News Links

Apple Fitness+ today announced a slew of new content to kick off the year, as well as a new integration with the popular social fitness app Strava.

Fitness+ users will now be able to easily share their completed workout sessions to Strava, with rich details like episode image, music genre, and metrics. Strava subscribers will also be able to redeem a free trial of Fitness+.

Apple says Fitness+ offers the largest library of 4K fitness and wellness content in the world, with more than 6,500 workouts and meditations across twelve workout types.

New content for 2025 includes new programs for progressive strength training, and a conditioning program for pickleball.

This enforcement action marks the first significant implementation of India’s 2022 regulatory framework governing VPN apps. The rules mandate that VPN providers and cloud service operators maintain comprehensive records of their customers, including names, addresses, IP addresses and transaction histories, for a five-year period.

The stringent requirements prompted pushback from major industry players. Leading brands like NordVPN, ExpressVPN, SurfShark and ProtonVPN voiced significant reservations about the rules, with several announcing plans to withdraw their server infrastructure from India.

NordVPN, ExpressVPN and SurfShark continue to maintain services for Indian customers, though they have stopped marketing their apps in the country.

Universal Music Group, Concord Music Group and ABKCO, among other publishers, sued Anthropic in Tennessee federal court in 2023, accusing it of copyright infringement for training its AI system on lyrics from at least 500 songs from artists such as Katy Perry, the Rolling Stones and Beyoncé. One example: When asked the lyrics to Perry’s “Roar,” which is owned by Concord, Claude provided an near-identical copy of the words in the song, according to the complaint.

At the heart of the lawsuit were allegations that there’s already an existing market that’s being undercut by Anthropic pilfering lyrics without consent or payment. The publishers pointed to music lyric aggregators and websites that have licensed their works.

While Davila issued a preliminary injunction barring the state from enforcing these two elements, state Attorney General Rob Bonta's office is free to enforce the remainder of the law. Companies will need to create a private mode for minors that would prevent strangers from viewing or responding to children’s posts, and he rejected NetChoice's claims the law is too vague to stand.

Though the act’s language applies to companies who offer covered feeds as a “significant part” of their services, these terms are not out of the ordinary in our laws.

“They are an unavoidable part of the law,” said the judge.

Davila also noted his order is preliminary and the litigation over the law will proceed.

New codes that contain sell-by dates, product instructions, allergens and ingredients, as well as prices, will mean “we will say goodbye to the old-fashioned barcode”, according to GS1, an international non-profit that maintains the global standard for barcodes.

Tesco has started using them on some products, and other trials have suggested that waste of perishable food such as poultry can be cut by embedding sell-by dates in the new QR-style codes, allowing for more dynamic discounting.

QR (quick response) codes will allow customers to instantly access more information about the product, including how to recycle batteries, clothes and building materials when tougher environmental regulations bite.

But they will also put a greater demand on the world’s cloud computing resources, where the extra data they contain will be stored – meaning a potentially greater carbon footprint.

The proposed measures include implementing multi-factor authentication and encrypting patient data to safeguard it in case of a data breach. Organizations in the sector would also be required to undergo compliance checks to ensure their networks meet cybersecurity rules.

The proposals are now in a 60-day public comment period, during which industry players, such as healthcare firms, can provide feedback. However, the new changes won’t come cheap. Reuters reports that Anne Neuberger, the US deputy national security advisor for cyber and emerging technology, told reporters the proposals are projected to cost $9 billion in the first year and $6 billion in the following two years.

At least five Chrome extensions were compromised in a coordinated attack where a threat actor injected code that steals sensitive information from users.

One attack was disclosed by Cyberhaven, a data loss prevention company that alerted its customers of a breach on December 24 after a successful phishing attack on an administrator account for the Google Chrome store.

Among Cyberhaven's customers are Snowflake, Motorola, Canon, Reddit, AmeriHealth, Cooley, IVP, Navan, DBS, Upstart, and Kirkland & Ellis.

The hacker hijacked the employee’s account and published a malicious version (24.10.4) of the Cyberhaven extension, which included code that could exfiltrate authenticated sessions and cookies to the attacker's domain (cyberhavenext[.]pro).

Please use the sharing tools found via the share button at the top or side of articles. Copying articles to share with others is a breach of FT.com T&Cs and Copyright Policy. Email licensing@ft.com to buy additional rights. Subscribers may share up to 10 or 20 articles per month using the gift article service. More information can be found at https://www.ft.com/tour.
https://www.ft.com/content/0c208ac1-f416-41b2-a373-ec7f90b84ca8

Finland suspects an oil tanker that is part of Russia’s shadow fleet of damaging an underwater electricity cable and three communication cables, opening an investigation into the vessel for aggravated sabotage. 

The Eagle S was stopped by Finnish authorities after the Estlink 2 subsea electricity cable in the Gulf of Finland was disconnected on Wednesday. The tanker, which is registered in the Cook Islands and is carrying oil from Russia to Egypt according to ship tracking data, was seen passing over the cable at the time of the incident.

Finnish police said on Thursday that they believe the vessel’s anchor, which they did not find on the ship, cut the cables.

If this Court prohibits Google from sharing revenue for search distribution, Apple would have two unacceptable choices. It could still let users in the United States choose Google as a search engine for Safari, but Apple could not receive any share of the resulting revenue, so Google would obtain valuable access to Apple's users at no cost. Or Apple could remove Google Search as a choice on Safari. But because customers prefer Google, removing it as an option would harm both Apple and its customers.

As reported by MacRumors, Cue said Apple making its own general search engine would be “economically risky” and suggests AI chatbots are the next big evolution to search. Apple also noted in the filing that it would have to adopt targeted advertising as a core service to make search viable, which would fit badly with its privacy-focused business model.

NASA’s Parker Solar Probe has traveled to within just 3.86 million miles (6.1 million kilometers) of the sun’s surface — a new record — on Christmas Eve. You can follow Parker’s landmark moment on NASA’s Eyes On The Solar System page.

In one of humankind’s most impressive feats of space exploration, Tuesday, Dec. 24 saw a heavily armored NASA spacecraft — no bigger than a small car — become the closest human-made object to the sun in history. It also saw humanity’s closest-ever approach to a star and the fastest-ever human-made object break its speed record.

In the last few years, Apple has been sending notifications to targets and victims of government spyware, alerting them that they may have been hacked, and directing them to get help. Crucially, Apple doesn’t tell the targets to get in touch with its own security engineers, but with the nonprofit Access Now, which runs a digital helpline for people in civil society who suspect they have been targets of government spyware.

“Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple Account,” reads a recent alert, which Access Now shared with TechCrunch. “This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”

While it may look like Apple is abdicating its responsibility to protect its users, cybersecurity experts who work with human rights defenders, journalists, and dissidents generally agree that Apple’s approach in alerting victims to spyware attacks is the right one.

Qualcomm Inc. prevailed at trial against Arm Holdings Plc’s claim that it breached a license for chip technology that the world’s largest maker of mobile-phone processors acquired when it bought a startup in 2021.

Jurors in federal court in Delaware concluded Friday that Qualcomm didn’t violate the terms of an agreement covering Arm’s chip products acquired in a $1.4 billion purchase of Nuvia Inc. by incorporating the technology in its chips without paying a higher licensing rate. Jurors weren’t able to agree on whether Nuvia breached the license and US District Judge Maryellen Noreika said that issue could be retried at a later date.

Oliver Darcy reported this fall in his newsletter, Status, that Swisher was "interested in assembling a consortium of wealthy investors to make a bid for the paper."

Since then, a banker who worked with Swisher in the past has been helping her think through how to move the idea forward. The storied paper would be run by a board of civic-minded people willing to write a big check to be part of something important. She'd be open to Bezos remaining a partial investor.

The Consumer Financial Protection Bureau on Friday sued the operator of the Zelle payments network and the three U.S. banks that dominant transactions on it, alleging that the firms failed to properly investigate fraud complaints or give victims reimbursement.

The CFPB said customers of the three banks — JPMorgan Chase , Bank of America and Wells Fargo — have lost more than $870 million since the launch of Zelle in 2017.

Zelle, a peer-to-peer payments network run by bank-owned fintech firm Early Warning Services, allows for instant payments to other consumers and businesses and has quickly surged to become the biggest such service in the country.