Connect with us
DAPA Banner
DAPA Coin
DAPA
COIN PAYMENT ASSET
PRIVACY · BLOCKDAG · HOMOMORPHIC ENCRYPTION · RUST
ElGamal Encrypted MINE DAPA
🚫 GENESIS SOLD OUT
DAPAPAY COMING

Tech

Ken Paxton Vowed To Crack Down On “Illegal Voting.” He May Have Violated Texas Election Law.

Published

on

from the hypocrisy-is-a-part-of-the-job dept

This article first appeared on The Texas Tribune.

Two weeks before this year’s primary elections, Texas Attorney General Ken Paxton announced the creation of a tip line for the public to report people or groups suspected of voter fraud.

“Free and fair elections are a cornerstone of a thriving republic, and with the authority granted to my office by the Legislature, we will stop at nothing to uncover and stop any illegal voting activity,” Paxton said in a February news release announcing the tip line.

The announcement linked to guidance from his office about election laws in Texas, which included a requirement to be a U.S. citizen, a prohibition on collecting mail ballots on behalf of others and a warning that “it is illegal to misrepresent your residence on election records or to establish a residence for the purpose of influencing the outcome of an election.”

“You must register to vote using the address where you reside,” the attorney general’s guidance stated.

Advertisement

Despite his own warnings, Paxton appears to have used an address where he did not live while voting in six elections in the past two years, including in May’s runoff that made him the Republican nominee for U.S. senator, according to records obtained by ProPublica and The Texas Tribune.

State Sen. Angela Paxton said in a 2025 divorce filing that Paxton, whom she accused of adultery, moved out of their Collin County home a year earlier. But Paxton continues to list the home’s address in the northern Dallas suburb on his voter registration. Angela Paxton declined to be interviewed. A source close to the Paxtons said the attorney general has not moved back into the home since leaving.

It is unclear where Paxton has lived for the past two years, but reporting by ProPublica and the Tribune has linked him to a home in neighboring Denton County since February.

Three election lawyers told the news organizations that Paxton may have violated the same Texas laws his office cautioned about in its news release.

Advertisement

ProPublica and the Tribune reached out to Paxton’s campaign on June 3, 15 and 25, asking why he remained registered to vote in Collin County when he appeared to no longer live there and about his connection to the Denton County property. A reporter also left a voicemail on his personal cellphone on June 25. The news organizations sent his government office and campaign staff an email on Monday with a detailed list of questions, including a request for Paxton’s response to election lawyers’ belief that he may be violating the law. 

Paxton and his office did not reply until Monday’s email. Campaign spokesperson Madison Cercy did not answer the questions from the news organizations. Instead, she issued a statement saying that the attorney general has been “a national leader on election integrity, with a long record of defending Texas elections.” Cercy said that “attempting to insinuate otherwise and tear him down with a baseless, lie-filled tabloid story is not real reporting.”

Asked twice to provide specifics about what they believed was inaccurate, the campaign did not respond. 

Voting in an election when the voter is ineligible is a second-degree felony under Texas law and is punishable by up to 20 years in prison and a fine of up to $10,000. But prosecutors rarely bring cases challenging individual voters’ residency claims because they are hard to prove, the election lawyers said.

Advertisement

State courts have repeatedly ruled that there is no single way to determine where someone lives, and judges must consider multiple factors, such as where a voter sleeps or stores personal belongings. Prosecuting such cases also requires proof that a voter “knowingly” or “intentionally” broke the law.

Even if it’s clear that someone doesn’t live at the address where they are registered to vote, state law allows them to remain registered if their absence is temporary and they intend to return. The provision is commonly used by college students and military service members.

“So long as you truly intend to return, I think you’re fine,” said Beth Stevens, an election lawyer who worked for the Harris County clerk and the Texas Civil Rights Project. “When you start doing things that suggest, ‘Oh, I’ve fully moved. I’m just wink-wink saying I intend to return,’ that’s when you get into questionable territory.”

Paxton’s public and contentious split from his wife could make it difficult to argue that he intended to return to the home they own and where she continues to reside, said David Becker, a former voting rights lawyer for the Justice Department.

Advertisement

“I think there would be questions raised about a residence where someone does not live, does not spend the night and can in no way have the intent to continue to reside. Those would probably raise red flags in any state,” Becker said.

Becker, who is now the director of the Center for Election Innovation and Research, a Washington, D.C.-based nonprofit that works to build public trust in elections, added that the situation is particularly problematic because Paxton’s job is to enforce election laws.

“Certainly, the chief law enforcement officer of the state of Texas, someone who has made claims about election integrity and made it a priority of his office, should be charged with knowing the laws of residencies of the state of Texas with regard to voting,” Becker said.

Paxton has advocated for strict enforcement of the state’s election fraud law, including in cases against voters his office alleged had falsified records about where they lived. In 2018, the attorney general’s voter fraud unit arrested nine people on suspicion of using residential addresses where they did not live to vote in a municipal election in Edinburg, in the state’s Rio Grande Valley. County prosecutors, acting on behalf of Paxton, later dismissed the charges after failing to secure a conviction against the mayoral candidate they alleged had encouraged those voters to register at false addresses. The candidate, Richard Molina, said he was innocent and said the prosecution was politically motivated.

Advertisement

Clark Birdsall was not the attorney on those cases but defended another resident whom Paxton prosecuted for illegal voting. Birdsall was stunned that the attorney general appears to have voted under an address where he does not live.

He called it “especially egregious that someone such as Ken Paxton appears he’s not conforming to the law.”

State privacy laws allow some politicians and law enforcement officials to shield their voter registration information from public view. Paxton does not do so. His opponent in the Senate race, Democratic State Rep. James Talarico, does. Talarico’s campaign said he lives and is registered at the north Austin home he purchased in 2022. ProPublica and the Tribune were not able to independently confirm this.

Paxton’s campaign did not raise any issues with Talarico’s voter registration. In her statement to ProPublica and the Tribune, however, Cercy said, “Talarico has actively campaigned against voter security measures” and has said he opposes voter identification requirements. She pointed to a 2021 Fox News interview in which the state representative said he opposed voter identification rules that would require Texans to provide their driver’s license number or partial Social Security number for mail ballots. Talarico said hundreds of thousands of Texans, who don’t drive, lack a driver’s license. He did not directly answer a question about Social Security numbers during the interview.

Advertisement

The Talarico campaign did not respond to a request for comment. 

Paxton’s living arrangements since he separated from his wife are not public, but information obtained by ProPublica and the Tribune offers some indication of where he may have been residing since February.

In mid-February, a trust bought a 5,000-square-foot home listed for $2.4 million in a gated community in Denton County, according to the appraisal district and the seller’s real estate agent. The trust did not disclose its ownership to Denton County officials. Trusts are not required to by law, a spokesperson for Travis County’s appraisal district said.

Paxton shares a separate blind trust with his wife, Angela, that they have used to purchase property and other assets. For years, the address listed for that blind trust had been an office building in Collin County. But that address was changed to the Denton County home a week after the property was purchased.

Advertisement

Angela Paxton said through a spokesperson that she has no connection to the Denton County home or the trust that purchased it. The trustee of the Paxtons’ trust, family friend Chip Loper, did not respond to questions about the address change.

In June, a reporter knocked on the door of the Denton County home. No one answered. When the reporter placed a letter for Paxton in the mailbox, an envelope addressed to Warren Paxton, the attorney general’s given name, was visible.

Later that week, Paxton appeared on a podcast with Texas Lt. Gov. Dan Patrick. Video from the podcast showed Paxton seated in front of a fireplace and mantle that were nearly identical to those depicted in the home’s online real estate listing. One resident also told the newsrooms that they spotted Paxton in the gated community.

In a podcast appearance in June, Texas Attorney General Ken Paxton was seated in front of a gray fireplace that appeared to match real estate listings for a Denton County home. 📸 Obtained and edited for privacy by The Texas Tribune and ProPublica

Separately, the Daily Mail reported in May that Paxton had moved into the Denton County home with Tracy Duhon, whose extramarital affair with Paxton, the news outlet said, prompted his wife’s divorce filing. The Daily Mail also published a video of Paxton and Duhon that it reported was taken at an airport in Iceland in late June. The video was quickly seized upon by Talarico, who depicted Paxton as out of touch with Texans. Duhon did not respond to questions about her connection to the Denton County property or about the Daily Mail reporting.

Paxton is not registered to vote in Denton County, voter rolls show. Instead, since February, he has voted in Collin County twice: once in the March Republican primary and once in the May runoff. Each Texas county elects its own slate of local officials, which is why state law requires voters to register where they live.

Advertisement

Ekow Yankah, a law professor at the University of Michigan whose expertise includes election law, said Paxton’s voter registration situation should remind the attorney general of what studies have consistently shown: that intentional illegal voting is rare.

“You would think that somebody who’s going through this would learn a little bit of humility that lots of things which look on their face, like technical violations of the law, are usually explained by totally ordinary things,” Yankah said. “It’s only if you’re utterly cynical and ignore all the evidence that you make a claim that, in fact, these cases are attributable to nefarious criminal intent.”

Paxton cannot claim ignorance of the law because he enforces it, said Joshua Blank, research director of the Texas Politics Project at the University of Texas at Austin. In fact, as attorney general, Paxton should avoid even the appearance that he is not following the law, Blank said.

“We expect these laws to be understandable by ordinary citizens,” Blank said. “When our elected officials who are tasked with passing and enforcing these laws exhibit troubles in engaging with the voting process themselves, that raises serious questions.”

Advertisement

Filed Under: elections, ken paxton, texas, voting, voting fraud

Source link

Advertisement
Continue Reading
Click to comment

You must be logged in to post a comment Login

Leave a Reply

Tech

Apple targets OpenAI workers over trade secrets theft lawsuit

Published

on

The iPhone maker has accused OpenAI of stealing hardware secrets via its former employees.

Apple has reportedly contacted around 40 of its former employees who now work for OpenAI, as it looks to gather evidence of alleged trade secrets theft by the AI juggernaut.

The iPhone maker launched a major lawsuit against OpenAI last week, accusing the company stealing hardware secrets from Apple via its former employees to develop its own line of devices.

Reports of OpenAI’s upcoming AI-powered smart speaker surfaced just days later. Sources told Bloomberg that the new device is designed to be a next-generation, ChatGPT-powered home computer – meant to be a physical embodiment of the AI chatbot.

Advertisement

In legal letters, Apple directed its ex-employees at OpenAI to collect and preserve certain documents. More than 400 former Apple workers are now employed at OpenAI.

In its lawsuit, Apple accused OpenAI of a “coordinated pattern of misconduct at an institutional level”, alleging that the AI start-up instructed potential job candidates from Apple to bring design artefacts and prototypes to their interviews.

The lawsuit levelled accusations against two former Apple employees, including Io co-founder Tang Yew Tan, who currently serves as OpenAI’s chief hardware officer.

According to Apple, Tan had been “methodically using Apple’s confidential information to benefit OpenAI”. He has been accused of directing job candidates still working at Apple to bring confidential physical parts from products under development for ‘show and tell’ sessions at OpenAI.

Advertisement

Tan co-founded Io alongside Apple design veteran Jony Ive, Scott Cannon and Evans Hankey in 2024, and led the line as its chief hardware officer. The hardware start-up was acquired by OpenAI for $6.5bn last year.

OpenAI already owned around 23pc of Io prior to the acquisition. Bloomberg reported that tensions between the companies worsened after OpenAI poached Ive to help with its product line.

Apple has been working on its AI offerings in hopes of catching up with its industry rivals. Earlier this year, reports emerged that suggested Apple was set to move away from ChatGPT exclusivity for its Siri voice assistant. The company was also reportedly developing three AI-infused wearables, including smart glasses, earlier this year.

Last month, it launched Siri AI, marketed as an “entirely new version of Siri”. The new AI agent can draw from messages, emails, photos and more from Apple devices to power new features across editing, communication and organisation.

Advertisement

The iPhone maker is also reportedly on the lookout to acquire AI chip companies in a bid to reduce its dependency on Nvidia. Meanwhile, it recently renewed its deal with Broadcom for custom-made chips through to 2031.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Advertisement
Continue Reading

Tech

Capital One releases VulnHunter, an open-source AI tool that finds software flaws before hackers do

Published

on

Capital One on Thursday released VulnHunter, an open-source, agentic AI security tool that scans source code for exploitable vulnerabilities, maps out how an attacker would reach them, and proposes targeted fixes — all before a single line ships to production. The tool, built internally and now available on GitHub under an Apache 2.0 license, is one of the most ambitious attempts by a major financial institution to turn offensive AI capabilities into a public defensive resource.

At a time when security teams are facing a rising tide of new AI threats, Capital One’s decision to open-source the tool reflects an effort, according to CISO Chris Nims, to address “an increasingly brief window before sophisticated, next-generation AI attack capabilities become affordable and accessible to virtually every adversary.”

Capital One is not simply releasing another vulnerability scanner. VulnHunter introduces what the company calls an “attacker-first forward analysis” — a workflow in which the tool begins at the points where a real adversary would enter a system, such as APIs, network messages, or file uploads, and reasons forward through the application’s logic to determine whether an exploit path actually survives the code’s existing defenses. Conventional scanners typically work in reverse, flagging a dangerous-looking code pattern and then searching backward for a hypothetical attacker. That approach, security practitioners widely acknowledge, buries engineering teams under avalanches of false positives.

VulnHunter attacks that problem head-on with a second innovation: a built-in “falsification engine” that tries to disprove its own findings before a developer ever sees them. After the tool surfaces a potential vulnerability, a structured reasoning workflow hunts for logical gaps, unsupported assumptions, and conditions that would prevent the attack from succeeding. Only findings the engine fails to rule out reach a human reviewer — and when they do, VulnHunter delivers not just an alert but a full explanation of the exploit path and a proposed code fix ready for engineering review.

Advertisement

The tool currently runs on Anthropic’s Claude Opus 4.8 model inside a Claude Code environment, though Capital One says the framework has the potential to work across other foundation models and coding harnesses.

Why Capital One is giving the tool away

Asked why Capital One decided to open-source a tool this consequential, Nims pointed to the communal nature of the problem.

“We felt an imperative to open-source VulnHunter because modern software supply chains are very connected, and the scale of the AI threat is larger than any single organization,” Nims told VentureBeat. “Securing software and our digital environments is a shared foundation that benefits developers, enterprises, and the people who depend on the systems we all build. The defensive tools to address this reality need to be just as widely distributed, tested, and improved as the codebases they protect.”

“Rather than wait,” he added, “we decided that the right response was to build a product that is purpose-fit for today’s complex security landscape, and put it into the hands of defenders everywhere.”

Advertisement

Why Capital One believes open-sourcing VulnHunter strengthens everyone’s defenses

The release nonetheless arrives against a backdrop the company knows well. On July 19, 2019, Capital One disclosed that an outside individual — later identified as a former Amazon Web Services employee named Paige Thompson — had gained unauthorized access to names, addresses, self-reported income, Social Security numbers, and linked bank account numbers belonging to credit card customers and applicants. The breach, which Capital One says occurred on March 22 and 23, 2019, was discovered only after an external security researcher flagged a configuration vulnerability through the company’s Responsible Disclosure Program on July 17 of that year.

The damage was sweeping. Approximately 100 million people in the United States and 6 million in Canada were affected. Roughly 140,000 Social Security numbers, about 80,000 linked bank account numbers, and approximately 1 million Canadian Social Insurance Numbers were compromised. The FBI arrested Thompson, and the government stated it believed the data had been recovered with no evidence of fraud. But the reputational and regulatory toll was enormous.

In August 2020, the Office of the Comptroller of the Currency fined Capital One $80 million, finding that the bank had failed to adequately identify and manage risks as it migrated significant technology operations to the cloud. As Reuters reported at the time, the OCC’s consent order cited insufficient network security controls, inadequate data loss prevention measures, and a board that failed to hold management accountable when internal auditing surfaced problems. The OCC also ordered Capital One to overhaul its operations and submit new cybersecurity plans for regulatory review.

CyberScoop at the time called the incident “a cautionary tale for companies rushing to embrace new tech.” Capital One’s own CEO, Richard D. Fairbank, acknowledged the gravity of the moment. “While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” Fairbank said at the time. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”

Advertisement

How Capital One rebuilt its security reputation through open-source investment

What followed was not a retreat from technology but a doubling down — with security explicitly at the center.

Capital One began releasing open-source projects in 2014 and declared itself an “open-source first” company in 2015 as part of a broader technology transformation that began over a decade ago. The company has continued to invest in software supply chain security, open-source governance, and AI-driven defense. In August 2022, Capital One joined the Open Source Security Foundation as a premier member, earning a seat on the organization’s Governing Board. Chris Nims, then EVP of Cloud & Productivity Engineering, framed the move as a natural extension of the company’s operating philosophy. “As a highly-regulated company, we are seasoned in managing compliance and governance and advocate for standardization, automation and collaboration,” Nims said in the OpenSSF announcement.

Behind that public commitment lay a substantial operational apparatus. Capital One’s Open Source Program Office, now in its third iteration, manages open-source usage, contributions, and community building across the enterprise. The company has released more than 40 open-source projects and has made thousands of contributions to external open-source projects it depends on, according to the company. Those efforts address not just code dependencies but the entire software development lifecycle — DevSecOps tools, infrastructure, and the collaborative environments, both internal and external, that shape how software gets built and shipped.

VulnHunter is the most consequential product of that multi-year effort — and the clearest signal yet that Capital One views open-source collaboration not as charity but as a competitive security strategy. The company argues that modern software supply chains are so deeply interconnected that a single vulnerability in a widely used open-source component can cascade across thousands of enterprises simultaneously. Proprietary defenses, no matter how sophisticated, cannot address a problem that is fundamentally communal. By releasing VulnHunter under a permissive license, Capital One invites the global security research community to stress-test, extend, and improve the tool — effectively crowdsourcing its own defense infrastructure while strengthening the broader ecosystem.

Advertisement

Inside VulnHunter’s three-stage AI engine for finding exploitable code

For engineering leaders evaluating VulnHunter, the technical architecture is where the tool’s ambitions become concrete. The workflow unfolds in three distinct stages.

In the first stage — attacker-first forward analysis — VulnHunter begins at the points where an external adversary would interact with a system: API endpoints, network message handlers, file upload interfaces. From each entry point, the tool reasons forward through application logic, tracing data flows, transformations, and internal security checkpoints to determine whether an attacker can actually reach a dangerous code path. This approach mirrors how a skilled penetration tester would probe a system, but automates the process at a scale no human team could match.

The second stage is where VulnHunter departs most sharply from conventional scanners. After identifying a potential vulnerability, the falsification engine runs a structured reasoning workflow designed to disprove its own conclusion. It searches for assumptions that do not hold, logical gaps in the exploit path, and environmental conditions that would prevent an attack from succeeding. Findings that fail this internal challenge are discarded before any developer sees them. Capital One’s explicit goal is to shift the developer’s burden away from triaging false alarms — a perennial pain point that erodes trust in security tooling and slows development velocity.

In the third stage, vulnerabilities that survive the falsification engine trigger an evidence-backed remediation workflow. VulnHunter gathers supporting evidence across the codebase, maps the complete surviving exploit path, explains the defect and the specific capabilities an attacker would gain, and generates targeted code changes for engineering review. The output is not a generic advisory but a concrete, context-aware patch proposal.

Advertisement

Capital One says it validated VulnHunter internally before release, running it across thousands of repositories spanning tens of business areas. The company reports that the tool identified and remediated vulnerabilities with speed and efficiency that far exceeded what its teams previously achieved through manual triage.

Why AI-powered attacks are forcing banks to rethink traditional cyber defenses

VulnHunter arrives at a moment when the cybersecurity landscape is shifting beneath the feet of every enterprise. Capital One’s announcement frames the urgency in stark terms: advanced AI models have “dramatically lowered the barrier for bad actors to discover and exploit vulnerabilities in software,” and the window before sophisticated AI attack capabilities become affordable and accessible to virtually every adversary is shrinking rapidly.

“Safeguarding information is essential to our mission and our role as a financial institution,” Nims told VentureBeat. “We have invested heavily in cybersecurity and will continue to do so to stay ahead of today’s evolving threat landscape.”

The company’s own AI security researchers have been tracking these trends closely. At NeurIPS 2024 in Vancouver, Capital One’s team presented research and curated a list of nearly 100 papers spanning LLM safety, adversarial resilience, jailbreak attacks, and synthetic data generation. The papers they highlighted — including work on multi-agent defense frameworks, automated red-teaming, and guardrail classifiers — paint a picture of an arms race in which offensive and defensive AI capabilities are co-evolving at breakneck speed.

Advertisement

Several of those research themes map directly onto VulnHunter’s architecture. The falsification engine echoes the adversarial defense strategies explored in papers like “BackdoorAlign,” which demonstrated that embedding a structured safety mechanism into a small number of training examples could recover a model’s safety alignment without degrading performance. The attacker-first forward analysis reflects the philosophy of “WildTeaming,” a framework that collects and analyzes real-world jailbreak attempts to build more resilient models. And VulnHunter’s emphasis on minimizing false positives parallels the goals of “GuardFormer,” a guardrail classifier that outperformed GPT-4 on safety benchmarks while running 14 times faster.

The thread connecting all of this work is a conviction that traditional, reactive security — monitoring networks, patching known vulnerabilities, responding to incidents after they occur — is no longer sufficient when adversaries can use AI to discover and exploit zero-day vulnerabilities at machine speed. The only durable defense, Capital One argues, is to find and fix the vulnerabilities in your own code before attackers find them first.

What Capital One’s cloud security journey reveals about the entire banking industry

Capital One’s cloud journey also illuminates a broader reckoning across financial services. When Capital One moved aggressively to Amazon Web Services in the mid-2010s, it was a rarity among major banks. Most financial institutions simply did not trust third parties to store their most sensitive data. Capital One’s CIO at the time, Rob Alexander, publicly championed the cloud as more secure than the bank’s own data centers — a claim that the 2019 breach complicated considerably.

The CyberScoop report from that period captured the tension within the industry. W. Patrick Opet, managing director of cybersecurity at JP Morgan Chase, described a cultural shift in banking from prioritizing traders to prioritizing developers: “Now, it’s ‘Focus on the developer, turn everything into code, and automate everything.’” Mark Nicholson, Deloitte’s cyber leader for the financial industry, noted that the pressure to move quickly was exposing “weaknesses in the development methodology.” And the breach itself was a reminder that even as Chase spent $600 million annually on cybersecurity, relatively simple vulnerabilities — like the Apache Struts bug that enabled the Equifax breach — could undercut massive investments in data protection.

Advertisement

Seven years later, the industry has largely followed Capital One into the cloud, and the security challenges have only intensified. The question is no longer whether to use cloud infrastructure but how to secure the software that runs on it. VulnHunter represents Capital One’s answer: rather than relying solely on network-level controls and perimeter defenses, push security directly into the code itself, at the moment it is written. The open-source release also carries implicit competitive pressure. If VulnHunter gains traction among developers and security teams, it could set a new baseline for what enterprise security tooling is expected to do — and force rival banks, fintechs, and cloud providers to match or exceed its capabilities.

Whether VulnHunter lives up to that ambition will depend on adoption, community engagement, and the tool’s real-world performance against the increasingly sophisticated AI-powered attacks it was designed to counter. But the release itself tells a story that extends well beyond any single tool or any single company. In 2019, a misconfigured firewall exposed 100 million records and made Capital One a byword for cloud misconfiguration risk. In 2026, the same institution is open-sourcing an AI-driven defense built for a new generation of threats — and betting that the best way to protect its own code is to help the entire industry protect theirs.

Source link

Advertisement
Continue Reading

Tech

Ernst & Young discloses data breach after support system hack

Published

on

Ernst & Young discloses data breach after support system hack

Ernst & Young is notifying customers of a data breach caused by the compromise of a third-party support ticket system used by its IT personnel.

According to the company, support tickets submitted through the platform may have included documents containing client tax information.

Ernst & Young (EY) is among the world’s four largest auditing and professional services providers, offering auditing, tax, consulting, and transaction advisory services to major organizations in more than 150 countries.

image

The company employs 406,000 people and reported a global revenue of $53.2 billion last year.

The breach notification to affected clients states that Ernst & Young detected anomalous activity on its networks on April 23 and initiated an investigation.

Advertisement

With help from external cybersecurity experts, the company determined that an unauthorized third party had accessed the said platform between March 28 and April 12 and downloaded multiple documents.

The affected information included certain personal and financial data contained in or used to prepare tax filings. Since the notification sample features a placeholder for the specific data types, the type of the information exposed remains unclear.

Also, the company has not shared exactly how many customers were affected or whether the incident impacts only its U.S. customer base or other countries as well.

Ernst & Young says it secured its systems and notified federal law enforcement authorities, while it has assured that the unauthorized access has been removed.

Advertisement

The company also states that it is not aware of any misuse or further exposure of the stolen files and has no indication that particular individuals were targeted by the threat actors.

To mitigate the risks arising from this exposure, EY offers affected clients 24 months of identity monitoring and restoration service through Experian and urges letter recipients to enroll by October 31, 2026.

At the time of writing, no data extortion or ransomware groups have taken responsibility for the attack on Ernst & Young.

BleepingComputer has contacted EY to learn more about the incident, but we have not yet received a response at the time of publication.

Advertisement

article image

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Source link

Continue Reading

Tech

Astronomers Found the First Atmosphere on a Planet in Another Star’s Habitable Zone

Published

on

The search for life beyond Earth has borne little fruit. That remains true, but scientists have some renewed hope. For the first time, astronomers discovered an atmosphere surrounding an exoplanet within the habitable zone of its host star. 

Say hello to LHS 1140b, an Earth-like rocky planet that lives approximately 48 light-years away from us. For reference, Voyager 1 is rapidly approaching its first light day after nearly 50 years in flight. LHS 1140b sits in the “Goldilocks” zone for its star, which means it’s far enough away to not get roasted like Mercury, but close enough that it gets warm enough to support liquid water. 

According to a new study published in Science, the “special” part of this discovery is not just the habitable zone around a star. It’s that it seems to meet extra criteria that scientists care about — i.e., it’s rocky, not a gas giant, and can still hold onto an atmosphere despite harsh conditions. An atmosphere is what helps stabilize surface temperatures, which is essential for life to exist. 

Advertisement

“It’s very exciting,” said Collin Cherubim, lead author on the study and a PhD graduate from Harvard, in an email. “A major goal in the field has been to understand whether any rocky exoplanets at all can retain atmospheres.”

Cherubim says that most rocky planets orbit M-class dwarf stars, which “emit high-energy radiation for far longer than stars like the sun.” Most rocky planets are stripped of their atmospheres fairly early in their life cycles, thanks to this radiation, the stripping effect of solar wind and other factors, thereby eliminating their chance to host life.

Until LHS 1140b, Earth was the only rocky planet that humans had ever observed with an intact atmosphere. 

It wasn’t easy to find. Cherubim used a computer model he’d developed during his work that “simulates how exoplanet atmospheres evolve over billions of years.” Those models predicted the existence of “helium worlds,” or rocky planets with helium atmospheres (or at least mostly helium). Cherubim tested his theory with LHS 1140b and struck proverbial gold. 

Advertisement
mars-mount-sharp

Mars is still the best chance humans have at discovering life on another planet. 

NASA/JPL-Caltech

Is there life on LHS 1140b?

Whether or not LHS 1140b contains life is a complicated question. Cherubim says that science recognizes three main requirements for a planet to support life: an atmosphere, the right temperatures to sustain liquid water, and a mostly rocky planet to make it hospitable. LHS 1140b appears to have all of those.

Advertisement

The primary problem is that LHS 1140b’s upper atmosphere is almost entirely helium, which is also “depleted of hydrogen.” That doesn’t bode well for life, since helium typically can’t support life as we know it here on Earth. 

Cherubim says the planet is also tidally locked to its star, like the moon to Earth, meaning one side of the planet has permanent daytime and the other permanent night. It’s also roughly 70% larger than Earth, which means gravity is nearly twice as strong there. These findings don’t rule out life entirely, but if LHS 1140b does host life, it would surely be very different from life on Earth.

Cherubim also admits that researchers don’t yet know whether the planet has a rocky surface or is entirely covered by an ocean, the latter of which would be significant for the search for life. Computer models developed by Cherubim predict that the lower atmosphere may even contain gases more conducive to life, such as carbon dioxide, water and even oxygen.

“While we need more data to see what’s going on in the rest of the atmosphere, this may be the first known helium world,” Cherubim said. “That these rocky worlds can retain helium atmospheres isn’t just good for habitability prospects, but also tells us our [computer prediction] models are getting something right.”

Advertisement

Until then, Mars is the most likely candidate for finding signs of life, since researchers have already identified possible biosignatures in its soil. 

Another potential candidate for habitability is K2-18b, where scientists have reported tentative evidence for dimethyl sulfide, a compound commonly produced by oceanic phytoplankton. Scientists are also paying attention to the Trappist-1 star system, which has seven Earth-sized planets, three of them in the star’s habitable zone.

Source link

Advertisement
Continue Reading

Tech

Ditch your smartphone for a flip phone for a month? This group wants Seattleites to try

Published

on

Maggie Hollinbeck and James Wagar are leading the charge on Month Offline Seattle, a move to get people off their smartphones.

Seattle helped create the modern smartphone era. Now, nearly 40 people in the heart of one of the world’s biggest technology hubs are voluntarily putting theirs away.

The inaugural Month Offline Seattle cohort challenges participants to swap their smartphones for flip phones — or other “dumb phones” — for 35 days, gathering weekly for what organizers describe as part happy hour, part support group.

What started as a niche experiment in Washington, D.C. and Brooklyn has found an enthusiastic audience in Seattle, where organizers expected 10 to 20 participants but have already attracted the largest cohort outside those two cities.

Weekly programs are scheduled during the month-long detox from July 28 to Sept. 1, with activities on Tuesday evenings like bocce ball, bowling and mini golf slated to connect people in real time. There are also themed programs during the week, starting in week one with orientation and goal setting, and followed by topics such as “communication and relationships,” and “attention and boredom.” You can register here.

For a region like Seattle that’s home to Microsoft, Amazon, T-Mobile and a booming AI industry, the idea might sound almost rebellious. But organizers say the goal isn’t to reject technology — it’s to rethink how much of our lives should revolve around our smartphones.

Advertisement

James Wagar, a former investment banker and self-described techno-optimist who has carried a flip phone alongside his smartphone for years, teamed up with therapist and coach Maggie Hollinbeck, who describes herself as a techno-skeptic, to get the Seattle cohort launched. Together, they’re leading the gatherings, serving as the guides to those ready to take a break from their always-connected lifestyles.

“We (finally) seem to be at the beginning of a cultural moment with more people seriously evaluating their relationships with technology,” Wagar tells GeekWire. “Those using flip phones and simpler devices may be the canaries in the coal mine. While I remain a techno-optimist, the attention economy is not sustainable.”

Pick your favorite flip phone and disengage next month with Month Offline Seattle. Photos via James Wagar and Maggie Hollinbeck

Hollinbeck said she remembers when smartphones felt like a convenience — a way to replace multiple devices with one. But over time, she felt that same “rectangle of glass” had become harder to put down, prompting her to rethink her relationship with technology. She’s already ditched her Facebook and Instagram accounts, and was ready for the next step.

“I’m here to reclaim my time and attention, and I’m doing it in this way because I’ve found that it’s actually pretty hard to disentangle myself from this pocket-sized dementor,” said Hollinbeck. “It’s gonna take a village, so we’re building one.”

The concept has been spreading nationally through the Month Offline movement, but Seattle’s response has surprised the organizers. Most participants found the group not through social media, but through flyers, word of mouth, and conversations at neighborhood pubs during the FIFA World Cup.

Cohort members can use their own flip phone or purchase one at a discounted price of $10, and a commitment to subscribe for four months of discounted wireless service from dumb.co. That’s a total commitment of $42.

Advertisement

Denver, Austin, Los Angeles and Philadelphia also are jumping on the “Month Offline” bandwagon — which is kind of best described as a dry January for the tech obsessed. The organization says it is united by a common mission — “our commitment to attention liberation.”

Wagar and Hollinbeck are also encouraging a GeekWire reporter to join the movement.

So far, no takers.

Note: I actually tried a digital detox for one day back in 2013. Not sure I am ready for 35 days, 13 years later.

Advertisement

Source link

Continue Reading

Tech

Hitachi teams up with Eve to further urban air transport plans

Published

on

‘Building a successful urban air mobility ecosystem requires collaboration across industries,’ said Eve Air Mobility’s CEO Johann Bordais.

Zurich-headquartered Hitachi Energy is partnering with air mobility company Eve to explore urban air transportation – loosely, flying cars.

The European Union Aviation Safety Agency has said that Urban Air Mobility (UAM) could become a commercial reality in the bloc within three to five years, as a way to – among other things – address transportation challenges in densely populated areas.

This possibility is supported by new innovation areas including battery technologies and electric propulsion.

Advertisement

Hitachi and Eve, as part of a memorandum of understanding (MoU), have agreed to explore infrastructure challenges to ensure ‘vertiports’ – a take-off and landing port for urban air vehicles – can be reliably connected to the power grid and be equipped to handle energy demands.

Hitachi will leverage its energy infrastructure, already widely deployed globally, while the Florida-based Eve, a manufacturer of electric vertical take-off and landing (EVTOL) aircrafts and other UAM products, will provide its complementary expertise to the project.

The companies will also assess requirements to enable vertiport operations, including power availability and high-power charging for EVTOL aircraft.

“Building a successful urban air mobility ecosystem requires collaboration across industries,” said Eve Air Mobility’s CEO Johann Bordais.

Advertisement

“As the sector moves toward commercial operations, it is increasingly important to understand how charging infrastructure, grid connectivity and vertiport energy requirements will be integrated into existing networks.”

The company said it holds around 2,700 letters of intent for EVTOLs from prospective customers. It has been conducting flight tests since last December.

“With more than a century of innovation, we are addressing the most urgent energy challenge of our time, balancing soaring electricity demand while decarbonising the power system,” said Marco Berardi, the head of grid and power quality solutions and service at Hitachi Energy.

“We firmly believe that no single company or country can make the energy transition happen on its own, so we are thrilled to collaborate with Eve to jointly accelerate the decarbonisation of urban air mobility.”

Advertisement

As per the MoU, the two businesses will also explore the potential to repurpose aircraft batteries for energy storage after their aviation life cycle.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Advertisement
Continue Reading

Tech

There’s Now An API For Mainlining Trump’s Truth Social Posts

Published

on

The API is supposed to deliver posts from ‘the highest-ranking Truth Social accounts.’

We may receive a commission on purchases made from links.

Trump Media and Technology Group, the company behind social media platform Truth Social, has announced it will sell access to Truth Social posts through a new API. When it becomes available on August 1, the new Truth API will give businesses “real-time access to posts from the highest-ranking Truth Social accounts” — a direct pipe from President Donald Trump’s favorite social media site to anyone trying to make investments based on his posts.

“Truth API uses familiar, industry-standard delivery methods to deliver Truth Social posts to our customers in milliseconds,” Trump Media says. “It is expected to provide continuous 24/7 coverage and includes a historical archive of posts dating back to 2022.”

Advertisement

Other social media sites have offered free or paid access to their APIs in the past for building clients to view posts or other features. Twitter notably closed free access to its API in 2023, not long after it was purchased by Elon Musk. The difference here, as TMTG CEO Kevin McGurn notes, is that “markets already move on Truth Social posts.”

One likely reason for that is Truth Social’s most popular user, President Trump. Besides being a majority shareholder in the platform’s owner through his trust, Trump is also Truth Social’s most followed user, with around 12.9 million followers as of July 2026. The President frequently announces major new policies and governmental actions through Truth Social before they trickle out through official channels.

Trump Media expects offering unfettered access to posts to be “a meaningful, ongoing source of revenue for the company, creating lasting value for shareholders,” including the President’s family. If that doesn’t work, there’s always the nuclear fusion business Trump Media merged with last year.

Advertisement

Source link

Continue Reading

Tech

Japan’s first national AI factory will use 27,500 GPUs across 382 Vera Rubin racks

Published

on

First look: Nvidia is working with Japan’s newly formed Noetra consortium to build a 140-megawatt AI factory that will serve as the compute backbone for the government’s FRONTia program, which focuses on robotics, industrial automation, and digital twins. The facility will run on Nvidia’s DSX data center platform and use Vera Rubin NVL72 racks, each combining 72 Rubin GPUs and 36 Vera CPUs.

In total, the project calls for 27,500 Rubin GPUs and 13,750 Vera CPUs connected through Spectrum-X Ethernet networking. The system is designed to handle the training of trillion-parameter models as capacity ramps up.

Nvidia is positioning the Rubin AI factory as a full-stack platform encompassing chips, networking, systems, and software for training and deploying open multimodal foundation models. These models are designed to operate with robots and physical systems, rather than just processing text and images. The plan is to make pretrained weights widely available to developers and companies in Japan so they can fine-tune the models for their own robotics, logistics, and industrial applications.

The hardware footprint is substantial even by today’s AI data center standards. The component count translates into 382 Vera Rubin NVL72 racks, each a tightly integrated system designed for high-bandwidth NVLink communication within the rack and Spectrum-X networking across the broader fabric.

Advertisement

Industry pricing estimates suggest that VR200 NVL72 systems cost between $5 million and $7 million each, which would put the rack hardware alone in the $1.9 billion to $2.7 billion range before accounting for memory, networking equipment, and cooling infrastructure. Estimates from Morgan Stanley value Rubin GPUs at roughly $55,000 each in volume, implying approximately $1.5 billion in GPU silicon costs alone.

Neither Nvidia nor Noetra has provided a firm deployment timeline, and Rubin systems are only expected to enter volume production in the second half of this year. As a result, the AI factory will likely come online in phases.

Noetra is a newly formed consortium created to bring major Japanese technology and industrial companies together around a shared AI infrastructure effort. The group is led by SoftBank Corp., Sony, NEC, and Honda, with support from 44 companies and organizations.

Noetra, together with the national research institute AIST, won a public tender to operate the FRONTia project from fiscal 2026 through fiscal 2030. Initial funding is set at ¥387.3 billion – about $2.4 billion – with a long-term target of up to ¥1 trillion, or roughly $6.1 billion, over five years. However, that additional funding is subject to annual reviews, meaning the full amount is not guaranteed.

Advertisement

The FRONTia roadmap extends beyond simple language models. Noetra is targeting a reasoning foundation model in fiscal 2026. By fiscal 2028, the plan is to develop an omni-modal model capable of handling text, images, video, and audio. By fiscal 2030, the goal is “real-world native AI” with spatial awareness and other capabilities designed for robots and physical systems operating in factories, warehouses, and healthcare environments.

The Rubin AI factory is intended to serve as the compute foundation that enables this progression, providing enough scale to train and retrain very large models while still allowing their weights to be shared for downstream applications.

This project joins several other Nvidia-related initiatives in Japan but serves a different purpose. SoftBank has already announced a Blackwell-based DGX supercomputer aimed at enterprise AI workloads. Meanwhile, RIKEN, Fujitsu, and Nvidia are collaborating on FugakuNEXT, a $740 million zetta-scale system planned for around 2030 and designed for scientific computing.

The Rubin AI factory, by contrast, is a state-funded national infrastructure project selected through a public tender and designed specifically for physical AI and robotics applications across multiple industries.

Advertisement

The broader policy direction is clear. Japan’s AI Robotics Strategy, released in March, sets a goal of capturing more than 30% of the global AI robotics market by 2040, representing an opportunity the government estimates at roughly $133 billion. The strategy calls for domestic control over the foundation models and data that future robots will rely on.

By investing in a Rubin-based AI factory and connecting it to a consortium led by major Japanese hardware and telecommunications companies, officials are treating large-scale physical AI computing as a national asset rather than simply another private supercomputer project.

Source link

Advertisement
Continue Reading

Tech

Apple’s smallest iPad may be about to get its biggest upgrade

Published

on

Apple’s long-rumoured OLED iPad mini could finally be close to launch, with a new report suggesting the compact tablet is in the final stages of development.

According to Bloomberg’s Mark Gurman, the next-generation iPad mini, reportedly codenamed J510 is nearing the end of development. It is expected to arrive shortly after the iPhone 18 Pro launches.

The biggest upgrade is the display. Multiple reports have pointed to Apple replacing the current LCD panel with an 8.4-inch hybrid OLED display.

This will mark the first time the iPad mini has adopted the technology. The screen is also rumoured to use an LTPS backplane and retain a 60Hz refresh rate. Therefore, ProMotion will remain exclusive to Apple’s higher-end iPads. A shame, but maybe not that much of a surprise.

Advertisement

That could make the iPad mini noticeably better for watching films, reading and gaming, thanks to OLED’s deeper blacks, stronger contrast and improved colour reproduction.

Advertisement

But what about pricing?

Apple increased the starting price of the current iPad mini to $599. OLED panels remain considerably more expensive to manufacture than traditional LCDs. While Apple hasn’t confirmed pricing, another increase wouldn’t come as a surprise. This is likely if the company wants to offset the higher production costs.

Advertisement

Beyond the display, earlier leaks have suggested the tablet could arrive with Apple’s A20 chip, replacing the A17 Pro in the current model. Previous rumours had pointed to the A19 instead. However, more recent reports indicate Apple may skip straight to its newer silicon.

Rumours of an OLED iPad mini have been circulating for what seems like an age. Code references first appeared in 2025, followed by reports that Apple was targeting a 2026 launch. More recently, supply chain leaks suggested OLED display production had already begun.

If those reports prove accurate, the OLED iPad mini could be one of Apple’s biggest tablet upgrades in years. The only remaining question is whether buyers will have to pay significantly more for it.

Advertisement

Source link

Continue Reading

Tech

Abbott probes two cyber incidents amid extortion claims

Published

on

Abbott

Abbott Laboratories is investigating two separate cybersecurity incidents after confirming unauthorized access to internal legacy Exact Sciences systems in its Cancer Diagnostics business, while also investigating a separate claim that attackers breached its LabCentral portal and stole company data.

The company confirmed the Cancer Diagnostics incident after the ShinyHunters extortion gang added Abbott to its data leak site, initially threatening to publish allegedly stolen data after July 18 unless the company negotiated with the group, before later extending the deadline to July 21.

Abbott's Exact Sciences is listed on ShinyHunters extortion site
Abbott’s Exact Sciences is listed on ShinyHunters extortion site
Source: BleepingComputer

When BleepingComputer asked Abbott about the alleged ShinyHunters incident, Abbott directed BleepingComputer to a statement published on its website.

image

“Abbott is investigating a cyber incident in which there was unauthorized access to a limited number of internal systems in our Cancer Diagnostics business only,” the company said

“This does not impact any business operations, product or product availability, manufacturing or lab operations, or our ability to serve patients.”

Abbott added that the security incident has not impacted any other Abbott businesses or systems, and said the legacy Exact Sciences systems are separate from Abbott’s.

Advertisement

The company said it activated its incident response procedures after it learned of the incident, engaged cybersecurity experts, and notified law enforcement.

Abbott also stated that it does not expect the incident to have a material impact on its business or financial results.

ShinyHunters claimed to BleepingComputer that it gained access through a vishing attack targeting several Abbott employees in mid-June. According to the threat actor, the attack allowed it to compromise a Microsoft Entra single sign-on (SSO) account and gain access to internal systems.

Since last year, the extortion group has been conducting social engineering campaigns that target employees’ Microsoft Entra, Okta, and Google SSO accounts.

Advertisement

After gaining access to a corporate SSO account, the threat actors steal data from connected SaaS applications such as Salesforce, Microsoft 365, Google Workspace, SAP, Slack, Adobe, Atlassian, Zendesk, Dropbox, and many others.

The extortion gang has been increasingly targeting medtech companies, including Medtronic, OneMedical, and AdaptHealth. BleepingComputer has learned that ShinyHunters was also behind the iRhythm data breach and targeted Stryker soon after the company recovered from a destructive Iranian data-wiping attack.

When asked what data was allegedly stolen, ShinyHunters claimed it exfiltrated data from Microsoft Entra, ServiceNow, SharePoint, Databricks, and Coupa, including internal documents, contracts, and customer information.

The threat actor further claimed to have stolen more than 30 million rows of customer personally identifiable information (PII) from multiple datasets containing names, email addresses, phone numbers, physical addresses, dates of birth, and more than one million Social Security numbers.

Advertisement

The group also claimed to have stolen over 22 million client notes containing doctor-patient conversations, more than 20 million medical orders, and customer agreements and NDAs.

BleepingComputer has not independently verified the threat actor’s claims regarding the stolen data.

Alleged breach at LabCentral customer portal

The second incident involves a threat actor known as ShadowByt3$, who contacted BleepingComputer claiming to have breached Abbott’s Core Laboratory diagnostics business through its LabCentral customer portal.

The threat actor said it breached the unit via its LabCentral customer portal using compromised customer credentials after identifying what it described as a “weak point” in the environment.

Advertisement

According to the threat actor, they gained access on July 4, 2026, after which they slowly exfiltrated files by targeting API endpoints. 

ShadowByt3$ claims the stolen data includes CE manufacturing certificates, operation manuals, technical specifications, regulatory documentation, product requirement archives, calibrator value assignments, assay files, and other product documentation related to Abbott’s laboratory diagnostic systems.

The group says no customer data was stolen, but claims it obtained sensitive business documents and intellectual property. It also provided BleepingComputer with screenshots and a file listing as purported proof of the intrusion. 

Abbott confirmed to BleepingComputer that it is aware of the “potential” cyber incident but disputed the threat actor’s characterization of the data it claims to have stolen, stating that all data stored in the environment is public and not sensitive.

Advertisement

“LabCentral is an externally facing third-party hosted portal used by Abbott’s core laboratory diagnostics business,” an Abbott spokesperson told BleepingComputer.

“It houses publicly available technical product reference documents, including operating manuals, troubleshooting checklists and product specifications, and does not contain proprietary/sensitive customer or business information.”

At this time, neither ShinyHunters nor ShadowByt3$ has publicly released data they claim to have stolen from Abbott.


article image

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Advertisement

Get the whitepaper

Source link

Continue Reading

Trending

Copyright © 2025