An anonymous reader quotes a report from the Associated Press: Google announced on Tuesday that it will invest $15 billion in India over the next five years to establish its first artificial intelligence hub in the country. Located in the southern city of Visakhapatnam, the hub will be one of Google's largest globally. It will feature gigawatt-scale data center operations, extensive energy infrastructure and an expanded fiber-optic network, the company said in a statement. The investment underscores Google's growing reliance on India as a key technology and talent base in the global race for AI dominance. For India, it brings in high-value infrastructure and foreign investment at a scale that can accelerate its digital transformation ambitions. Google said its AI hub investment will include construction of a new international subsea gateway that would connect to the company's more than 2 million miles (3.2 million kilometers) of existing terrestrial and subsea cables. "The initiative creates substantial economic and societal opportunities for both India and the United States, while pioneering a generational shift in AI capability," the company's statement said.

Read more of this story at Slashdot.

LevelBlue announced Tuesday it has signed a definitive agreement to acquire Cybereason, a Boston-based cybersecurity firm specializing in extended detection and response platforms and digital forensics. 

Dallas-based LevelBlue, a managed security services provider formerly known as AT&T Cybersecurity, will fold Cyberreason’s extended detection and response (XDR) platform, threat intelligence team, and digital forensics and incident response (DFIR) capabilities into its managed detection and response (MDR) offerings.

“The addition of Cybereason is a strategic leap forward in our mission to become the most complete cybersecurity partner for our clients and strategic partners,” Bob McCullen, CEO and chairman of LevelBlue, said in a release. “By combining Cybereason’s world-class XDR and DFIR capabilities with our AI-powered MDR and incident response, we can deliver unified protection that’s proactive, scalable, and purpose-built for today’s fast-evolving threats.”

The acquisition follows a trend of industry consolidation, as cybersecurity companies aim to offer a variety of products and services under singular brands. Cybereason merged with managed service provider Trustwave earlier this year. 

For Cybereason, the acquisition bookends a turbulent seven-year period that saw the company swing from near-IPO status to dramatic valuation declines and multiple restructurings. Founded in 2012 by former members of the Israeli Defense Forces signals intelligence unit, the company competes with firms like CrowdStrike and SentinelOne in providing endpoint detection services and threat intelligence capabilities.

Cybereason appeared to reach its apex in 2021, when it raised $325 million in a funding round led by Liberty Strategic Capital. That round valued the company at approximately $3.1 billion, and Cybereason confidentially filed for an initial public offering with an expected valuation of $5 billion. At its peak, the company employed roughly 1,500 workers and had raised $850 million in total funding, with Japanese multinational investment holding company SoftBank as its primary investor.

However, the economic downturn of 2022 fundamentally altered the company’s trajectory. The shifting market conditions, combined with pressure from SoftBank following its significant losses on investment in WeWork, forced Cybereason to acknowledge it had over-hired at unsustainable wage levels. The company conducted two major rounds of layoffs, cutting more than 300 employees. In early 2022, Cybereason eliminated approximately 10% of its workforce, citing what it called a “seismic shift” in private and public markets. The IPO was eventually scrapped. 

As part of Tuesday’s announced transaction, SoftBank Corp. and Liberty Strategic Capital will become investors in LevelBlue. Additionally, Steven Mnuchin, former U.S. Treasury secretary and managing partner of Liberty Strategic Capital, will join LevelBlue’s board of directors. 

The post LevelBlue to acquire Cybereason in latest cybersecurity industry consolidation appeared first on CyberScoop.

An anonymous reader quotes a report from the Financial Times: OpenAI and Anthropic are considering using investor funds to settle potential claims from multibillion-dollar lawsuits, as insurers balk at providing comprehensive coverage for the risks associated with artificial intelligence. The two US-based AI start-ups have traditional business insurance coverage in place, but insurance professionals said AI model providers will struggle to secure protection for the full scale of damages they may need to pay out in the future. OpenAI, which has tapped the world's second-largest insurance broker Aon for help, has secured cover of up to $300 million for emerging AI risks, according to people familiar with the company's policy. Another person familiar with the policy disputed that figure, saying it was much lower. But all agreed the amount fell far short of the coverage to insure against potential losses from a series of multibillion-dollar legal claims. [...] Two people with knowledge of the matter said OpenAI has considered "self insurance," or putting aside investor funding in order to expand its coverage. The company has raised nearly $60 billion to date, with a substantial amount of the funding contingent on a proposed corporate restructuring. One of those people said OpenAI had discussed setting up a "captive" -- a ringfenced insurance vehicle often used by large companies to manage emerging risks. Big tech companies such as Microsoft, Meta, and Google have used captives to cover Internet-era liabilities such as cyber or social media. Captives can also carry risks, since a substantial claim can deplete an underfunded captive, leaving the parent company vulnerable. OpenAI said it has insurance in place and is evaluating different insurance structures as the company grows, but does not currently have a captive and declined to comment on future plans.

Read more of this story at Slashdot.

The Philippines became Asia's second-largest gambling hub after Macau last year as online betting proliferated across the archipelagic nation. Almost half of the country's 69 million working-age population is now registered on gambling apps, an exponential rise from less than half a million users in 2018. The government has become increasingly dependent on the industry. Philippine Amusement and Gaming Corp. collects 30% of gross gaming revenue and has become the second-biggest revenue contributor among state-run companies after Land Bank of the Philippines. Revenue from online casino license fees is projected to reach $1 billion in 2025. More than 60 operators are regulated by the government. Industry revenue almost tripled in 2024 from 2023 to 154.5 billion pesos. Revenue from internet betting eclipsed physical casinos for the first time this year. The central bank recently ordered e-wallets to remove links to betting sites, halving bets within days. President Ferdinand Marcos Jr. rejected calls for a complete ban and said outlawing online betting would only spawn illicit operations that would be more difficult to eradicate.

Read more of this story at Slashdot.

Starting in November, Venmo and PayPal users will finally be able to send money directly to each other, ending years of workarounds despite Venmo being owned by PayPal. TechCrunch reports: This change means that PayPal users will now be able to find Venmo users by inputting their phone numbers, and later, their email addresses. If you don't want PayPal users to be able to find you, you can update your settings in the Venmo app by navigating to Settings - Privacy - Find me... and while you're at it, you might as well default your Venmo transactions to private via Settings > Privacy. You'll thank me in the long run. PayPal announced that it would broaden its network of payment systems in July, starting with Venmo, but the companies did not confirm the date of the update until now. This collection of partnerships, which PayPal has named PayPal World, will also work with Mercado Pago, NPCI International Payments Limited, and Tenpay Global. This will help users send money internationally without barriers and fees. Combined, Venmo and PayPal have 2 billion global users, according to PayPal.

Read more of this story at Slashdot.

A company affiliated with the Georgia Institute of Technology agreed to pay $875,000 to the U.S. government to settle a case involving allegations that it knowingly failed to meet cybersecurity requirements for obtaining Pentagon contracts, the Justice Department announced Tuesday.

Two Georgia Tech whistleblowers who worked on the university’s cybersecurity team first filed suit in 2022 under the False Claims Act, a Civil War-era law aimed at combatting shady contractors. The Justice Department joined the suit two years later on behalf of the Defense Department, Air Force and Defense Advanced Research Projects Agency.

The settlement resolves the suit against Georgia Tech and Georgia Tech Research Corporation over allegations that they failed to install antivirus tools at Georgia Tech’s Astrolavos Lab while it conducted sensitive cyber-defense research for the Pentagon. The Justice Department also had said that Georgia Tech and the affiliate company submitted a false cybersecurity assessment score to the Defense Department.

“When contractors fail to follow the required cybersecurity standards in their DoD contracts, they leave sensitive government information vulnerable to malicious actors and cyber threats,” said Brett Shumate, assistant attorney general of the Justice Department’s Civil Division.

Under the settlement agreement, neither side concedes to the other over the allegations.

“From the outset, Georgia Tech denied the government’s allegations that mischaracterized our commitment to cybersecurity,” said a spokesperson for the university, Blair Meeks. “We worked hard to educate the government about the strong compliance efforts of our researchers and are pleased to avoid the distraction of litigation by resolving this matter without any admission of liability. Georgia Tech looks forward to continued collaboration with the Department of Defense and other federal partners in conducting ground-breaking research in a secure manner.”

The two sides first reached a tentative settlement agreement in May. The government will pay the two whistleblowers, Kyle Koza and Christopher Craig, $201,250 out of the settlement.
The Justice Department began using the False Claims Act in 2022 to punish contractors over cybersecurity shortcomings under its Civil Cyber-Fraud Initiative. It has since settled with a number of parties in those cases, including for $9 million with Aerojet Rocketdyne, $8.4 million with Raytheon and Nightwing, $4.6 million with MORSECORP and $4 million with Verizon Business Network Services.

The post DOJ, Georgia Tech affiliate company settle over alleged failure to meet DOD contract cyber requirements appeared first on CyberScoop.

OpenAI unveiled Instant Checkout, a new ChatGPT feature that lets users buy stuff directly through its chatbot. Currently, the feature supports single-item purchases directly from Etsy sellers, but support for more than one million Shopify merchants is coming soon. It's also only available to U.S. ChatGPT Plus, Pro and Free users at this time. CNBC reports: OpenAI will take a fee from transactions that are completed through ChatGPT, which means Instant Checkout could become an important new revenue stream for the startup. OpenAI is not yet profitable, and is burning through cash as it works to scale up its computing infrastructure. The company declined to share specific details about how large the fees are since they are determined through confidential contracts with Etsy and Shopify. Instant Checkout is free to users and will not affect their prices, OpenAI said. "Our vision for ChatGPT -- and a lot of the technology we create, but especially ChatGPT -- is that it's not just providing you information, it is also helping you get things done in the real world," Michelle Fradin, OpenAI's product lead for ChatGPT commerce, told CNBC in an interview. The company plans to introduce multi-item carts and expand the regional availability of Instant Checkout moving forward. [...] Instant Checkout is powered by OpenAI's Agentic Commerce Protocol, which is the underlying technology that allows users to complete a transaction directly with a merchant through ChatGPT. OpenAI built the framework in partnership with the fintech company Stripe, which powers ChatGPT subscriptions. OpenAI initially decided to use Agentic Commerce Protocol for e-commerce, but Fradin said the company thinks it could be used to facilitate other types of purchases or payments as well. OpenAI is open-sourcing the framework to help merchants build integrations more quickly, and so that developers can explore different use cases, she said.

Read more of this story at Slashdot.

The Department of Homeland Security estimated over the weekend that it would send home about two-thirds of employees at the Cybersecurity and Infrastructure Security Agency in the event of a government shutdown.

It’s the first time that the second Trump administration has released its contingency plan in response to what would happen if Congress doesn’t keep the government funded after Oct. 1 — something that looks likely at the moment. The furlough of two-thirds of CISA employees is also relatively close to the last time the Biden administration produced shutdown guidance in 2023.

According to the DHS document, 889 of CISA’s 2,540 personnel would keep working through a government funding lapse. That workforce estimate is from May, and could be smaller now. In 2023, DHS anticipated that it would keep 960 of its then-3,117 employees at work.

The Biden administration said that year that it would have had the ability to recall another 790 CISA employees if needed. The latest DHS guidance doesn’t include any information on recallable employees, and CISA didn’t immediately respond to a request for that figure Monday.

Furloughs of cyber personnel could have a whole host of potentially negative consequences, government officials and outside cyber experts have warned. Those consequences could be even worse as the Trump administration slashes the federal workforce, some say.

A temporary reduction could invite more attacks on the federal government; slow down patching, cyber projects and regulations; prompt permanent departures from workers disillusioned about the stability of federal cyber work; hinder cybercrime prosecutions; and freeze cyber vulnerability scans.

The latest CISA furlough estimates are “scary,” one cyber researcher wrote on the social media platform Bluesky. The White House has also instructed agencies to plan for mass firings in the event of a shutdown.

At other agencies, some federal cybersecurity-related personnel are likely to continue working during a federal funding lapse, because the law deems some government functions as “excepted,” such as those focused on missions like national security, law enforcement or protection of property and human safety. For example, at the Health and Human Services Department, the fiscal year 2026 contingency plan states that “HHS estimates that 387 staff (excluding those otherwise authorized by law) will be excepted for the protection of computer data.”

Unlike in past years, agencies are hosting contingency plans on their websites on a case-by-case basis, rather than on the website of the Office of Management and Budget. Some plans that have been published, such as those for the Department of Defense, don’t specify figures for cyber personnel.

Hundreds of thousands of federal workers could be furloughed, in total.

Two major cybersecurity laws, one providing legal protections for cyber threat data sharing and another providing state and local grants, are also set to expire in mere days. A House-passed continuing resolution would’ve temporarily extended them, but the legislation didn’t advance in the Senate.

The post Two-thirds of CISA personnel could be sent home under shutdown appeared first on CyberScoop.

Authorities arrested 260 cybercrime suspects during a two-week operation spanning 14 African countries, Interpol announced Friday. The globally coordinated summertime crackdown dubbed “Operation Contender 3.0” targeted criminal networks that facilitated romance scams and sextortion, officials said. 

Interpol said total losses attributed to the scam syndicates amounted to about $2.8 million, involving almost 1,500 victims. Authorities seized USB drives, SIM cards, forged documents and dismantled 81 cybercrime infrastructure networks across the continent.

“Cybercrime units across Africa are reporting a sharp rise in digital-enabled crimes such as sextortion and romance scams,” Cyril Gout, acting executive director of police services at Interpol, said in a statement. “The growth of online platforms has opened new opportunities for criminal networks to exploit victims, causing both financial loss and psychological harm.”

Authorities in Ghana arrested 68 people, seized 835 devices and identified 108 victims who lost a combined $450,000, $70,000 of which was recovered. The suspects allegedly used fake profiles, forged identities and stolen images to deceive victims using multiple schemes, including fake courier and customs shipment fees, and sextortion for blackmail.

Police in Senegal arrested 22 suspects who allegedly defrauded 120 victims on social media and dating platforms of about $34,000 combined. 

In Cote d’Ivoire, police arrested 24 suspects and identified 809 victims who were allegedly manipulated to share intimate images before they were blackmailed. Angola authorities arrested eight people for allegedly scamming 28 domestic and international victims via social media. 

Group-IB and Trend Micro assisted in the investigation, and other countries participating in the effort included Benin, Burkina Faso, Gambia, Guinea, Kenya, Nigeria, Rwanda, South Africa, Uganda and Zambia.

“By working closely with our member countries and private sector partners, we remain committed to disrupting and dismantling the groups that prey on vulnerable individuals online,” Gout said.

Operation Contender 3.0 occurred, in part, during a much larger Interpol cybercrime crackdown in Africa that resulted in the arrest of 1,209 alleged cybercriminals. Authorities said financial losses attributed to cybercrime rings disrupted during Operation Serengeti 2.0 neared $485 million from almost 88,000 victims.

The post Interpol operation disrupts romance scam and sextortion networks in Africa appeared first on CyberScoop.

Circle, the world's second-biggest issuer of stablecoins, is examining ways to make it possible to reverse transactions involving its tokens [non-paywalled source], in a rare admission by a major crypto firm that it needs to take lessons from the traditional financial sector. Financial Times: Circle president Heath Tarbert said a mechanism that allowed money to be refunded in cases of fraud or disputes would help the stablecoin industry's push to become part of the financial mainstream. "We are thinking through...whether or not there's the possibility of reversibility of transactions, right, but at the same time, we want settlement finality," Tarbert told the Financial Times. "So there's an inherent tension there between being able to transfer something immediately, but having it be irrevocable," he added. Such measures could be seen as a major departure from the crypto industry's previous emphasis on the "immutability" of the blockchain, a digital ledger that is public and records transactions that cannot be unwound.

Read more of this story at Slashdot.

Department of Government Efficiency practices at three federal agencies “violate statutory requirements, creating unprecedented privacy and cybersecurity risks,” according to a report that Senate Homeland Security and Governmental Affairs Committee Democrats published Thursday.

The report — drawn from a mix of media reports, legal filings, whistleblower disclosures to the committee and staff visits to the agencies — concludes that the Elon Musk-created DOGE is “operating outside federal law, with unchecked access to Americans’ personal data.” It focuses on DOGE activity at the General Services Administration (GSA), Office of Personnel Management (OPM) and Social Security Administration (SSA).

One previously unreported whistleblower claim is that at the SSA, a June internal risk assessment found that the chance of a data breach with “catastrophic adverse effect” stood between 35% and 65% after DOGE uploaded a computer database file known as Numident, containing personal sensitive information without additional protections against unauthorized access. The potential implications included “widespread PII [personally identifiable information] disclosure or loss of data” and “catastrophic damage to or loss of agency facilities and infrastructure with fatalities to individuals,” according to the assessment.

“DOGE isn’t making government more efficient — it’s putting Americans’ sensitive information in the hands of completely unqualified and untrustworthy individuals,” Michigan Sen. Gary Peters, the top Democrat on the committee, said in a news release. “They are bypassing cybersecurity protections, evading oversight, and putting Americans’ personal data at risk. We cannot allow this shadow operation to continue operating unchecked while millions of people face the threat of identity theft, economic disruption, and permanent harm. The Trump Administration and agency leadership must immediately put a stop to these reckless actions that risk causing unprecedented chaos in Americans’ daily lives.”

The report recommends stripping all DOGE access to sensitive personal information until agencies certify that the initiative is in compliance with federal security and privacy laws such as the Federal Information Security Management Act, and recommends that DOGE employees complete the same kind of cybersecurity training as other federal employees.

It describes the three agencies blocking access to specific offices or otherwise obstructing access. For example, it says that DOGE installed a Starlink network at GSA, but wouldn’t let staff view it. Starlink is the Musk-owned satellite internet service, and the report concludes that Starlink might have allowed DOGE staffers to circumvent agency IT oversight. Data sent over the network “could be an easy target for foreign adversaries,” the report states.

The report also expands upon an alleged attempt at SSA to create a “master database” that would pool data from multiple federal agencies. According to whistleblower disclosures, former SSA DOGE employee John Koval inquired about uploading agency data into a cloud environment to share with the Department of Homeland Security. He was “rebuffed,” the report states, but later worked at DHS and the Justice Department, where SSA data surfaced in some projects, raising further privacy concerns. 

It revisits concerns about DOGE staffer Edward “Big Balls” Coristine having access to sensitive agency data despite reports that he had been fired from an internship at a cybersecurity company for leaking company information to a competitor, and arrives at further conclusions about the risk posed by the ability of Coristine and others “to move highly sensitive SSA data into an unmonitored cloud environment.”

“It is highly likely that foreign adversaries, such as Russia, China, and Iran, who regularly attempt cyber attacks on the U.S. government and critical infrastructure, are already aware of this new DOGE cloud environment,” the report states.

Two of the agencies that were the subject of the report took issue with its conclusions.

“OPM takes its responsibility to safeguard federal personnel records seriously,” said a spokeswoman for the office, McLaurine Pinover. “This report recycles unfounded claims about so-called ‘DOGE teams’ that simply have never existed at OPM. Federal employees at OPM conduct their work in line with longstanding law, security, and compliance requirements.

“Instead of rehashing baseless allegations, Senate Democrats should focus their efforts on the real challenges facing the federal workforce,” she continued. “OPM remains committed to transparency, accountability, and delivering for the American people.”

The SSA pointed to Commissioner Frank Bisignano’s letter to Congress responding to questions about Numident security concerns. 

“Based on the agency’s thorough review, the Numident data and database — stored in a longstanding secure environment used by SSA — have not been accessed, leaked, hacked, or shared in any unauthorized fashion,” a SSA spokesperson wrote, adding, “The location referred to in the whistleblower allegation is actually a secured server in the agency’s cloud infrastructure which historically has housed this data and is continuously monitored and overseen — SSA’s standard practice.”

The SSA spokesperson emphasized there are no DOGE employees at SSA, only agency employees. 

The GSA did not immediately respond to Scoop News Group requests for comment on the Democratic report.

Miranda Nazzaro contributed reporting to this story.

The post Dem report concludes Department of Government Efficiency violates cybersecurity, privacy rules appeared first on CyberScoop.

Neon Mobile, now the No. 2 social networking app in Apple's U.S. App Store, pays users up to $30 per day to record their phone calls and sell the data to AI companies. The app claims to only capture one side of a call unless both parties use Neon, but its terms grant sweeping rights over recordings. TechCrunch reports: The app, Neon Mobile, pitches itself as a money-making tool offering "hundreds or even thousands of dollars per year" for access to your audio conversations. Neon's website says the company pays 30 cents per minute when you call other Neon users and up to $30 per day maximum for making calls to anyone else. The app also pays for referrals. According to Neon's terms of service, the company's mobile app can capture users' inbound and outbound phone calls. However, Neon's marketing claims to only record your side of the call unless it's with another Neon user. That data is being sold to "AI companies," the company's terms of service state, "for the purpose of developing, training, testing, and improving machine learning models, artificial intelligence tools and systems, and related technologies." Despite what Neon's privacy policy says, its terms include a very broad license to its user data, where Neon grants itself a: "...worldwide, exclusive, irrevocable, transferable, royalty-free, fully paid right and license (with the right to sublicense through multiple tiers) to sell, use, host, store, transfer, publicly display, publicly perform (including by means of a digital audio transmission), communicate to the public, reproduce, modify for the purpose of formatting for display, create derivative works as authorized in these Terms, and distribute your Recordings, in whole or in part, in any media formats and through any media channels, in each instance whether now known or hereafter developed." That leaves plenty of wiggle room for Neon to do more with users' data than it claims. The terms also include an extensive section on beta features, which have no warranty and may have all sorts of issues and bugs. Peter Jackson, cybersecurity and privacy attorney at Greenberg Glusker, told TechCrunch: "Once your voice is over there, it can be used for fraud. Now, this company has your phone number and essentially enough information -- they have recordings of your voice, which could be used to create an impersonation of you and do all sorts of fraud."

Read more of this story at Slashdot.

Longtime Slashdot reader schwit1 shares a report from ICO Bench: As of September 1, 2025, banks across Vietnam are closing accounts deemed inactive or non-compliant with new biometric rules. Authorities estimate that more than 86 million accounts out of roughly 200 million are at risk if users fail to update their identity verification. The State Bank of Vietnam has also introduced stricter thresholds for transactions: - Facial authentication is mandatory for online transfers above 10 million VND (about $379). - Cumulative daily transfers over 20 million VND ($758) also require biometric approval. The policy is part of the central bank's broader "cashless" strategy, aimed at combating fraud, identity theft, and deepfake-enabled scams. [...] While many Vietnamese citizens have updated their biometric data without issue, the measure has disproportionately affected foreign residents and expatriates who cannot easily return to local branches and dormant accounts that had been left inactive for years. schwit1 highlights a post on X from Bitcoin expert and TFTC.io founder Marty Bent: "If users don't comply by the 30th they'll lose their money. This is why we bitcoin."

Read more of this story at Slashdot.

Disney is raising prices again for Disney+, Hulu, and ESPN Select starting October 21, 2025, with most ad-supported tiers going up by $2-3 per month and bundles also seeing increases. It marks the third consecutive year of U.S. streaming price hikes. Variety reports: It's that time of year again, apparently: Disney is raising the prices of its Disney+ and Hulu plans in the U.S., including most bundles, as of next month. The standalone Disney+ with ads service is rising from $9.99 to $11.99/month on Oct. 21, 2025, while the Disney+ Premium (without ads) is going from $15.99 to $18.99/month. The Hulu standalone plan with ads is increasing from $9.99 to $11.99/month as of the same date; the premium version of Hulu with no ads will remain at $18.99 per month. In addition, the price of ESPN Select (the service formerly known as ESPN+, which has a more limited content lineup than the recently launched ESPN Unlimited all-in app) will increase from $11.99 to $12.99 per month on Oct. 21. For now, the introductory price of the Disney+, Hulu and ESPN Unlimited bundle with ads will remain $29.99 per month (for the first 12 months). It's the third time in three years Disney is raising the prices of the streaming services in the U.S., after price hikes for Disney+ and Hulu in October 2024 and in October 2023. Disney provided notifications of the latest price hikes Tuesday on its customer support sites.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Bloomberg: Gen Z borrowers took the biggest hit of any age group this year, helping pull overall credit scores lower in the worst year for US consumer credit quality since the global financial crisis roiled the world's economy. The average FICO score slipped to 715 in April from 717 a year earlier, marking the second consecutive year-over-year drop, according to a report released Tuesday by Fair Isaac Corp. The average score dropped three points to 687 in 2009. Gen Z borrowers saw the largest drop, not only this year, but of any age group since 2020, with their average score falling three points to 676, the Montana-based creator of the FICO credit score said. FICO scores are a measure of consumer credit risk and are frequently used by US banks to assess whether to provide loans. The scores typically range from 300 to 850. The credit scoring agency attributed the recent overall drop to higher rates of utilization and delinquency, including the resumption of reporting student loan delinquencies -- a category that hit a record high of 3.1% of the entire scorable population. [...] While the overall average score dropped, the median FICO score continued to rise to 745 from 744 a year ago, indicating that a large drop in scores at the low end dragged down the average.

Read more of this story at Slashdot.

FBI cyber division cuts under President Donald Trump will reduce personnel there by half, a top Democratic senator warned Tuesday, while FBI Director Kash Patel countered that arrests and convictions have risen under the Trump administration.

A contentious Senate Judiciary Committee hearing dominated by clashes over political violence, Patel’s leadership and accusations about the politicization of the bureau nonetheless saw senators probing the FBI’s performance on cybersecurity.

“My office received information that cuts to the bureau’s cyber division will cut personnel by half despite the ever-increasing threat posed by adverse foreign actors,” said Illinois Sen. Dick Durbin, the top Democrat on the panel. The Trump administration has proposed a $500 million cut for the FBI in fiscal 2026.

Sen. Alex Padilla, D-Calif., said that as the FBI has shifted personnel toward immigration and politically motivated investigations like the Tesla task force, it has undercut other missions. “It has an impact on other priorities, like nation-state threats and ransomware investigations,” he said.

Padilla was one of several Senate Democrats, like Cory Booker of New Jersey and Mazie Hirono of Hawaii, who said the FBI’s cyber mission was suffering because its personnel were being directed elsewhere.

Patel told Hirono that the FBI’s cyber branch was one of the bureau’s “most impressive” units, and that it had made 409 arrests, a 42% increase compared to the same period last year, and garnered 169 convictions.

As Padilla questioned him about the FBI’s mission to protect against election interference and the Justice Department ending the Foreign Influence Task Force, Patel answered that the FBI did not “in any way divert or reallocate resources from that critical mission set.” He said it was still working on it through its cyber programs, which had seen a “40, 50, 60%” increase in arrests in cyber threat cases involving critical infrastructure and interference with elections.

Patel said he hadn’t shifted any resources away from any critical missions like terrorism toward things like Tesla vandalism or sending federal personnel to cities like Washington, D.C. “They never left their primary job,” he said. “It is a surge in law enforcement.”

Hirono asked Patel to say who had replaced top officials who had exited the cyber division, but he said only that they were “supremely qualified individuals” and wouldn’t give their names “so you can attack them.” Hirono replied, “you don’t know” when he wouldn’t say who they were.

More broadly, Patel said the FBI was taking the fight to Chinese threat groups like Salt Typhoon and Volt Typhoon, and going after ransomware and malware attackers.

Sen. Amy Klobuchar, D-Minn., said she was concerned about a rise in artificial intelligence-generated election interference, including materials directed at her. Patel said the FBI was looking into it, but that the culprits appeared to be “loose groups overseas, without any central cluster.”

The post Senators, FBI Director Patel clash over cyber division personnel, arrests appeared first on CyberScoop.

Check Point Software Technologies announced Monday it will acquire Lakera, a specialized artificial intelligence security platform, as entrenched cybersecurity companies continue to expand their offerings to match the generative AI boom.

The deal, expected to close in the fourth quarter of 2025, positions Check Point to offer what the company describes as an “end-to-end AI security solution.” Financial terms were not disclosed.

The acquisition reflects growing concerns about security risks as companies integrate large language models, generative AI, and autonomous agents into core business operations. These technologies introduce potential attack vectors including data exposure, model manipulation, and risks from multi-agent collaboration systems.

“AI is transforming every business process, but it also introduces new attack surfaces,” said Check Point CEO Nadav Zafrir. The company chose Lakera for its AI-native security approach and performance capabilities, he said.

Lakera, founded by former AI specialists from Google and Meta, operates out of both Zurich and San Francisco. The company’s platform provides real-time protection for AI applications, claiming detection rates above 98% with response times under 50 milliseconds and false positive rates below 0.5%.

The startup’s flagship products, Lakera Red and Lakera Guard, offer pre-deployment security assessments and runtime enforcement to protect AI models and applications. The platform supports more than 100 languages and serves Fortune 500 companies globally. The company also operates what it calls Gandalf, an adversarial AI network that has generated more than 80 million attack patterns to test AI defenses. This continuous testing approach helps the platform adapt to emerging threats.

David Haber, Lakera’s co-founder and CEO, said joining Check Point will accelerate the company’s global mission to protect AI applications with the speed and accuracy enterprises require.

Check Point already offers AI-related security through its GenAI Protect service and other AI-powered defenses for applications, cloud systems, and endpoints. The Lakera acquisition extends these capabilities to cover the full AI lifecycle, from models to data to autonomous agents.

Upon completion of the deal, Lakera will form the foundation of Check Point’s Global Center of Excellence for AI Security. The integration aims to accelerate AI security research and development across Check Point’s broader security platform.

The acquisition is another in a flurry of bigger cybersecurity companies moving to acquire AI-focused startups. Earlier this month, F5 acquired CalypsoAI, Cato Networks acquired Aim Security, and Varonis acquired SlashNext. 

The deal remains subject to customary closing conditions.

The post Check Point acquires AI security firm Lakera in push for enterprise AI protection appeared first on CyberScoop.

Robinhood has filed with the SEC to launch "Robinhood Ventures Fund I," a publicly traded fund designed to give retail investors access to startup shares before IPOs. TechCrunch reports: While the current version of the application is public, Robinhood hasn't filled in the fine-print yet. This means we don't know how many shares it plans to sell, nor other details like the management fee it plans to charge. It's also unclear which startups it hopes this fund will eventually hold. The paperwork says it "expects" to invest in aerospace and defense, AI, fintech, robotics as well as software for consumers and enterprises. Robinhood's big pitch is that retail investors are being left out of the gains that are amassed by startup investors like VCs. That's true to an extent. "Accredited investors" -- or those with a net worth large enough to handle riskier investments -- already have a variety of ways of buying equity in startups, such as with venture firms like OurCrowd. Retail investors that are not rich enough to be accredited have more limited options. There are funds similar to what Robinhood has proposed, including Cathy Wood's ARK Venture Fund, a mutual fund which holds stakes in companies like Anthropic, Databricks, OpenAI, SpaceX, and others. [...] This new closed-end "Ventures Fund I" is a more classic, mutual fund-style, approach. As to when Robinhood's new fund will be available we don't know that either yet.

Read more of this story at Slashdot.

US retail coffee prices surged 21% year-over-year in August, the largest annual increase since October 1997, according to Thursday's Consumer Price Index. The monthly 4% jump marks the steepest rise in 14 years. Trump administration tariffs on major coffee exporters -- 50% on Brazil, 20% on Vietnam, and 10% on Colombia -- are driving costs higher as 99% of US coffee consumption relies on imports. J.M. Smucker plans its third price increase this winter for Folgers and Cafe Bustelo brands after raising prices in May and August. New Orleans chain French Truck Coffee has implemented a 4% tariff surcharge. Starbucks expects peak cost impacts in 2026 due to its advance purchasing practices. KPMG chief economist Diane Swonk predicts prices will exceed historical records as Brazilian tariff effects reach retail shelves.

Read more of this story at Slashdot.

"President Trump's One Big Beautiful Bill Act may have quietly changed the economics of the creator economy," reports the Hollywood Reporter. The Treasury Department has ruled this past week that digital creators, including podcasters, influencers, and streamers, qualify for the U.S. "no tax on tips" policy, allowing them to deduct tipped income up to $25,000. From the report: The change could cause digital creators to rethink how they seek income. Platforms like TikTok, YouTube, Twitch and Snapchat all offer a variety of ways for creators to generate income, be it a share of advertising revenue or creator funding programs, or options to launch subscription tiers for their channels or profiles. But they also give creators the option to turn on tips or gifts. If revenue from user tips or gifts is eligible, while recurring subscription revenue is not, it could shift how streamers, podcasters or influencers ask their followers to support them. To be sure, there are limitations: The tax deduction is capped at $25,000 per year, and it begins to phase out at $150,000 in income for single filers and $300,000 for married joint filers. The act also provides that tips do not qualify for the deduction if they are received "in the course of certain specified trades or businesses -- including the fields of health, performing arts, and athletics," Treasury says, further limiting the deduction opportunity for some in entertainment-adjacent lines of work. But by making influencers, Twitch streamers and podcasters eligible, the administration has nonetheless changed the incentive structure for digital creators, and the ramifications could be felt across the creator economy in the name of tax efficiency (Don't be surprised if users are asked to like, subscribe, and tip). Platforms may also develop more ways to more prominently feature tips and gifts, pushing creators to add more opportunities for that income. But the inclusion of digital creators is also a recognition of how the power dynamics have shifted in media.

Read more of this story at Slashdot.