AI
Attention Authors: Updated Practice for Review Articles and Position Papers in arXiv CS Category
arXiv has been flooded with papers. Generative AI / large language models have added to this flood by making papers – especially papers not introducing new research results – fast and easy to write. So now new CS review articles and position papers must now be accepted at a journal or a conference and complete successful peer review.
Their new plush toy uses AI to chat with kids. Child health experts are worried
In a bright, freshly leased office in SoMa, an AI startup called Bondu is building a plush dinosaur that it’s billing as the “future of play.” It tells jokes and stories, offers up trivia, and can talk kids through stressful situations, all while promising to cut down on what has become many parents’ frenemy: screen time.
Kids fall in love with the toy in an hour. They become best friends in an hour.
Protecting more Edge users with expanded Scareware blocker availability and real-time protection
Scareware blocker for Microsoft Edge is now enabled by default on devices with more than 2 GB of RAM and four CPU cores, where it won’t slow down everyday browsing.
It protects users from fresh scams hours or even days before they appear on global blocklists. Unsurprisingly, AI-powered features like Scareware blocker will forever change the way we protect customers from attacks.
AI Is Causing a Grim New Twist on the Dunning-Kruger Effect, Research Finds
ChatGPT helps people solve logical reasoning problems, but people trust it too much, usually accepting the first answer they find.
CyberSlop — meet the new threat actor, MIT and Safe Security
A widely-cited MIT paper claimed that "80% of ransomware attacks are now powered by AI." Marcus Hutchins, Kevin Beaumont, and others debunked it. It was deceptive marketing material from a company trying to sell some sort of AI defenses. MIT simply removed it, without discussion or explanation.
Politics
Marjorie Taylor Greene tells Bill Maher she believes extraterrestrials are demons
Elon Musk on data centers in orbit: “SpaceX will be doing this”
Proponents of the idea say the advantages are clear: free, limitless power from the Sun and none of the messy environmental costs of building these facilities on Earth (where opposition is starting to grow). Critics say it is economically impractical to build these facilities in space and that supporters underestimate the technology needed to make it work.
Mining Company Says It’s Identified Hugely Valuable Material on Surface of the Moon
Helium-3 is highly sought-after to fuel nuclear power reactors or help cool quantum computers. It’s extremely rare on Earth, but more common on the Moon. But extracting it may not be economically feasible.
Infosec
Study concludes cybersecurity training doesn’t work
Phishing training doesn't prevent people from clicking on phishing links. Most people will eventually click on one. Given how ineffective cybersecurity training is, we should focus on other defenses like multifactor authentication or email spam detection.
Risky Bulletin: Norway skittish of its Chinese electric buses
A security audit of their electric buses and, found that its Chinese models could be remotely disabled by their manufacturer. Electric buses from Chinese company Yutong could be remotely disabled via remote control capabilities found in the bus software, diagnostics module, and battery and power control systems. In response, they disabled internet connectivity by removing SIM cards from the onboard modems.
Similar remote control features have been found in port cranes deployed in the US, Chinese smart cars, solar panels, and about anything else that has a Chinese chip in it. There is also the valid point that many of those remote control/surveillance systems are inside those products for legitimate purposes, such as debugging and remote support.
Stolen Credentials and Valid Account Abuse Remain Integral to Financially Motivated Intrusions
Financially motivated adversaries use compromised credentials obtained via phishing, through password reuse, or that were purchased from Initial Access Brokers (IAB). The main entry point was through VPNs. They also used n-day attacks against exposed applications.
Manufacturer issues remote kill command to disable smart vacuum after engineer blocks it from collecting data — user revives it with custom hardware and Python scripts to run offline
An engineer got curious about how his iLife A11 smart vacuum worked and monitored the network traffic coming from the device. That’s when he noticed it was constantly sending logs and telemetry data to the manufacturer — something he hadn't consented to. So the company sent a remote kill signal to it.
Attack on samsclass.info in Oct 2025
Open VSX security update, October 2025
They say “GlassWorm” was not actually self-replicating, but just a credential stealer. They say they have revoked all compromised credentials and declare the incident fully contained and closed.
Risk of Tor Browser on Windows
By default it installs to your Desktop folder, which is by default mirrored to OneDrive at Microsoft. Microsoft has access to your OneDrive content for cybersecurity analysis via privacy carve outs. The Tor folder contains sensitive content.
The solution is to install at root of C: drive.
Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says
Employees of DigitalMint, a company that specializes in negotiating ransoms in cyber attacks, were part of a small crew the feds say conducted five hacks that scored more than $1 million.
|