AI
AI models can acquire backdoors from surprisingly few malicious documents
250 malicious documents can successfully poison a model with 13 billion parameters, trained on 260 billion tokens.
Introduction to Data Poisoning: A 2025 Perspective
A Nature Medicine study found that replacing just 0.001% of training tokens in a medical dataset with misinformation caused models to generate 7–11% more harmful completions.
Hobble your AI agents to prevent them from hurting you too badly
In contrast to what some companies are trying to do with AI guardrails, Cable said, "I think what actually is the best approach is having some sort of controls in place. One option is for that to be through just limitations on what tools you can use."
As an example, he cited how Anthropic prevented its browser use extension from connecting to banks and financial sites, to mitigate the risk of an AI-based attack that empties bank accounts.
In short, to reduce the risk of AI agent exploitation, hobble your AI agents. Don't give them access to file deletion commands. Don't let them open arbitrary network ports.
Insurers balk at paying out huge settlements for claims against AI firms
OpenAI and Anthropic are considering using investor funds to settle potential claims from multibillion-dollar lawsuits, as insurers balk at providing comprehensive coverage for the risks associated with artificial intelligence.
Politics
Censorship
Apple and Google reluctantly comply with Texas age verification law
Texas requires sensitive info just to check weather and sports scores, Apple says.
Apple Banned an App That Simply Archived Videos of ICE Abuses
Not a game: Cards Against Humanity avoids tariffs by ditching rules, explaining jokes
Cards Against Humanity, the often-vulgar card game, has launched a limited edition of its namesake product without any instructions and with a detailed explanation of each joke, "why it’s funny, and any relevant social, political, or historical context."
Discord says hackers stole government IDs of 70,000 users
As more sites require IDs for user age verification, expect more such breaches to come.
California Politics
Katie Porter’s viral videos plunge campaign into ‘disaster’
The bipartisan pile-on following the widely-circulated clip of her contentious sit-down with a local CBS news reporter was only hours old when a new video surfaced from POLITICO of the former House member berating a staffer in 2021 — the two clips fueling long-simmering concerns about her temperament and judgment.
California Targets Tractor Supply's Tricky Tracking
Tractor Supply violated the California Consumer Privacy Act by:
- Failing to maintain a privacy policy that notified consumers of their rights;
- Failing to notify California job applicants of their privacy rights and how to exercise them;
- Failing to provide consumers with an effective mechanism to opt-out of the selling and sharing of their personal information, including through opt-out preference signals such as Global Privacy Control; and
- Disclosing personal information to other companies without entering into contracts that contain privacy protections.
Tractor Supply, which has 2,500 stores in 49 states, will pay for their actions to the tune of $1,350,000—the largest fine the agency has issued to date.
California enacts law giving consumers ability to universally opt out of data sharing
The bill requires browsers to set up an easy-to-find mechanism that lets Californians opt-out with the push of a button, instead of having to do so repeatedly when visiting individual websites.
Other
Germany To Allow Police To Shoot Down Drones
German military drills last month in the northern port city of Hamburg demonstrated how like a spider, a large military drone shot a net at a smaller one in mid-flight, entangling its propellers and forcing it to the ground, where a robotic dog trotted over to seek possible explosives.
Court Injunctions are the Thoughts and Prayers of Data Breach Response
Injunctions block legitimate use of stolen data, like Have I Been Pwned.
ISPs created so many fees that FCC will kill requirement to list them all
ISPs complained about Biden-era rule, said listing every fee was too hard.
Homeland Security Cyber Personnel Reassigned to Jobs in Trump’s Deportation Push
The US Department of Homeland Security has shifted hundreds of national security specialists, including cyber personnel, into jobs that support President Donald Trump’s deportations and said it would dismiss anyone who refuses to go along.
Infosec
Insecure Mobile VPNs: The Hidden Danger
They request dangerous permissions, driven by a desire to collect data for monetization. They also exported activities or content providers without proper safeguards, allowing other apps on the device to launch them or query their data. Similarly, system-level calls such as Runtime.exec() can be abused to execute arbitrary commands or bypass platform security features.
YouTube prepares to welcome back banned creators with “second chance” program
A few weeks ago, Google told US Rep. Jim Jordan (R-Ohio) that it would allow creators banned for COVID and election misinformation to rejoin the platform. Going forward, almost anyone banned from YouTube will have an opportunity to request a new channel.
Drinking Diet Soda May Raise Your Liver Disease Risk by Up to 60%, New Study Says
Tesla FSD gets worse at driving, NHTSA opens new investigation
FSD has been crossing into oncoming traffic and ignoring red lights.
|