Google on Tuesday expanded its "Results about you" tool to let users request the removal of Search results containing government-issued ID numbers -- including driver's licensespassports and Social Security numbers -- adding to the tool's existing ability to flag results that surface phone numbersemail addressesand home addresses.

The updateannounced on Safer Internet Dayis rolling out in the U.S. over the coming days. Google also streamlined its process for reporting non-consensual explicit images on Searchallowing users to select and submit removal requests for multiple images at once rather than reporting them individually.

Microsoft has begun automatically replacing the original Secure Boot security certificates on Windows devices through regular monthly updatesa necessary move given that the 15-year-old certificates first issued in 2011 are set to expire between late June and October 2026.

Secure Bootwhich verifies that only trusted and digitally signed software runs before Windows loadsbecame a hardware requirement for Windows 11. A new batch of certificates was issued in 2023 and already ships on most PCs built since 2024; nearly all devices shipped in 2025 include them by default. Older hardware is now receiving the updated certificates through Windows Updatestarting last month's KB5074109 release for Windows 11. Devices that don't receive the new certificates before expiration will still function but enter what Microsoft calls a "degraded security state," unable to receive future boot-level protections and potentially facing compatibility issues down the line.

Windows 10 users must enroll in Microsoft's paid Extended Security Updates program to get the new certificates. A small number of devices may also need a separate firmware update from their manufacturer before the Windows-delivered certificates can be applied.

"They were crouched down like turkeys peeking over the balcony," the county sheriff told Ars Technica. A half hour past midnightthey were skulking through a courthouse in Iowa's Dallas County on September 11 "carrying backpacks that remind me and several other deputies of maybe the pressure cooker bombs." More deputies arrived... Justin Wynn29 of NaplesFloridaand Gary De Mercurio43 of Seattleslowly proceeded down the stairs with hands raised. They then presented the deputies with a letter that explained the intruders weren't criminals but rather penetration testers who had been hired by Iowa's State Court Administration to test the security of its court information system. After calling one or more of the state court officials listed in the letterthe deputies were satisfied the men were authorized to be in the building.
But Sheriff Chad Leonard had the men arrested on felony third-degree burglary charges (later reduced to misdemeanor trespassing charges). He told them that while the state government may have wanted to test security"The State of Iowa has no authority to allow you to break into a county building. You're going to jail."

More than six years laterthe Des Moines Register reports: Dallas County is paying $600,000 to two men who sued after they were arrested in 2019 while testing courthouse security for Iowa's Judicial Branchtheir lawyer says.

Gary DeMercurio and Justin Wynn were arrested Sept. 112019after breaking into the Dallas County Courthouse. They spent about 20 hours in jail and were charged with burglary and possession of burglary toolsthough the charges were later dropped. The men were employees of Colorado-based cybersecurity firm Coalfire Labswith whom state judicial officials had contracted to perform an analysis of the state court system's security. Judicial officials apologized and faced legislative scrutiny for how they had conducted the security test.

But even though the burglary charges against DeMercurio and Wynn were droppedtheir attorney previously said having a felony arrest on their records made seeking employment difficult. Now the two men are to receive a total of $600,000 as a settlement for their lawsuitwhich has been transferred between state and federal courts since they first filed it in July 2021 in Dallas County. The case had been scheduled to go to trial MondayJan. 26 until the parties notified the court Jan. 23 of the impending deal...

"The settlement confirms what we have said from the beginning: our work was authorizedprofessionaland done in the public interest," DeMercurio said in a statement. "What happened to us never should have happened. Being arrested for doing the job we were hired to do turned our lives upside down and damaged reputations we spent years building...."

"This incident didn't make anyone safer," Wynn said. "It sent a chilling message to security professionals nationwide that helping government identify real vulnerabilities can lead to arrestprosecutionand public disgrace. That undermines public safetynot enhances it."
County Attorney Matt Schultz said dismissing the charges was the decision of his predecessoraccording to the newspaperand that he believed the sheriff did nothing wrong.

"I am putting the public on notice that if this situation arises again in the futureI will prosecute to the fullest extent of the law."

An anonymous reader shared this report from Bloomberg: An Asian cyber-espionage group has spent the past year breaking into computer systems belonging to governments and critical infrastructure organizations in more than 37 countriesaccording to the cybersecurity firm Palo Alto NetworksInc. The state-aligned attackers have infiltrated networks of 70 organizationsincluding five national law enforcement and border control agenciesaccording to a new research report from the company. They have also breached three ministries of financeone country's parliament and a senior elected official in anotherthe report states. The Santa ClaraCalifornia-based firm declined to identify the hackers' country of origin.

The spying operation was unusually vast and allowed the hackers to hoover up sensitive information in apparent coordination with geopolitical eventssuch as diplomatic missionstrade negotiationspolitical unrest and military actionsaccording to the report. They used that access to spy on emailsfinancial dealings and communications about military and police operationsthe report states. The hackers also stole information about diplomatic issueslurking undetected in some systems for months. "They use highly-targeted and tailored fake emails and knownunpatched security flaws to gain access to these networks," said Pete Renalsdirector of national security programs with Unit 42the threat intelligence division of Palo Alto Networks....

Palo Alto Networks researchers confirmed that the group successfully accessed and exfiltrated sensitive data from some victims' email servers.
Bloomberg writes that according to the cybersecurity firmthis campaign targeted government entities in the Czech Republic and the Ministry of Mines and Energy of Braziland also "likely compromised" a device associated with a facility operated by a joint venture between Venezuela's government and an Asian tech firm.

The cyberattackers are "also suspected of being active in GermanyPolandGreeceItalyCyprusIndonesiaMalaysiaMongoliaPanamaGreece and other countriesaccording to the report."

Axios reports: Anthropic's latest AI model has found more than 500 previously unknown high-severity security flaws in open-source libraries with little to no promptingthe company shared first with Axios.

Why it matters: The advancement signals an inflection point for how AI tools can help cyber defenderseven as AI is also making attacks more dangerous...

Anthropic debuted Claude Opus 4.6the latest version of its largest AI modelon Thursday. Before its debutAnthropic's frontier red team tested Opus 4.6 in a sandboxed environment [including access to vulnerability analysis tools] to see how well it could find bugs in open-source code... Claude found more than 500 previously unknown zero-day vulnerabilities in open-source code using just its "out-of-the-box" capabilitiesand each one was validated by either a member of Anthropic's team or an outside security researcher... According to a blog postClaude uncovered a flaw in GhostScripta popular utility that helps process PDF and PostScript filesthat could cause it to crash. Claude also found buffer overflow flaws in OpenSCa utility that processes smart card dataand CGIFa tool that processes GIF files.
Logan Grahamhead of Anthropic's frontier red teamtold Axios they're considering new AI-powered tools to hunt vulnerabilities. "The models are extremely good at thisand we expect them to get much better still... I wouldn't be surprised if this was one of — or the main way — in which open-source software moving forward was secured."

Waymo surprised U.S. lawmakers Wednesday during a hearing on autonomous vehicles and their safety and oversight. Newsweek reports: During questioningSen. Ed Markeya Massachusetts Democratasked what happens when a Waymo vehicle encounters a driving situation it cannot independently resolve. "The Waymo phones a human friend for help," Markey explainedadding that the vehicle communicates with a "remote assistance operator." Markey criticized the lack of public information about these workersdespite their role in vehicle safety...

[Dr. Mauricio Peñachief safety officer at Waymo] responded by clarifying the scope of the operators' involvement: "They provide guidancethey do not remotely drive the vehicles," Peña said. "Waymo asks for guidance in certain situations and gets inputbut Waymo is always in charge of the dynamic driving task," according to EVShift. Pressed further on where those operators are locatedPeña told lawmakers that some are based in the United States and others abroadthough he did not have an exact breakdown. After additional questioninghe confirmed that overseas operators are located in the Philippines...

The disclosure prompted sharp criticism from Markeywho raised concerns about security and labor implications. "Having people overseas influencing American vehicles is a safety issue," he said. "The information the operators receive could be out of date. It could introduce tremendous cyber security vulnerabilities," according to People. Markey also pointed to job displacementnoting that autonomous vehicles already affect taxi and rideshare drivers in the U.S. Waymo defended the practice in comments to Peoplesaying the use of overseas staff is part of a broader effort to scale operations globally.
Waymo also defended the remote workers to Newsweek as licensed drivers reviewed for "driving-related convictions" and other traffic violations who are also "randomly screened for drug use."

Thanks to Slashdot reader sinij for sharing the news.

Neocities founder Kyle Drake has spent weeks trapped in Microsoft's automated support loop after discovering that Bing quietly blocked all 1.5 million websites hosted on his platforma free web-hosting service that has kept the spirit of 1990s GeoCities alive since 2013.

Drake first noticed the issue last summer and thought it was resolvedbut a second complete block went into effect in Januarycratering Bing traffic from roughly half a million daily visitors to zero. He submitted nearly a dozen tickets through Bing's webmaster tools but could not get past the AI chatbot to reach a human. After Ars Technica contacted Microsoftthe company restored the Neocities front page within 24 hours but most subdomains remain blocked. Microsoft cited policy violations related to low-quality content yet declined to identify the offending sites or work directly with Drake to fix the problem.

Memory prices across DRAMNAND and HBM have surged 80 to 90% quarter-over-quarter in Q1 2026according to Counterpoint Research's latest Memory Price Tracker. The price of a 64GB RDIMM has jumped from a Q4 2025 contract price of $450 to over $900and Counterpoint expects it to cross $1,000 in Q2.

NANDrelatively stable last quarteris tracking a parallel increase. Device makers are cutting DRAM content per deviceswapping TLC SSDs for cheaper QLC alternativesand shifting orders from the now-scarce LPDDR4 to LPDDR5 as new entry-level chipsets support the newer standard. DRAM operating margins hit the 60% range in Q4 2025 -- the first time conventional DRAM margins surpassed HBM -- and Q1 2026 is on track to set all-time highs.

Salesforce is essentially shutting down Heroku as an evolving productmoving the cloud platform that helped define modern app deployment to a "sustaining engineering model" focused entirely on stabilitysecurity and support.

Existing customers on credit card billing see no changes to pricing or servicebut enterprise contracts are no longer available to new buyers. Salesforce said it is redirecting engineering investment toward enterprise AI.

The CIA has shut down The World Factbookone of its oldest and most recognizable public-facing intelligence publicationsending a run that began as a classified reference document in 1962 and evolved into a freely accessible digital resource that drew millions of views each year.

The agency offered no explanation for the decision. Originally titled The National Basic Intelligence Factbookthe publication first went unclassified in 1971was renamed a decade laterand moved online at CIA.gov in 1997. It served researchersnews organizationsteachersstudents and international travelers. The site hosted more than 5,000 copyright-free photographssome donated by CIA officers from their personal travel. Every page now redirects to a farewell announcement.

Google's Quick Share-AirDrop interoperabilitywhich has been exclusive to the Pixel 10 series since its surprise launch last yearis headed to a much broader set of Android devices in 2026.

Eric KayGoogle's Vice President of Engineering for the Android platformconfirmed the expansion during a press briefing at the company's Taipei officesaying Google is "working with our partners to expand it into the rest of the ecosystem" and that announcements are coming "very soon." Nothing is the only OEM to have publicly confirmed it's working on supportthough Qualcomm has also hinted at enabling the feature on Snapdragon-powered phones.

Automattic and the Internet Archive have released a freeopen-source WordPress plugin that automatically detects broken outbound links on a site and redirects visitors to archived Wayback Machine copies instead of serving them a 404 error.

The Internet Archive Wayback Machine Link Fixerwhich launched last fall and is available on WordPress.orgruns in the background scanning posts for dead linkschecking for existing archived versionsand requesting new snapshots when none exist. It also archives a site's own posts whenever they are updated. If the original link comes back onlinethe plugin stops redirecting.

Pew Research has found that 38% of the web has disappeared over the past decadeand WordPress powers more than 40% of websites online.

alternative_right writes: The city of Munich has developed its own measurement instrument to assess the digital sovereignty of its IT infrastructure. The so-called Digital Sovereignty Score (SDS) visually resembles the Nutri-Score and identifies IT systems based on their independence from individual providers and 'foreign' legal spheres. The Technical University of Munich was involved in the development.

In September and October 2025the IT Department already conducted a first comprehensive test. Out of a total of 2780 municipal application services194 particularly critical ones were selected and evaluated based on five categories. The analysis already showed a high degree of digital sovereignty: 66% of the 194 evaluated services reached the highest levels (SDS 1 and 2)only 5% reached the critical level 4and 21% reached the most critical level 5. The SDS evaluates not only technical dependencies but also legal and organizational risks.

Valve has pushed back the launch of its Steam MachineSteam Frame and Steam Controller hardware from its original Q1 2026 window to a vaguer "first half of the year" targetblaming the ongoing memory and storage shortage that has been squeezing the tech industry.

The company said in a post today that rising component prices and limited availability forced it to revisit both its shipping schedule and pricing plans. Valve had previously indicated the Steam Machine would be priced at the entry level of the PC space.

Microsoft has finally delivered on its promise to integrate Sysmon -- the long-standing system monitoring tool from its Sysinternals suite -- directly into Windowsa move that should make life considerably easier for enterprise administrators who have struggled with deploying and managing the utility across thousands of endpoints.

The functionality landed this week in Windows Insider builds 26300.7733 (Dev channel) and 26220.7752 (Beta channel). Sysmon allows administrators to capture system events through custom configuration filesfilter for specific activityand pipe the data into standard Windows event logs for pickup by security tools and SIEM pipelines. Mark RussinovichMicrosoft technical fellow and Winternals co-founderhas previously noted the lack of official customer support for Sysmon in production environments -- a gap this integration addresses. The feature ships disabled by default and requires PowerShell to enable. Microsoft notes that any existing Sysmon installation must be uninstalled before activating the built-in version.