An artificial intelligence (AI) team at Stanford University apologized for plagiarizing a large language model (LLM) from a Chinese AI company, which became a trending topic on the Chinese social media platforms, where it sparked concern among netizens on Tuesday. We apologize to the authors of MiniCPM [the AI model developed by a Chinese company] for any inconvenience that we caused for not doing the full diligence to verify and peer review the novelty of this work, the multimodal AI model Llama3-V's developers wrote in a post on social platform X. The apology came after the team from Stanford University announced Llama3-V on May 29, claiming it had comparable performance to GPT4-V and other models with the capability to train for less than $500. According to media reports, the announcement published by one of the team members quickly received more than 300,000 views. However, some netizens from X found and listed evidence of how the Llama3-V project code was reformatted and similar to MiniCPM-Llama3-V 2.5, an LLM developed by a Chinese technology company, ModelBest, and Tsinghua University. Two team members, Aksh Garg and Siddharth Sharma, reposted a netizen's query and apologized on Monday, while claiming that their role was to promote the model on Medium and X (formerly Twitter), and that they had been unable to contact the member who wrote the code for the project. They looked at recent papers to validate the novelty of the work but had not been informed of or were aware of any of the work by Open Lab for Big Model Base, which was founded by the Natural Language Processing Lab at Tsinghua University and ModelBest, according to their responses. They noted that they have taken all references to Llama3-V down in respect to the original work. In response, Liu Zhiyuan, chief scientist at ModelBest, spoke out on the Chinese social media platform Zhihu, saying that the Llama3-V team failed to comply with open-source protocols for respecting and honoring the achievements of previous researchers, thus seriously undermining the cornerstone of open-source sharing. According to a screenshot leaked online, Li Dahai, CEO of ModelBest, also made a post on his WeChat moment, saying that the two models were verified to have highly similarity in terms of providing answers and even the same errors, and that some relevant data had not yet been released to the public. He said the team hopes that their work will receive more attention and recognition, but not in this way. He also called for an open, cooperative and trusting community environment. Director of the Stanford Artificial Intelligence Laboratory Christopher Manning also responded to Garg's explanation on Sunday, commenting "How not to own your mistakes!" on X. As the incident became a trending topic on Sina Weibo, Chinese netizens commented that academic research should be factual, but the incident also proves that the technology development in China is progressing. Global Times

According to AndroidAuthority, the Linux kernel used by Android devices is mostly derived from Google's Android Universal Kernel (ACK) branch, which is created from the Android mainline kernel branch when new LTS versions are released upstream. For example, when kernel version 6.6 is announced as the latest LTS release, an ACK branch for Android15-6.6 appears shortly after, with the "android15" in the name referring to the Android version of the kernel (in this case, Android 15). Google maintains its own set of LTS kernel branches for three main reasons. First, Google can integrate upstream features that have not yet been released into the ACK branch by backporting or picking, so as to meet the specific needs of Android. Second, Google can include some features that are being developed upstream in the ACK branch ahead of time, making it available for Android devices as early as possible. Finally, Google can add some vendor or original equipment manufacturer (OEM) features for other Android partners to use. Once created, Google continues to update the ACK branch to include not only bug fixes for Android specific code, but also to integrate the LTS merge content of the upstream kernel branch. For example, the Linux kernel vulnerability disclosed in the July 2024 Android security bulletin will be fixed through these updates. However, it is not easy to distinguish a bug fix from other bug fixes, as a patch that fixes a bug may also accidentally plug a security vulnerability that the submitter did not know about or chose not to disclose. Google does its best to recognize this, but it inevitably misses the mark, resulting in bug fixes for the upstream Linux kernel being released months before Android devices. As a result, Google has been urging Android vendors to regularly update the LTS kernel to avoid being caught off guard by unexpectedly disclosed security vulnerabilities. Clearly, the LTS version of the Linux kernel is critical to the security of Android devices, helping Google and vendors deal with known and unknown security vulnerabilities. The longer the support period, the more timely security updates Google and vendors can provide to devices.

The largest collection of stolen passwords ever has been leaked to a notorious crime marketplace, according to cybersecurity researchers at Cybernews. This leak, dubbed RockYou2024 by its original poster “ObamaCare,” holds a file containing nearly 10 billion unique plaintext passwords. Allegedly gathered from a series of data breaches and hacks accumulated over several years, the passwords were posted on July 4th and hailed as the most extensive collection of stolen and leaked credentials ever seen on the forum. “In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world,” the researchers told Cybernews. “Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks.” Credential stuffing attacks are among the most common methods criminals, ransomware affiliates, and state-sponsored hackers use to access services and systems. Threat actors could exploit the RockYou2024 password collection to conduct brute-force attacks against any unprotected system and “gain unauthorized access to various online accounts used by individuals whose passwords are included in the dataset,” the research team said. This could affect online services, cameras and hardware This could affect various targets, from online services to internet-facing cameras and industrial hardware. “Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts,” the team concluded. However, despite the seriousness of the data leak, it is important to note that RockYou2024 is primarily a compilation of previous password leaks, estimated to contain entries from a total of 4,000 massive databases of stolen credentials, covering at least two decades. This new file notably includes an earlier credentials database known as RockYou2021, which featured 8.4 billion passwords. RockYou2024 added approximately 1.5 billion passwords to the collection, spanning from 2021 through 2024, which, though a massive figure, is only a fraction of the reported 9,948,575,739 passwords in the leak. Thus, users who have changed their passwords since 2021 may not have to panic about a potential breach of their information. That said, the research team at Cybernews stressed the importance of maintaining data security. In response to the leak, they recommend immediately changing the passwords for any accounts associated with the leaked credentials, ensuring each password is strong and unique and not reused across different platforms. Additionally, they advised enabling multi-factor authentication (MFA), which requires an extra form of verification beyond the password, wherever possible, to strengthen cyber security. Lastly, tech users should utilize password manager software, which securely generates and stores complex passwords, mitigating the risk of password reuse across multiple accounts.

In a groundbreaking discovery, researchers from the Xinjiang Institute of Ecology and Geography of the Chinese Academy of Sciences have found a desert moss species, known as Syntrichia caninervis, that has the potential to survive in the extreme conditions on Mars. The Global Times learned from the institute that during the third Xinjiang scientific expedition, the research team focused on studying the desert moss and found that it not only challenges people's understanding of the tolerance of organisms in extreme environments, but also demonstrates the ability to survive and regenerate under simulated Martian conditions. Supported by the Xinjiang scientific expedition project, researchers Li Xiaoshuang, Zhang Daoyuan and Zhang Yuanming from the Xinjiang Institute of Ecology and Geography and Kuang Tingyun, an academician from the Chinese Academy of Sciences, concentrated on studying the "pioneer species" Syntrichia caninervis in an extreme desert environment, according to the institute in an article it sent to the Global Times on Sunday. Through scientific experiments, the researchers systematically proved that the moss can tolerate over 98 percent cell dehydration, survive at temperatures as low as -196 C without dying, withstand over 5000Gy of gamma radiation without perishing, and quickly recover, turn green, and resume growth, showcasing extraordinary resilience. These findings push the boundaries of human knowledge on the tolerance of organisms in extreme environments. Furthermore, the research revealed that under simulated Martian conditions with multiple adversities, Syntrichia caninervis can still survive and regenerate when returned to suitable conditions. This marks the first report of higher plants surviving under simulated Martian conditions. The research team also identified unique characteristics of Syntrichia caninervis. Its overlapping leaves reduce water evaporation, while the white tips of the leaves reflect intense sunlight. Additionally, the innovative "top-down" water absorption mode of the white tips efficiently collects and transports water from the atmosphere. Moreover, the moss can enter a selective metabolic dormancy state in adverse environments and rapidly provide the energy needed for recovery when its surrounding environment improves. Based on the extreme environmental tolerance of Syntrichia caninervis, the research team plans to conduct experiments on spacecraft to monitor the survival response and adaptation capabilities of the species under microgravity and various ionizing radiation adversities. They aim to unravel the physiological and molecular basis of the moss and explore the key life tolerance regulatory mechanisms, laying the foundation for future applications of Syntrichia caninervis in outer space colonization.

LONDON, July 5 (Reuters) - Insurers are nervous that militant attacks or AI-generated fake images could derail the Paris Olympics, risking event cancellations and millions of dollars in claims. Insurers faced losses after the 2020 Tokyo Olympics were postponed for a year due to the COVID-19 pandemic. Since then, wars in Ukraine and Gaza and a spate of elections this year, including in France, have driven up fears of politically-motivated violence at high-profile global events. The Olympics take place in Paris from July 26-Aug 11 and the Paralympics from Aug 28-Sept 8. German insurer Allianz (ALVG.DE), opens new tab is insurance partner for the Games. Other insurers, such as the Lloyd's of London (SOLYD.UL) market, are also providing cover. "We are all aware of the geopolitical situation the world is in," said Eike Buergel, head of Allianz's Olympic and Paralympic programme. "We are convinced that the IOC (International Olympic Committee), Paris 2024 and the national organising committees, together with the French authorities, are taking the right measures when it comes to challenges on the ground."