new lawsuit filed by Parler accused Amazon of defamation and breach of contract. Parler, an app popular among American right-wing users, came back online last month after going dark in January as many service providers pulled back support, accusing it of failing to monitor violent content related to the Jan. 6 attack on the U.S. Capitol, the nation's legislative seat, by supporters of then-President Donald Trump. Parler sued Amazon, accusing it of making an illegal, politically motivated decision to shut it down to benefit Twitter but a U.S. judge rejected its demand that Amazon restore services for the platform later in January. A month later, Parler re-launched its services online and said the new platform was built on "sustainable, independent technology."

Read more of this story at Slashdot.

The Arizona House of Representatives just passed landmark app store legislation in a 31-29 vote on Wednesday that could have far-reaching consequences for Apple and Google and their respective mobile operating systems. From a report: The legislation, a sweeping amendment to Arizona's existing HB2005 [PDF], prevents app store operators from forcing a developer based in the state to use a preferred payment system, putting up a significant roadblock to Apple and Google's ability to collect commissions on in-app purchases and app sales. It will now head to the state senate, where it must pass before its sent to Arizona Gov. Doug Ducey. The amendment specifically prohibits stores exceeding 1 million downloads from requiring "a developer that is domiciled in this state to use a particular in-application payments system as the exclusive mode of accretive payments from a user." It also covers users living in Arizona from having to pay for apps using exclusive payment systems. The bill specifically exempts game consoles "and other special-purpose devices that are connected to the internet," and it also bars companies like Apple and Google from retaliating against developers who choose to use third-party payment systems.

Read more of this story at Slashdot.

Microsoft's newest Garage app, the company's brand for more experimental apps, is Group Transcribe, which lets groups of people capture real-time collective meeting transcriptions using their phones. It's available for free right now on iOS. From a report: "This app uses a multi-device approach to provide real-time, high quality transcription and translation, so users can be more present and productive during in-person meetings and conversations," Microsoft's Lainie Huston said in a blog post. Here's how it works. Everyone who wants to participate in the group transcription needs to download the Group Transcribe app. Then, one person kicks off a transcription, and they can invite others to join by sharing a five-letter conversation code, a QR code, or by joining the group transcription with nearby sharing over Bluetooth. Then, the app will begin transcribing the group's conversation, noting who said what. Group Transcribe can even also auto-translate things people say and show those translations in line as part of the transcription. Transcriptions are saved in the app so you can review or share them after a meeting.

Read more of this story at Slashdot.

Japanese billionaire Yusaku Maezawa on Wednesday launched a search for eight people to join him as the first private passenger on a trip around the moon with Elon Musk's SpaceX. He had originally planned to invite artists for the weeklong voyage slated for 2023. Reuters reports: The rejigged project will "give more people from around the globe the chance to join this journey. If you see yourself as an artist, then you are an artist," Maezawa said. The first stage of the application process runs to March 14. The entrepreneur, who sold his online fashion business Zozo Inc to SoftBank in 2019, is paying the entire cost of the voyage on SpaceX's next-generation reusable launch vehicle, dubbed the Starship.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Over the weekend, word emerged that a hacker breached far-right social media website Gab and downloaded 70 gigabytes of data by exploiting a garden-variety security flaw known as an SQL injection. A quick review of Gab's open source code shows that the critical vulnerability -- or at least one very much like it -- was introduced by the company's chief technology officer. The change, which in the parlance of software development is known as a "git commit," was made sometime in February from the account of Fosco Marotto, a former Facebook software engineer who in November became Gab's CTO. On Monday, Gab removed the git commit from its website. Below is an image showing the February software change, as shown from a site that provides saved commit snapshots. The commit shows a software developer using the name Fosco Marotto introducing precisely the type of rookie mistake that could lead to the kind of breach reported this weekend. Specifically, line 23 strips the code of "reject" and "filter," which are API functions that implement a programming idiom that protects against SQL injection attacks. This idiom allows programmers to compose an SQL query in a safe way that "sanitizes" the inputs that website visitors enter into search boxes and other web fields to ensure that any malicious commands are stripped out before the text is passed to backend servers. In their place, the developer added a call to the Rails function that contains the "find_by_sql" method, which accepts unsanitized inputs directly in a query string. Rails is a widely used website development toolkit. "Sadly Rails documentation doesn't warn you about this pitfall, but if you know anything at all about using SQL databases in web applications, you'd have heard of SQL injection, and it's not hard to come across warnings that find_by_sql method is not safe," Dmitry Borodaenko, a former production engineer at Facebook who brought the commit to my attention wrote in an email. "It is not 100% confirmed that this is the vulnerability that was used in the Gab data breach, but it definitely could have been, and this code change is reverted in the most recent commit that was present in their GitLab repository before they took it offline." Ironically, Fosco in 2012 warned fellow programmers to use parameterized queries to prevent SQL injection vulnerabilities.

Read more of this story at Slashdot.