"Google is beginning to replace news headlines in its search results with ones that are AI-generated," reports the Verge: After doing something similar in its Google Discover news feed, it's starting to mess with headlines in the traditional "10 blue links," too. We've found multiple examples where Google replaced headlines we wrote with ones we did not, sometimes changing their meaning in the process. For example, Google reduced our headline "I used the 'cheat on everything' AI tool and it didn't help me cheat on anything" to just five words: "'Cheat on everything' AI tool." It almost sounds like we're endorsing a product we do not recommend at all.

What we are seeing is a "small" and "narrow" experiment, one that's not yet approved for a fuller launch, Google spokespeople Jennifer Kutz, Mallory De Leon, and Ned Adriance tell The Verge. They would not say how "small" that experiment actually is. Over the past few months, multiple Verge staffers have seen examples of headlines that we never wrote appear in Google Search results — headlines that do not follow our editorial style, and without any indication that Google replaced the words we chose. And Google says it's tweaking how other websites show up in search, too, not just news.

The good news, for now, is that these changed headlines seem to be few and far between, and they're not yet the kind of tripe we've seen in Google Discover. (For example, Google Discover told me this week that the PlayStation Portal was getting a 1080p streaming mode, when it actually got a higher bitrate mode instead.) Compared to that and other lying Google Discover headlines like "US reverses foreign drone ban" — on a story reporting the opposite — the nonsense headlines we're seeing in Google Search are downright tame.
The article points out that Google "originally told us its AI headlines in Google Discover were an experiment too. A month later, it told us those AI headlines are now a feature..."

"Google confirmed that the test uses generative AI, but claimed that 'if we were to actually launch something based on this experiment, it would not be using a generative model and we would not be creating headlines with gen AI'..."

America's cable TV industry "is undergoing its most dramatic collapse in history," reports Cord Cutters News, "with operators large and small waving the white flag on traditional TV service and pointing their customers toward streaming platforms instead." Just in 2025 Comcast lost 1.25 million pay-TV subscribers (ending the year with just 11.3 million), while Charter Spectrum also lost hundreds of thousands of customers each quarter.

But "for smaller regional operators, who lack the scale and diversified revenue streams of giants like Comcast, those kinds of losses are simply unsurvivable," they write. And "the companies that once delivered hundreds of channels through coaxial cables are now either shutting down entirely or reinventing themselves as internet providers." Pay-TV subscriptions have plummeted from nearly 90% of U.S. households in the mid-2010s to roughly half by the end of 2025, resulting in billions in lost revenue and forcing many smaller operators to conclude that continuing linear TV services is no longer viable... [This year over U.S. 50 cable TV companies — primarily smaller and midsize providers — are "expected to cease operations entirely or shut down their television services," Cord Cutters News reported earlier.] YouTube TV's pricing is so competitive that the platform is projected to have close to 12.6 million subscribers by the end of 2026, positioning it to become the largest paid TV distributor in the United States. Exclusive content deals, such as YouTube TV's acquisition of NFL Sunday Ticket rights, have further eroded the value proposition of traditional cable at every level of the market... As older cable subscribers age out of the market, there is no new generation of customers waiting to replace them...

[Cable TV] operators like WOW! are betting that their physical infrastructure — now increasingly upgraded to fiber — is more valuable as an internet delivery system than as a cable TV platform. [WOW! serves customers across Michigan, Ohio, Illinois, and Alabama — but is "phasing out its proprietary streaming live TV service and directing all customers toward YouTube TV," the article notes.] Industry observers see this as part of a broader trend: operators shedding unprofitable video segments to focus on broadband, where returns and network investments are prioritized.

By the end of 2026, non-pay-TV households are expected to surge to 80.7 million, outnumbering traditional pay-TV subscribers at 54.3 million — a milestone that would have seemed unthinkable just a decade ago. For the cable companies still standing, the math is now inescapable: the era of the cable bundle is ending, and the only real question left is how gracefully each operator manages its exit.

"We have removed all malicious artifacts from the affected registries and channels," Trivy maintainer Itay Shakury posted today, noting that all the latest Trivy releases "now point to a safe version." But "On March 19, we observed that a threat actor used a compromised credential..."

And today The Hacker News reported the same attackers are now "suspected to be conducting follow-on attacks that have led to the compromise of a large number of npm packages..." (The attackers apparently leveraged a postinstall hook "to execute a loader, which then drops a Python backdoor that's responsible for contacting the ICP canister dead drop to retrieve a URL pointing to the next-stage payload.") The development marks the first publicly documented abuse of an ICP canister for the explicit purpose of fetching the command-and-control (C2) server, Aikido Security researcher Charlie Eriksen said... Persistence is established by means of a systemd user service, which is configured to automatically start the Python backdoor after a 5-second delay if it gets terminated for some reason by using the "Restart=always" directive. The systemd service masquerades as PostgreSQL tooling ("pgmon") in an attempt to fly under the radar...

In tandem, the packages come with a "deploy.js" file that the attacker runs manually to spread the malicious payload to every package a stolen npm token provides access to in a programmatic fashion. The worm, assessed to be vibe-coded using an AI tool, makes no attempt to conceal its functionality. "This isn't triggered by npm install," Aikido said. "It's a standalone tool the attacker runs with stolen tokens to maximize blast radius."

To make matters worse, a subsequent iteration of CanisterWorm detected in "@teale.io/eslint-config" versions 1.8.11 and 1.8.12 has been found to self-propagate on its own without the need for manual intervention... [Aikido Security researcher Charlie Eriksen said] "Every developer or CI pipeline that installs this package and has an npm token accessible becomes an unwitting propagation vector. Their packages get infected, their downstream users install those, and if any of them have tokens, the cycle repeats."
So far affected packages include 28 in the @EmilGroup scope and 16 packages in the @opengov scope, according to the article, blaming the attack on "a cloud-focused cybercriminal operation known as TeamPCP."

Ars Technica explains that Trivy had "inadvertently hardcoded authentication secrets in pipelines for developing and deploying software updates," leading to a situation where attacks "compromised virtually all versions" of the widely used Trivy vulnerability scanner: Trivy maintainer Itay Shakury confirmed the compromise on Friday, following rumors and a thread, since deleted by the attackers, discussing the incident. The attack began in the early hours of Thursday. When it was done, the threat actor had used stolen credentials to force-push all but one of the trivy-action tags and seven setup-trivy tags to use malicious dependencies... "If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately," Shakury wrote.

Security firms Socket and Wiz said that the malware, triggered in 75 compromised trivy-action tags, causes custom malware to thoroughly scour development pipelines, including developer machines, for GitHub tokens, cloud credentials, SSH keys, Kubernetes tokens, and whatever other secrets may live there. Once found, the malware encrypts the data and sends it to an attacker-controlled server. The end result, Socket said, is that any CI/CD pipeline using software that references compromised version tags executes code as soon as the Trivy scan is run... "In our initial analysis the malicious code exfiltrates secrets with a primary and backup mechanism. If it detects it is on a developer machine it additionally writes a base64 encoded python dropper for persistence...."

Although the mass compromise began Thursday, it stems from a separate compromise last month of the Aqua Trivy VS Code extension for the Trivy scanner, Shakury said. In the incident, the attackers compromised a credential with write access to the Trivy GitHub account. Shakury said maintainers rotated tokens and other secrets in response, but the process wasn't fully "atomic," meaning it didn't thoroughly remove credential artifacts such as API keys, certificates, and passwords to ensure they couldn't be used maliciously.

"This [failure] allowed the threat actor to perform authenticated operations, including force-updating tags, without needing to exploit GitHub itself," Socket researchers wrote.
Pushing to a branch or creating a new release would've appeared in the commit history and trigger notifications, Socket pointed out, so "Instead, the attacker force-pushed 75 existing version tags to point to new malicious commits." (Trivy's maintainer says "we've also enabled immutable releases since the last breach.")

Ars Technica notes Trivy's vulnerability scanner has 33,200 stars on GitHub, so "the potential fallout could be severe."

"Imagine a newspaper publisher announcing it will no longer allow libraries to keep copies of its paper," writes EFF senior policy analyst Joe Mullin.

"That's effectively what's begun happening online in the last few months." The Internet Archive — the world's largest digital library — has preserved newspapers since it went online in the mid-1990s... But in recent months The New York Times began blocking the Archive from crawling its website, using technical measures that go beyond the web's traditional robots.txt rules. That risks cutting off a record that historians and journalists have relied on for decades. Other newspapers, including The Guardian, seem to be following suit...

The Times says the move is driven by concerns about AI companies scraping news content. Publishers seek control over how their work is used, and several — including the Times — are now suing AI companies over whether training models on copyrighted material violates the law. There's a strong case that such training is fair use. Whatever the outcome of those lawsuits, blocking nonprofit archivists is the wrong response.

Organizations like the Internet Archive are not building commercial AI systems. They are preserving a record of our history. Turning off that preservation in an effort to control AI access could essentially torch decades of historical documentation over a fight that libraries like the Archive didn't start, and didn't ask for. If publishers shut the Archive out, they aren't just limiting bots. They're erasing the historical record...

Even if courts place limits on AI training, the law protecting search and web archiving is already well established... There are real disputes over AI training that must be resolved in courts. But sacrificing the public record to fight those battles would be a profound, and possibly irreversible, mistake.

"Juicier steaks could soon be served up after barley was given the go-ahead to become Britain's first gene-edited crop," reports the Telegraph: In an effort to fatten up cows and get them to market faster, scientists have altered the DNA of Golden Promise barley to increase its fat content... [Regulators have approved the feeding of that barley to cows for further studies.] [T]he small increase reduces the time it takes for farmers to raise animals for slaughter and increases the amount of milk and meat they produce to make the industry more profitable.

The gene-edited barley is also able to cut the amount of methane a cow produces, [Rothamsted Research professor/biochemist Peter] Eastmond said... Reducing methane from cattle is a major goal of the industry, and Professor Eastmond estimated his barley could cut the methane output from a single cow by up to 15%.

The two genetic tweaks to the barley are believed to alter the gut bacteria in cows' stomachs and reduce the amount of methane-generating microbes, cutting the cows' emissions.... [Eastmond] is also working on applying the same two gene edits to rye grass to create pastures and meadows which are lipid-rich and calorie-dense. This, he said, could lead to entire fields of gene-edited grass which could be grazed by cows, sheep, horses and goats to fatten them up and cut emissions... "It would be better to have this technology in a pasture grass that's grown to supply the livestock and graze it directly."
The barley "has been modified to have a single letter of DNA removed from two different genes to switch them off," the article points out. "No genes have been added to its DNA and it is not considered to be genetically modified."

The article points out that Britain "has launched a push towards more gene-edited crops as a key post-Brexit freedom since splitting from the European Union," noting that U.K. scientists and private companies "have created products such as bread with fewer cancer-causing chemicals, longer-lasting strawberries and bananas, sweeter-tasting lettuce and disease-resistant potatoes, although these are yet to be granted permission to land on supermarket shelves..."

But the EU has so far resisted the sale of any gene-edited crops in the EU.

Thanks to long-time Slashdot reader fjo3 for sharing the article.

ReactOS aims to be compatible with programs and drivers developed for Windows Server 2003 and later versions of Microsoft Windows. And Slashdot reader jeditobe reports that the project has now "announced significant progress in achieving compatibility with proprietary graphics drivers." ReactOS now supports roughly 90% of GPU drivers for Windows XP and Windows Server 2003, thanks to a series of fixes and the implementation of the KMDF (Kernel-Mode Driver Framework) and WDDM (Windows Display Driver Model) subsystems. Prior to these changes, many proprietary drivers either failed to launch or exhibited unstable behavior. In the latest nightly builds of the 0.4.16 branch, drivers from a variety of manufacturers — including Intel, NVIDIA, and AMD — are running reliably.

The project demonstrated ReactOS running on real hardware, including booting with installed drivers for graphics cards such as Intel GMA 945, NVIDIA GeForce 8800 GTS and GTX 750 Ti, and AMD Radeon HD 7530G. They also highlighted successful operation on mobile GPUs like the NVIDIA Quadro 1000M, with 2D/3D acceleration, audio, and network connectivity all functioning correctly. Further tests confirmed support on less common or older configurations, including a laptop with a Radeon Xpress 1100, as well as high-performance cards like the NVIDIA GTX Titan X.

A key contribution came from a patch merged into the main branch for the memory management subsystem, which improved driver stability and reduced crashes during graphics adapter initialization.

A free built-in VPN is coming to Firefox on Tuesday, Mozilla announced this week: Free VPNs can sometimes mean sketchy arrangements that end up compromising your privacy, but ours is built from our data principles and commitment to be the world's most trusted browser. It routes your browser traffic through a proxy to hide your IP address and location while you browse, giving you stronger privacy and protection online with no extra downloads. Users will have 50 gigabytes of data monthly in the U.S., France, Germany and U.K. to start. Available in Firefox 149 starting March 24.

We also recently shared that Firefox is the first browser to ship Sanitizer API, a new web security standard that blocks attacks before they reach you [for untrusted HTML XSS vulnerabilities].
"The roadmap for Firefox this year is the most exciting one we've developed in quite a while," says Firefox head Ajit Varma. "We're improving the fundamentals like speed and performance. We're also launching innovative new open standards in Gecko to ensure the future of the web is open, diverse, and not controlled by a single engine.

"At the same time we're prioritizing features that give users real power, choice and strong privacy protections, built in a way that only Firefox can. And as always, we'll keep listening, inviting users to help shape what comes next and giving them more reasons to love Firefox."

Two new features coming next week:

• Split View puts two webpages side by side in one window, making it easy to compare, copy and multitask without bouncing between tabs. Rolling out in Firefox 149 on March 24.

• Tab Notes let you add notes to any tab, another tool to help with multitasking and picking up where you left off. Available in Firefox Labs 149 starting March 24.

And Firefox also released a video this week introducing their new mascot Kit.

CBS News is shutting down its nearly 100-year-old radio news service due to economic pressures and the shift toward digital media and podcasts. Longtime CBS News anchor Dan Rather said: "It's another piece of America that is gone." The Associated Press reports: When it went on the air in September 1927, the service was the precursor to the entire network, giving a youthful William S. Paley a start in the business. Famed broadcaster Edward R. Murrow's rooftop reports during the Nazi bombing of London during World War II kept Americans listening anxiously. Today, CBS News Radio provides material to an estimated 700 stations across the country and is known best for its top-of-the-hour news roundups. The service will end on May 22, the network said Friday.

"Radio is woven into the fabric of CBS News and that's always going to be part of our history," CBS News editor-in-chief Bari Weiss said in delivering the news to the staff. "I want you to know that we did everything we could, including before I joined the company, to try and find a viable solution to sustain the radio operation." But with the radical changes in the media industry, she said, "we just could not find a way to make that possible."

It was unclear how many people will lose their jobs because of the radio shutdown. CBS News was cutting about 6% of its workforce, or more than 60 people, on Friday. It's not the end of turmoil at the network, as parent company Paramount Global is likely to absorb CNN as part of its announced purchase of Warner Bros. Discovery.

An anonymous reader quotes a repot from the Portland Tribune: There was plenty of uncertainty and debate about the effectiveness of a cell phone ban decreed (PDF) by executive order last summer. But at least in Estacada, the policy has earned two thumbs up, including approval from a "grumpy old teacher." Jeff Mellema is a language arts teacher at Estacada High School. He has worked in the building for 24 years, and he said the new policy that prohibits students from using their phones during the day has been a breath of fresh air.

"There is so much better discourse in my classroom, be it personal or academic," Mellema said. "Students can't avoid those conversations anymore with their phones." "This ban has brought joy back to this old, grumpy teacher," he added with a smile. That is the kind of feedback Gov. Tina Kotek was hoping for as she visited Estacada High School on Wednesday afternoon, March 18. Her goal was to visit classrooms, speak with administrators, and meet with students one-on-one to hear about the effectiveness of her phone policy. [...] In the classrooms, she was able to take a straw poll around the cell phone ban and then get specific, direct feedback from the kids. Overall, it was positive.

The Rangers said they noticed changes in how they interact with teachers and peers. They don't feel that "siren's song" tug of their phones as often, and the changes are bleeding into everyday life as well -- think less reminders to put phones away during family dinners. Phones also led to issues around bullying and online toxicity during the school day. There are some hiccups. The students spoke about difficulties in tracking busy schedules. Many athletes relied on their phones for practice times and locations. Some advanced placement kids said the overzealous programs monitoring school laptops blocked access to needed resources for studying/researching schoolwork. There is even a strange quirk with school-provided tech that prevents them from accessing their calculators. "Maybe the filters are too strong right now," Gov. Kotek said. "That is why we are working with the districts to best implement the policy."

The kids also weighed in on the debate around the extent of the ban. The two options bandied in Salem were a "bell-to-bell" policy or just inside classrooms. The latter would allow kids to use their phones during passing period and lunch. Several advocated for that change. That mirrored the debate within the Oregon legislature. It ultimately led to a stalemate and the need for Gov. Kotek's executive ruling. "When you make a decision like this, you don't know how it will ultimately work," Kotek told the students. "I appreciate you adapting to the situation and making it work for you." While things could change in the future, the governor is pleased with the early results. The phone ban is here to stay.

Longtime Slashdot reader SchroedingersCat writes: Chuck Norris, known for his roles in action films and as Texas Ranger Cordell Walker on the TV show "Walker, Texas Ranger," passed away on March 19, leaving behind a legacy of inspiring millions around the world. He was 86.

He became Internet phenomenon after "Chuck Norris Facts" went viral online with such wildly hyperbolic statements as, "Chuck Norris had a staring contest with the sun -- and won," and, "When Chuck Norris does push-ups, he doesn't push himself up, he pushes the Earth down."

His death was announced by his family through his official Instagram account, but no further details were immediately available. He was hospitalized earlier that day in Hawaii after experiencing a medical emergency, the family said.

The UK regulator Ofcom fined 4chan nearly $700,000 (520,000 pounds) for failing to implement age checks and address illegal content risks under the Online Safety Act, but the platform mocked the penalty and signaled it won't pay. A lawyer representing the company responded with an AI-generated cartoon image of a hamster, writing in a follow-up post on X: "In the only country in which 4chan operates, the United States, it is breaking no law and indeed its conduct is expressly protected by the First Amendment." The BBC reports: The fines also include 50,000 pounds for failing to assess the risk of illegal material being published and a further 20,000 pounds for failing to set out how it protects users from criminal content. 4Chan has refused to pay all previous fines from Ofcom. "Companies -- wherever they're based -- are not allowed to sell unsafe toys to children in the UK. And society has long protected youngsters from things like alcohol, smoking and gambling. The digital world should be no different," said Ofcom's Suzanne Cater. "The UK is setting new standards for online safety. Age checks and risk assessments are cornerstones of our laws, and we'll take robust enforcement action against firms that fall short."

Longtime Slashdot reader UnknowingFool writes: Rapper Afroman, born Joseph Edgar Foreman, famous for his 2000 hit "Because I Got High", has won a defamation lawsuit that seven Ohio police offers filed against him. A jury found he did not defame the officers in music videos he made about a 2022 police raid of his home. In August 2022, Adams County Sheriff's Department raided Afroman's home on suspicion of drug trafficking and kidnapping. Neither drugs nor kidnapping victims were found, and charges were never filed. However, local officials would not pay for damages occurred during the raid including a broken front door and a video surveillance camera. Afroman used his home security footage of the raid to create music rap videos criticizing the police over the incident; "Will You Help Me Repair My Door?", "Why You Disconnecting My Video Camera?", and "Lemon Pound Cake". He posted the videos on YouTube.

In March 2023, seven officers filed a lawsuit against Afroman for invasion of privacy and the unauthorized use of their images from the security footage in addition to defamation claims. The officers requested an injunction for Afroman to stop speaking about them or using their photos. The officers also wanted all proceeds from the videos, song sales, performances, and merchandise claiming they had suffered "emotional distress" due to the videos. Afroman's defense included Freedom of Speech rights to criticize public officials. The ACLU filed an amicus brief supporting the rapper, arguing that the lawsuit was a SLAPP suit only meant to silence criticism. In October 2023, the court agreed and dismissed the invasion of privacy, "right of publicity", and "unauthorized use of individual's persona" claims but allowed the defamation case to proceed.

Defamation claims by the officers included the allegation Afroman repeatedly had sex with the wife of Randolph L. Walters, Jr. When Afroman's lawyer asked Walters "But we all know that's not true, right?", the officer replied he did not know. Defamation from emotional damages requires that harm arise from a false statement; however, if a statement is so outrageous that no one would believe it to be true, then reputational damage cannot be a result.

OpenAI announced it's acquiring developer tooling startup Astral to strengthen its Codex AI coding assistant, which has over 2 million weekly users and has seen a three-fold increase in user growth since the start of the year. CNBC reports: "Through it all, though, our goal remains the same: to make programming more productive. To build tools that radically change what it feels like to build software," Astral's founder and CEO Charlie Marsh wrote in a blog post. The company's acquisition of Astral is still subject to customary closing conditions, including regulatory approval.

Walmart has secured patents for systems that use machine learning to forecast demand and automate pricing decisions, "pushing the U.S. retail behemoth into a debate over the use of algorithms to adjust product costs," reports the Financial Times. From the report: In January Walmart obtained a U.S. patent for a "system and method for dynamically and automatically updating item prices" to carry out markdowns in its ecommerce unit, a rapidly growing division that generated more than $150 billion in sales last year. Last week it received another patent for using machine learning to predict demand and recommend prices for goods. [...] Walmart said that both patents were "unrelated to dynamic pricing," as the patent issued in January was specific to markdowns and last week's patent was designed for merchant teams to make decisions, not the technology.

The patent granted in January involves an "end-to-end price markdown system" for ecommerce platforms such as Walmart.com based on data including predicted demand and consumers' price sensitivity. Last week's approved patent outlines ways to forecast demand and set prices at levels that will move stock over periods such as a week, a month or a quarter. "Example categories may include, for example, a food item, outdoor equipment, clothing, housewares, toys, workout equipment, vegetables, spices," according to the filing. The "demand forecasting and price recommendation" tool envisaged in the patent would incorporate sources including purchases, prices, methods of payment and customer ID, such as a passport or driver's license number. "Dynamic pricing or anything that smells like it is playing with fire," said Matt Hamory, a grocery industry consultant at AlixPartners, who cited "the goodwill that you can lose by getting customers to think or suspect or worry even slightly that you are doing things with pricing that are to your benefit and their detriment."

An anonymous reader quotes a report from TechCrunch: The FBI has resumed purchasing reams of Americans' data and location histories to aid federal investigations, the agency's director, Kash Patel, testified to lawmakers on Wednesday. This is the first time since 2023 that the FBI has confirmed it was buying access to people's data collected from data brokers, who source much of their information -- including location data -- from ordinary consumer phone apps and games, per Politico. At the time, then-FBI director Christopher Wray told senators that the agency had bought access to people's location data in the past but that it was not actively purchasing it.

When asked by U.S. Senator Ron Wyden, Democrat of Oregon, if the FBI would commit to not buying Americans' location data, Patel said that the agency "uses all tools ... to do our mission." "We do purchase commercially available information that is consistent with the Constitution and the laws under the Electronic Communications Privacy Act -- and it has led to some valuable intelligence for us," Patel testified Wednesday. Wyden said buying information on Americans without obtaining a warrant was an "outrageous end-run around the Fourth Amendment," referring to the constitutional law that protects people in America from device searches and data seizures.