An anonymous reader quotes a report from The Register: Ten vulnerabilities in Copeland controllers, which are found in thousands of devices used by the world's largest supermarket chains and cold storage companies, could have allowed miscreants to manipulate temperatures and spoil food and medicine, leading to massive supply-chain disruptions. The flaws, collectively called Frostbyte10, affect Copeland E2 and E3 controllers, used to manage critical building and refrigeration systems, such as compressor groups, condensers, walk-in units, HVAC, and lighting systems. Three received critical-severity ratings. Operational technology security firm Armis found and reported the 10 bugs to Copeland, which has since issued firmware updates that fix the flaws in both the E3 and the E2 controllers. The E2s reached their official end-of-life in October, and affected customers are encouraged to move to the newer E3 platform. Upgrading to Copeland firmware version 2.31F01 mitigates all the security issues detailed here, and the vendor recommends patching promptly. In addition to the Copeland updates, the US Cybersecurity and Infrastructure Security Agency (CISA) is also scheduled to release advisories today, urging any organization that uses vulnerable controllers to patch immediately. Prior to these publications, Copeland and Armis execs spoke exclusively to The Register about Frostbyte10, and allowed us to preview an Armis report about the security issues. "When combined and exploited, these vulnerabilities can result in unauthenticated remote code execution with root privileges," it noted. [...] To be clear: there is no indication that any of these vulnerabilities were found and exploited in the wild before Copeland issued fixes. However, the manufacturer's ubiquitous reach across retail and cold storage makes it a prime target for all manner of miscreants, from nation-state attackers looking to disrupt the food supply chain to ransomware gangs looking for victims who will quickly pay extortion demands to avoid operational downtime and food spoilage.

Read more of this story at Slashdot.

Chrome has extended its dominance in the browser wars, surpassing 70% market share on desktops while Edge, Safari, Firefox, and Opera trail far behind. Neowin reports: According to [Statcounter], in August 2025, Chrome kept on increasing its overwhelming market share, which is now above the 70% mark (70.25%, to be precise) in the desktop browser market. The gap between Chrome and its closest competitor, Microsoft Edge, is immense, with Edge holding just 11.8% (+0.01 points over the previous month). Apple's Safari is third with 6.34% (+1.04 points); Firefox has 4.94% (-0.36 points); and Opera is fifth with a modest 2.06% market share (-0.13 points). Things look similar on the mobile side of the market, with Google Chrome having 69.15% (+1.92 points) and Safari being second with 20.32% (-2.2 points). Samsung Internet is third with 3.33% (-0.17 points). As for Microsoft Edge, its mobile share is only 0.59% (+0.06 points). The findings can be found here.

Read more of this story at Slashdot.

SAP will invest over 20 billion euros ($23 billion) in European sovereign cloud infrastructure over the next decade. "Innovation and sovereignty cannot be two separate things -- it needs to come together," said Thomas Saueressig, SAP's board member tasked with leading customer services and delivery. CNBC reports: The company said it was expanding its sovereign cloud offerings to include an infrastructure-as-a-service (IaaS) platform enabling companies to access various computing services via its data center network. IaaS is a market dominated by players like Microsoft and Amazon. It will also roll out a new on-site option that allows customers to use SAP-operated infrastructure within their own data centers. The aim of the initiative is to ensure that customer data is stored within the European Union to maintain compliance with regional data protection regulations such as the General Data Protection Regulation, or GDPR. [...] Saueressig said that SAP is "closely" involved in the creation of the new AI gigafactories but would not be the lead partner for the initiative. He added that the company's more than 20-billion-euro investment in Europe's sovereign cloud capabilities will not alter the company's capital expenditure for the next year and has already been baked into its financial plans.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: OpenAI said on Tuesday it will acquire Statsig in an all-stock deal valuing the product testing startup at about $1.1 billion based on OpenAI's current valuation of $300 billion. The ChatGPT maker will also appoint Statsig's chief executive officer, Vijaye Raji, as OpenAI's tech chief of applications, in a push to build on its artificial intelligence products amid strong competition from rivals. [...] In his role, Vijaye will head product engineering for ChatGPT and the company's coding agent, Codex, with responsibilities that span core systems and product lines including infrastructure, the company said. Statsig builds tools to help software developers test and flag new features. It raised $100 million in funding earlier this year. Once the acquisition is finalized, Statsig employees will work for OpenAI but will continue operating independently out of its Seattle office, OpenAI said. The move follows the acquisition of iPhone designer Jony Ive's startup, io Products, in a $6.5 billion deal to usher in "a new family of products" for the age of artificial general intelligence.

Read more of this story at Slashdot.

A federal judge spared Google from the harshest penalties in its antitrust case. The search giant can keep Chrome and avoid breaking up Android, but it has been barred from exclusive contracts and ordered to limit data sharing with rivals. CNBC reports: U.S. District Judge Amit Mehta ruled against the most severe consequences that were proposed by the U.S. Department of Justice, including selling off its Chrome browser, which provides data that helps its advertising business deliver targeted ads. "Google will not be required to divest Chrome; nor will the court include a contingent divestiture of the Android operating system in the final judgment," the decision stated. "Plaintiffs overreached in seeking forced divesture of these key assets, which Google did not use to effect any illegal restraints." The company can make payments to preload products, but it cannot have exclusive contracts, the decision stated. The DOJ asked Google to stop the practice of "compelled syndication," which refers to the practice of making certain deals with companies to ensure its search engine remains the default choice in browsers and smartphones. [...] The judge ordered the parties to meet by September 10th for the final judgement. "Google will not be barred from making payments or offering other consideration to distribution partners for preloading or placement of Google Search, Chrome, or its GenAI products. Cutting off payments from Google almost certainly will impose substantial -- in some cases, crippling -- downstream harms to distribution partners, related markets, and consumers, which counsels against a broad payment ban." [...] Google said it will appeal the ruling, which would delay any potential penalties. Mehta ruled Tuesday that Google will have to make available certain search index data and user interaction data though "not ads data." The court narrowed the datasets Google will be required to share and said they must occur on "ordinary commercial terms that are consistent with Google's current syndication services."

Read more of this story at Slashdot.

An old school ransomware attack has a new twist: threatening to feed data to AI companies so it'll be added to LLM datasets. 404 Media reports: Artists&Clients is a website that connects independent artists with interested clients. Around August 30, a message appeared on Artists&Clients attributed to the ransomware group LunaLock. "We have breached the website Artists&Clients to steal and encrypt all its data," the message on the site said, according to screenshots taken before the site went down on Tuesday. "If you are a user of this website, you are urged to contact the owners and insist that they pay our ransom. If this ransom is not paid, we will release all data publicly on this Tor site, including source code and personal data of users. Additionally, we will submit all artwork to AI companies to be added to training datasets." LunaLock promised to delete the stolen data and allow users to decrypt their files if the site's owner paid a $50,000 ransom. "Payment is accepted in either Bitcoin or Monero," the notice put on the site by the hackers said. The ransom note included a countdown timer that gave the site's owners several days to cough up the cash. "If you do not pay, all files will be leaked, including personal user data. This may cause you to be subject to fines and penalties under the GDPR and other laws."

Read more of this story at Slashdot.

An anonymous reader shares a report: It's broadly understood that electric vehicles are more environmentally friendly than their counterparts that burn only gasoline. And yes -- that includes the impact of manufacturing batteries and generating power to charge them. But even then, such generalizations gloss over specifics, like which EVs are especially eco-friendly, not to mention where. The efficiency of an electric car varies greatly depending on ambient temperature, which is less compromising for gas-burning vehicles. We now have the data and math to answer these questions, courtesy of the University of Michigan. Last week, researchers there released a study along with a calculator that allows users to compare the lifetime difference in greenhouse gas emissions of various vehicle types and powertrains from "cradle to grave," as they say. That includes vehicle production and disposal, as well as use-phase emissions from "driving and upstream fuel production and/or electricity generation," per the university itself. What's more, these calculations can be skewed by where you live. So, if I punch in my location of Bucks County, Pennsylvania, I can see that my generic, pure-ICE "compact sedan" emits 309 grams of carbon dioxide equivalent (gCO2e) per mile. A compact hybrid would emit 20% less; a plug-in hybrid, 44% less; and an EV with a 200-mile range, a whopping 63% less. And, if I moved to Phoenix, the gains would be even larger by switching to pure electric, to the tune of a 79% reduced carbon impact.

Read more of this story at Slashdot.

UK weather agency Met Office, in a blog post: Provisional Met Office statistics confirm that summer 2025 is officially the warmest summer on record for the UK. Analysis by Met Office climate scientists has also shown that a summer as hot or hotter than 2025 is now 70 times more likely than it would be in a 'natural' climate with no human caused greenhouse gas emissions. The UK's mean temperature from 1 June to 31 August stands at 16.10C, which is 1.51C above the long-term meteorological average. This surpasses the previous record of 15.76C, set in 2018, and pushes the summer of 1976 out of the top five warmest summers in a series dating back to 1884.

Read more of this story at Slashdot.

Taylor Otwell, inventor and maintainer of popular PHP framework Laravel, is warning against overly complex code and the risks of bypassing the framework. From a report: Developers are sometimes drawn to building "cathedrals of complexity that aren't so easy to change," he said, speaking in a podcast for maintainable.fm, a series produced by Ruby on Rails consultancy Planet Argon. Software, he said, should be "simple and disposable and easy to change." Some problems are genuinely complex, but in general, if a developer finds a "clever solution" which goes beyond the standard documented way in a framework such as Laravel or Ruby on Rails, "that would be like a smell." A code smell -- for the uninitiated in the The Reg readership -- is a term developers use for code that works but may cause problems at a later date. Otwell described himself as a "pretty average programmer" but reckons many others are the same, solving basic problems as quickly and efficiently as they can.

Read more of this story at Slashdot.