AI
Anthropic dares you to jailbreak its new AI model
Week-long public test follows 3,000+ hours of unsuccessful bug bounty claim attempts.
DeepSeek Fails Researchers' Safety Tests
DeepSeek R1 exhibited a 100% attack success rate, meaning it failed to block a single harmful algorithmic jailbreaking prompt.
Microsoft's Scareware Blocker, Powered by AI
Scareware uses aggressive web pages to convince victims into thinking their system is infected with malware, and pressure them to call a fake tech support number. Microsoft says: “Scareware blocker uses a machine learning model to recognize the tell-tale signs of scareware scams and puts users back in control of their computer. We call on users who want to combat scams to help us test our preview.”
To help AIs understand the world, researchers put them in a robot
Large language models like ChatGPT display conversational skills, but the problem is they don’t really understand the words they use. “The inspiration for our model came from developmental psychology. We tried to emulate how infants learn and develop language.” Vijayaraghavan’s robot was a fairly simple system with an arm and a gripper that could pick objects up and move them around. Vision was provided by a simple RGB camera feeding videos in a somewhat crude 64×64 pixels resolution. Once the robot learned how certain commands and actions were connected, it also learned to generalize that knowledge to execute commands it never heard before.
Politics
Can anyone stop President Musk?
Full Remarks: Raskin Condemns President Trump and Elon Musk’s “Illegal” and “Unconstitutional” Abolition of USAID at Press Conference Outside the Agency
Treasury, Bessent Sued Over Giving Access to Musk’s ‘DOGE’ Team
The Treasury Department was accused of breaking federal law by giving Elon Musk’s team of government efficiency enforcers access to a trove of personal and financial information. Union groups, including the AFL-CIO, and the Alliance for Retired Americans said in a lawsuit on Monday that Treasury and Scott Bessent, who leads the agency, had illegally allowed their members’ records to be shared with Musk’s group known as DOGE.
Democratic Senator Says He Will Stall Trump Nominees Until USAID Is Back
Sen. Brian Schatz (D., Hawaii) said he would place a “blanket hold” on all of President Trump’s State Department nominees until the administration’s attack on the leading U.S. foreign-assistance agency ends, a move that threatens to stall Trump’s ability to get his foreign-policy team in place.
Infosec
CISA, FDA warn of vulnerabilities in Contec patient monitors
The agencies found that the monitors could be remotely controlled by an unauthorized user or not work as intended. In addition, the software includes a backdoor, meaning the device or network to which the device has been connected may have been or could be compromised. When the monitor is connected to the internet, it collects patient data that includes personally identifiable information and protected health information.
The vulnerabilities can allow unauthorized actors to bypass cybersecurity controls and then gain access to and potentially manipulate the device.
Global Switch Day.
8 Million Requests Later, We Made The SolarWinds Supply Chain Attack Look Amateur
We purchased ~150 Amazon S3 buckets that had previously been used for commercial and open source software products, governments, and infrastructure deployment/update pipelines - and then abandoned. These S3 buckets received more than 8 million HTTP requests over a 2 month period for software updates, pre-compiled (unsigned!) Windows, Linux and macOS binaries,
virtual machine images, etc. The requests came from US Government networks (inc NASA, numerous laboratories, state governments, etc), military, Fortune 100s, “Major payment card network”, Cyber security technology companies (lol), etc.
Millions Of Password Manager Users On Red Alert—Act Now To Stay Safe
Password managers are now being targeted by malware, leveraging sophisticated extraction methods, including memory scraping, registry harvesting and compromising local and cloud-based password stores. A password manager remains your most potent defense against password theft. Remember to use a strong master password that cannot be easily guessed.