AI
More than 20% of videos shown to new YouTube users are ‘AI slop’, study finds
Low-quality AI-generated content is now saturating social media – and generating about $117m a year, data shows
Why we need a ‘human-made’ label for art and music in the age of AI
If we want real artists to survive, we are going to need a clear way to say, “this was made by a human being.”
Real Voices, Real Connection: iHeart Declares Its Content ‘Guaranteed Human.’
Dutch privacy watchdog warns of rising AI chatbot data leaks
The Dutch Data Protection Authority has counted dozens of such AI-related data breach reports so far this year.
The regulator noted that free versions of popular AI chatbots store the data users enter, while it is unclear what the companies behind these tools subsequently do with that information.
The watchdog warned that such data could be used to train AI models and expressed concern that personal details could later reappear in chatbot responses.
After Outcry, Firefox Promises “Kill Switch” That Turns Off All AI Features
Firefox announced that it will soon become a "modern AI browser," leading to backlash.
“Something that hasn’t been made clear: Firefox will have an option to completely disable all AI features,” the company wrote in an update on Mastodon. “We’ve been calling it the AI kill switch internally. I’m sure it’ll ship with a less murderous name, but that’s how seriously and absolutely we’re taking this.”
Politics
EPA websites now downplay link between humans and climate change
The Environmental Protection Agency has altered and removed information from its website that connected climate change to the burning of fossil fuels.
Hacking space: Europe ramps up security of satellites
For years, satellite infrastructure was treated by policymakers as a technical utility rather than a strategic asset. That changed in 2022, when a cyberattack on the Viasat satellite network coincided with Russia’s invasion of Ukraine.
A centerpiece of Europe’s ambitions is IRIS², a multibillion-euro secure connectivity constellation pitched in 2022 and designed to rival Elon Musk’s Starlink system. It's at least four years from becoming operational.
US can’t deport hate speech researcher for protected speech, lawsuit says
US officials are attempting to sanction Ahmed seemingly due to his work as the founder of a British-American non-governmental organization, the Center for Countering Digital Hate (CCDH).
While all targets were scrutinized for supporting some of the European Union’s strictest tech regulations, including the Digital Services Act (DSA), Ahmed was further accused of serving as a “key collaborator with the Biden Administration’s effort to weaponize the government against US citizens.” As evidence of Ahmed’s supposed threat to US foreign policy, Rogers cited a CCDH report flagging Robert F. Kennedy, Jr. among the so-called “disinformation dozen” driving the most vaccine hoaxes on social media.
After suing US officials to block any attempted arrest or deportation, Ahmed was quickly granted a temporary restraining order on Christmas Day. Ahmed had successfully argued that he risked irreparable harm without the order, alleging that Trump officials continue “to abuse the immigration system to punish and punitively detain noncitizens for protected speech and silence viewpoints with which it disagrees” and confirming that his speech had been chilled.
Texas father rescues kidnapped 15-year-old daughter after tracking her phone’s location
A Texas father used the parental controls on his teenage daughter’s cell phone to find and help rescue her after she was kidnapped at knifepoint while walking her dog on Christmas.
Blocked by CSU, community college bachelor’s degrees closer to approval following new analysis
They've been blocked so far because community colleges cannot offer a program that duplicates CSU degrees. But a new law says bachelor’s degrees should not necessarily be considered duplicative if the objecting CSU campus is not geographically close to the community college.
Days After Mass Bricking Event, Waymo Fleet Shuts Down Again
The first shutdown was due to a power outage, because the cars stopped when the traffic lights went out. The second time, the company suspended all rides due to National Weather Service flash flood warning.
Google Rapidly Deploying Huge CO2 Battery Facilities That Store 200 Megawatt Hours of Power
It stores energy in enormous domes that are filled with compressed carbon dioxide gas. A fully charged facility can store a formidable 200 megawatt-hours of electricity — enough to power around 6,000 homes for a full day. Google “plans to rapidly deploy the facilities in all of its key data-center locations in Europe, the United States, and the Asia-Pacific region.”
Unlike other renewable energy storage solutions, CO2 batteries don’t need special minerals, supply chains for complex parts, or constant upkeep.
There’s also the shortcoming that plagues all bubbles: the threat of a puncture, which could release thousands of tons of CO2 into the atmosphere.
But proponents argue it’s worth the risks.
“It’s negligible compared to the emissions of a coal plant.”
Infosec
I made Windows 11 more secure with this 2MB open-source tool
Simplewall is the Windows version of Mac's Little Snitch, showing the origin of all network traffic. This may be helpful for CCDC competitors!
Merry Christmas Day! Have a MongoDB security incident.
The vuln, which dropped just before Christmas, in theory allowed memory read without authentication. Patches are available. It impacts every version of MongoDB going back about a decade.
And OX Research team published an exploit on Dec 24, 2025. I’ve validated said exploit is real, you can just supply an IP address of a MongoDB instance and it’ll start ferreting out in memory things such as database passwords (which are plain text), AWS secret keys etc. The exploit specifically looks for those class of credentials and secrets, too.
Hunting MongoBleed (CVE-2025-14847)
With Velociraptor
Working with the Brooklyn DA to support victims and help bring an alleged scammer to justice
A Brooklyn man contacted Coinbase users while pretending to be a Coinbase support representative. Victims were allegedly told their accounts were “hacked” or at imminent risk, and were instructed to move funds to a “safe” wallet. He stole $16 million from about 100 victims, with more than $600,000 recovered so far.
Quick Share on Windows is finally good (and I use it every day)
An Android utility that acts like Apple's AirDrop.
Bluetooth Headphone Jacking
They reversed a popular SOC that powers Bluetooth earbuds and headphones.
Even without being paired to the headphone, they could dump flash and RAM from the device.
They could then intercept phone calls used for 2FA and one-time security keys, getting into WhatsApp and Amazon accounts.
Clipboard hijacker stole $11.7m worth of crypto
From April 2020 to January 2023, A distributed a malicious program ‘KMSAuto’ disguised as an illegal program to activate Microsoft Windows 2.8 million times worldwide.
A so-called ‘memory hacking’ method was used to automatically change the receiving address to the address specified by the hacker when transferring virtual assets from a computer infected with a malicious program.
|