Enlarge / Supply-chain attacks, like the latest PyPI discovery, insert malicious code into seemingly functional software packages used by developers. They're becoming increasingly common. (credit: Getty Images)

PyPI, a vital repository for open source developers, temporarily halted new project creation and new user registration following an onslaught of package uploads that executed malicious code on any device that installed them. Ten hours later, it lifted the suspension.

Short for the Python Package Index, PyPI is the go-to source for apps and code libraries written in the Python programming language. Fortune 500 corporations and independent developers alike rely on the repository to obtain the latest versions of code needed to make their projects run. At a little after 7 pm PT on Wednesday, the site started displaying a banner message informing visitors that the site was temporarily suspending new project creation and new user registration. The message didn’t explain why or provide an estimate of when the suspension would be lifted.

Screenshot showing temporary suspension notification. (credit: Checkmarx)

About 10 hours later, PyPI restored new project creation and new user registration. Once again, the site provided no reason for the 10-hour halt.

Enlarge / One thing you can say about this crypto wallet: You can't confuse it for any other. (credit: Getty Images)

The Snap Store, where containerized Snap apps are distributed for Ubuntu's Linux distribution, has been attacked for months by fake crypto wallet uploads that seek to steal users' currencies. As a result, engineers at Ubuntu's parent firm are now manually reviewing apps uploaded to the store before they are available.

The move follows weeks of reporting by Alan Pope, a former Canonical/Ubuntu staffer on the Snapcraft team, who is still very active in the ecosystem. In February, Pope blogged about how one bitcoin investor lost nine bitcoins (about $490,000 at the time) by using an "Exodus Wallet" app from the Snap store. Exodus is a known cryptocurrency wallet, but this wallet was not from that entity. As detailed by one user wondering what happened on the Snapcraft forums , the wallet immediately transferred his entire balance to an unknown address after a 12-word recovery phrase was entered (which Exodus tells you on support pages never to do).

Pope takes pains to note that cryptocurrency is inherently fraught with loss risk. Still, Ubuntu's App Center, which presents the Snap Store for desktop users, tagged the "Exodus" app as "Safe," and the web version of the Snap Store describes Snaps as "safe to run." While Ubuntu is describing apps as "Safe" in the sense of being an auto-updating container with runtime confinement (or "sandboxed"), a green checkmark with "Safe" next to it could be misread, especially by a newcomer to Ubuntu, Snaps, and Linux generally.

Enlarge / A billboard from the AIDS Healthcare Foundation is seen on Sunset Boulevard in Hollywood, California, on May 29, 2018, warning of a drug-resistant gonorrhea. (credit: Getty | )

Health officials have long warned that gonorrhea is becoming more and more resistant to all the antibiotic drugs we have to fight it. Last year, the US reached a grim landmark : For the first time, two unrelated people in Massachusetts were found to have gonorrhea infections with complete or reduced susceptibility to every drug in our arsenal, including the frontline drug ceftriaxone. Luckily, they were still able to be cured with high-dose injections of ceftriaxone. But, as the US Centers for Disease Control and Prevention bluntly notes: "Little now stands between us and untreatable gonorrhea."

If public health alarm bells could somehow hit a higher pitch, a study published Thursday from researchers in China would certainly accomplish it. The study surveyed gonorrhea bacterial isolates— Neisseria gonorrhoeae —from around the country and found that the prevalence of ceftriaxone-resistant isolates nearly tripled between 2017 and 2021. Ceftriaxone-resistant strains made up roughly 8 percent of the nearly 3,000 bacterial isolates collected from gonorrhea infections in 2022. That's up from just under 3 percent in 2017. The study appears in the CDC's Morbidity and Mortality Weekly Report.

While those single-digit percentages may seem low, compared to other countries they're extremely high. In the US, for instance, the prevalence of ceftriaxone-resistant strains never went above 0.2 percent between 2017 and 2021 , according to the CDC. In Canada, ceftriaxone-resistance was stable at 0.6 percent between 2017 and 2021. The United Kingdom had a prevalence of 0.21 percent in 2022.

Enlarge (credit: BRENDAN SMIALOWSKI / Contributor | AFP )

The White House has announced the "first government-wide policy to mitigate risks of artificial intelligence (AI) and harness its benefits." To coordinate these efforts, every federal agency must appoint a chief AI officer with "significant expertise in AI."

Some agencies have already appointed chief AI officers, but any agency that has not must appoint a senior official over the next 60 days. If an official already appointed as a chief AI officer does not have the necessary authority to coordinate AI use in the agency, they must be granted additional authority or else a new chief AI officer must be named.

Ideal candidates, the White House recommended, might include chief information officers, chief data officers, or chief technology officers, the Office of Management and Budget (OMB) policy said.

Enlarge / Being in a box doesn't mean the iPhone can't update. (credit: Apple )

Unboxing a new gadget is always a fun experience, but it's usually marred somewhat by the setup process. Either your device has been in a box for months, or it's just now launching and ships in the box with pre-release software. Either way, the first thing you have to do is connect to Wi-Fi and wait several minutes for an OS update to download and install. The issue is so common that going through a lengthy download is an expected part of buying anything that connects to the Internet.

But what if you could update the device while it's still in the box? That's the latest plan cooked up by Apple, which is close to rolling out a system that will let Apple Stores wirelessly update new iPhones while they're still in their boxes. The new system is called "Presto."

French site iGeneration has the first picture of what this setup looks like. It starts with a clearly Apple-designed silver rack that holds iPhones and has a few lights on the front. The site (through translation) calls the device a "toaster," and yes, it looks like a toaster oven or food heating rack .

Enlarge (credit: Proxmox )

Broadcom has made sweeping changes to VMware's business since acquiring the company in November 2023, killing off the perpetually licensed versions of VMware's software and instituting large-scale layoffs . Broadcom executives have acknowledged the " unease " that all of these changes have created among VMware's customers and partners but so far haven't been interested in backtracking.

Among the casualties of the acquisition is the free version of VMware's vSphere Hypervisor, also known as ESXi. ESXi is "bare-metal hypervisor" software, meaning that it allows users to run multiple operating systems on a single piece of hardware while still allowing those operating systems direct access to disks, GPUs, and other system resources.

One alternative to ESXi for home users and small organizations is Proxmox Virtual Environment , a Debian-based Linux operating system that provides broadly similar functionality and has the benefit of still being an actively developed product. To help jilted ESXi users, the Proxmox team has just added a new " integrated import wizard " to Proxmox that supports importing of ESXi VMs, easing the pain of migrating between platforms.

Enlarge / FTX Founder Sam Bankman-Fried arrives at US District Court on March 30, 2023, in New York City after being hit with a criminal charge for allegedly authorizing a bribe of at least $40 million to one or more Chinese government officials. (credit: Getty Images | Michael Santiago )

Convicted FTX fraudster Sam Bankman-Fried was sentenced to 25 years in prison today, according to news reports .

The founder and ex-CEO of cryptocurrency exchange FTX was sentenced this morning by Judge Lewis Kaplan in US District Court for the Southern District of New York. Bankman-Fried had requested a sentence of 63 to 78 months (5.25 to 6.5 years), arguing that he deserved leniency because of his "charitable works and demonstrated commitment to others."

Kaplan also reportedly ordered a forfeiture of $11.2 billion but said there will be no actual restitution because it would be "impractical."

Enlarge / After a 10-year gap, Lola is back developing an electric racecar, or at least the powertrain for one, as it will enter Formula E next season. (credit: Lola)

In 2022, we brought news that Lola, a once-famous racing company, was planning its renaissance . Lola never really cracked Formula 1, but it did have success in IndyCar and sports car racing with cars it designed and built from the 1960s until it ceased trading in 2012. Now, under new ownership, the company has been rebuilding its engineering facilities and expertise. And together with Yamaha as its technical partner, it has chosen Formula E for its official return to professional motorsport.

Formula E's dart-shaped electric single-seaters are getting a bit of an update before they start season 11 next year. We expect new bodywork, better tires, and perhaps the ability to use the front electric motor to send power to the wheels instead of just acting as regenerative brakes on the front axle, but those components are all spec parts, meaning every team has to use the same ones without modifying them.

That goes for the battery, too, but there is freedom when it comes to the 470 hp (350 kW) electric motor that powers the rear wheels. And then there's the software, without which the car won't go anywhere.

Enlarge / Claptrap keeps finding himself in wild new places. Now he's heading from Sweden's Embracer Group to New York City's Take-Two Interactive. Okay, maybe not that wild. (credit: Gearbox Interactive)

Embracer Group has been backing away from its all-encompassing position in the games industry lately. The latest divestment is Gearbox Entertainment, the studio behind the Borderlands series it bought in early 2021 for a deal that could have been worth up to $1.37 billion to Gearbox had it stayed inside the Swedish conglomerate's grasp.

The buyer is Take-Two Interactive Software , which had previously partnered with Gearbox on publishing Borderlands and other titles. Take-Two will issue new shares of its common stock to pay $460 million for Gearbox, to be completed before the end of June this year. Embracer paid $363 million in cash and stock for Gearbox in 2021 but promised up to $1 billion more should the developer hit earnings goals over six years.

"Today’s announcement marks the result of the final structured divestment process and is an important step in transforming Embracer into the future with notably lower net debt and improved free cash flow," said Embracer CEO Lars Wingefors in a statement intended to start nobody's imagination running.