The Register

Biting the hand that feeds IT — Enterprise Technology News and Analysis

Microsoft closes book on Nightmare Eclipse's RoguePlanet zero-day

Microsoft has quietly fixed the “RoguePlanet” zero-day in Microsoft Defender, closing the latest hole exposed by security researcher Nightmare Eclipse after months of public sparring over the company's handling of vulnerability reports. The vulnerability, tracked as CVE-2026-50656, was addressed through an update to the Microsoft Malware Protection Engine rather than via its monthly Patch Tuesday bundle. Microsoft said customers should ensure they're running the latest engine version to receive the fix. The flaw first surfaced in June when Nightmare Eclipse published both technical details and proof-of-concept exploit code, claiming RoguePlanet worked against fully patched Windows 10 and Windows 11 systems. According to the researcher, the bug exploits a race condition in Microsoft Defender to spawn a command prompt with SYSTEM privileges, granting an attacker complete control of the local machine if the timing is right. "The exploit is a race condition, so it's a hit or miss," Nightmare Eclipse wrote at the time. "I have managed to get a 100 percent success rate on some machines while it struggled to work on others." The researcher also claimed the exploit worked regardless of whether Defender's real-time protection was enabled. When The Register first covered RoguePlanet in June, Microsoft would only say it was investigating the claims. That probe has now ended with a fix, although Redmond hasn't publicly explained what changed under the hood or whether the bug had been exploited outside of proof-of-concept demonstrations. RoguePlanet became the seventh Windows zero-day publicly disclosed by Nightmare Eclipse since April as part of an increasingly acrimonious campaign against Microsoft's vulnerability disclosure and bug bounty programs. The researcher, who claims to be a former Microsoft employee, has repeatedly accused the company of ignoring reports, deleting accounts used for submissions, and treating independent researchers with contempt. After Microsoft initially warned that publishing exploit code could carry legal consequences, security researchers pushed back hard enough that the company issued a clarification saying it had no intention of pursuing action against people conducting or publishing legitimate security research. Nightmare Eclipse, meanwhile, alleged that Microsoft removed repositories hosting the RoguePlanet proof-of-concept from GitHub and GitLab before relocating the exploit to a self-hosted repository. With CVE-2026-50656 now patched, Microsoft has closed every public zero-day Nightmare Eclipse disclosed earlier this year. Whether that also closes the increasingly bitter chapter between Redmond and one of its most prolific bug hunters is another question entirely. ®

Speedier type checks in TypeScript 7.0 as first stable Go release ships

The Microsoft-led TypeScript 7.0 features an order-of-magnitude speed boost, a victory not only for TypeScript itself but also for Go, the programming language used to completely rewrite the web staple's compiler. Following a major rewrite effort that began with an experimental native Go implementation, this is the first stable release of the language to include its long-in-development Go-based compiler rewrite. “TypeScript 7 brings native code speed, shared memory multithreading, and a number of new optimizations that typically yield speedups between 8x and 12x on full builds,” wrote Microsoft Principal Product Manager Daniel Rosenwasser. For the user's code editor, the rewrite shortens the time it takes files to open, to search through the code, for auto-completion to awaken and do its job. You thought that the text editor was slowing you down, but in many cases, the imported TypeScript Language Server was the culprit. The speedup happens in development time, not in the deployment. Too Big for JavaScript Last year, the TypeScript team deliberately set out to give TypeScript a much-needed bump in speed. Everything on the TypeScript language server would have to be rewritten from scratch, proclaimed Anders Hejlsberg, who, along with Steve Lucco, initially built TypeScript to bring static typing, and hence programming rigor, to JavaScript. The port to native code from the original compiler, written in TypeScript and executed by the V8 JavaScript engine, was necessary for performance reasons, Hejlsberg said earlier this year. “We quickly realized we could get 10x, half of it from being native code, and the other half from being able to take advantage of shared memory concurrency.” In the best spirit of bootstrapping, the previous version of TypeScript language server was rendered in JavaScript. But large-scale users were growing more frustrated. For instance, developers at Slack couldn’t even do a full type-check of their own code, so sluggish was their language server. Instead, the task was left for the continuous integration server. With TypeScript 7, full type checks can be done by the developer again at Slack. In Microsoft benchmarks, compiling VScode, with its 2.3 million lines of code, took TypeScript 6 125 seconds. TypeScript 7 did the job in only 10.6 seconds – an 11.9x increase. TypeScript 7 (we're told) also made short work of other source code behemoths, including Sentry (1.9 million lines of code in 15.7 seconds), Bluesky (628,000 lines in 2.8 seconds), and Playwright (528,000 lines of code in 1.47 seconds). There goes that time to check the email. Why Go triumphed For a Microsoft project, the team choosing Go to re-render TypeScript is a bit of a shocker. The team had the company’s none-too-shabby C# at its disposal, and Microsoft (and the rest of the industry) nurtures a growing fondness for Rust. Go barely scrapes into the top 20 of the latest Tiobe list of popular programming languages. Google engineers Rob Pike, Robert Griesemer, and Ken Thompson created Go to simplify their coding chores, creating only those features needed to build distributed applications with massive codebases. Released as open source in 2009, Golang, as it is affectionately called, found a home in the cloud native community – 97.7 percent of Kubernetes is written in Go. Go was the most suitable language for the rewrite, Hejlsberg explained in a Microsoft video. “It’s the lowest level language we can get to that gives us full native-code support on all platforms,” he explained. And it’s great at concurrency. There were several additional reasons to choose Go, explained TypeScript development team lead Ryan Cavanaugh, in an FAQ discussion entitled “Why Go?” One was purely structural similarity. Go syntax most resembles JavaScript’s, which makes it easier for both man and machine to find and update both code bases. The old JavaScript server code will need to be maintained for several more years at least. Go is also pretty slick at handling memory allocation. For most compilations, TypeScript can simply turn off Go’s notoriously sluggish garbage collector. “Go's model therefore nets us a very big win in reducing codebase complexity, while paying very little actual runtime cost for garbage collection,” he wrote. Go is also quite adept at graph traversal, walking up and down complex syntax trees just to understand your convoluted code. Go offers advantages to the agent In a blog post, Steve Francia, the one-time Google product and strategy lead for Go, offered four additional advantages that Go may have presented to the TypeScript masterminds: build times, dependency management, error feedback, and contributor churn. If not handled well, these factors can all be frustrating for the developer, and doubly so for the automation-hungry agents of tomorrow. “Slow builds waste iterations, broken dependency resolution wastes entire runs, weak error feedback lets mistakes survive those runs, and ecosystem churn invalidates what the agent knew before it started,” Francia wrote. In the end, it may be Go’s human-focused qualities, not its technical chops, that makes it an obvious choice for making TypeScript go. “In a development loop, the question isn’t ‘which language is easiest to write?’ It’s ‘which is easiest to write, review, and ship?” Francia wrote. ®

Niet fit en toch onmisbaar: Romelu Lukaku is ‘de mentale aanvoerder’ van België

Romelu Lukaku ging na een door blessures getekend seizoen toch mee met de Belgische WK-selectie, en hielp de ploeg nu al driemaal aan een zege. „Weinig spelers kunnen kreupel én zo bepalend zijn.”


De koning van Hongarije eindigt in het gekkenhuis

Is de 91-jarige elektricien die aanspraak maakt op het Hongaarse koningschap, een verwarde gek? In de nieuwe roman van de Nobelprijswinnaar, over de valse profeten van het nationalisme, zijn de paginalange zinnen ditmaal goed te volgen, en bevatten lichtheid en humor.

Van verkrachting beschuldigde Democratische senaatskandidaat met nazitattoo trekt zich terug uit race met hallucinant filmpje van 11 minuten

Social

Het zou natuurlijk kunnen hè, dat de vrouw die Graham Platner ervan beschuldigd haar in 2021 te hebben verkracht al wist dat hij later de politiek in zou gaan en dus haar nieuwe vriend, een gewone vriend en haar therapeut vast in vertrouwen nam om wat valse beschuldigingen de wereld in te slingeren, maar Platner wist toen zelf nog helemaal niet dat hij zich ooit verkiesbaar zou stellen, dus die kans is klein. Bovendien meldden zich inmiddels meerdere vrouwen die ooit met hem gedatet hebben, en de beschuldigingen waarachtig achten. Dat weerhoudt Platner er niet van eerst met die indrukwekkende zeehonden-snor van hem een konijnenhol in te duiken, en vervolgens in ruim elf minuten verslag te doen van wat hij daar aantreft. Het establishment wil hem kaltstellen, het is allemaal één groot complot, het echte slachtoffer is Graham Platner, en daarmee het volk, dat vanzelfsprekend op Graham Platner zou stemmen. Ze zitten achter u aan, Graham Platner stond alleen maar in de weg!

Steun uit (on?)verwachte hoek

Social

The Guardian

Latest news, sport, business, comment, analysis and reviews from the Guardian, the world's leading liberal voice

Andy Burnham urged to scrap income tax and NI in radical fiscal overhaul

Economists including Jim O’Neill write open letter calling for single levy to replace six key taxes to raise money for public services

Prominent economists including Jim O’Neill, an ally of Andy Burnham, are urging the MP for Makerfield to pursue radical tax and spending reform to “unlock the gridlock that plagues the country” when he is confirmed as prime minister.

O’Neill joins Jonathan Portes, an economics professor at King’s College London, and Danny Sriskandarajah, the chief executive of the New Economics Foundation, in calling for bold action in an open letter.

Continue reading...

Germany set to make rental e-scooter operators liable for accidents

Measures would make it easier for victims to seek compensation, with companies such as Bolt and Lime held responsible for damage

Victims hit by rental e-scooters on German streets will have an easier time gaining compensation from their operators under legislation due to pass parliament that would put the vehicles on a similar legal footing to cars.

The draft law by the right-left coalition government, which has been welcomed by consumer rights advocates, says that given the rapid rise in the use of e-scooters in recent years coupled with high accident rates, rental operators such as Lime and Bolt should be held liable.

Continue reading...

‘New terrifying levels’: 10 people fatally shot by immigration officials in Trump’s second term

As Trump’s immigration crackdown continues, Lorenzo Salgado Araujo’s death marks another high-profile killing by ICE officers

Early on Tuesday morning, 52-year-old Lorenzo Salgado Araujo took his coffee and a meal his wife had prepared for him, said goodbye to his dog, and left the house he built. He drove his white van, picked up three co-workers, and headed towards a construction site to work on some houses.

But Salgado never made it to work. During a “targeted enforcement operation”, officers with Immigration and Customs Enforcement (ICE) shot and killed Salgado and arrested the three other men.

Continue reading...

Experimental bathtub: the remote lake island trying wave power to boost energy security

Researchers on Beaver Island, in Lake Michigan, are trying to find a more reliable form of power using local resources

Beaver Island sits in the middle of the northernmost end of Lake Michigan, about 70 miles from the maritime border with Canada. The forested island, just a little bigger than San Francisco in size, is a popular summer destination for tourists and home to about 600 permanent residents. Getting there requires a boat or plane ride.

Getting electricity to the island is not as easy. Power comes from mainland Michigan through cables that cross roughly 30 miles of lake bed. Outages are common during extreme weather, or when there are problems with the sensitive wires. The devastating ice storm that walloped the state last year knocked out power to the island for weeks.

Continue reading...

404 Media

404 Media is an independent media company founded by technology journalists Jason Koebler, Emanuel Maiberg, Samantha Cole, and Joseph Cox.

LinkedIn and X Are Flooded With AI Spam, Browsing Data Suggests

LinkedIn and X Are Flooded With AI Spam, Browsing Data Suggests

A shocking amount of the content that users encounter on popular social media websites is likely AI generated, according to data from a company that detects AI writing. As much as 41 percent of longform written content seen by users on LinkedIn is likely to be fully AI-generated and roughly a third of longer posts on X are AI-generated; roughly one-in-ten longer Reddit and Substack posts are AI, according to the data

The data was collected using a Chrome extension from Pangram, a company that detects AI-generated writing. Pangram’s Chrome extension scans writing that users encounter while browsing and determines if any given post is likely AI-generated or likely human written. Because Pangram works passively in the background while a user is browsing the internet, it only scans posts that its users actually see. This helps answer the question of whether AI slop is actually poisoning the internet that humans actually use, versus polluting the internet more broadly. The answer is unequivocal: AI slop writing is not just sequestered off on unpopular automated SEO farms or spam sites that no one reads; humans are regularly wading through AI dreck on hugely popular sites. 

“This isn’t something that had really been studied before—how much AI content people are actually seeing,” Max Spero, the CEO of Pangram, told me in a phone interview. “AI content is a tax on readers’ time.” 

LinkedIn and X Are Flooded With AI Spam, Browsing Data Suggests

(Pangram formerly advertised on 404 Media. I am covering this data because I have written many articles about how AI-generated content is taking over social media and is brute forcing social media algorithms, and I have not seen other data that attempts to measure the actual popularity of slop.)

For this research, Pangram specifically asked users of its Chrome extension to opt-in to share Pangram browsing results with the company. The company analyzed roughly a million posts that its users organically scroll through across LinkedIn, Medium, X, Reddit, and Substack over a two-month period. Pangram found that, universally, longer posts on all platforms are more likely to be AI-generated than shorter posts. The company split the content it analyzed into “shortform” (between 50 and 250 words) and “longform” (longer than 250 words). 

The data suggests, perhaps unsurprisingly, that a huge portion of longform posts on LinkedIn and X’s new article format are fully AI-generated or AI-assisted (meaning drafted, edited, or rewritten by AI with some human elements). Forty percent of longform LinkedIn posts analyzed in the data were fully AI-written; a quarter of X articles were fully AI written, but another 23 percent of X articles were AI-assisted, the company said. It intuitively makes sense that longer form content is more likely to be AI-generated, because people usually won’t bother to AI-generate a few word response or a pithy comment on a quote tweet, for example. AI is also famously verbose, meaning AI-generated content is more likely to show up in longer posts.

LinkedIn and X Are Flooded With AI Spam, Browsing Data Suggests

“Our data shows that AI-generated content is a problem across all platforms, and it is hitting longform content especially hard,” the company wrote in a blog post. “Contrary to what one might expect, people are overwhelmingly willing to use AI to speak on their behalf in professional settings that are associated with their real identity, and less likely to use it on casual and anonymous platforms.”

The study also found that top-level posts on LinkedIn and Reddit are far more likely to be AI-generated than the comments underneath an original post. 

I have been using the Pangram Chrome extension for several months now, after interviewing Spero for an article I wrote called “Your AI Use Is Breaking My Brain.” In that article, I wrote about the cognitive weight of the constant assessments I am doing when I’m browsing the internet, trying to determine whether a piece of writing is AI-generated or not. After writing that article, I decided to try the Pangram Chrome extension to see whether its assessments of likely AI-generated writing aligned with my own brain’s assessments. After using the extension for nearly two months, my experience has largely aligned with what Pangram’s data suggests: Many of the longform articles I see on X are obviously AI generated, and are detected by Pangram as such. A huge amount of the LinkedIn posts I see are obviously AI-generated.

Because of the way the study worked, by passively detecting AI generated content that people see in their normal browsing, the data is potentially more useful than other studies that have sought to estimate the raw percentage of AI-generated content on the internet, but not whether anyone was actually seeing that content. These prior studies, which found that as many as a third of new sites are AI, allowed for the possibility that AI-generated content was flooding the internet but that it was of such a low quality that actual people may not have been seeing it. 

The Pangram data raises questions about what platforms are doing to promote or disincentivize AI slop. LinkedIn, for example, had for years built AI writing tools into its platform meaning that it has been incredibly easy to post AI-generated content on the platform and that AI-generated content became incredibly common on the platform. In May, the company announced that it is trying to disincentivize AI content in the name of “keeping conversations real,” and the AI writing assistant is no longer built into the post button. Reddit, meanwhile, has become a vector for companies trying to game LLM tools by promoting their products on the site because AI search tools often scrape Reddit. But Reddit’s moderators are also overwhelmingly anti AI, and the company has worked to delete AI-generated posts and ban accounts that spam. On Monday, Reddit published a blog post saying that “in the age of AI, spam, bot activity, and inauthentic content are top of mind for people who love Reddit (and humans).” In the last few weeks, Reddit launched an ad campaign called “people are best” specifically highlighting that its users are human. A Reddit spokesperson referred us to the blog post when asked for comment.

As we have reported before, no AI detector is 100 percent foolproof, and Pangram certainly has both false positives (human content detected as AI) and false negatives (AI content detected as human). Spero said that the company is constantly working on minimizing both, and that it estimates its false positive rate at roughly one in 10,000. He said he believes the Pangram data is likely a “lower bound” and that the actual problem is likely worse, because people who are willing to install AI detectors on their browsers are likely trying to avoid AI-generated content.

“I think the data generalizes out [to non Pangram users], but that it’s a lower bound on AI content because someone with the Pangram extension probably cares more about seeing AI content than the average person and would be more likely to block or mute AI posters,” he said.

A LinkedIn spokesperson told 404 Media in a statement that “Professionals come to LinkedIn to hear from real people and their unique insights and perspectives. We actively work to reduce low quality, automated or generic content, and while AI can be used to beat the blank page problem, our focus is on surfacing professional conversations that help people advance their careers.” 

 Substack and X did not respond to a request for comment.


Wel.nl

Minder lezen, Meer weten.

Brussel geeft opties handelsrestricties nederzettingen Israël

BRUSSEL (ANP) - Op verzoek van de EU-lidstaten heeft de Europese Commissie een lijst met opties opgesteld voor handelsrestricties op producten uit de door Israël bezette gebieden op de Westelijke Jordaanoever. Dat bevestigt een woordvoerder van de Europese Commissie donderdag. De opties worden maandag besproken op een vergadering van de EU-ministers van Buitenlandse Zaken in Brussel.

De commissiewoordvoerder wilde er verder niet veel over kwijt. Het gaat volgens hem onder meer om mogelijkheden om de invoer van goederen uit deze illegale nederzettingen te beperken of te verbieden "met het oog op een eventuele verslechtering van de situatie".

Een van de opties is de verplichting van een exportvergunning voor bedrijven die goederen uit Israëlische nederzettingen importeren, meldt Euronews. Een tweede is een dusdanige verhoging van de invoertarieven om zo de invoer van goederen uit nederzettingen onbetaalbaar te maken.


Sjoerdsma ziet na bezoek China dat bedrijfsleven aan de slag moet

SHANGHAI (ANP) - China moet zijn handelsoverschot aanpakken, maar ook Nederland en Europa moeten aan de slag. Tot die slotsom komt minister Sjoerd Sjoerdsma (Buitenlandse Handel, D66) na drie dagen op economische missie in China.

Hij kan een paar conclusies trekken, zei de minister aan het eind van het bezoek. Nederland staat er goed op in China, "zowel bij de overheid als het bedrijfsleven". Verder zijn Chinese bedrijven gretig om met Nederlandse bedrijven samen te werken.

Maar vooral de "ongelofelijke innovatiekracht en de snelheid waarmee dat gaat", viel hem op. "Wij zullen op de een of andere manier dat tempo en die snelheid moeten zien te matchen." Er zijn "hier belangrijke lessen" te trekken voor ondernemers.

Als voorbeeld noemde hij de auto-industrie in China. "Die heeft echt een enorme sprong gemaakt." Bedrijven krijgen dan wel staatssteun, "maar de techniek is er wel degelijk". "Voor ons is het van belang dat wij daar een been bij trekken." De overheid zal daarvoor volgens hem de juiste omstandigheden moeten creëren.


VK: Voorpagina

Volkskrant.nl biedt het laatste nieuws, opinie en achtergronden

Nieuw monument Walk of Pride ingewijd met een wandeling: ‘Ik was geraakt toen ik een voorbijganger ons verhaal zag lezen’

VS bombardeerden bruggen op route begrafenisstoet Iraanse leider Khamenei

Stop met documentaires maken over de verkeerde mensen

Ploeg Pogacar bepaalt tempo in zesde etappe, Australiër Ben O’Connor eenzame vluchter

The Moscow Times - Independent News From Russia

The Moscow Times offers everything you need to know about Russia: Breaking news, top stories, business, analysis, opinion, multimedia

FSB Claims It Foiled Ukrainian Assassination Plots Against Military Officials

The FSB accused Ukrainian intelligence of recruiting a young Moscow woman and a Russian ex-convict living in Ukraine to carry out the attacks.

MetaFilter

The past 24 hours of MetaFilter

A FAANG™ Life Simulator

Escape the Race A rat lives under your standing desk. You name him Milton. He's seen things. He will narrate your downfall (or escape). The goal: fill the FREEDOM bar and quit forever. Mind the

Formula 1 News

Formula 1® - The Official F1® Website

10 of the best retro-inspired F1 liveries over the years

Following on from McLaren’s 1966-inspired livery for the British Grand Prix, F1.com takes a look at some of our favourite throwback designs.

Oppama#71

tetsuo5 has added a photo to the pool:

Oppama#71

@20260510 横須賀市/追浜本町 GX7Mark2+G-Vario14-45mmf3.5-4.5