Artificial Intelligence
Viral Moltbot AI assistant raises concerns over data security
Security researchers are warning of insecure deployments in enterprise environments of the Moltbot (formerly Clawdbot) AI assistant, which can lead to leaking API keys, OAuth tokens, conversation history, and credentials. Moltbot is an open-source personal AI assistant with deep system integration created by Peter Steinberger that can be hosted locally on user devices and integrated directly with the user’s […]
Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation
A malicious campaign is actively targeting exposed LLM (Large Language Model) service endpoints to commercialize unauthorized access to AI infrastructure. Over a period of 40 days, researchers at Pillar Security recorded more than 35,000 attack sessions on their honeypots, which led to discovering a large-scale cybercrime operation that monetizes and exploits access to exposed or poorly authenticated AI endpoints. […]
OpenAI’s ChatGPT ad costs are on par with live NFL broadcasts
OpenAI plans to begin rolling out ads on ChatGPT in the United States if you have a free or $8 Go subscription, but the catch is that the ads could be very expensive for advertisers. OpenAI has not publicly commented on how much it would cost to pay for an ad within the AI answers. […]
EU launches investigation into X over Grok-generated sexual images
The European Commission announced today that it has launched formal proceedings under the Digital Services Act to investigate whether X properly assessed risks before deploying its Grok artificial intelligence tool, following its use to generate sexually explicit images. The commission noted that these potential risks “seem to have materialised,” seeing that the AI-powered tool was […]
ChatGPT Temporary chat feature is getting a much-needed upgrade
OpenAI is testing a big upgrade for ChatGPT’s temporary chat feature. The update will allow you to retain personalization in temporary chat, and still block temporary chat from influencing your account. For those unaware, Temporary Chat in ChatGPT is a mode where you start with a fresh slate. In this chat, ChatGPT won’t use or reference […]
Malicious AI extensions on VSCode Marketplace steal developer data
Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers. Both extensions are advertised as AI-based coding assistants that provide the promised functionality. However, they do not disclose the upload activity or ask users for consent to deliver data to a remote server. The VS Code Marketplace is […]
Curl ending bug bounty program after flood of AI slop reports
The developer of the popular curl command-line utility and library announced that the project will end its HackerOne security bug bounty program at the end of this month, after being overwhelmed by low-quality AI-generated vulnerability reports. The change was first discovered in a pending commit to curl’s BUG-BOUNTY.md documentation, which removes all references to the HackerOne program. […]
Microsoft updates Notepad and Paint with more AI features
Microsoft is rolling out new artificial intelligence features with the latest updates to the Notepad and Paint apps for Windows 11 Insiders. These changes are rolling out to Windows Insiders in the Canary and Dev Channels, who have upgraded to the latest versions. Notepad version 11.2512.10.0 now streams AI-generated results for Write, Rewrite, and Summarize […]
Chainlit AI framework bugs let hackers breach cloud environments
Two high-severity vulnerabilities in Chainlit, a popular open-source framework for building conversational AI applications, allow reading any file on the server and leaking sensitive information. The issues, dubbed ‘ChainLeak’ and discovered by Zafran Labs researchers, can be exploited without user interaction and impact “internet-facing AI systems that are actively deployed across multiple industries, including large […]
OpenAI’s ChatGPT Atlas browser is testing actions feature
Chromium-based ChatGPT Atlas browser is testing a new feature likely called “Actions,” and it can also understand videos, which is why you might see ChatGPT generating timestamps for videos. ChatGPT Atlas is a web browser where ChatGPT is built into the browsing experience Instead of switching between tabs and copying links or screenshots into ChatGPT, […]