Kaiser Chiefs

Seagate CEO Dave Mosley said Monday that building new memory chip factories or adding capacity would "take too long" to keep up with AI-driven storage demand. "If we took the teams off and started building new factories or bringing up new machines, that would just take too long. You would end up with more capacity, but then you'd slow the rate of growth on that technology," Mosely said. CNBC reports: Memory chip stocks have soared in recent months as a flood of AI investing has sent demand soaring, with the chips a key part of the AI buildout in data centers. Chip production cycles stretch over many quarters for a single unit, and investors are increasingly wary of how long the leading memory makers can capture demand. CME Group is launching a new futures market for semiconductors, enabling more traders to lock in prices and hedge against the rising prices of computing power.

At Monday's conference, Mosely also addressed the "very long lead times" and maintaining predictability with its clients. "We know what's coming out a year from now," he said. "And we've basically gone to the customers and said, 'Look, if you want to plan this really well, which it should be for your data centers, we know what's coming out. You can buy this stuff up to a certain period.' And so we want to keep that four or five quarters of visibility very, very solid for what's being built. But the demand is significantly higher than that."

Read more of this story at Slashdot.

Guardian: "Due to a computer error at our main studio, the Death of a Monarch procedure, which all UK stations hold in readiness while hoping not to require, was accidentally activated on Tuesday afternoon (19 May), mistakenly announcing that HM the King had passed away." Euronews: "Caroline has been pleased to broadcast Her Majesty the Queen's and now the King's, Christmas message and we hope to do so for many years to come," he said, referring to the monarch's traditional Christmas Day message to the nation. "We apologise to HM (his majesty) the king and to our listeners for any distress caused," Moore added.

SANTA CLARA (ANP) - Nvidia, de belangrijkste ontwikkelaar van chips voor toepassingen rond kunstmatige intelligentie (AI), heeft in het afgelopen kwartaal opnieuw recordresultaten behaald door de grote vraag naar zijn chips voor AI-datacenters. Volgens het bedrijf werd een omzet in de boeken gezet van 81,6 miljard dollar. Dat is een stijging van 85 procent vergeleken met een jaar eerder.

Ten opzichte van het voorgaande kwartaal ging het om een toename van 20 procent. De nettowinst van het in het Californische Santa Clara gevestigde Nvidia steeg tot 58,3 miljard dollar. Dat was 18,8 miljard dollar een jaar eerder en bijna 43 miljard dollar in de voorgaande periode.

Nvidia zei voor het lopende kwartaal een omzet te verwachten van ongeveer 91 miljard dollar. Op de beurs is de marktwaarde van Nvidia gestegen tot meer dan 5 biljoen dollar, aangejaagd door het optimisme rond de enorme investeringen van grote techbedrijven in AI. Daarmee is Nvidia het meest waardevolle bedrijf ter wereld.

NEW YORK (ANP) - De aandelenbeurzen in New York zijn woensdag met flinke winsten de handel uitgegaan, geholpen door een sterke daling van de olieprijzen. AI-chipconcern Nvidia stond bij de stijgers op Wall Street in aanloop naar de kwartaalcijfers die na het slot worden gepubliceerd.

Nvidia eindigde met een plus van 1,3 procent. De belangrijkste ontwikkelaar van chips voor toepassingen rond kunstmatige intelligentie is door het optimisme onder beleggers over AI naar een marktwaarde gestegen van meer dan 5 biljoen dollar, waarmee Nvidia het meest waardevolle bedrijf ter wereld is. De cijfers van Nvidia worden gezien als een soort barometer voor de chipindustrie en de AI-opmars.

De Dow-Jonesindex sloot 1,3 procent hoger op 50.009,35 punten. De brede S&P 500 won 1,1 procent tot 7432,97 punten en de technologiegraadmeter Nasdaq steeg 1,5 procent tot 26.270,36 punten. Op dinsdag leden de Amerikaanse beurzen nog verliezen.

Een vat Amerikaanse olie werd 5,5 procent goedkoper op 98,44 dollar en Brentolie kostte 5,7 procent minder op 104,97 dollar per vat. President Donald Trump heeft gezegd dat de Verenigde Staten in de "laatste fases" van de vredesgesprekken met Iran zijn. Ook waren er berichten over de doorvaart van olietankers door de Straat van Hormuz.

Oliemaatschappijen als ExxonMobil, Chevron en ConocoPhillips leverden tot 3,7 procent in. De luchtvaart profiteert juist van lagere olieprijzen. Delta Air Lines en United Airlines waren daardoor uitblinkers met koerswinsten tot 10 procent. Southwest Airlines en American Airlines klommen tot 7,4 procent. De cruisemaatschappijen Norwegian Cruise Line en Carnival werden tot 9 procent hoger gezet.

Verder kwam speelgoedfabrikant Hasbro, producent van onder meer Monopoly, Peppa Pig en het populaire kaartspel Magic: The Gathering, met definitieve kwartaalcijfers, waarbij de verwachtingen voor dit jaar werden herhaald. Dat viel niet goed, want het aandeel zakte bijna 9 procent. Ook waren er resultaten van doe-het-zelfketen Lowe's (plus 1,2 procent) en winkelbedrijf Target (min 4 procent).

Two now-patched bypass bugs in Claude Code’s network sandbox put users at risk, and one of these allows baddies to send anything inside the sandbox - credentials, source code, other private data - to any server on the internet, according to a researcher who found and reported both flaws to Anthropic. Aonan Guan, who leads cloud and AI security at Wyze Labs and has hunted down bugs in pretty much every AI system out there, told The Register that this is the second time in five months Anthropic has silently fixed a sandbox bypass vulnerability in Clade Code without issuing a CVE or security advisory specific to the agentic coding tool. The latest issue was a SOCKS5 hostname null-byte injection that can be exploited to trick the sandbox allowlist filter into approving connections it should block. It’s especially dangerous when combined with prompt injection, which Guan previously detailed in his earlier comment and control research. When paired with prompt injection, the new flaw can be abused to force Claude to read hidden instructions and then run attacker-controlled code in the sandbox, allowing miscreants to exfiltrate anything the sandbox could reach. This includes cloud and GitHub credentials, the GitHub token Claude authenticated with, cloud metadata and internal APIs. “For anyone who ran Claude Code with a wildcard allowlist on a credential-bearing system, the network boundary did not exist for the 5.5 months from sandbox GA to v2.1.90,” Guan wrote in research published Wednesday. “Treat that window as a potential exfiltration event.” Anthropic says it found and fixed the latest flaw before receiving Guan’s report. The fix, according to a spokesperson, is a public commit in the sandbox-runtime repository, which shipped in Claude Code 2.1.88 on March 31. “Anyone can view” the commit, they told us. Guan filed his bug bounty report with HackerOne on April 3. “Because the report described a vulnerability Anthropic had already caught and patched, it was closed as a duplicate of an internal finding,” the spokesperson said. “We appreciate the researcher’s time on this report.” Guan says he doesn’t dispute the timeline. “That is not the core issue,” he told The Register. “The core issue is that this was a bypass of a user-configured network sandbox, and there's still no advisory CVE, and no changelog note," he said. "Shipping a sandbox with a hole is worse than not shipping one. The user with no sandbox knows they have no boundary. The user with a broken sandbox thinks they do.” Claude, for its part, seems to side with Guan. When he showed Claude its own hole, the bot responded “This is a real bypass of the network sandbox filter,” according to a screenshot published in his research. The earlier bug, which Guan reported and detailed in December 2025, was ultimately assigned a CVE tracker - CVE-2025-66479 - and patched in v0.0.16. But the CVE only applies to Anthropic's sandbox-runtime, an upstream package, and not specifically to Claude Code, which Guan says means users have no way to know if their AI coding assistant is reading “allow nothing” as “allow everything.” He requested a CVE for Claude Code, and Anthropic said no because “The root cause is in the library.” Guan told us he’s glad Anthropic ultimately addressed the security holes. But the entire disclosure process illustrates another problem that researchers and The Reg vultures have reported with how AI vendors often handle vulnerabilities in their products: no CVEs issued, and if the flaw is fixed, it usually happens silently, with no public advisories. More often than not, the burden of securing AI agents and other systems gets pushed to the end users. “Some vendors issue CVEs and some do not,” Guan said. "I think either approach can be reasonable, but the advisory is a must. The users need to know the risk is real, and in many cases, they may never know. What the public often does not see is that vendors may reward researchers and silently patch the software, while end users never learn from release notes or public advisories that the risk existed.” According to Guan, this shows why users need their own protections, either from a security company or user-controlled runtime isolation. But he said he does hope big tech “takes on the burden of clearly communicating” security issues with users. “Because of that, I think companies should treat AI agents more like employees than ordinary software tools,” he told us. “Before hiring an employee, companies do background checks. Before giving them access to systems, they define permissions. The same discipline should apply to AI agents.” ®

Thomas Hawk posted a photo:

Thomas Hawk posted a photo: