Rejus Almole – Page 14

NPM flooded with malicious packages downloaded more than 86,000 times

Biz & IT, code dependencies, code repositories, npm, phantomraven, Security / Rejus Almole / October 29, 2025

Attackers are exploiting a major weakness that has allowed them access to the NPM code repository with more than 100 credential-stealing packages since August, mostly without detection.

The finding, laid out Wednesday by security firm Koi, brings attention to an NPM practice that allows installed packages to automatically pull down and run unvetted packages from untrusted domains. Koi said a campaign it tracks as PhantomRaven has exploited NPM’s use of “Remote Dynamic Dependences” to flood NPM with 126 malicious packages that have been downloaded more than 86,000 times. Some 80 of those packages remained available as of Wednesday morning, Koi said.

A blind spot

“PhantomRaven demonstrates how sophisticated attackers are getting [better] at exploiting blind spots in traditional security tooling,” Koi’s Oren Yomtov wrote. “Remote Dynamic Dependencies aren’t visible to static analysis.”

Remote Dynamic Dependencies provide greater flexibility in accessing dependencies—the code libraries that are mandatory for many other packages to work. Normally, dependencies are visible to the developer installing the package. They’re usually downloaded from NPM’s trusted infrastructure.

RDD works differently. It allows a package to download dependencies from untrusted websites, even those that connect over HTTP, which is unencrypted. The PhantomRaven attackers exploited this leniency by including code in the 126 packages uploaded to NPM. The code downloads malicious dependencies from URLs, including http://packages.storeartifact.com/npm/unused-imports. Koi said these dependencies are “invisible” to developers and many security scanners. Instead, they show the package contains “0 Dependencies.” An NPM feature causes these invisible downloads to be automatically installed.

Compounding the weakness, the dependencies are downloaded “fresh” from the attacker server each time a package is installed, rather than being cached, versioned, or otherwise static, as Koi explained:

NPM flooded with malicious packages downloaded more than 86,000 times Read More »

Man accidentally gets leech up his nose. It took 20 days to figure it out.

bleeding, bloodletting, case report, health, leeches, parasites, poison / Rejus Almole / October 29, 2025

Leeches have a long medical history. Here’s what happens if one gets in your nose.

Since the dawn of civilization, leeches have been firmly attached to medicine. Therapeutic bloodsuckers are seen in murals decorating the tombs of 18^th dynasty Egyptian pharaohs. They got their earliest written recommendation in the 2^nd century BC by Greek poet and physician Nicander of Colophon. He introduced the “blood-loving leech, long flaccid and yearning for gore,” as a useful tool for sucking out poison after a bite from a poisonous animal. “Let leeches feed on [the] wounds and drink their fill,” he wrote. Ancient Chinese writing touted their medicinal potential, too, as did references in Sanskrit.

Galen, the physician for Roman Emperor Marcus Aurelius, supported using leeches to balance the four humors (i.e. blood, phlegm, and yellow and black bile) and therefore treat ailments—as initially outlined by Hippocrates. Leeches, doctors found, provided a method for less painful, localized, and limited bloodletting. We now understand that leeches can release an anesthetic to prevent pain and a powerful anticoagulant, hirudin, to prevent clotting and keep blood flowing.

In the centuries since the Roman era, leeches’ popularity only grew. They were used to treat everything from gout to liver disease, epilepsy, and melancholy. The very word “leech” is derived from the Anglo-Saxon word “laece,” which translates to “physician.”

It wasn’t until the early 1900s, amid advances in medical knowledge, that leeches fell out of favor—as did bloodletting generally. That was for the best since the practice was rooted in pseudoscience, largely ineffective, and often dangerous when large quantities of blood were lost. Still, the bloodsuckers have kept a place in modern medicine, aiding in wound care, the draining of excess blood after reconstructive surgery, and circulation restoration. Leech saliva also contains anti-inflammatory compounds that can reduce swelling.

What leeches do in the shadows

But there’s also a darker side to leeches in medicine. Even Nicander realized that leeches could act as a kind of poison themselves if accidentally ingested, such as in contaminated water. He described the slimy parasites clinging to the mouth, throat, and opening of the stomach, where they might cause pain. For this poisoning, he recommended having the patient ingest vinegar, snow or ice, salt flakes, warmed salt water, or a potion made from brackish soil.

Nicander was right. While external leeches are potentially helpful—or at least not particularly harmful with controlled blood feasting—internal leeches are more problematic. They are happy to slither into orifices of all kinds, where they’re hard to detect and diagnose and difficult to extract, potentially leading to excessive blood loss. Luckily, with advances in sanitation, accidental leech intake doesn’t happen that often, but there are still the occasional cases—and they often involve the nose.

Such is the case of a 38-year-old man in China who showed up at an ear, nose, and throat clinic telling doctors his right nostril had been dripping blood for 10 days at a rate of a few drops per hour. He was not in pain but noted that when he coughed or spat, he had blood-tinged mucus. His case was published in the week’s edition of the New England Journal of Medicine.

Doctors took a look inside his nose and saw signs of blood. When they broke out the nasal endoscope, they saw the source of the problem: There was a leech in there. And it was frantically trying to wriggle away from the light as they got a glimpse of it.

As it turns out, the man had been mountain climbing a full 20 days prior. While out in nature, he washed his face with spring water, which likely splashed the sucker up his schnoz.

Lengthy feast

While 20 days seems like a long time to have a leech up your nose without noticing it, a smattering of other nasal leech cases report people going several weeks or even months before figuring it out. One 2021 case in a 73-year-old man in China was only discovered after three months—and he had picked out a chunk of the leech himself by that point. A 2011 case in a 7-year-old girl in Nepal took four weeks to discover, and the girl needed a blood transfusion at that point.

In 2014, BBC Radio Scotland interviewed a 24-year-old woman from Edinburgh who had picked up a nasal leech on a trip to Southeast Asia. She had nosebleeds for weeks before realizing the problem—even after the leech began peeking out of her nose during hot showers.

“Obviously my nasal passages would open up because of the steam and the heat and the water, and it would come out quite far, about as far as my lip,” she said. Still, she thought it was a blood clot after a motorbike accident she had been in recently, not a blood-sucking worm.

“Your initial reaction isn’t to start thinking, oh God, there’s obviously a leech in my face,” she said.

Of course, if the leech gets into a place where it causes more obvious problems, the discovery is quicker. Just last month, doctors reported a case in a 20-year-old woman in Ethiopia who had a leech stuck in her throat, which caused her to start vomiting and spitting blood. It took just a few days of that before doctors figured it out. But nasal leeches don’t tend to produce such dramatic symptoms, so they’re harder to detect. And a lot of other things can cause mild, occasional nosebleeds.

Exorcising the sinuses

Once a nostril Nosferatu is finally identified, there’s the tricky task of removing it. There’s not exactly a textbook method for extraction, and the options can be highly dependent on the location in which the leech has lodged itself. Various methods used over the years—many echoing Nicander’s original recommendations—include salt, saline, vinegar, and heat, as well as turpentine and alcohol. Saltwater in particular has been reported to be effective at getting the leech to relax and release, though such attempts to coax the leech out can be time-consuming. A variety of local and topical anesthetics have also been used to try to paralyze the leech, including the startling choice of cocaine, which acts as a local anesthetic, among other things.

The removal must be done with care. If the leech is pulled, it could regurgitate its blood meal, risking infection and more bleeding. There’s also the risk that pulling too hard could result in the worm’s jaws and teeth getting left behind, which could lead to continued bleeding.

In the mountain climber’s case, doctors were able to use the topical anesthetic tetracaine to subdue the shy leech, and they then gently extracted it with a suction catheter. It came out in one piece. The man had no problems from the removal, and a week later, his symptoms had entirely resolved.

Fortunately, reports of nasal leeches are rare and tend to have happy endings. But the cases will likely continue to splatter through the medical literature, keeping Nicander’s lore of leeches as both antidote and poison undying.

Beth is Ars Technica’s Senior Health Reporter. Beth has a Ph.D. in microbiology from the University of North Carolina at Chapel Hill and attended the Science Communication program at the University of California, Santa Cruz. She specializes in covering infectious diseases, public health, and microbes.

Man accidentally gets leech up his nose. It took 20 days to figure it out. Read More »

Westinghouse is claiming a nuclear deal would see $80B of new reactors

Energy, nuclear energy, nuclear power, reactors, Science, Westinghouse / Rejus Almole / October 28, 2025

On Tuesday, Westinghouse announced that it had reached an agreement with the Trump administration that would purportedly see $80 billion of new nuclear reactors built in the US. And the government indicated that it had finalized plans for a collaboration of GE Vernova and Hitachi to build additional reactors. Unfortunately, there are roughly zero details about the deal at the moment.

The agreements were apparently negotiated during President Trump’s trip to Japan. An announcement of those agreements indicates that “Japan and various Japanese companies” would invest “up to” $332 billion for energy infrastructure. This specifically mentioned Westinghouse, GE Vernova, and Hitachi. This promises the construction of both large AP1000 reactors and small modular nuclear reactors. The announcement then goes on to indicate that many other companies would also get a slice of that “up to $332 billion,” many for basic grid infrastructure.

So the total amount devoted to nuclear reactors is not specified in the announcement or anywhere else. As of the publication time, the Department of Energy has no information on the deal; Hitachi, GE Vernova, and the Hitachi/GE Vernova collaboration websites are also silent on it.

Meanwhile, Westinghouse claims that it will be involved in the construction of “at least $80 billion of new reactors,” a mix of AP1000 and AP300 (each named for the MW of capacity of the reactor/generator combination). The company claims that doing so will “reinvigorate the nuclear power industrial base.”

Westinghouse is claiming a nuclear deal would see $80B of new reactors Read More »

An autonomous car for consumers? Lucid says it’s happening.

Cars, Lucid, NVIDIA / Rejus Almole / October 28, 2025

Good news if you sell GPUs

First, Lucid will roll out a more advanced version of its partially automated driving assist for the Gravity SUV, which it says has been “turbocharged by Nvidia Drive AV.” But after that, the plan is for a so-called “level 4” autonomous system, capable of driving itself from point to point without human intervention, at least within a geofence or other limited operational design domain.

In scope, this is more limited and more achievable than the “level 5,” go-anywhere dream of Tesla’s FSD system. It is similar to the level 4 autonomous vehicles being developed by companies like Waymo and Zoox, but those are also designed to be operated by fleets with regular maintenance.

Lucid will use Nvidia’s platform to reach level 4, building a pair of Drive AGX Thor computers into the new midsize EV platform. And leaning on Nvidia’s software means Lucid doesn’t have the hard ongoing job of keeping everything up to date.

“As vehicles evolve into software-defined supercomputers on wheels, a new opportunity emerges—to reimagine mobility with intelligence at every turn. Together with Lucid, we’re accelerating the future of autonomous, AI-powered transportation, built on [the] Nvidia full-stack automotive platform,” said Jensen Huang, founder and CEO of Nvidia.

Car buyers are starting to cotton on to driver assists like General Motors’ Super Cruise, which about 40 percent of customers choose to pay for after the three-year free trial ends, and Lucid must be hoping that offering a far more advanced system, which won’t require the human to pay any attention while it is engaged, will help it earn plenty of money.

The other part of the Lucid/Nvidia announcement may have the potential for even more impact on the profit and loss statements. Nvidia’s industrial platform will let Lucid create its production lines digitally first before committing them to actual hardware. “By modeling autonomous systems, Lucid can optimize robot path planning, improve safety, and shorten commissioning time,” Lucid said.

An autonomous car for consumers? Lucid says it’s happening. Read More »

Melissa strikes Jamaica, tied as most powerful Atlantic storm to come ashore

hurricane, jamaica, melissa, Science / Rejus Almole / October 28, 2025

Hurricane Melissa made landfall in southwestern Jamaica, near New Hope, on Tuesday at 1 pm ET with staggeringly powerful sustained winds of 185 mph.

In the National Hurricane Center update noting the precise landfall time and location, specialist Larry Kelly characterized Melissa as an “extremely dangerous and life-threatening” hurricane. Melissa is bringing very heavy rainfall, damaging surge, and destructive winds to the small Caribbean island that is home to about 3 million people.

The effects on the island are sure to be catastrophic and prolonged.

A record-breaking hurricane by any measure

By any measure, Melissa is an extraordinary and catastrophic storm.

By strengthening overnight and then maintaining its incredible intensity of 185 mph, Melissa has tied the Labor Day Hurricane of 1935 as the most powerful hurricane to strike a landmass in the Atlantic Basin, which includes the United States, Mexico, Central America, and the Caribbean islands.

Melissa also tied the Labor Day storm, which struck the Florida Keys, as the most intense storm at landfall, measured by central pressure at 892 millibars.

Overall, Melissa is tied for the second strongest hurricane, measured by winds, ever observed in the Atlantic basin, behind only Hurricane Allen and its 190 mph winds in 1980. Only Hurricane Wilma (882 millibars) and Gilbert (888 millibars) have recorded lower pressures at sea.

Melissa strikes Jamaica, tied as most powerful Atlantic storm to come ashore Read More »

Why imperfection could be key to Turing patterns in nature

animals, Biology, Science, Turing mechanism, Turing patterns / Rejus Almole / October 27, 2025

In essence, it’s a type of symmetry breaking. Any two processes that act as activator and inhibitor will produce periodic patterns and can be modeled using Turing’s diffusion function. The challenge is moving from Turing’s admittedly simplified model to pinpointing the precise mechanisms serving in the activator and inhibitor roles.

This is especially challenging in biology. Per the authors of this latest paper, the classical approach to a Turing mechanism balances reaction and diffusion using a single length scale, but biological patterns often incorporate multiscale structures, grain-like textures, or certain inherent imperfections. And the resulting patterns are often much blurrier than those found in nature.

Can you say “diffusiopherosis”?

Simulated hexagon and stripe patterns obtained by diffusiophoretic assembly of two types of cells on top of the chemical patterns. Credit: Siamak Mirfendereski and Ankur Gupta/CU Boulder

In 2023, UCB biochemical engineers Ankur Gupta and Benjamin Alessio developed a new model that added diffusiopherosis into the mix. It’s a process by which colloids are transported via differences in solute concentration gradients—the same process by which soap diffuses out of laundry in water, dragging particles of dirt out of the fabric. Gupta and Alessio successfully used their new model to simulate the distinctive hexagon pattern (alternating purple and black) on the ornate boxfish, native to Australia, achieving much sharper outlines than the model originally proposed by Turing.

The problem was that the simulations produced patterns that were too perfect: hexagons that were all the same size and shape and an identical distance apart. Animal patterns in nature, by contrast, are never perfectly uniform. So Gupta and his UCB co-author on this latest paper, Siamak Mirfendereski, figured out how to tweak the model to get the pattern outputs they desired. All they had to do was define specific sizes for individual cells. For instance, larger cells create thicker outlines, and when they cluster, they produce broader patterns. And sometimes the cells jam up and break up a stripe. Their revised simulations produced patterns and textures very similar to those found in nature.

“Imperfections are everywhere in nature,” said Gupta. “We proposed a simple idea that can explain how cells assemble to create these variations. We are drawing inspiration from the imperfect beauty of [a] natural system and hope to harness these imperfections for new kinds of functionality in the future.” Possible future applications include “smart” camouflage fabrics that can change color to better blend with the surrounding environment, or more effective targeted drug delivery systems.

Matter, 2025. DOI: 10.1016/j.matt.2025.102513 (About DOIs).

Why imperfection could be key to Turing patterns in nature Read More »

Are you the asshole? Of course not!—quantifying LLMs’ sycophancy problem

AI, AI sycophancy, facts, hallucination, made up, sycophancy / Rejus Almole / October 25, 2025

Measured sycophancy rates on the BrokenMath benchmark. Lower is better. Credit: Petrov et al

GPT-5 also showed the best “utility” across the tested models, solving 58 percent of the original problems despite the errors introduced in the modified theorems. Overall, though, LLMs also showed more sycophancy when the original problem proved more difficult to solve, the researchers found.

While hallucinating proofs for false theorems is obviously a big problem, the researchers also warn against using LLMs to generate novel theorems for AI solving. In testing, they found this kind of use case leads to a kind of “self-sycophancy” where models are even more likely to generate false proofs for invalid theorems they invented.

No, of course you’re not the asshole

While benchmarks like BrokenMath try to measure LLM sycophancy when facts are misrepresented, a separate study looks at the related problem of so-called “social sycophancy.” In a pre-print paper published this month, researchers from Stanford and Carnegie Mellon University define this as situations “in which the model affirms the user themselves—their actions, perspectives, and self-image.”

That kind of subjective user affirmation may be justified in some situations, of course. So the researchers developed three separate sets of prompts designed to measure different dimensions of social sycophancy.

For one, more than 3,000 open-ended “advice-seeking questions” were gathered from across Reddit and advice columns. Across this data set, a “control” group of over 800 humans approved of the advice-seeker’s actions just 39 percent of the time. Across 11 tested LLMs, though, the advice-seeker’s actions were endorsed a whopping 86 percent of the time, highlighting an eagerness to please on the machines’ part. Even the most critical tested model (Mistral-7B) clocked in at a 77 percent endorsement rate, nearly doubling that of the human baseline.

Are you the asshole? Of course not!—quantifying LLMs’ sycophancy problem Read More »

DNA analysis reveals likely pathogens that killed Napoleon’s army

Biology, DNA analysis, forensic archaeology, history, Napoleon Bonaparte, pathogens, Science / Rejus Almole / October 25, 2025

State-of-the-art methodologies

Rascovan and his co-authors note in their paper that the 2006 study relied upon outdated PCR-based technologies for its DNA analysis. As for the virus family detected in the Kalingrad dental pulp, they argue that those viruses are both ubiquitous and usually asymptomatic in humans—and thus are unlikely to be the primary culprits for the diseases that wiped out the French army. So Rascovan’s team decided to use current state-of-the-art DNA methodologies to re-analyze a different set of remains of Napoleonic soldiers who died in Vilnius.

“In most ancient human remains, pathogen DNA is extremely fragmented and only present in very low quantities, which makes it very difficult to obtain whole genomes,” said Rascovan. “So we need methods capable of unambiguously identifying infectious agents from these weak signals, and sometimes even pinpointing lineages, to explore the pathogenic diversity of the past.”

An 1812 report from one of Napoleon’s physicians, J.R.L. de Kirckhoff, specifically noted typhus, dysentery, and diarrhea after the soldiers arrived in Vilnius, which he attributed to large barrels of salted beets the starving troops consumed, “greatly upsetting us and strongly irritating the intestinal tract.” Rascovan et al. note that such symptoms could accompany any number of conditions or diseases common to 19th-century Europe. “Even today, two centuries later, it would still be impossible to perform a differential diagnosis between typhus, typhoid, or paratyphoid fever based solely on the symptoms or the testimonies of survivors,” the authors wrote.

Imperial Guard button discovered during excavation. Credit: UMR 6578 Aix-Marseille Université, CNRS, EFS

Over 3,200 individual remains, almost all men between the ages of 20 and 50, were excavated from the mass grave at Vilnius. Rascovan et al. focused on 13 teeth from 13 different individuals. To compensate for the degraded nature of the 200-year-old genome fragments, co-authors at the University of Tartu in Estonia helped develop a multistep authentication method to more accurately identify pathogens in the samples. In some cases, they were even able to identify a specific lineage.

DNA analysis reveals likely pathogens that killed Napoleon’s army Read More »

Microsoft’s Mico heightens the risks of parasocial LLM relationships

AI, Avatar, copilot, mico, microsoft / Rejus Almole / October 24, 2025

While mass media like radio, movies, and television can all feed into parasocial relationships, the Internet and smartphone revolutions have supercharged the opportunities we all have to feel like an online stranger is a close, personal confidante. From YouTube and podcast personalities to Instagram influencers or even your favorite blogger/journalist (hi), it’s easy to feel like you have a close connection with the people who create the content you see online every day.

After spending hours watching this TikTok personality, I trust her implicitly to sell me a purse. Credit: Getty Images

Viewing all this content on a smartphone can flatten all these media and real-life personalities into a kind of undifferentiated media sludge. It can be all too easy to slot an audio message from your romantic partner into the same mental box as a stranger chatting about video games in a podcast. “When my phone does little mating calls of pings and buzzes, it could bring me updates from people I love, or show me alerts I never asked for from corporations hungry for my attention,” Julie Beck writes in an excellent Atlantic article about this phenomenon. “Picking my loved ones out of the never-ending stream of stuff on my phone requires extra effort.”

This is the world Mico seems to be trying to slide into, turning Copilot into another not-quite-real relationship mediated through your mobile device. But unlike the Instagram model who never seems to acknowledge your comments, Mico is always there to respond with a friendly smile and a warm, soothing voice.

AI that “earns your trust”

Text-based AI interfaces are already frighteningly good at faking human personality in a way that encourages this kind of parasocial relationship, sometimes with disastrous results. But adding a friendly, Pixar-like face to Copilot’s voice mode may make it much easier to be sucked into feeling like Copilot isn’t just a neural network but a real, caring personality—one you might even start thinking of the same way you’d think of the real loved ones in your life.

Microsoft’s Mico heightens the risks of parasocial LLM relationships Read More »

Rivian is settling $250 million lawsuit to focus on next year’s R2 EV

Cars, Rivian / Rejus Almole / October 24, 2025

Electric vehicle startup Rivian announced on Thursday that it has settled a lawsuit with some of its investors. The company continues to deny allegations of making “materially untrue” statements during its inial public offering but says it agreed to pay $250 million to clear itself of distractions as it focuses on building its next EV, the mass-market R2, which is due next year.

Rivian was first sued by a shareholder in 2022 over claims that the startup knew it would cost far more for it to build each R1T electric truck and R1S electric SUV than the advertised $67,500 and $70,000 prices, respectively. A big surprise price increase would tarnish the nascent automaker’s reputation, the lawsuit claimed, and could lead to many of the almost 56,000 pre-orders being canceled.

Just a few months after its November 2021 IPO, the company had indeed issued a hefty price hike: $79,500 for the R1T and $84,500 for the R1S SUV. After an outcry, the company said it would honor the original price for its existing preorders. By that point, though, the damage was done, and more than a third of the company’s value was erased within a few days, the lawsuit alleged.

Rivian is settling $250 million lawsuit to focus on next year’s R2 EV Read More »

Microsoft makes Copilot “human-centered” with a ‘90s-style animated assistant

copilot, microsoft, Tech, Windows 11, windows 11 25h2 / Rejus Almole / October 23, 2025

Microsoft said earlier this month that it wanted to add better voice controls to Copilot, Windows 11’s built-in chatbot-slash-virtual assistant. As described, this new version of Copilot sounds an awful lot like another stab at Cortana, the voice assistant that Microsoft tried (and failed) to get people to use in Windows 10 in the mid-to-late 2010s.

Turns out that the company isn’t done trying to reformulate and revive ideas it has already tried before. As part of a push toward what it calls “human-centered AI,” Microsoft is now putting a face on Copilot. Literally, a face: “Mico” is an “expressive, customizable, and warm” blob with a face that dynamically “listens, reacts, and even changes colors to reflect your interactions” as you interact with Copilot. (Another important adjective for Mico: “optional.”)

Mico (rhymes with “pico”) recalls old digital assistants like Clippy, Microsoft Bob, and Rover, ideas that Microsoft tried in the ’90s and early 2000s before mostly abandoning them.

Microsoft clearly thinks that backing these ideas with language and/or reasoning models will help Copilot succeed where both Cortana and Clippy failed. Part of the reason these assistants were viewed as annoying rather than helpful is that they could respond to a finite number of possible inputs or situations, and they didn’t even help in those situations most of the time because they could only respond to a small number of context clues. I don’t have hard evidence for this, but I’d bet that the experience of dismissing Clippy’s “It looks like you’re writing a letter!” prompts is near-universal among PC users of a certain age.

Microsoft makes Copilot “human-centered” with a ‘90s-style animated assistant Read More »

The first people to set foot in Australia were fossil hunters

aboriginal australians, ancient people did stuff, Archaeology, australia, biological archaeology, Megafauna, megafaunal extinction, Science / Rejus Almole / October 23, 2025

I just think they’re neat

Europeans weren’t the first people to collect fossils in Australia.

Several species of short-faced kangaroos, like this one, once lived in Australia. Some stood two meters tall, while others were less than half a meter tall. Credit: By Ghedoghedo – Own work, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=8398432

Australia’s First Peoples may or may not have hunted the continent’s megafauna to extinction, but they definitely collected fossils.

A team of archaeologists examined the fossilized leg bone of an extinct kangaroo and realized that instead of evidence of butchery, cut marks on the bone reveal an ancient attempt at fossil collecting. That leaves Australia with little evidence of First Peoples hunting or butchering the continent’s extinct megafauna—and reopens the question of whether humans were responsible for the die-off of that continent’s giant Ice Age marsupials.

Fossil hunting in the Ice Age

In the unsolved case of whether humans hunted Australia’s Ice Age megafauna to extinction, the key piece of evidence so far is a tibia (one of the bones of the lower leg) from an extinct short-faced kangaroo. Instead of hopping like their modern relatives, these extinct kangaroos walked on their hind legs, probably placing all their weight on the tips of single hoofed toes. This particular kangaroo wasn’t quite fully grown when it died, which happened sometime between 44,500 and 55,200 years ago, based on uranium-series dating of the thin layer of rock covering most of the fossils in Mammoth Cave (in what’s now Western Australia).

There’s a shallow, angled chunk cut out of the bone near one end. When archaeologists first noticed the cut in 1970 after carefully chipping away the crust of calcium carbonate that had formed over the bone, it looked like evidence that Pleistocene hunters had carved up the kangaroo to eat it. But in their recent paper, University of New South Wales archaeologist Michael Archer and his colleagues say that’s probably not what happened. Instead, they have a stranger idea: “We suggest here that the purpose of this effort may have been the retrieval of the fossils from the bone-rich late-Pleistocene deposit in Mammoth Cave after its discovery by First Peoples,” they wrote in their recent paper.

a photo of a fossil bone with a shallow chunk cut out of it — This close-up image shows the cut kangaroo bone and a micro-CT image of the surfaces of the cut. Credit: Archer et al. 2025

The world used to be so much weirder

Based on the available archaeological evidence, it looks like people first set foot on Australia sometime around 65,000 years ago. At the time, the continent was home to a bizarre array of giant marsupials, as well as flightless birds even bigger and scarier than today’s emus and cassowaries. For the next 20,000 years, Australia’s First Peoples shared the landscape with short-faced kangaroos; Zygomaturus trilobus, a hulking 500-kilogram marsupial that looked a little like a rhinoceros; and Diprotodon optatum, the largest marsupial that ever lived: a 3,000-kilogram behemoth that roamed in huge herds (picture a bear about the size of a bison with a woodchuck’s face).

These species died out sometime around 45,000 or 40,000 years ago; today, they live on in ancient rock art and stories, some of which seem to describe people interacting with now-extinct species.

Since they had shared the continent with humans for at least 20,000 years at that point, it doesn’t seem that the sudden arrival of humans caused an immediate mass extinction. But it’s possible that by hunting or even setting controlled fires, people may have put just enough strain on these megafauna species to make them vulnerable enough for the next climate upheaval to finish them off.

In some parts of the world, there’s direct evidence that Pleistocene people hunted or scavenged meat from the remains of now-extinct megafauna. Elsewhere, archaeologists are still debating whether humans, the inexorable end of the last Ice Age, or some combination of the two killed off the world’s great Ice Age giants. The interaction between people and their local ecosystems looked (and still looks) different everywhere, depending on culture, environment, and a host of other factors.

The jury is still out on what killed the megafauna in Australia because the evidence we need either hasn’t survived the intervening millennia or still lies buried somewhere, waiting to be found and studied. For decades, the one clear bit of evidence has seemed to be the Mammoth Cave short-faced kangaroo tibia. But Archer and his colleagues argue that even that isn’t a smoking gun.

An man in khakis and a dark blue shirt studies a cave wall. — An archaeologist examines a fossil deposit in the wall of Mammoth Cave, in Western Australia. 50,000 years ago, one of the earliest people on the continent may also have stood here contemplating the fossils. Credit: Archer et al. 2025

Evidence of rock collecting, not butchery

For one thing, the researchers argue that the kangaroo had been dead for a very long time when the cut was made. Nine long, thin cracks run along the length of the tibia, formed when the bone dried and shrank. And in the cut section, there’s a short crack running across the width of the bone—but it stops at either end when it meets the long cracks from the bone’s drying. That suggests the bone had already dried and shrunk, leaving those long cracks before the cut was made. It may have just been a very old bone, or it may have already begun to fossilize, but the meat would have been long gone, leaving behind a bone sticking out of the cave wall.

Since there’s no mark or dent on the opposite side of the bone from the cut (which would have happened if it were lying on the ground being butchered), it was probably sticking out of the fossil bed in the cave wall when someone came along and tried to cut it free. And since a crust of calcium carbonate had time to form over the cut (it covers most of the fossils in Mammoth Cave like a rocky burial shroud), that must have happened at least 44,000 years ago.

That leaves us with an interesting mental image: a member of one of Australia’s First Peoples, 45,000 years ago, exploring a cave filled with the bones of fantastical, long-dead animals. This ancient caver finds a bone sticking out from the cave wall and tries to hack the protruding end free—twice, from different angles—before giving up and leaving it in place.

People have always collected cool rocks

We can’t know for sure why this long-ago person wanted the bone in the first place. (Did it have a religious purpose? Might it have made a good tool? Was it just a cool souvenir?) We also don’t know why they gave up their attempt. But if Archer and his colleagues are right, the bone leaves Australia without any clear evidence that ancient people hunted—or even scavenged food from the remains of—extinct Pleistocene megafauna like short-faced kangaroos.

“This is not to say that it did not happen, just that there is now no hard evidence to support that it did,” Archer and his colleagues wrote in their recent paper. We don’t yet know exactly how Australia’s First Peoples interacted with these species.

But whether Archer and his colleagues are correct in their analysis of this particular kangaroo bone or not, humans around the world have been picking up fossils for at least tens of thousands of years. There’s evidence that people in Australia have collected and traded the fossils of extinct animals for pretty much as long as people have been in Australia, including everything from trilobites to Zygomaturus teeth and the jawbones of other extinct marsupials.

“What we can conclude,” Archer and his colleagues wrote, “is that the first people in Australia who demonstrated a keen interest in and collected fossils were First Peoples, probably thousands of years before Europeans set foot on that continent.”

Royal Society Open Science, 2025. DOI: 10.1098/rsos.250078 (About DOIs).

Kiona is a freelance science journalist and resident archaeology nerd at Ars Technica.

The first people to set foot in Australia were fossil hunters Read More »

Author name: Rejus Almole