AI
Block all AI browsers for the foreseeable future: Gartner
Lazy users could have agents complete mandatory infosec training, and browsers might be tricked into visiting phishing websites. Credentials and data could be compromised. AI browsers are just too dangerous to use without first conducting risk assessments--you’ll end up with a long list of prohibited use cases, and the job of monitoring an AI browser fleet to enforce the resulting policies.
UK intelligence warns AI 'prompt injection' attacks might never go away
The issue is fundamental to how large language models work by treating text as a sequence of tokens to predict, making them susceptible to confusing user content for a command. There's no known way to mitigate prompt injection, which makes it worse than SWL injection.
Google Chrome adds new security layer for Gemini AI agentic browsing
User Alignment Critic is a separate LLM model isolated from untrusted content that acts as a "high-trust system component." There are other security features, and bounty payments of up to $20,000 for anyone who can break the new system.
Microsoft has a problem: nobody wants to buy or use its shoddy AI products — as Google's AI growth begins to outpace Copilot products
Microsoft has cut forecasts and sales goals for its Azure AI products across the board, owing to a complete lack of demand. Microsoft Copilot's backend partner OpenAI issued a "code red" situation. ChatGPT has fallen behind Google Gemini in problem solving, and Nano Banana image generation has outpaced OpenAI's own DALLE by leaps and bounds.
OpenAI is still the clear market leader in search, but there are serious questions about its business model and dangerous levels of debt. Research shows that agentic AI tools require human intervention at a frequency ratio that makes them cost ineffective.
Home Office kept police facial recognition flaws to itself, UK data watchdog fumes
The algorithm was best at identifying Asian subjects, with a 98 percent success rate. White subjects were correctly identified 91 percent of the time, and Black subjects in 87 percent of cases.
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs) that combine prompt injection primitives with legitimate features to achieve data exfiltration and remote code execution.
The security shortcomings have been collectively named IDEsaster by security researcher Ari Marzouk (MaccariTA). They affect popular IDEs and extensions such as Cursor, Windsurf, Kiro.dev, GitHub Copilot, Zed.dev, Roo Code, Junie, and Cline, among others. Of these, 24 have been assigned CVE identifiers.
Politics
The ads that sell the sizzle of genetic trait discrimination
Pickyourbaby.com promises a way for potential parents to use genetic tests to influence their baby’s traits, including eye color, hair color, and IQ. It can analyze genetic tests on IVF embryos to score them for 2,000 traits and disease risks, letting parents pick some and reject others.
Jan. 6 pipe bomb suspect Brian Cole confessed, said he supports Trump and has anarchist views: MS NOW
Waymo’s robotaxis are under investigation for passing stopped school buses
The Austin School District says the robotaxis illegally passed school buses 19 times this year.
10 (Not So) Hidden Dangers of Age Verification
1. Adults Without IDs Get Locked Out
2. Communities of Color Face Higher Error Rates
3. People with Disabilities Face More Barriers
4. Transgender and Non-Binary People Are Put At Risk
5. Anonymity Becomes a Casualty
6. Young People Lose Access to Essential Information
7. LGBTQ+ Youth Are Denied Vital Lifelines
8. Youth in Foster Care Systems Are Completely Left Out
9. All of Our Personal Data is Put at Risk
10. All of Our Free Speech Rights Are Trampled
Delivery Robots Take Over Chicago Sidewalks, Sparking Debate And A Petition To Hit ‘Pause’
Opponents say sidewalks are for people, not robots. Advocates say the robots reduce congestion by decreasing the number of cars delivering food.
America's most powerful banker attacks Trump company CEO: 'Stop making up things'
Trump Media CEO Devin Nunes says that JPMorgan Chase 'debanked' Donald Trump's media company, responding to political pressure from the Biden administration. Dimon, the most influential banker in the United States, urged critics to 'stop making up things.' 'We do not debank people for religious or political affiliations.'
Rep. Jasmine Crockett launches Senate run in Texas, shaking up Democratic primary
Democrats have not won a statewide race in Texas in more than 30 years, but they have been eyeing next year’s Senate race as a potential pickup opportunity, with Cornyn facing primary challenges from state Attorney General Ken Paxton and GOP Rep. Wesley Hunt. Democrats need to net four seats to take back the Senate next year.
Infosec
Russian police bust bank-account hacking gang that used NFCGate-based malware
The malicious mobile application was distributed through WhatsApp and Telegram and disguised as software from legitimate banks. Victims were first contacted by phone and persuaded to install a fraudulent banking app.
During the fake “authorization” process, they were instructed to hold their bank card to the back of their smartphone and enter their PIN — a step that allowed attackers to harvest card credentials and withdraw funds from ATMs anywhere in the country without the cardholder’s involvement.
Ex-teen hackers warn parents are clueless as children steal 'millions'
The Money team reveals children as young as seven are being referred to Britain's national cybercrime intervention programme. Former hackers jailed for stealing millions warn parents it's easier than ever for children to fall down the rabbit hole – and the first step is often gaming.
Man Charged for Wiping Phone Before CBP Could Search It
The activist is charged with deleting data from a Google Pixel before CBP’s Tactical Terrorism Response Team could search it.
|