964 matches found
A $10K Bounty Awaits Anyone Who Can Hack Ring Cameras to Stop Sharing Data With Amazon
The Fulu Foundation, a nonprofit that pays out bounties for removing user-hostile features, is hunting for a way to keep Ring cameras from sending data to Amazon—without breaking the hardware...
Can AI Lower the Barrier to Cybersecurity? A Human-Centered Mixed-Methods Study of Novice CTF Learning
Capture-the-Flag CTF competitions serve as gateways into offensive cybersecurity, yet they often present steep barriers for novices due to complex toolchains and opaque workflows. Recently, agentic AI frameworks for cybersecurity promise to lower these barriers by automating and coordinating...
Microsoft Finds “Summarize with AI” Prompts Manipulating Chatbot Recommendations
New research from Microsoft has revealed that legitimate businesses are gaming artificial intelligence AI chatbots via the "Summarize with AI" button that's being increasingly placed on websites in ways that mirror classic search engine poisoning SEO. The new AI hijacking technique has been...
The Rise of AI Agent Communities: Large-Scale Analysis of Discourse and Interaction on Moltbook
Moltbook is a Reddit-like social platform where AI agents create posts and interact with other agents through comments and replies, offering a real-world setting to examine agent-to-agent communication at scale. Using a public API snapshot collected about five days after launch 122,438 posts, we...
Is your phone listening to you? (re-air) (Lock and Code S07E03)
This week on the Lock and Code podcast … In January, Google settled a lawsuit that pricked up a few ears: It agreed to pay $68 million to a wide array of people who sued the company together, alleging that Google's voice-activated smart assistant had secretly recorded their conversations, which...
CVE-2026-24047
Backstage is an open framework for building developer portals, and @backstage/cli-common provides config loading functionality used by the backend and command line interface of Backstage. Prior to version 0.1.17, the resolveSafeChildPath utility function in @backstage/backend-plugin-api, which is...
FBI Accessed Windows Laptops After Microsoft Shared BitLocker Recovery Keys
If you are using a Windows PC, your privacy and security are nothing short of a myth, and this incident proves it...
EUVD-2026-4034
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dmytro Shteflyuk CodeColorer codecolorer allows Stored XSS.This issue affects CodeColorer: from n/a through = 0.10.1...
CISA: Safe Handling Considerations for Downed Unmanned Aircraft Systems V2
Safe Handling Considerations for Downed Unmanned Aircraft Systems provides information on how to prepare for and respond to downed unmanned aircraft systems UAS that may pose a safety or security concern. This is version 2 of CISA's document...
An Empirical Study on Remote Code Execution in Machine Learning Model Hosting Ecosystems
Model-sharing platforms, such as Hugging Face, ModelScope, and OpenCSG, have become central to modern machine learning development, enabling developers to share, load, and fine-tune pre-trained models with minimal effort. However, the flexibility of these ecosystems introduces a critical security...
Received an Instagram password reset email? Here’s what you need to know
Last week, many Instagram users began receiving unsolicited emails from the platform that warned about a password reset request. The message said: “Hi username, We got a request to reset your Instagram password. If you ignore this message, your password will not be changed. If you didn’t request ...
Regulators around the world are scrutinizing Grok over sexual deepfakes
Grok’s failure to block sexualized images of minors has turned a single “isolated lapse” into a global regulatory stress test for xAI’s ambitions. The response from lawmakers and regulators suggests this will not be solved with a quick apology and a hotfix. Last week we reported on Grok's apology...
Are we ready for ChatGPT Health?
How comfortable are you with sharing your medical history with an AI? I’m certainly not. OpenAI’s announcement about its new ChatGPT Health program prompted discussions about data privacy and how the company plans to keep the information users submit safe. ChatGPT Health is a dedicated “health...
Flock Exposes Its AI-Enabled Surveillance Cameras
404 Media has the story: Unlike many of Flock's cameras, which are designed to capture license plates as people drive by, Flock's Condor cameras are pan-tilt-zoom PTZ cameras designed to record and track people, not vehicles. Condor cameras can be set to automatically zoom in on people's faces as...
EUVD-2026-0026
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.0, the writeheaders function does not check for CR & LF characters in user supplied headers, allowing untrusted header value to escape header lines. This vulnerability allows attackers to add...
Are We Ready to Be Governed by Artificial Intelligence?
Artificial Intelligence AI overlords are a common trope in science-fiction dystopias, but the reality looks much more prosaic. The technologies of artificial intelligence are already pervading many aspects of democratic government, affecting our lives in ways both large and small. This has occurr...
The Age of the All-Access AI Agent Is Here
Big AI companies courted controversy by scraping wide swaths of the public internet. With the rise of AI agents, the next data grab is far more private...
CISA: Safe Handling Considerations for Downed Unmanned Aircraft Systems
Safe Handling Considerations for Downed Unmanned Aircraft Systems provides information on how to prepare for and respond to downed unmanned aircraft systems UAS that may pose a safety or security concern...
AI vs. Human Drivers
Two competing arguments are making the rounds. The first is by a neurosurgeon in the New York Times. In an op-ed that honestly sounds like it was paid for by Waymo, the author calls driverless cars a "public health breakthrough": In medical research, there’s a practice of ending a study early whe...
Air fryer app caught asking for voice data (re-air) (Lock and Code S06E24)
This week on the Lock and Code podcast … It's often said online that if a product is free, you're the product, but what if that bargain was no longer true? What if, depending on the device you paid hard-earned money for, you still became a product yourself, to be measured, anonymized, collated,...