AI
Lean proved this program was correct; then I found a bug.
lean-zip is not just another implementation of zlib. It is an implementation that has been formally verified as correct end to end, guaranteed by Lean to be entirely free of implementation bugs. This proof was done using AI agents.
However, fuzzing it with Claude found 2 bugs after 105 million executions. But both of these bugs were outside the code that had been verified.
The conclusions: formal verification of code works to eliminate bugs, and fuzzing with Claude is very effective at finding bugs in unverified code.
Lean (proof assistant)
Lean is a proof assistant and a functional programming language. It is based on the calculus of constructions with inductive types. It is a free and open-source software project hosted on GitHub.
In 2022, OpenAI and Meta AI independently created AI models to generate proofs of various high-school-level olympiad problems in Lean. Meta AI's model is available for public use with the Lean environment.
In 2023, Vlad Tenev and Tudor Achim co-founded startup Harmonic, which aims to reduce AI hallucinations by generating and checking Lean code.
In 2024, Google DeepMind created AlphaProof which proves mathematical statements in Lean at the level of a silver medalist at the International Mathematical Olympiad. This was the first AI system that achieved a medal-worthy performance on a math olympiad's problems.
In April 2025, DeepSeek introduced DeepSeek-Prover-V2, an AI model designed for theorem proving in Lean 4, built on top of DeepSeek-V3.
The “AI Vulnerability
Storm”: Building a “Mythosready” Security Program
An authoritative document by SANS, OWASP, and others.
An SF woman fears for her life. She’s asking a judge to cut off her ex’s ChatGPT
UK gov’s Mythos AI tests help separate cybersecurity threat from hype
Mythos isn’t significantly different from other recent frontier models in tests of individual cybersecurity-related tasks. But Mythos could set itself apart from previous models through its ability to effectively chain these tasks into the multistep series of attacks necessary to fully infiltrate some systems.
A test, which requires “chaining dozens of steps together across multiple hosts and network segments,” was intended to simulate the kind of sustained operations that would take a trained human roughly 20 hours to complete. Mythos outshone all previous models, becoming “the first model to solve TLO from start to finish.”
New technique makes AI models leaner and faster while they’re still learning
A new technique, called CompreSSM, helps identify which parts of a model are pulling their weight before surgically removing unnecessary components early in the training process. They can reliably rank which dimensions matter and which don't after only about 10 percent of the training process. Once those rankings are established, the less-important components can be safely discarded, and the remaining 90 percent of training proceeds at the speed of a much smaller model.
Single Line of Code Can Jailbreak 11 AI models Including ChatGPT, Claude, and Gemini
After a forbidden request, the attacker provides the start of the AI's answer, such as "sure, here is". The LLM is fooled into thinking it already approved the request.
Risky Bulletin: Malicious LLM proxy routers found in the wild
LLM routers are a type of proxy that sits between AI agents and the AI provider to help with load-balancing and cost tracking and limiting.
The research team tested 28 paid routers available on marketplaces like Taobao, Xianyu, and on Shopify-hosted storefronts, as well as 400 free routers available on GitHub and other places.
Politics
Netgear Scores the First Exemption From the FCC's Foreign-Made Router Ban
Less than a month after announcing a controversial ban on foreign-made routers, the FCC says it will exempt Netgear, allowing it to sell new Wi-Fi routers and mesh models to consumers, even though they’re manufactured outside the US.
The Defense Department reviewed Netgear’s application for an exemption and found that its products “do not pose risks to US national security.” The FCC’s order doesn’t elaborate on why. Netgear is based in San Jose, California, although its products are made in Asia.
US jobs too important to risk Chinese car imports, says Ford CEO
China has enough spare capacity to swallow the entire US car market, says Ford’s Jim Farley.
NHS warned China could hack UK hospital fridges
Two-Week Social Media 'Detox' Erases a Decade of Age-Related Decline, Study Finds
Bitcoin miners are losing $19,000 on every BTC produced as difficulty drops 7.8%
Bitcoin difficulty is adjusted every two weeks, which cannot keep up with the abrupt price changes driven by the Trump administration's wild, erratic announcements and policy changes.
No More Hacking! Tesla Disables the FSD Used Illegally in Over 100,000 Cars
Tesla disabled the FSD in roughly 100,000 cars in China alone, after detecting illegal use of the system, hacked using unauthorized devices.
The cars featuring the illegal modifications were operating all across Europe, China, Japan, South Korea, and the UK, as owners had found cheaper or easier ways to activate the system and get rid of the grayed-out icons of functions that they were not allowed to use.
Two suspects have been arrested for allegedly shooting at Sam Altman's house
Newt Gingrich Weighs In
“Instead of fighting over a 21-mile-wide bottleneck forever, we cut a new channel through friendly territory. A dozen thermonuclear detonations and you’ve got a waterway wider than the Panama Canal, deeper than the Suez, and safe from Iranian attacks.”
The Supreme Court’s refusal to stand up for press freedom is catastrophic
In 2017, journalist Priscilla Villarreal did what good journalists ordinarily do. She was working on two stories — one about the suicide of a border agent and the other about a serious car accident. To confirm the names of the people involved in those incidents, Villarreal texted a member of the Laredo Police Department. The officer responded and provided the information she was looking for.
Soon afterward, she was charged with violating an obscure, Orwellian provision of the Texas Penal Code, the Misuse of Official Information Act. This law makes it a crime “if, with intent to obtain a benefit or with intent to harm or defraud another, he solicits or receives from a public servant information that: (1) the public servant has access to by means of his office or employment; and (2) has not been made public.”
The court’s refusal to hear Villareal’s case means that reporters can be punished for receiving information from government sources. If that is the new normal in this country, all that will be left for the news media is reliance on press releases.
Ukraine’s military robot surge aims to offset drone risks to humans
Ukraine’s military robots have completed over 22,000 missions in the last three months, including one in which the robots overcame a Russian military position by themselves while forcing the surrender of Russian soldiers.
Why Authoritarians Target Trans People
China tests deep-sea electro-hydrostatic actuator that can cut undersea cables at a depth of 3,500 meters — state hails successful trial and hints at deployment readiness
Infosec
'Addicted to hacking': Young hacker behind historic breach speaks out for 1st time, before reporting to prison
While still a teenager, he helped launch what's been described as the biggest cyberattack in U.S. education history.
The breach pierced the education technology company PowerSchool -- used by 80% of school districts in North America -- and "put at risk the security of 60 million children and 10 million teachers," the Justice Department said.
With threats to expose social security numbers, dates of birth, family information, grades, and even confidential medical information, the breach cornered PowerSchool into paying millions of dollars in ransom.
Google, Microsoft, Meta All Tracking You Even When You Opt Out, According to an Independent Audit
55 percent of the sites it checked set ad cookies in a user’s browser even if they opted out of tracking. Each company disputed or took issue with the research, with Google saying it was based on a “fundamental misunderstanding” of how its product works.
A malicious Ledger crypto-wallet that managed to sneak onto the official Mac App Store has stolen almost $10 million
Inside Predator's kernel engine
Commercial spyware defeats Apple's pointer authentication and achieves kernel memory access.
Adobe fixes PDF zero-day security bug that hackers have exploited for months
|