Amazon’s cloud customers will need to wait several more months before the US tech company can repair war-damaged data centers and restore normal operations in the Middle East. The announcement comes two months after Iranian drone strikes targeted three Amazon data centers in the United Arab Emirates and Bahrain — meaning that full recovery from the cloud disruption could take nearly half a year in all. The Amazon Web Services (AWS) dashboard posted an April 30 update describing how its UAE and Bahrain cloud regions “suffered damage as a result of the conflict in the Middle East” and are unable to support customer applications. The update also said that “relevant billing operations are currently suspended while we restore normal operations” in a process that “is expected to take several months.”

That wording suggests Amazon will continue to avoid billing AWS customers in the affected regions — ME-CENTRAL-1 and ME-SOUTH-1 — after it initially waived all usage-related charges for March 2026 at an estimated cost of $150 million. AWS also “strongly” recommended that customers migrate resources to other cloud regions and rely on remote backups to restore any “inaccessible resources.” Some customers, such as the Dubai-based super app Careem—which offers ride-hailing, household services, and food and grocery delivery — were able to get back online quickly after doing an overnight migration to other data center servers.

Xbox mode aims to try and bridge the gap between Xbox consoles and Windows, but its original debut felt like a beta on the Xbox Ally devices. “Since first introducing Xbox mode, formerly known as ‘full screen experience,’ on Windows handhelds, we’ve been listening closely to player feedback and continuing to evolve the experience across devices,” says the Xbox team. “Those learnings directly shaped Xbox mode on Windows 11 PCs.”

Microsoft is also rolling out improvements to the Xbox Ally X handheld today, including a preview of its Auto SR upscaling technology. Xbox console owners are also getting a new dashboard update today, with the ability to disable Quick Resume on individual games and a feature to add custom colors to the dashboard.

An AI coding agent designed to help a small software company streamline its tasks instead blew a hole through its business in just nine seconds. PocketOS founder Jer Crane, said that the AI coding agent Cursor —powered by Anthropic’s Claude Opus 4.6 model — deleted the company’s entire production database and backups with a single call to its cloud provider, Railway, on April 24. […] “This isn’t a story about one bad agent or one bad API [Application Programming Interfaces],” Crane wrote in an X post. “It’s about an entire industry building AI-agent integrations into production infrastructure faster than it’s building the safety architecture to make those integrations safe.”

Crane’s company, PocketOS makes software for car rental companies, handling tasks such as reservations, payments, customer records and vehicle tracking. After the deletion, Crane said customers lost reservations and new signups, and some could not find records for people arriving to pick up their rental cars. “We’ve contacted legal counsel,” Crane wrote. “We are documenting everything.” Crane explained that Cursor found an API token — a “digital key” made of a short sequence of code that lets software talk to other services and prove it has permission to act — in an unrelated file which it then used to run the destructive command. According to Crane, Railway’s setup allowed the deletion without confirmation, and because the backups were stored close enough to the main database, they were also erased.

"[Railway] resolved the issue and restored the data,” Railway confirmed via email to Live Science. “We maintain both user backups as well as disaster backups. We take data very, VERY seriously.” In his post, he pointed to earlier reports of Cursor ignoring user rules, changing files it was not supposed to touch and taking actions beyond the task it had been given. To him, the database wipe was not a freak accident but the next step in a larger, more concerning, pattern. After the database vanished, Crane asked Cursor to explain what happened. The AI agent reportedly admitted that it had guessed, acted without permission and failed to understand the command before running it. “I violated every principle I was given,” the AI agent wrote. “I guessed instead of verifying. I ran a destructive action without being asked. I didn’t understand what I was doing before doing it.” The statement reads like a confession […]. “We are not the first,” Crane wrote. “We will not be the last unless this gets airtime.”

SpaceX, OpenAI, Google, Nvidia, Reflection, Microsoft, and Amazon Web Services (AWS), several of which already work with the Pentagon, will be integrated into its secret and top-secret network environments, providing more military access to their products for use on sensitive topics, the Pentagon said in a statement. The lesser-known Reflection AI, which raised $2 billion in October, is backed by 1789 Capital, a venture capital firm in which Donald Trump Jr. is a partner and investor.

Since the Pentagon deemed Anthropic’s products a “supply-chain risk” in March and the two sides became embroiled in a lawsuit, the military has expressed increasing interest in AI startups. Since the blow-up, newer AI entrants have said the military has sped up the process of incorporating them onto secret and top-secret data levels to less than three months. The process previously took 18 months or longer.

By expanding AI services offered to troops, who use it for planning, logistics, targeting and in other ways to streamline huge operations and perform more quickly, the Pentagon said in its statement it will avoid “vendor lock,” a likely nod to its overdependence on Anthropic or other dominant service providers. […] AI has become increasingly important for the U.S. military. The Pentagon’s main AI platform, GenAI.mil, has been used by over 1.3 million Defense Department personnel, the agency noted in its release, after five months of operation.

ICANN hasn’t offered new gTLDs since 2012, but on Thursday opened applications for new domains in 27 scripts. A 439-page Applicant Guidebook explains the process. The Register suggests paying attention to the string evaluation FAQ, which explains which gTLDs are valid, and those ICANN will likely frown upon. An FAQ describes this round of applications as giving “businesses, communities, and others the opportunity to apply for new top-level domains tailored to their community, culture, language, business, and customers.”

“A TLD can be a branding opportunity for a business, but the commercial opportunities are endless, allowing businesses in countries, entire sectors, or niche markets to develop a unique label on the Internet.” ICANN also sees this round as a chance to “create a more multilingual Internet for the billions of people who speak and write in different languages and scripts and are yet to come online.” If you fancy a gTLD, you’ll need to pay a $227,000 application fee by August 12th … and then wait, possibly until 2030 when this process ends.

Given the dour headlines as of late concerning the diminishing amounts of entry-level software development jobs, coupled with predictions of applications entirely AI-generated, one could be forgiven for assuming that software developers may soon be an endangered species. However, the data tells a different story. James Bessen, professor at Boston University, has been pushing back for some time against the talk of AI and automation displacing jobs on a mass scale, and lately has been arguing that the roles of software developers are nowhere near extinction.

AI is certainly not killing the software developer, Bessen said in a recent analysis (PDF). AI is taking over software development tasks and boosting productivity and output, but that is not translating into lost jobs, he argued. Instead, the types of software skills sought by companies are changing. “Surprisingly, however, after three years of AI use, software developer jobs have continued to grow robustly, reaching record levels of employment — 2.5 million in February,” Bessen said in the report, citing data from the US Bureau of Labor Statistics. The number of software developers in the US has grown by over 400,000, or 19%, since ChatGPT was introduced in 2022. At that time, the employed software developer population was just under 2.1 million. […]

The productivity uptick developers are seeing may ultimately be a boost to their professional opportunities, however. “An important and possibly disruptive change is happening, but the common view misunderstands what is going on,” Bessen pointed out in his report. “Careful case studies find that AI improves the productivity of software developers — that is, the software produced per developer — by 30%, 50%, or more. And the rate of productivity improvement in software development is improving.” Tellingly, since 2022, when ChatGPT was introduced, developer productivity has increased noticeably, Bessen continued. “From 2003 to 2022, developer productivity grew at 3.9% per year; but from 2022 through 2025, it grew at 6% per year.” […] A coming flood of new software products, now more likely to be enhanced by AI, will continue to create jobs for developers, Bessen predicted. “Thus, mass unemployment of software developers seems unlikely to happen soon.” This doesn’t mean the job descriptions of developers or other computer occupations will remain static. AI is shifting and re-inventing these roles, Bessen added.

Last month, Anthropic made a big deal about the supposedly outsize cybersecurity threat represented by its Mythos Preview model, leading the company to restrict the initial release to “critical industry partners.” But new research from the UK’s AI Security Institute (AISI) suggests that OpenAI’s GPT-5.5, which launched publicly last week, reached “a similar level of performance on our cyber evaluations” as Mythos Preview, which the group evaluated last month.

Since 2023, the AISI has run a variety of frontier AI models through 95 different Capture the Flag challenges designed to test capabilities on cybersecurity tasks, such as reverse engineering, web exploitation, and cryptography. On the highest-level “Expert” tasks, GPT-5.5 passed an average of 71.4 percent, slightly higher than the 68.6 percent achieved by Mythos Preview (though within the margin of error). In one particularly difficult task that involved building a disassembler to decode a Rust binary, AISI notes that “GPT-5.5 solved the challenge in 10 minutes and 22 seconds with no human assistance at a cost of $1.73” in API calls.

GPT-5.5 also matched Mythos Preview in its progress on "The Last Ones" (TLO), an AISI test range set up to simulate a 32-step data extraction attack on a corporate network. GPT-5.5 succeeded in 3 of 10 attempts on TLO, compared to 2 of 10 for Mythos Preview — no previous model had ever succeeded at the test even once. But GPT-5.5 still fails at AISI’s more difficult “Cooling Tower” simulation of an attempted disruption of the control software for a power plant, as every previously tested AI model also has. The new results for GPT-5.5 suggest that, when it comes to cybersecurity risk, Mythos Preview was likely not “a breakthrough specific to one model” but rather “a byproduct of more general improvements in long-horizon autonomy, reasoning, and coding,” AISI writes.

The world’s most-used music streaming service said the ‘Verified by Spotify’ text and green checkmark icon would appear next to artist names when they meet “defined standards demonstrating authenticity.” This could include having linked social accounts on their artist profile, consistent listener activity or other “signals of a real artist behind the profile,” the company said, such as merchandise or concert dates.

In its blog post, Spotify said “more than 99%" of the artists listeners actively search for will be verified, representing “hundreds of thousands of artists.” It said the process would prioritize acts with “important contributions to music culture and history”, rather than “content farms,” with the platform rolling out verification and badges over the coming weeks.

cPanel and WHM are two software suites used for managing web servers that host websites, manage emails, and handle important configurations and databases needed to maintain an internet domain. The two suites have deep-access to the servers that they manage, allowing a malicious hacker potentially unrestricted access to data managed by the affected software.

Given the ubiquity of the cPanel and WHM software across the web hosting industry, hackers could compromise potentially large numbers of websites that haven’t patched the bug. Canada’s national cybersecurity agency said in an advisory that the bug could be exploited to compromise websites on shared hosting servers, such as large web hosting companies.

The agency said that “exploitation is highly probable” and that immediate action from cPanel customers, or their web hosts, is necessary to prevent malicious access. […] One web hosting company says it found evidence that hackers have been abusing the vulnerability for months before the attempts were discovered.

If state lawmakers have their way, you’ll have to get a license plate for your e-bike, and if you’re planning to buy one next year, it’ll be slower. Amid growing concerns about e-bike safety, particularly among children in Bay Area suburbs, two bills introduced this year aim to make it easier to ticket riders and reduce the top speed of some models. AB 1942 would require certain e-bikes to be registered with the Department of Motor Vehicles and display license plates, and AB 1557 would slow e-bikes that children are allowed to operate. Both bills are still being reviewed in committee. If either bill passes this year, it will take effect Jan. 1.

Surging concentrations of carbon in the atmosphere, caused largely by burning fossil fuels, have produced potent changes in the way plants grow — from increasing their sugar content to depleting essential nutrients like zinc. Experts fear the degradation of Earth’s food supply will cause an epidemic of hidden hunger, in which even people who consume enough calories won’t get the nutrients they need to thrive. “The diets we eat today have less nutritional density than what our grandparents ate, even if we eat exactly the same thing,” said Kristie Ebi, a professor at the University of Washington’s Center for Health and the Global Environment.

People in wealthy countries with strong health care systems will have many tools to cope with the change, experts said. But for the world’s poorest and most vulnerable, the consequences could be devastating. One study concluded that by the middle of the century the phenomenon could put more than a billion additional women and children at risk of iron-deficiency anemia — a condition that can cause pregnancy complications, developmental problems and even death. Meanwhile, some 2 billion people across the globe who already suffer from some form of nutrient shortage could see their health problems grow even worse. “The scale of the problem is huge,” Ebi said.

Plants depend on carbon dioxide to perform photosynthesis — but that doesn’t mean they grow better when there’s more carbon in the air, scientists say. A sweeping survey of changes among 32 compounds in 43 crops found that nearly every plant that humans eat is harmed by rising CO2 levels. […] For the past several years, [Sterre F. ter Haar, an environmental scientist at Leiden University in the Netherlands and lead author of the survey] and her colleagues have worked to compile a database of all existing research on nutrient changes linked to rising CO2. They tracked down hundreds of studies, ranging from tightly controlled lab experiments to sprawling global analyses of real-world crops.

Next the team used their dataset to calculate the nutritional densities of each crop under different carbon dioxide levels — and to predict how their composition could continue to shift in the future. On average, they found, nutrients have already decreased by an average 3.2 percent across all plants since the late 1980s, when the concentration of carbon dioxide in the atmosphere was about 350 parts per million. That figure may seem small, ter Haar said, but with so much of the world already living on the brink of nutrient insufficiency, a drop of just a few percentage points has the potential to push millions of additional people into a health crisis.

The move would reverse the phase-out of nuclear energy legislation approved in the early 2000s amid safety concerns prohibiting the building of new nuclear power plants and limiting the operating lifetimes of existing ones to 40 years. Only two of Belgium’s seven nuclear reactors are operational - located at plants in Doel and in Tihange - and their operating licenses were recently extended until 2035. The other five reactors were shut between 2022 and 2025 and plans to dismantle them will now be suspended.

Engie and the government said they aim to reach an agreement on the takeover of the nuclear stations by October 1st. In a joint statement with Engie, the Belgian government said the move also highlights its aim to extend operations of existing nuclear reactors and to develop “new nuclear capacity” in Belgium. “By doing so, the Belgian Government is taking responsibility for Belgium’s long-term energy future, with the objective of building a financially and economically viable activity that supports security of supply, climate objectives, industrial resilience and socio-economic prosperity,” the statement adds.

Elon Musk wrapped up his testimony on Thursday as the trial in his lawsuit against OpenAI CEO Sam Altman continued into its fourth day. OpenAI’s attorney, William Savitt, cross-examined Musk in the morning. He asked Musk about the capped nature of Microsoft’s investments in OpenAI, his involvement in negotiations about the company’s structure, and whether he knew about the OpenAI nonprofit’s recent initiatives. “I don’t know what’s going on at OpenAI,” Musk testified.

Savitt also asked Musk about his competing artificial intelligence startup, xAI. While not the main focus of the case, Musk said it is “partly” true that xAI used some of OpenAI’s models to train its own models, a process known as distilling. Musk also suggested that xAI has used OpenAI’s technology to help build the company. Musk sued OpenAI, Altman, and Greg Brockman, the company’s president, in 2024, alleging that they went back on their commitments to keep the artificial intelligence company a nonprofit and to follow its charitable mission. He claims that the roughly $38 million he donated to seed OpenAI, a company he co-founded, was used for unauthorized commercial purposes.

Once Musk wrapped up his testimony after roughly two hours of questioning on Thursday, his attorneys called Jared Birchall, who manages Musk’s billions at his family office, as their next witness. Birchall testified about his knowledge of Musk’s specific donations to OpenAI. Judge Yvonne Gonzalez Rogers oversaw the proceedings from federal court in Oakland, California. The trial will resume on Monday.

The move came amid rising concern about insider trading on prediction market platforms such as Kalshi and Polymarket, and about event contracts that can involve death or violence. On April 22, Kalshi said it had suspended and fined one U.S. Senate candidate and two candidates for the House of Representatives for political insider trading on their own campaigns.

Earlier on Thursday, a group of Democratic members of Congress called on the Commodity Futures Trading Commission to issue a rule “that prevents insider trading and corruption in the market and prohibits event contracts on the outcome of elections, war and military actions in the U.S. or abroad, sports, and government actions without a valid economic hedging interest.” Kalshi and Polymarket both praised the Senate’s action.

A newly disclosed Linux kernel vulnerability called Copy Fail (CVE-2026-31431) allows an unprivileged user to gain root access using a tiny 732-byte script, and it works with unsettling consistency across major distributions. Unlike older exploits that relied on race conditions or fragile timing, this one is a straight-line logic flaw in the kernel’s crypto subsystem. It abuses AF_ALG sockets and splice to overwrite a few bytes in the page cache of a target file, such as /usr/bin/su. Because the kernel executes from the page cache, not directly from disk, the attacker can inject code into a setuid binary in memory and immediately escalate privileges.

What makes this especially concerning is how quiet it is. The file on disk remains unchanged, so standard integrity checks see nothing wrong, while the in-memory version has already been tampered with. The same primitive can also cross container boundaries since the page cache is shared, raising the stakes for multi-tenant environments and Kubernetes nodes. The underlying issue traces back to an in-place optimization added years ago, now being rolled back as part of the fix. Until patched kernels are widely deployed, this is one of those bugs that feels less like a theoretical risk and more like a practical, reliable path to full system compromise.