Artificial Intelligence
EU launches investigation into X over Grok-generated sexual images
The European Commission announced today that it has launched formal proceedings under the Digital Services Act to investigate whether X properly assessed risks before deploying its Grok artificial intelligence tool, following its use to generate sexually explicit images. The commission noted that these potential risks “seem to have materialised,” seeing that the AI-powered tool was […]
ChatGPT Temporary chat feature is getting a much-needed upgrade
OpenAI is testing a big upgrade for ChatGPT’s temporary chat feature. The update will allow you to retain personalization in temporary chat, and still block temporary chat from influencing your account. For those unaware, Temporary Chat in ChatGPT is a mode where you start with a fresh slate. In this chat, ChatGPT won’t use or reference […]
Malicious AI extensions on VSCode Marketplace steal developer data
Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers. Both extensions are advertised as AI-based coding assistants that provide the promised functionality. However, they do not disclose the upload activity or ask users for consent to deliver data to a remote server. The VS Code Marketplace is […]
Curl ending bug bounty program after flood of AI slop reports
The developer of the popular curl command-line utility and library announced that the project will end its HackerOne security bug bounty program at the end of this month, after being overwhelmed by low-quality AI-generated vulnerability reports. The change was first discovered in a pending commit to curl’s BUG-BOUNTY.md documentation, which removes all references to the HackerOne program. […]
Microsoft updates Notepad and Paint with more AI features
Microsoft is rolling out new artificial intelligence features with the latest updates to the Notepad and Paint apps for Windows 11 Insiders. These changes are rolling out to Windows Insiders in the Canary and Dev Channels, who have upgraded to the latest versions. Notepad version 11.2512.10.0 now streams AI-generated results for Write, Rewrite, and Summarize […]
Chainlit AI framework bugs let hackers breach cloud environments
Two high-severity vulnerabilities in Chainlit, a popular open-source framework for building conversational AI applications, allow reading any file on the server and leaking sensitive information. The issues, dubbed ‘ChainLeak’ and discovered by Zafran Labs researchers, can be exploited without user interaction and impact “internet-facing AI systems that are actively deployed across multiple industries, including large […]
OpenAI’s ChatGPT Atlas browser is testing actions feature
Chromium-based ChatGPT Atlas browser is testing a new feature likely called “Actions,” and it can also understand videos, which is why you might see ChatGPT generating timestamps for videos. ChatGPT Atlas is a web browser where ChatGPT is built into the browsing experience Instead of switching between tabs and copying links or screenshots into ChatGPT, […]
OpenAI rolls out age prediction model on ChatGPT to detect your age
OpenAI is rolling out an age prediction model on ChatGPT to detect your age and apply possible safety-related restrictions to prevent misuse by teens. OpenAI no longer wants ChatGPT to surface adult or potentially illegal and dangerous content to those who use ChatGPT, especially if they are under 18 and do not have their parents’ […]
VoidLink cloud malware shows clear signs of being AI-generated
The recently discovered cloud-focused VoidLink malware framework is believed to have been developed by a single person with the help of an artificial intelligence model. Check Point Research published details about VoidLink last week, describing it as an advanced Linux malware framework that offers custom loaders, implants, rootkit modules for evasion, and dozens of plugins that expand its functionality. The […]
Gemini AI assistant tricked into leaking Google Calendar data
Using only natural language instructions, researchers were able to bypass Google Gemini’s defenses against malicious prompt injection and create misleading events to leak private Calendar data. Sensitive data could be exfiltrated this way, delivered to an attacker inside the description of a Calendar event. Gemini is Google’s large language model (LLM) assistant, integrated across multiple Google […]