AI
ChatGPT Atlas has "logged out" mode to mitigate prompt injection attacks (x.com link)
We’ve performed extensive red-teaming, implemented novel model training techniques to reward the model for ignoring malicious instructions, implemented overlapping guardrails and safety measures, and added new systems to detect and block such attacks. However, prompt injection remains a frontier, unsolved security problem, and our adversaries will spend significant time and resources to find ways to make ChatGPT agent fall for these attacks.
Anthropic Promises Trump Admin Its AI Is Not Woke
"Anthropic is running a sophisticated regulatory capture strategy based on fear-mongering," said David Sacks.
"The real issue is not research but rather Anthropic’s agenda to backdoor Woke AI and other AI regulations through Blue states like California."
Anthropic CEO Dario Amodei said several studies found that Anthropic’s AI models are not "uniquely politically biased," (read: not woke).
Many of the AI industry’s most vocal critics would agree with Sacks that fear-mongering about AI is self-serving because it makes their companies seem more valuable and powerful.
Largest study of its kind shows AI assistants misrepresent news content 45% of the time – regardless of language or territory
AI assistants routinely misrepresent news content. 45% of all AI answers had at least one significant issue.
Gemini performed worst with significant issues in 76% of responses, more than double the other assistants, largely due to its poor sourcing performance.
Politics
Trump pardons former Binance CEO after guilty plea in letting cybercrime proceeds flow through platform
The Biden administration made former Binance CEO Changpeng Zhao a symbol of the war on cybercrime. On Thursday, President Donald Trump claimed him as a victim of the "war on cryptocurrency."
Zhao had a three-year sentence related to his role in Binance’s failure to report cryptocurrency circulating on the platform that had come from ransomware attacks, large-scale hacks, account takeovers, and darknet markets dealing in illegal narcotics, counterfeit and fraud-related goods and services, and other contraband.
Tinder to expand face verification tech to more states
Tinder will soon require users in more states to use a facial verification tool by providing a video selfie.
The videos are erased after an account is verified, but the dating app keeps what it calls a "non-reversible, encrypted face map and face vector" on hand to prevent duplicate accounts, detect fraud and verify new photos.
Dark Covenant 3.0: Controlled Impunity and Russia’s Cybercriminals
The Russian government’s relationship with cybercriminals has evolved from passive tolerance to active management.
America’s Cyber Resiliency in 2025: Lessons from the Fifth CSC 2.0 Annual Assessment
The US government is losing cybersecurity protections for the first time in its history.
Almost a quarter of recommendations made by the Cyberspace Solarium Commission have lost their "fully implemented" status this year. CSC 2.0 members blame the regression on the loss of manpower at CISA and the rest of the US government.
US accuses former L3Harris cyber boss of stealing and selling secrets to Russian buyer
Peter Williams was the general manager at Trenchant, a division of defense contractor L3Harris that develops hacking and surveillance tools for Western governments. He apparently leaked hacking tools to a Russian, earning $1.3 million. Williams is not currently in federal custody.
US Credit Card Debt Delinquencies Reach 14-Year Peak
Credit card delinquencies in the US have climbed to their highest point since 2010, signaling mounting financial pressure on American households as high interest rates and persistent inflation strain consumer budgets.
Infosec
We need secure products as much as we need security products
Sophos Firewall v22 takes Secure by Design to a new level with Remote integrity monitoring and other new security features.
Collins Aerospace Hit Twice: 2022 Infostealer Infection Enabled a Separate Breach
Details of the EU airport hack. Weak FTP credentials stolen in 2022 let the attackers in. The first attackers, named Everest, say they did not use ransomware. However, a second attacker came in and deployed ransomware.
Are You Compromised?
Free report showing credentials found by infostealers
iOS 26 change deletes clues of old spyware infections
Apple is now rewriting the shutdown.log file after every device reboot, instead of appending new data at the end.
This is removing older log entries that contain indicators of compromise with spyware families such as NSO's Pegasus and Intellexa's Predator.
Jingle Thief: Inside a Cloud-Based Gift Card Fraud Campaign
Jingle Thief attackers use phishing and smishing to steal credentials, to compromise organizations that issue gift cards, and then issue unauthorized gift cards.
Having gained initial access, they used Microsoft 365 services, including SharePoint, OneDrive, Exchange and Entra ID, and maintained access for approximately 10 months, compromising over 60 user accounts within a single global enterprise.
The internet commons under siege: Why 33 Tbps DDoS attacks are everyone's problem
When someone launches a 33 Tbps attack at a single IP address, they're not just attacking that target. They're attacking the internet infrastructure itself. At these volumes, all that infrastructure becomes congested. Peering links saturate. Internet exchange (IX) ports max out. And suddenly, traffic that has nothing to do with the attack starts getting dropped. Legitimate users can't access legitimate services because the internet pipes are full of “garbage” traffic.
GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace
The world's first worm targeting VS Code extensions on OpenVSX marketplace. It's using stealth techniques we've never seen before in the wild - invisible Unicode characters that make malicious code literally disappear from code editors. Combine that with blockchain-based C2 infrastructure that can't be taken down, Google Calendar as a backup command server, and a full remote access trojan that turns every infected developer into a criminal proxy node.
It arvests NPM, GitHub, and Git credentials for supply chain propagation.
Google porting all internal workloads to Arm, with help from GenAI
YouTube and Gmail already running on both x86 and homebrew Axion silicon, 70,000 more apps in the conversion queue
|