AI
College Students Losing Ability to Participate in Class Discussions Because They Offloaded Their Thinking to AI
Scoop: OpenAI plans new product for cybersecurity use
Is That a Bad Apple in Your Pocket? We Used Prompt Injection to Hijack Apple Intelligence
The Winning Combination: A “Neural Exec” and Unicode’s Right-to-left-Override Function
We tested our attack with 100 random prompts and succeeded 76% of the time.
When we discovered this vulnerability, RSAC estimated that between 100,000 and 1 million Apple customers were already using apps vulnerable to the attack.
Prior to Apple's OS updates, hackers could use our techniques to force Apple’s local LLM to do their bidding, including manipulating data that’s accessible to any of the LLM-enabled apps, like health/fitness data and family videos.
Neural Exec: Learning (and Learning from) Execution Triggers for Prompt Injection Attacks
Vibe Hacking: Claude Code Can Be Turned Into A Nation-State-Level Attack Tool With No Coding At All
First man convicted under Take It Down Act kept making AI nudes after arrest
Personal AI Infrastructure
OpenAI calls for robot taxes, a public wealth fund, and a 4-day workweek to tackle AI disruption
Politics
CDC study shows COVID shot benefits; Trump official blocks release
Study found shots cut urgent care and hospitalization by about 50% in healthy adults.
A Strategic Defeat of Historic Proportions
Trump’s emergency orders pushing coal power are “illegal” as well as dumb
The Pentagon Threatened Pope Leo XIV’s Ambassador With the Avignon Papacy
The Free Press has documented a closed-door Pentagon meeting in which a senior Trump official lectured Pope Leo XIV’s ambassador on American military supremacy.
In January, behind closed doors at the Pentagon, Under Secretary of War for Policy Elbridge Colby summoned Cardinal Christophe Pierre — Pope Leo XIV’s then-ambassador to the United States — and delivered a lecture.
America, Colby and his colleagues told the cardinal, has the military power to do whatever it wants in the world. The Catholic Church had better take its side.
As tempers rose, an unidentified U.S. official reached for a fourteenth-century weapon and invoked the Avignon Papacy, the period when the French Crown used military force to bend the bishop of Rome to its will.
Other officials in the Vatican saw the Pentagon’s reference to an Avignon papacy as a threat to use military force against the Holy See.
Vatican officials were so alarmed by the Pentagon’s tactics that they shelved plans for Pope Leo XIV to visit the United States later this year.
Trump admin makes sweeping request for medical records of federal workers
The Trump administration wants to require health insurance companies to hand over troves of sensitive, detailed, and identifiable medical records from millions of federal workers and retirees, along with their families.
Experts expressed concern over how the Trump administration could use the data, with fears including potential political retaliation or targeting of workers who sought certain medical care, such as abortion or transgender care. They also note that there aren’t any stated safeguards on how the data will be handled.
The Great American Router That Doesn't Exist
New DHS Secretary Markwayne Mullin Threatens to Remove Customs From SFO, Other Sanctuary City Airports
Bitcoin miners are losing $19,000 on every BTC produced as difficulty drops 7.8%
Infosec
Google Chrome adds infostealer protection against session cookie theft
Device Bound Session Credentials (DBSC) protection works by cryptographically linking a user's session to their specific hardware, such as a computer's security chip - the Trusted Platform Module (TPM) on Windows and the Secure Enclave on macOS. This prevents the attacker from using stolen session data because the unique private key protecting it cannot be exported from the machine.
Game Pirates Beat Denuvo with Hypervisor Bypasses — Irdeto Promises Countermeasure
Hypervisor bypasses don’t interfere with the game directly, but they operate beneath the operating system’s standard security visibility level, in what security researchers call Ring -1.
At this fundamental level, with key security features disabled, the hypervisor bypasses can intercept Denuvo’s CPU instructions and feed back false data to make the game believe that the tampering protection is still in place.
Because these bypasses are much easier to develop, these new ‘cracks’ come out faster than ever. Where pirates previously had to wait for weeks, they can now play pirated games within hours. That’s unprecedented.
Little Snitch for Linux
LinkedIn scanning users’ browser extensions sparks controversy and two lawsuits
The complaints seem to rely heavily on the recent “BrowserGate” report by a German entity called Fairlinked, which describes itself as a trade association and advocacy group for commercial LinkedIn users.
Fairlinked appears to be run by the same people behind Teamfluence, an Estonian software company that sued LinkedIn in Munich in January. LinkedIn says Teamfluence distributed a browser extension that scraped LinkedIn user data in violation of the user agreement and that its LinkedIn accounts were suspended.
LinkedIn, a Microsoft subsidiary, does not deny that it scans browsers to identify extensions. There is a dispute over whether LinkedIn adequately discloses the scanning and how it uses the information it gathers. LinkedIn says it looks for extensions that violate its terms by scraping user data without consent.
FBI Extracts Suspect’s Deleted Signal Messages Saved in iPhone Notification Database
The FBI was able to forensically extract copies of incoming Signal messages from a defendant’s iPhone, even after the app was deleted, because copies of the content were saved in the device’s push notification database.
Google Warns of New Campaign Targeting BPOs to Steal Corporate Data
A financially motivated threat actor is targeting business process outsourcing (BPO) organizations to steal data pertaining to high-value companies, using social engineering and phishing.
The threat actor relies on live chats to lure employees to spoofed Okta login pages and uses a phishing kit that steals clipboard contents to bypass standard multi-factor authentication (MFA) verification.
Critical Infrastructure at Risk: 179 ICS Devices Exposed Modbus Online
The United States had the most (57) exposed industrial control devices, followed by Sweden (22) and Turkey (19).
Iranian-Affiliated APT Targeting of Rockwell/Allen-Bradley PLCs
Censys data identifies 5,219 internet-exposed hosts globally responding to EtherNet/IP (EIP) and self-identifying as Rockwell Automation/Allen-Bradley devices — the attack surface directly relevant to AA26-097A. The United States accounts for 74.6% of global exposure (3,891 hosts).
These devices are almost certainly field-deployed in physical infrastructure (pump stations, substations, municipal facilities) with cellular modems as their sole internet path. SPACEX-STARLINK’s presence (24 hosts) reflects the broader trend of satellite-connected ICS devices that are difficult to monitor and patch.
Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices
Mongoose is a single-file, cross-platform embedded network library that provides HTTP/HTTPS, WebSocket, MQTT, mDNS and more, designed specifically for embedded systems and IoT devices where something like OpenSSL would be way too heavy. Their own website claims deployment on hundreds of millions of devices by companies like Siemens, Schneider Electric, Broadcom, Bosch, Google, Samsung, Qualcomm and Caterpillar. They even claim it runs on the International Space Station.
I found three vulnerabilities in Mongoose v7.20, each independently exploitable: complete bypass of mTLS authentication, preauth RCE as root via a heap overflow in the client public key parsing logic, and preauth RCE via a single UDP packet through mDNS. No authentication required for any of them.
Bug 1: “ignore secp386 for now” was the most outrageous--the code is entirely absent.
Hackers use pixel-large SVG trick to hide credit card stealer
A massive campaign impacting nearly 100 online stores using the Magento e-commerce platform hides credit card-stealing code in a pixel-sized Scalable Vector Graphics (SVG) image.
$75,000,000 Crypto Wallet Bulk Hack
We broke 92% of SHA-256
Full 64 rounds, 43/48 schedule compliance.
The secret, never-before-used CIA tool that helped find airman downed in Iran: ‘If your heart is beating, we will find you’
It uses long-range quantum magnetometry to find the electromagnetic signal of a human heartbeat and pairs the data with artificial intelligence software to isolate the signature from background noise.
Microsoft Abruptly Terminates VeraCrypt Account, Halting Windows Updates
This is the same problem I'm currently facing with WireGuard.
Darknet Diaries: EP 172: SuperBox
N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust
|