Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe compromises inside data centers and on personal devices.

The vulnerability and exploit code that exploits it were released Wednesday evening by researchers from security firm Theori, five weeks after privately disclosing it to the Linux kernel security team. The team patched the vulnerability in versions 7.0 , 6.19.12 , 6.18.12 , 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254) but few of the Linux distributions had incorporated those fixes at the time the exploit was released.

A single script hacks all distros

The critical flaw, tracked as CVE-2026-31431 and the name CopyFail, is a local privilege escalation, a vulnerability class that allows unprivileged users to elevate themselves to administrators. CopyFail is particularly severe because it can be exploited with a single piece of exploit code—released in Wednesday’s disclosure—that works across all vulnerable distributions with no modification. With that, an attacker can, among other things, hack multi-tenant systems, break out of containers based on Kubernetes or other frameworks, and create malicious pull requests that pipe the exploit code through CI/CD work flows.

Read full article

Comments

In February, numerous workers from a company that Meta contracted to perform data annotation for Ray-Ban Meta reported viewing sensitive, embarrassing, and seemingly private footage recorded by the smart glasses. About two months later, Meta ended its contract with the firm.

According to a BBC report today, “less than two months” after a report from Swedish newspapers Svenska Dagbladet and Göteborgs-Posten and Kenya-based freelance journalist Naipanoi Lepapa came out featuring Sama workers complaining about watching explicit footage shot from Ray-Ban Metas, “Meta ended its contract with Sama.”

Sama is a Kenya-headquartered firm that Meta contracted to perform data annotation work, including working with video, image, and speech annotation for Meta’s AI systems for Ray-Ban Metas. Sama claims that Meta's cancellation of the contract affected 1,108 workers.

Read full article

Comments

The genetic code is central to life. With minor variations, everything uses the same sets of three DNA bases to encode the same 20 amino acids. We have discovered no major exceptions to this, leading researchers to conclude that this code probably dated back to the last common ancestor of all life on Earth. But there has been a lot of informed speculation about how that genetic code initially evolved.

Most hypotheses suggest that earlier forms of life had partial genetic codes and used fewer than 20 amino acids. To test these hypotheses, a team from Columbia and Harvard decided to see if they could get rid of one of the 20 currently in use. And, as a first attempt, they engineered a portion of the ribosome that worked without using an otherwise essential amino acid: isoleucine.

Changing the code

First off, why would you do this? Most work in the field has focused on altering the genetic code in ways that are useful , such as using more than 20 amino acids to enable interesting chemistry.

Read full article

Comments

Earlier this week, Blue Origin posted a job opportunity for a "senior manager" to oversee tank fabrication for "Quattro," and the description contained some intriguing information.

"As part of a hardworking team of specialists, technicians, and engineers you will be the Senior Manager of Gen 2.0 Tank Fabrication, and will own the production execution of the most structurally complex and schedule-critical subsystem on the vehicle—the propellant tank," the job posting states.

Quattro is the company's nickname for a more powerful upper stage for the New Glenn rocket, which will feature four BE-3U engines instead of the two currently powering the booster. Blue Origin revealed plans for this more powerful variant of New Glenn, 9x4 (nine first stage engines, and four upper stage engines), last November.

Read full article

Comments

The Resident Evil film franchise has grossed over $1.2 billion worldwide since the first film debuted in 2002, but an attempt to reboot it a few years ago floundered. Sony Pictures is trying again, this time tapping Zach Cregger—who wrote, produced, and directed last year's Oscar-winning horror hit Weapons —for the project. The studio showed the first teaser for Cregger's Resident Evil during CinemaCon and just released it to the public.

When the first Resident Evil game debuted in 1996, it was an immediate commercial and critical success, spawning several sequel games, comics, novels, and a very lucrative film franchise directed by Paul W.S. Anderson and starring Milla Jovovich. But those films were only loosely based on the games, keeping a few primary characters and the basic concept, but little else. Reviews were mixed, despite the films' massive box office success.

Work on the first reboot started in 2017, eventually producing 2021's Resident Evil: Welcome to Raccoon City . Director Roberts Johannes wanted to bring a very different tone to his film. He wanted to stay closer to the Resident Evil and Resident Evil 2 games—even employing the same fixed angles of Spencer Mansion in the first game. Alas, Welcome to Raccoon City was critically panned and had a disappointing box office showing, grossing just $42 million globally against its $25 million budget. The studio nixed its plans for a direct sequel, and a 2022 Netflix series was also cancelled after a less-than-stellar first season.

Read full article

Comments

China’s new clampdown on drone sales and even the storage of drone components within the capital of Beijing stands out in a country that effectively built the global market for affordable commercial drones. The unprecedented citywide rules taking effect on May 1 come as authorities tighten drone regulations across the country and enforce flight restrictions more strictly.

Chinese officials are refining drone regulations because “enforcement and rules have been uneven or unclear,” said Lizzi C. Lee , a fellow on the Chinese economy at the Asia Society Policy Institute’s Center for China Analysis in New York City. Now it appears that Beijing officials are “experimenting with a more comprehensive, front-end approach” by implementing the citywide ban on drone sales and rentals—not to mention restricting the storage of drones and drone components within the city.

“What’s pretty notable here is that this is not just about regulating use but also about controlling the entire lifecycle—sales, transport, and storage—of drones,” Lee told Ars. “That’s a much more preventive, system-level approach to eliminating unauthorized drone activity rather than just policing them after the fact.”

Read full article

Comments

After some uncertainty—and a little drama—the Trump administration is appealing a ruling by a judge last month that temporarily halted anti-vaccine changes Health Secretary Robert F. Kennedy had implemented at the Centers for Disease Control and Prevention. Those changes include filling a key vaccine advisory panel with dubious anti-vaccine allies and unilaterally slashing childhood vaccine recommendations.

On March 16, US District Judge Brian Murphy issued a temporary injunction on those changes, essentially blocking the appointment of Kennedy's advisors, nullifying all votes they made on federal vaccine policy, and undoing the changes to the CDC childhood vaccination schedule. Murphy ruled that Kennedy's advisors were unqualified, and their appointment and the changes to vaccine recommendations violated federal procedures. The ruling stems from a case brought against Kennedy and the Department of Health and Human Services (HHS) by the American Academy of Pediatrics (AAP).

Prior to the ruling, lawyers for the government argued that Kennedy's actions were " unreviewable " and his authority was such that he could advise Americans to actively inject themselves with measles virus rather than the vaccine if he wanted. Murphy rejected that argument in his ruling and found the AAP would likely succeed with their claim that Kennedy's changes were illegal.

Read full article

Comments

Since the introduction of wings to racing cars halfway through the 1960s, airflow has been everything in racing. Until that point, the focus was on making a car as slippery as possible; less drag meant more top speed on the straights. Then designers like Jim Hall at Chaparral and Colin Chapman at Lotus realized they could use the air to push the car onto the track , increasing grip and allowing it to go faster through the corners. Things haven't been the same since.

Finding aerodynamic downforce started as something of a dark art. The use of wind tunnels to simulate its effect on scale models of cars was in its infancy, so teams were mostly limited to expensive and sometimes dangerous track testing. But wind tunnels can run day and night, rain or shine, and you can't crash a car or injure a driver (or worse) in the process. Wind tunnel work became even more important when F1 began restricting on-track testing to help teams cut budgets. Consequently, teams would do as much work with models as possible before validating the results during the limited test sessions they were allowed.

Computational fluid dynamics (CFD) simulation came next. In racing, everyone is looking for an advantage over their competitors, and it was finally possible to model, with some fidelity, the effect of airflow on a virtual model of a car. Not only were CFD sims cheaper than wind tunnel time, but they were also much faster at iterating. Early design work is now done in silico before being validated with scale models in a wind tunnel, as most series—including Formula 1, the World Endurance Championship, Formula E, and NASCAR—have tightly restricted on-track testing.

Read full article

Comments

Several times in the last couple of decades, Microsoft has released source code for the original MS-DOS operating system that kicked off its decades-long dominance of consumer PCs. This week, the company has reached further back than ever , releasing "the earliest DOS source code discovered to date" along with other documentation and notes from its developer.

Today's source release is so old that it predates the MS-DOS branding, and it includes "sources to the 86-DOS 1.00 kernel, several development snapshots of the PC-DOS 1.00 kernel, and some well-known utilities such as CHKDSK ," write Microsoft's Stacey Haffner and Scott Hanselman in their co-authored post about the release.

To understand the context, here's a very brief history of what would become MS-DOS: Programmer Tim Paterson originally created 86-DOS (previously known as QDOS, for "quick and dirty operating system") for an Intel 8086-based computer kit sold by Seattle Computer Products. Microsoft, on the hook to provide an operating system for the still-in-development IBM PC 5150 , licensed 86-DOS and hired Paterson to continue developing it, later buying the rights to 86-DOS outright. Microsoft then licensed this operating system to IBM as PC-DOS while retaining the ability to sell the operating system to other companies. The version sold by Microsoft was called MS-DOS, and the proliferation of third-party IBM PC clones over the '80s and '90s made it the version of the operating system that most people ended up using.

Read full article

Comments