Feed aggregator

U.S. and Canadian cybersecurity agencies say Chinese-linked actors deployed "Brickstorm" malware to infiltrate critical infrastructure and maintain long-term access for potential sabotage. Reuters reports: The Chinese-linked hacking operations are the latest example of Chinese hackers targeting critical infrastructure, infiltrating sensitive networks and "embedding themselves to enable long-term access, disruption, and potential sabotage," Madhu Gottumukkala, the acting director of the Cybersecurity and Infrastructure Security Agency, said in an advisory signed by CISA, the National Security Agency and the Canadian Centre for Cyber Security. According to the advisory, which was published alongside a more detailed malware analysis report (PDF), the state-backed hackers are using malware known as "Brickstorm" to target multiple government services and information technology entities. Once inside victim networks, the hackers can steal login credentials and other sensitive information and potentially take full control of targeted computers. In one case, the attackers used Brickstorm to penetrate a company in April 2024 and maintained access through at least September 3, 2025, according to the advisory. CISA Executive Assistant Director for Cybersecurity Nick Andersen declined to share details about the total number of government organizations targeted or specifics around what the hackers did once they penetrated their targets during a call with reporters on Thursday. The advisory and malware analysis reports are based on eight Brickstorm samples obtained from targeted organizations, according to CISA. The hackers are deploying the malware against VMware vSphere, a product sold by Broadcom's VMware to create and manage virtual machines within networks. [...] In addition to traditional espionage, the hackers in those cases likely also used the operations to develop new, previously unknown vulnerabilities and establish pivot points to broader access to more victims, Google said at the time.

Read more of this story at Slashdot.

Meta is acquiring AI wearable startup Limitless, maker of a pendant that records conversations and generates summaries. "We're excited that Limitless will be joining Meta to help accelerate our work to build AI-enabled wearables," a Meta spokesperson said in a statement. CNBC reports: Limitless CEO Dan Siroker revealed the deal on Friday via a corporate blog post but did not disclose the financial terms. "Meta recently announced a new vision to bring personal superintelligence to everyone and a key part of that vision is building incredible AI-enabled wearables," Siroker said in the post and an accompanying video. "We share this vision and we'll be joining Meta to help bring our shared vision to life."

Read more of this story at Slashdot.

Here’s my monthly survey of the best interest rates on cash as of December 2025, roughly sorted from shortest to longest maturities. Banks and brokerages love taking advantage of idle cash, and you can often earning more money while keeping the same level of safety by moving to another FDIC-insured bank or NCUA-insured credit union. Check out my Ultimate Rate-Chaser Calculator to see how much extra interest you could earn from switching. Rates listed are available to everyone nationwide. Rates checked as of 12/5/2025.

TL;DR: Savings account interest rates have dropped slightly overall, moving with Fed rates. You can still get 4.6% and 4.5% APY if you accept some hoops/restrictions, but most are a little under 4% now. Short-term T-Bill rates have fallen, now ~3.7%. Top 5-year CD rates are ~4.25% APY, while 5-year Treasury rate is ~3.7%.

High-yield savings accounts*
Since the huge megabanks still pay essentially no interest, everyone should at least have a separate, no-fee online savings account to piggy-back onto your existing checking account. The interest rates on savings accounts can drop at any time, so I list the top rates as well as competitive rates from banks with a history of competitive rates and solid user experience. Some banks will bait you with a temporary top rate and then lower the rates in the hopes that you are too lazy to leave.

• The top saving rate at the moment: Pibank at 4.60% APY (no min), but they have some weird restrictions; like you can only use wire/Plaid to deposit and wire transfers to withdraw funds?! Hyperion Bank has a 4.50% APY money market account ($10,000 minimum, new money) with a 6-month rate guarantee. CIT Platinum Savings is now at 3.75% APY with $5,000+ balance and is offering an up to $300 deposit bonus which increases your effective APY for a while. There are many banks in between.
• SoFi Bank is at 3.60% APY + up to 4.30% APY for 6 months + $325 new account bonus with qualifying direct deposit. You must maintain a direct deposit of any amount (even $1) each month for the higher APY. SoFi has historically competitive rates and full banking features.
• Here is a limited survey of high-yield savings accounts. They aren’t the top rates, but a group that have historically kept it relatively competitive such that I like to track their history. This month they start at 3.30% APY on up.

Short-term guaranteed rates (1 year and under)
A common question is what to do with a big pile of cash that you’re waiting to deploy shortly (plan to buy a house soon, just sold your house, just sold your business, legal settlement, inheritance). My usual advice is to keep things simple and take your time. If not a savings account, then put it in a flexible short-term CD under the FDIC limits until you have a plan.

• No Penalty CDs offer a fixed interest rate that can never go down, but you can still take out your money (once) without any fees if you want to use it elsewhere. Marcus has a 13-month No Penalty CD at 3.95% APY ($500 minimum deposit). Farmer’s Insurance FCU has a 9-month No Penalty CD at 4.00% APY ($1,000 minimum deposit). USALLIANCE Financial CU has a 11-month No Penalty CD at 3.90% APY ($500 minimum deposit).
• USALLIANCE Financial CU has a 12-month certificate at 4.18% APY ($500 min). Early withdrawal penalty is 180 days of interest. Anyone can join this credit union via partner organization American Consumer Council (try promo codes “consumer”, “abnb”, or “USFFCU” to join for free).

Money market mutual funds
Many brokerage firms that pay out very little interest on their default cash sweep funds (and keep the difference for themselves). Note: Money market mutual funds are highly-regulated, but ultimately not FDIC-insured, so I would still stick with highly reputable firms.

• Vanguard Federal Money Market Fund (VMFXX) is the default sweep option for Vanguard brokerage accounts, which has a 7-day SEC yield of 3.89% (changes daily, but also works out to a compound yield of 3.96%, which is better for comparing against APY). Odds are this is much higher than your own broker’s default cash sweep interest rate.
• Vanguard Treasury Money Market Fund (VUSXX) is an alternative money market fund which you must manually purchase, but the interest will be mostly (100% for 2024 tax year) exempt from state and local income taxes because it comes from qualifying US government obligations. Current 7-day SEC yield of 3.88% (compound yield of 3.95%).

Treasury Bills and Ultra-short Treasury ETFs
Another option is to buy individual Treasury bills which come in a variety of maturities from 4-weeks to 52-weeks and are fully backed by the US government. You can also invest in ETFs that hold a rotating basket of short-term Treasury Bills for you, while charging a small management fee for doing so. T-bill interest is exempt from state and local income taxes, which can make a significant difference in your effective yield.

• You can build your own T-Bill ladder at TreasuryDirect.gov or via a brokerage account with a bond desk like Vanguard and Fidelity. Here are the current Treasury Bill rates. As of 12/5/25, a new 4-week T-Bill had the equivalent of 3.72% annualized interest and a 52-week T-Bill had the equivalent of 3.61% annualized interest.
• The iShares 0-3 Month Treasury Bond ETF (SGOV) has a 3.85% 30-day SEC yield (0.09% expense ratio) and effective duration of 0.10 years. SPDR Bloomberg Barclays 1-3 Month T-Bill ETF (BIL) has a 3.71% 30-day SEC yield (0.136% expense ratio) and effective duration of 0.15 years. The new Vanguard 0-3 Month Treasury Bill ETF (VBIL) has a 3.89% 30-day SEC yield (0.07% expense ratio) and effective duration of 0.10 years.

US Savings Bonds
Series I Savings Bonds offer rates that are linked to inflation and backed by the US government. You must hold them for at least a year. If you redeem them within 5 years there is a penalty of the last 3 months of interest. The annual purchase limit for electronic I bonds is $10,000 per Social Security Number, available online at TreasuryDirect.gov.

• “I Bonds” bought between November 2025 and April 2026 will earn a 4.03% rate for the first six months. The rate of the subsequent 6-month period will be based on inflation again. More on Savings Bonds here.
• In mid-April 2026, the CPI will be announced and you will have a short period where you will have a very close estimate of the rate for the next 12 months. I will post another update at that time.

Rewards checking accounts
These unique checking accounts pay above-average interest rates, but with unique risks. You have to jump through certain hoops which usually involve 10+ debit card purchases each cycle, a certain number of ACH/direct deposits, and/or a certain number of logins per month. If you make a mistake (or they judge that you did) you risk earning zero interest for that month. Some folks don’t mind the extra work and attention required, while others would rather not bother. Rates can also drop suddenly, leaving a “bait-and-switch” feeling.

• OnPath Federal Credit Union (my review) pays 6.00% APY on up to $10,000 if you make 15 debit card purchases, opt into online statements, and login to online or mobile banking once per statement cycle. Anyone can join this credit union via $5 membership fee to join partner organization. You can also get a $150 Visa Reward card when you open a new account and make qualifying transactions.
• Genisys Credit Union pays 6.75% APY on up to $7,500 if you make 10 debit card purchases of $5+ each per statement cycle, and opt into online statements. Anyone can join this credit union via $5 membership fee to join partner organization.
• Oklahoma Central Credit Union pays 6.00% APY on up to $10,000 if you make 15 debit card purchases (non-ATM) per statement cycle. Anyone can join this credit union if they are “affiliated with another credit union”.
• La Capitol Federal Credit Union pays 5.75% APY on up to $10,000 if you make 15 debit card purchases of at least $5 each per statement cycle. Anyone can join this credit union via partner organization, Louisiana Association for Personal Financial Achievement ($20).
• First Southern Bank pays 5.50% APY on up to $25,000 if you make at least 15 debit card purchases, 1 ACH credit or payment transaction, and enroll in online statements.
• Credit Union of New Jersey pays 6.00% APY on up to $25,000 if you make 12 debit card purchases, opt into online statements, and make at least 1 direct deposit, online bill payment, or automatic payment (ACH) per statement cycle. Anyone can join this credit union via $5 membership fee to join partner organization.
• Andrews Federal Credit Union pays 5.50% APY (down from 6%) on up to $25,000 if you make 15 debit card purchases, opt into online statements, and make at least 1 direct deposit or ACH transaction per statement cycle. Anyone can join this credit union via partner organization.
• Find a locally-restricted rewards checking account at DepositAccounts.

Certificates of deposit (greater than 1 year)
CDs offer higher rates, but come with an early withdrawal penalty. By finding a bank CD with a reasonable early withdrawal penalty, you can enjoy higher rates but maintain access in a true emergency. Alternatively, consider building a CD ladder of different maturity lengths (ex. 1/2/3/4/5-years) such that you have access to part of the ladder each year, but your blended interest rate is higher than a savings account. When one CD matures, use that money to buy another 5-year CD to keep the ladder going. Some CDs also offer “add-ons” where you can deposit more funds if rates drop.

• United Fidelity Bank has a 5-year certificate at 4.25% APY ($1,000 minimum), 4-year at 4.20% APY, 3-year at 4.20% APY, 2-year at 4.25% APY, and 1.5-year at 4.15% APY. Early withdrawal penalties are not disclosed clearly online.
• Mountain America Credit Union (MACU) has a 5-year certificate at 4.00% APY ($500 minimum), 4-year at 4.00% APY, 3-year at 4.05% APY, 2-year at 4.20% APY, and 1-year at 3.85% APY. Early withdrawal penalty for the 4-year and 5-year is 365 days of interest. Anyone can join this credit union via partner organization American Consumer Council (use promo code “consumer” when joining).
• You can buy certificates of deposit via the bond desks of Vanguard and Fidelity. You may need an account to see the rates. These “brokered CDs” offer FDIC insurance and easy laddering, but they don’t come with predictable early withdrawal penalties. Right now, I see a 5-year non-callable brokered CD at 3.90% APY (callable: no, call protection: yes). Be warned that both Vanguard and Fidelity will list higher rates from callable CDs, which importantly means they can (and will!) call back your CD if rates drop significantly later.

Longer-term Instruments
I’d use these with caution due to increased interest rate risk (tbh, I don’t use them at all), but I still track them to see the rest of the current yield curve.

• Willing to lock up your money for 10 years? You can buy long-term certificates of deposit via the bond desks of Vanguard and Fidelity. These “brokered CDs” offer FDIC insurance, but they don’t come with predictable early withdrawal penalties. You might find something that pays more than your other brokerage cash and Treasury options. Right now, I see a 10-year CDs at 4.00% (non-callable) vs. 4.13% for a 10-year Treasury. Watch out for higher rates from callable CDs where they can call your CD back if interest rates drop.

All rates were checked as of 12/5/25.

* I no longer recommend fintech companies due to the possibility of significant loss due to poor recordkeeping and the lack of government protection in such scenarios. The point of cash is absolute safety of principal.

Photo by Giorgio Trovato on Unsplash

Linux Mint 22.3 Beta Will Be Released This Month  OMG! Ubuntu

Linux File Managers Outshine Windows Explorer in Speed and Customization  WebProNews

India is weighing a proposal to mandate always-on satellite tracking in smartphones for precise government surveillance -- an idea strongly opposed by Apple, Google, Samsung, and industry groups. Reuters reports: For years, the [Prime Minister Narendra Modi's] administration has been concerned its agencies do not get precise locations when legal requests are made to telecom firms during investigations. Under the current system, the firms are limited to using cellular tower data that can only provide an estimated area location, which can be off by several meters. The Cellular Operators Association of India (COAI), which represents Reliance's Jio and Bharti Airtel, has proposed that precise user locations should only be provided if the government orders smartphone makers to activate A-GPS technology -- which uses satellite signals and cellular data -- according to a June internal federal IT ministry email. That would require location services to always be activated in smartphones with no option for users to disable them. Apple, Samsung, and Alphabet's Google have told New Delhi that should not be mandated, said three of the sources who have direct knowledge of the deliberations. A measure to track device-level location has no precedent anywhere else in the world, lobbying group India Cellular & Electronics Association (ICEA), which represents both Apple and Google, wrote in a confidential July letter to the government, which was viewed by Reuters. "The A-GPS network service ... (is) not deployed or supported for location surveillance," said the letter, which added that the measure "would be a regulatory overreach." Earlier this week, Modi's government was forced to rescind an order requiring smartphone makers to preload a state-run cyber safety app on all devices after public backlash and privacy concerns.

Read more of this story at Slashdot.

Linux Still Dealing With Quirky Firewire Devices As We Enter 2026  Phoronix

New Jolla Phone Now Available for Pre-Order as an Independent Linux Phone  9to5Linux

New Jolla Phone Now Available for Pre-Order as an Independent Linux Phone  9to5Linux

New Jolla Phone Now Available for Pre-Order as an Independent Linux Phone  9to5Linux

New Jolla Phone Now Available for Pre-Order as an Independent Linux Phone  9to5Linux

The New York Times is suing Perplexity for copyright infringement, accusing the AI startup of repackaging its paywalled reporting without permission. TechCrunch reports: The Times joins several media outlets suing Perplexity, including the Chicago Tribune, which also filed suit this week. The Times' suit claims that "Perplexity provides commercial products to its own users that substitute" for the outlet, "without permission or remuneration." [...] "While we believe in the ethical and responsible use and development of AI, we firmly object to Perplexity's unlicensed use of our content to develop and promote their products," Graham James, a spokesperson for The Times, said in a statement. "We will continue to work to hold companies accountable that refuse to recognize the value of our work." Similar to the Tribune's suit, the Times takes issue with Perplexity's method for answering user queries by gathering information from websites and databases to generate responses via its retrieval-augmented generation (RAG) products, like its chatbots and Comet browser AI assistant. "Perplexity then repackages the original content in written responses to users," the suit reads. "Those responses, or outputs, often are verbatim or near-verbatim reproductions, summaries, or abridgments of the original content, including The Times's copyrighted works." Or, as James put it in his statement, "RAG allows Perplexity to crawl the internet and steal content from behind our paywall and deliver it to its customers in real time. That content should only be accessible to our paying subscribers." The Times also claims Perplexity's search engine has hallucinated information and falsely attributed it to the outlet, which damages its brand. "Publishers have been suing new tech companies for a hundred years, starting with radio, TV, the internet, social media, and now AI," Jesse Dwyer, Perplexity's head of communications, told TechCrunch. "Fortunately it's never worked, or we'd all be talking about this by telegraph."

Read more of this story at Slashdot.

This Linux file manager is so good it ruined File Explorer for me  MakeUseOf

Here are Google’s latest AI updates from November 2025Here are Google’s latest AI updates from November 2025

Tuxedo unveils Gemini 17 Gen4 Linux laptop for high performance workloads  BetaNews

Cloudflare says it blocked 416 billion AI scraping attempts in five months and warns that AI is reshaping the internet's economic model -- with Google's combined crawler creating a monopoly-style dilemma where opting out of AI means disappearing from search altogether. Tom's Hardware reports: "The business model of the internet has always been to generate content that drive traffic and then sell either things, subscriptions, or ads, [Cloudflare CEO Matthew Prince] told Wired. "What I think people don't realize, though, is that AI is a platform shift. The business model of the internet is about to change dramatically. I don't know what it's going to change to, but it's what I'm spending almost every waking hour thinking about." While Cloudflare blocks almost all AI crawlers, there's one particular bot it cannot block without affecting its customers' online presence -- Google. The search giant combined its search and AI crawler into one, meaning users who opt out of Google's AI crawler won't be indexed in Google search results. "You can't opt out of one without opting out of both, which is a real challenge -- it's crazy," Prince continued. "It shouldn't be that you can use your monopoly position of yesterday in order to leverage and have a monopoly position in the market of tomorrow."

Read more of this story at Slashdot.

Learn more about the personal health coach, Fitbit’s AI-powered tool for learning more about your fitness, health, sleep and more.Learn more about the personal health coach, Fitbit’s AI-powered tool for learning more about your fitness, health, sleep and more.

Chrome can now remember your loyalty card and flight details for faster submission.Chrome can now remember your loyalty card and flight details for faster submission.

RIP Windows: Linux GPU Gaming Benchmarks on Bazzite  GamersNexus

NVIDIA Improves Block Layer Peer-To-Peer DMA In Linux 6.19  Phoronix