AI
Heretic: Fully automatic censorship removal for language models (P)
Heretic is a tool that removes censorship (aka "safety alignment") from transformer-based language models without expensive post-training. It combines an advanced implementation of directional ablation, also known as "abliteration" (Arditi et al. 2024), with a TPE-based parameter optimizer powered by Optuna.
It’s 2 AM. Do You Know Which AIs Your MCP Server Is Talking To?
Model Context Protocol (MCP) allows LLMs to talk to data sources, APIs, and pretty much anything else you can think of. But it doesn't implement any authorization by default. They found roughly 1000 exposed MCP servers without any authorization, allowing anyone to use them. Their functions included managing Kubernetes clusters, sending WhatsApp messages, and good old RCE.
A Developer Accidentally Found CSAM in AI Data. Google Banned Him For It
He was training an AI to detect nudity, using a popular dataset called Nudenet, which was cited or used by more than 250 academic works and distributed via an academic file sharing site. He found CSAM in it, and reported it, but the result was that Google cancelled his account. Google refused to reinstate it until the press became involved.
One lesson is to use a throwaway account for dangerous activities.
Politics
Millions of Australian children just lost access to social media. What’s happening and will it work?
Under the law, platforms need to show they’ve taken “reasonable steps” to deactivate accounts used by under-16s, and to prevent new accounts being opened, to avoid fines of up to 49.5 million Australian dollars ($32 million).
Some children – and their parents – are expected to flout the ban, but there are no consequences for either.
Social Media Is Absolutely Nuking Children’s Brains, New Research Finds
The researchers followed 8,324 children aged nine to ten years old in the US for four years. The children self-reported how much time they spent on social media, watching TV, or playing video games. Their parents also assessed their ability to pay attention and any signs of hyperactivity.
There was a clear link between social media use and an attention deficit, raising the possibility that the constant sensory assault by online services like TikTok and Snapchat could be robbing kids of the ability to focus. That’s in contrast to TV or video game use, which showed no clear association with symptoms of ADHD.
America’s New Political Reality: Trump Decides Which Beliefs Are “Legal”
Trump ordered the FBI, DOJ, and over 200 federal Joint Terrorism Task Forces to seek out and investigate any person or group who meet it’s “indica” (indicators) of potential domestic terrorism:
- anti-Americanism,
- anti-capitalism,
- anti-Christianity,
- support for the overthrow of the United States Government,
- extremism on migration,
- extremism on race,
- extremism on gender
- hostility towards those who hold traditional American views on family,
- hostility towards those who hold traditional American views on religion, and
- hostility towards those who hold traditional American views on morality.
Tourists to US would have to reveal five years of social media activity under new Trump plan
The mandatory new disclosures would apply to the 42 countries whose nationals are currently permitted to enter the US without a visa, including longtime US allies Britain, France, Australia, Germany and Japan.
it would also require any telephone numbers used by visitors over the same period, and any email addresses used in the last decade, as well as face, fingerprint, DNA and iris biometrics. It would also ask for the names, addresses, birthdates and birthplaces of family members, including children.
The notice gives members of the public two months to comment.
New US visa rule sparks panic among Indians as social media checks begin
The new mandate has created palpable fear. Even mundane remarks, political opinions or misaligned resume details could trigger extra scrutiny.
Visa interview appointments across Indian consulates have been abruptly cancelled. Many applicants learnt their December slots had been pushed to March 2026, leaving new hires unable to start jobs, families stranded abroad and travellers stuck after short visits home for weddings or to drop off parents.
Cory Doctorow - Rescuing the Internet From “Enshittification” | The Daily Show
In a major new report, scientists build rationale for sending astronauts to Mars
The report claims various scientific goals are best addressed by humans on Mars, but how to get them there without lethal exposure to radiation is not mentioned in this article.
Infosec
Over 10,000 Docker Hub images found leaking credentials, auth keys (P)
The secrets impact a little over 100 organizations, among them are a Fortune 500 company and a major national bank.
The most frequent secrets were access tokens for various AI models (OpenAI, HuggingFace, Anthropic, Gemini, Groq). In total, the researchers found 4,000 such keys.
Chinese hackers exploiting React2Shell bug impacting countless websites, Amazon researchers say
The vulnerability carries a “critical” severity score of 10 out of 10. “Despite the technical inadequacy of many public PoCs, threat actors are still attempting to use them,” he said. “This behavior demonstrates that threat actors aren’t just running automated scans, but are actively debugging and refining their exploitation techniques against live targets.”
2025 CWE Top 25 Most Dangerous Software Weaknesses
Nothing new here: XSS and SQLi top the list.
|