Longtime Slashdot reader MattSparkes shares a report from NewScientist, captioned: "For years we've had unconfirmed reports, rumors, hints... now we know." From the report: Fully autonomous drones with no human oversight have killed soldiers on the battlefield for the first time. This is according to a senior figure in the Ukrainian defense industry, marking a watershed moment in warfare. The one-off test involved 10 AI-controlled "Terminator" drones on the front line of the Ukraine war. Russian soldiers were killed. "We tried it," says drone-maker Alexander Kokhanovskyy, who supplied the technology and spoke to New Scientist at a press event hosted by the Ukrainian embassy. "It's a test. We never implemented it [more widely]." The test took place two years ago and involved quadcopter drones that were programmed to fly towards the front line, cover between 3 and 5 kilometres over around 10 minutes and then engage "Terminator mode," in which an AI model searches for and intercepts targets. "We just launch it and we know everything will be dead -- everything that will be found there in this particular area will be dead," says Kokhanovskyy. "There is no connection to the drone at all, you cannot see the video, nothing... Everything it sees will be killed." With no way to tell what the automated drones had seen or targeted, human-piloted drones were sent into the area after the test to manually check results. Victims included "a couple of soldiers, one truck," says Kokhanovskyy. While there is no recording of the automated drones attacking these targets, it was concluded that the drones had killed them. Kokhanovskyy says that he was not at the test personally but that it was carried out by an unnamed military unit near the cities of Bakhmut and Chasiv Yar as part of a Ukrainian counteroffensive push. The Ukrainian Ministry of Defence did not respond to questions about the test or the current legal position on the use of fully autonomous weapons.

Read more of this story at Slashdot.

fjo3 shares a report from The Guardian: Tests reveal that when people are ambling about, they have a natural tendency to turn to the left and walk in an anticlockwise direction. "If you simply ask someone to start walking, whether they are wandering around a museum, a supermarket, or even an empty room, it is surprisingly likely that they will drift counterclockwise," said Dr Inaki Echeverria Huarte at University of Navarra in Spain. As with many critical discoveries in science, the revelation owes a debt to serendipity. During the pandemic, the researchers ran experiments to see how many people could share a space while keeping a safe distance. On reviewing the video, they noticed that crowds overwhelmingly walked in an anticlockwise direction. The surprise set in motion an entire research project. The scientists conducted a series of experiments in which individual pedestrians or small crowds roamed around enclosed spaces. Time and again, the researchers observed the tendency to walk in an anticlockwise direction. Suspecting that cultural norms might play a role, the team joined forces with Dr Claudio Feliciani at the University of Tokyo. He found the same results in Japan. The finding held when the researchers accounted for people being right-handed, right-footed and right-eye dominant, and was seen in both male and female walkers. The only difference they spotted was a more pronounced bias in children. "Each of us carries a small personal bias to turn slightly to one side, and when many people share a space, those tiny biases add up into a net counterclockwise rotation," said Echeverria Huarte. Researchers think the tendency may be tied to biomechanics: people are not perfectly symmetrical, and the way the brain processes sensory information and coordinates muscles may gently tip walkers toward one side. Right-side dominance may also play a role, especially in running, where anticlockwise movement puts more internal force on the right side of the body and may feel more natural to right-leg-dominant athletes. "We have tested several ideas and the bias stubbornly keeps showing up, so the exact mechanism is still an open question," said Echeverria Huarte. The findings have been published in Nature Communications.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Electrek: Solar generated more U.S. electricity than coal for the first month on record in May 2026, according to new analysis from global energy think tank Ember. Solar supplied 12.8% of U.S. electricity during the month, while coal dropped to 12.2%. That's a dramatic shift in the U.S. power mix. Just five years ago, coal generated 19.7% of U.S. electricity in May, while solar accounted for only 5.4%. U.S. solar generation hit a record 45.5 terawatt-hours (TWh) in May 2026, up 17% from May 2025 and higher than the previous record set last July. Ember says another record could be broken again this summer. Solar output usually peaks in June or July, but its share of the electricity mix is often highest in spring, when strong sunshine lines up with milder temperatures before summer cooling demand ramps up. May was also the first time solar became the third-largest individual source of electricity in the U.S., behind only natural gas and nuclear. (If solar is included with all other renewables, then they're the second-largest source of electricity as an overall category of electricity.) Meanwhile, coal keeps sliding (and will continue to slide). Coal generation hit an all-time monthly low of 39.3 TWh in April 2026. Output rose slightly in May to 43.4 TWh, but it was still 11% lower than May 2025 levels. Even with that small rebound, coal couldn't keep pace with solar's rapid growth.

Read more of this story at Slashdot.

A researcher using the name Nightmare Eclipse has released a new Microsoft Defender zero-day exploit called "RoguePlanet," which reportedly works on fully patched Windows 10 and 11 systems and can spawn a command prompt with SYSTEM privileges through a Defender race condition. The release came just hours after Microsoft fixed two previously disclosed flaws during its latest monthly Patch Tuesday drop -- its largest Patch Tuesday release ever. BleepingComputer reports: The researcher shared a proof-of-concept exploit on Tuesday afternoon in a self-hosted Git repository after saying that GitHub and GitLab repositories hosting their exploits had previously been removed by Microsoft. "The exploit is a race condition, so it's a hit or miss. I have managed to get a 100% success rate on some machines while it struggled to work on others," Nightmare Eclipse wrote in the repository. [...] Cybersecurity firm ThreatLocker told BleepingComputer that they successfully reproduced the flaw in their testing and confirmed the exploit worked against fully patched Windows 11 systems with KB5094126 installed, and shared a video demonstrating it. "Our initial analysis confirms that the RoguePlanet exploit is viable and performs as described. Organizations using application allowlisting can prevent the exploit from executing, providing an effective layer of protection against this attack," Danny Jenkins, CEO of ThreatLocker, told BleepingComputer. According to Nightmare Eclipse, RoguePlanet was originally developed as a remote code execution vulnerability that exploited Microsoft Defender's handling of files hosted on remote SMB shares. "In initial development, it was confirmed that this vulnerability was a remote code execution," the researcher explained in a blog post. "It required an attacker to coerce a victim to open a .vhd(x) in a remote SMB server, succesful exploitation resulted in defender overwriting its own files and obviously the end outcome was an RCE." The researcher says another attack scenario could lead to remote code execution simply by coercing a victim into opening an SMB share if symlink evaluation settings were enabled. However, the researcher claims Microsoft silently hardened Defender in mid-May by patching "mpengine!SysIO*" API, which blocked junction attacks. "Rewriting RoguePlanet to make it functional again drained my soul and I couldn't complete the other scenarios and for now it remains unclear if RoguePlanet is limited to LPE or there is some sort of way to turn it into an RCE," the researcher wrote.

Read more of this story at Slashdot.

Visa is integrating its payment network with ChatGPT so AI agents can shop and complete purchases on users' behalf. "It means AI agents can not only recommend products but complete the purchase on the user's behalf, at potentially any merchant that accepts Visa," reports the Associated Press. "The payment network's previous attempts at this technological leap were confined to a single retailer or a small set of enrolled merchants." From the report: OpenAI will provide the technology to allow agents to interact, make decisions and initiate purchases through ChatGPT. Visa, the world's largest payment network outside of China, will provide the payment authorization and fraud monitoring needed to do this at scale. "As AI agents become active participants in the economy, Visa's focus is to ensure transactions are trusted, secure and seamless," said Jack Forestell, chief product and strategy officer at Visa. Speaking at a company event Wednesday in San Francisco Wednesday, Forestell gave an example of a customer telling ChatGPT they're looking for a pair of wireless headphones under $150. The chatbot would find a pair for sale under those parameters and buy it on behalf of the customer. Visa and OpenAI did not disclose the financial terms of the collaboration and did not give details on the fees merchants or customers would have to pay. [...] Visa says the feature will have guardrails like spending limits, required approval steps and approved merchants for shopping in order to protect consumers and minimize fraud.

Read more of this story at Slashdot.

Valve is discontinuing physical Steam Gift Cards and says it will stop restocking them as retailers sell through remaining inventory. In a blog post, the company blamed persistent gift card scams as the reason, though Steam Digital Gift Cards will remain available and existing physical cards can still be redeemed. PC Guide reports: Valve says it has "responded to gift card scams over the years" -- but this doesn't stop scammers from adapting. The Steam creator has actively worked with retailers and law enforcement, among other precautions, to counteract scams, but says the issue can never be fully resolved. Steam Digital Gift Cards will continue to operate as normal.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Wired: Last year, Meta radically overhauled the rules around what content it would allow on its platforms. The company claimed that its own efforts policing speech had gone too far and that it would relax the rules around what speech was allowed. "We have been over-enforcing our rules, limiting legitimate political debate and censoring too much trivial content and subjecting too many people to frustrating enforcement actions," Joel Kaplan, Meta's chief global affairs officer, wrote in a blog post at the time. Over a year later, new research from the Center for Countering Digital Hate (CCDH) shows the immediate impact of these changes. The researchers analyzed about 8 million Facebook comments and found that abusive and racist comments targeting both Republican and Democrat lawmakers tripled in the six months after the new rules were put in place. Some categories of abusive comments documented by the researchers saw even sharper rises, with violent threats and hate speech quadrupling during the same period. The report cites specific examples of gendered and racist abuse directed at lawmakers like US representatives Jasmine Crockette of Texas and Byron Daniels of Florida. These comments were not taken down by Meta. The CCDH researchers also found that threats against President Trump more than doubled in the six months after Meta overhauled its rules. Many of the comments, which included direct threats to his life, could have been classified as felony offenses, the researchers say. [...] Comments that violated Meta's policies around violent threats quadrupled, from 1,800 in the six months before the changes to 7,600 in the six months after. Hate speech comments also quadrupled, from 6,900 to 30,000. Comments that broke Meta's rules on bullying and harassment doubled, from 15,700 to 39,900.

Read more of this story at Slashdot.

BYD plans to install 3,000 ultra-fast "Flash Chargers" across Europe by the end of 2027, with the first stations already appearing in Germany and the UK. The Verge reports: At an estimated cost of 580,000 euros (about $670,000) per charger according to the Financial Times, that would mean a total spend of roughly $2 billion to install the network. The 1,500kW charging stations are significantly more powerful than Tesla's 500kW V4 Superchargers, though Tesla already has 20,000 chargers installed in Europe. BYD, which has been steadily overtaking Tesla in global sales, says its chargers shouldn't add undue strain to the energy grid, as they'll charge cars from batteries which can be topped up overnight. Any car with a standard CCS charge port can use the Flash Chargers, though only BYD cars equipped with the company's new Blade Battery can hit the top speeds. Right now there's only one of those in Europe, the 115,000 euros ($133,000) Denza Z9 GT -- it charges to 70 percent in five minutes on the new chargers.

Read more of this story at Slashdot.

The Asahi Linux team is warning Apple Silicon users not to upgrade to the macOS 27 beta because Apple's changes to the boot picker and Startup Disk app make Asahi partitions invisible, preventing Linux from booting. The Register reports: The team added: "If you insist on trying out macOS 27 as soon as possible, please ensure you install a secondary copy of macOS 26 first, or install macOS 27 itself on a secondary volume." They've also updated the installer to prevent installs from running on macOS 27 for now. For anyone who ignored all of the above, "we will not support users who have installed the macOS 27 beta without ensuring at least one stable version of macOS is installed." Considering macOS 27 is in beta, the issue may be accidental rather than an attempt by Apple to block Linux on its hardware. The Asahi team said it has filed bug report. The good news for anyone who pulled the trigger on installing the macOS 27 beta is that although the partition might not be visible, it hasn't gone anywhere. The Asahi team wrote: "If you have already upgraded to the beta and noticed that your Asahi partition has disappeared, do not stress. Your Asahi partition is still there, and you have not lost any data."

Read more of this story at Slashdot.

A Munich regional court has ruled (PDF) that Google can be held directly liable for false claims in AI Overviews. The case involved AI Overviews falsely linking two publishers to scams and shady business practices, with the court rejecting Google's argument that users could simply check the sources themselves. The Decoder reports: Google's AI overviews work nothing like traditional search results, the court argues. The AI rewrites and judges results "in its own words and according to its own structure," the ruling says. In the case at hand, for example, it opened with confident claims like "Yes, [company] is known for dubious business practices," then built its own structure with a summary, red flags for the alleged scam, and tips for users. The court also found that the AI overview made claims "that are not even made in the search results." None of the linked sources drew any connection between the plaintiffs and the shady companies the AI mentioned. The court called these "the defendant's own statements." Google built the AI, Google offered it to users, so Google owns what it produces, "because it alone has influence over the AI's offering and the algorithms with which the AI operates." The court also examined existing rulings from Germany's Federal Court of Justice (BGH), which gave traditional search engines and autocomplete limited liability. The BGH had argued that search engine operators were only liable as indirect infringers because they merely made third-party content findable. A proactive duty to check results would threaten how search engines work. The Munich court found that this reasoning doesn't apply to AI overviews. A regular search engine just points to outside websites. But AI overviews generate "independent, new, and substantive statements" by evaluating and combining content from various third-party sites. And only Google can check those statements, the court said, "at least by comparing the underlying third-party websites with its own statements based on them." The court also noted that the AI overview is "by no means absolutely necessary" for using the internet. Traditional search results already help users sort through information, the AI overview is just an extra feature. At the hearing, Google argued that users could check the linked sources themselves to verify if the AI summary was correct. It also said that these users knew "that information generated with AI should not be blindly trusted." The court rejected this.

Read more of this story at Slashdot.

Seattle has enacted a one-year moratorium on new datacenters, making it the largest U.S. city to do so as the backlash against AI infrastructure grows across the country. The city council voted unanimously in favor of the ban. The Guardian reports: Lawmakers have framed the pause as an opportunity to draft regulations specifically targeting the electricity-hungry datacenters being built nationwide to serve the AI sector, and to protect local residents from environmental risks and rising electricity bills. According to Seattle mayor Katie Wilson, the moratorium will also let city officials determine whether datacenters are a "good use of urban land," and potentially impose new stipulations on their approval, such as requiring developers to invest in local transit and housing initiatives in exchange for construction permits. "There are times when public pressure forces elected officials to do something they don't want to do, but in other cases, public pressure just supports and helps to spur on elected officials to do things that they already want to do," said Wilson. "I think this was one of those latter cases." [...] An amendment to the moratorium that passed unanimously last week allows existing datacenters in Seattle to apply for expansions requiring up to 20 megawatts of additional power during the year-long pause. Activists are concerned that the provision may lead to a spike in datacenters' demand for power while the moratorium is in place, and may undermine the premise of the pause. Lawmakers justified the amendment as a way to differentiate between the datacenters that already exist in Seattle and serve a civic purpose, like those powering health facilities and emergency-call systems, from large-scale centers designed to serve the AI sector.

Read more of this story at Slashdot.

An anonymous reader quotes a report from ComputerWeekly: Microsoft has issued patches for about 200 flaws in its latest monthly Patch Tuesday drop, blasting past a previous record high of almost 170 common vulnerabilities and exposures (CVEs) set in October 2025. Among a great many others, the latest update from Redmond fixes a total of 32 critical CVEs and three zero-day flaws. Dustin Childs, head of threat awareness at TrendAI's Zero Day Initiative, said: "We are heading into a high-stakes summer for cyber security. June's record-shattering drop ... is a stark warning that AI is supercharging flaw discovery at an uncontrollable scale. The current number of CVEs shipped by Microsoft this year exceeds the total number of CVEs shipped in all of 2018. It is extraordinary that Microsoft can produce so many patches in a single month, and I expect many testers are wondering what quality issues may exist." And with the addition of hundreds of CVEs in Google Chrome and Microsoft Edge (Chromium) and other third-party flaws taking the total to almost 600, Chris Goettl, vice president of security product management at Ivanti, said talk of a 'Patch Apocalypse' was no longer unwarranted. "We are in the Patch Apocalypse. The Patch Apocalypse is now," said Goettl. "This is not intended to be a scare tactic. It is meant to outline the challenge that many organizations were anticipating, but the new generation of LLMs [Large Language Models] has accelerated significantly in the first half of 2026." "There are going to be more CVEs resolved by vendors at a faster and more continuous pace than we have ever seen previously. Unfortunately, this will also include more zero-day and n-day exploits than previously seen as well. The window from release from a vendor to exploitation had already shortened to five days as of 2023 threat intelligence data." Goettl said that many suppliers have acknowledged the need to use AI tools in their security research to identify and resolve flaws, with Oracle, Google Chrome and Mozilla all upping the cadence of their updates. Whether or not Microsoft follows suit remains to be seen.

Read more of this story at Slashdot.