Dark mode: ON

Infosec Decoded Season 5 #62: Antivaxx

With Doug Spindler and sambowne@infosec.exchange

Recorded Fri, Aug 8, 2025

AI

After using ChatGPT, man swaps his salt for sodium bromide—and suffers psychosis
More than 130,000 Claude, Grok, ChatGPT, and Other LLM Chats Readable on Archive.org
OpenAI’s ChatGPT Agent casually clicks through “I am not a robot” verification test
"This step is necessary to prove I'm not a bot," wrote the bot as it passed an anti-AI screening step.
Leaked ChatGPT Conversations Show People Asking the Bot to Do Some Dirty Work
“I am the lawyer for a multinational group active in the energy sector that intends to displace a small Amazonian indigenous community from their territories in order to build a dam and a hydroelectric plant.” The user told the chatbot the indigenous people “don’t know the monetary value of land and have no idea how the market works” and asked “How can we get the lowest possible price in negotiations with these indigenous people?”

Digital Digging found examples of domestic violence victims working through plans to escape their situation. Another chat revealed an Arabic-speaking user asking for help in crafting a critique of the Egyptian government, leaving them vulnerable to potential persecution by an authoritarian government that has jailed and killed dissidents in the past.

What’ll happen if we spend nearly $3tn on data centres no one needs? (PSW)

Politics

Trump wanted a US-made iPhone. Apple gave him a gold statue.
Trump's chip tariffs won't hit Apple despite no plans for a US-made iPhone.
‘A million calls an hour’: Israel relying on Microsoft cloud for expansive surveillance of Palestinians
RFK Jr. defends $500M cut for mRNA vaccines with pseudoscience gobbledygook

Infosec

Critical Zero-Day Bugs Crack Open CyberArk, HashiCorp Password Vaults (PSW)
Threat Model
Inside dirt on DEF CON bans
ReVault! When your SoC turns against you…
  • Talos reported 5 vulnerabilities to Broadcom and Dell affecting both the ControlVault3 Firmware and its associated Windows APIs that we are calling “ReVault”.
  • 100+ models of Dell Laptops are affected by this vulnerability if left unpatched.
  • The ReVault attack can be used as a post-compromise persistence technique that can remain even across Windows reinstalls.
  • The ReVault attack can also be used as a physical compromise to bypass Windows Login and/or for any local user to gain Admin/System privileges.
Thai hospital fined 1.2 million baht for data breach via snack bags
Snack bag
Ohio law to require local governments to formally approve ransomware payments: Capitol Letter
TEMPEST-LoRa: Emitting LoRa Packets from VGA or HDMI Cables