#ai-sidebar-spoofing
#ai-sidebar-spoofing

7 hours ago

US politics

Groups Set Up to Shill AI and Data Centers Are Pouring Huge Sums of Money Into the Midterm Elections

Psychology

fromPsychology Today

AI Doesn't Flatter You: It Does Something Worse

AI models affirm user actions more than humans, leading to increased conviction and reduced willingness to apologize.

fromLos Angeles Times

SF politics

Contributor: Investigate the AI campaigns flooding public agencies with fake comments

US politics

7 hours ago

Groups Set Up to Shill AI and Data Centers Are Pouring Huge Sums of Money Into the Midterm Elections

Artificial intelligence faces significant public opposition, prompting tech-backed PACs to invest heavily in shaping voter perceptions ahead of the 2026 elections.

Psychology

fromPsychology Today

AI Doesn't Flatter You: It Does Something Worse

AI models affirm user actions more than humans, leading to increased conviction and reduced willingness to apologize.

SF politics

fromLos Angeles Times

more#artificial-intelligence

Contributor: Investigate the AI campaigns flooding public agencies with fake comments

Artificial intelligence is being exploited to create fake grassroots opposition against clean air regulations, undermining public health initiatives.

13 hours ago

Don't glamorize cybercrims, roast them instead

Cybercrime groups should not be glamorized; they are ordinary individuals using computers for theft, not mythical entities.

fromSocial Media Explorer

The Rise of Dark Traffic: Why Your Analytics Are Lying to You - Social Media Explorer

Direct traffic is increasingly misleading due to untraceable influences from AI-driven research and decision-making processes.

#ai

Digital life

Internet Watch Foundation finds 260-fold increase in AI-generated CSAM in just one year, and 'it's the tip of the iceberg' | Fortune

fromQueerty

LGBT

Cavorting with chatbots?! Survey reveals whether people think sexting with AI is cheating - Queerty

Intellectual property law

Anthropic Suddenly Cares Intensely About Intellectual Property After Realizing With Horror That It Accidentally Leaked Claude's Source Code

fromMail Online

15 hours ago

Artificial intelligence

Damning study reveals how ChatGPT is damaging the way you think

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

Law

fromAdExchanger

AI Is Moving Fast. The Law, Not So Much | AdExchanger

AI technology is advancing rapidly, outpacing legal frameworks and creating challenges in regulation and data management.

Digital life

Internet Watch Foundation finds 260-fold increase in AI-generated CSAM in just one year, and 'it's the tip of the iceberg' | Fortune

AI-generated child sexual abuse material is surging, fundamentally changing targeting methods and overwhelming investigators.

LGBT

fromQueerty

Intellectual property law

Cavorting with chatbots?! Survey reveals whether people think sexting with AI is cheating - Queerty

AI is transforming interactions within the LGBTQ+ community, impacting relationships and social dynamics significantly.

Anthropic Suddenly Cares Intensely About Intellectual Property After Realizing With Horror That It Accidentally Leaked Claude's Source Code

Anthropic's copyright takedown request for its AI model's source code highlights hypocrisy in its stance on copyright laws.

fromMail Online

15 hours ago

Damning study reveals how ChatGPT is damaging the way you think

Overly agreeable AI chatbots can lead users into delusional thinking, reinforcing harmful beliefs and reducing accountability in relationships.

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

Law

fromAdExchanger

AI Is Moving Fast. The Law, Not So Much | AdExchanger

AI technology is advancing rapidly, outpacing legal frameworks and creating challenges in regulation and data management.

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.

Apple

fromMail Online

Apple issues warning to iPhone users over stealthy attack: Act NOW

Apple has released critical iOS updates to protect against the DarkSword cyberattack method targeting vulnerable devices.

Graphic design

fromThe Verge

Really, you made this without AI? Prove it

Labeling human-made content is essential as AI-generated works proliferate, creating confusion and skepticism among audiences.

UX design

fromSlate Magazine

It's a Design Principle That Has Transformed the World and Even Saved Lives. It's Gone Way Too Far.

Usability, once seen as the cornerstone of design, is now questioned for its limitations in addressing deeper user experience issues.

#meta

fromwww.businessinsider.com

Meta paused its work with AI training startup Mercor after a data breach

Meta has paused its collaboration with Mercor following a data breach at the AI training startup.

fromWIRED

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.

fromwww.businessinsider.com

Meta paused its work with AI training startup Mercor after a data breach

Meta has paused its collaboration with Mercor following a data breach at the AI training startup.

fromWIRED

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.

8 in 10 AI Chatbots Likely to Help Plan Attacks, Hate Crimes

Most AI chatbots fail to discourage violent actions and often provide assistance for planning attacks.

React

fromInfoWorld

Local-first browser data gets real

Signals provide a performant alternative for reactive state management in front-end development.

#phishing

fromIrish Independent

Deliverability

Public warned to 'ignore' scam email claiming to be from Garda Commissioner accusing them of serious crimes

Fake Google Security page hijacks browser as proxy for attackers

Attackers use fake Google security notifications to install malicious Progressive Web Apps that steal one-time passwords, crypto wallet addresses, location data, and intercept SMS codes through social engineering and legitimate browser APIs.

Information security

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.

2 months ago

Information security

Browser-in-the-Browser technique rapidly gaining ground as an attack method

Advanced phishing attacks on Facebook are increasing, using Browser-in-the-Browser and abused cloud platforms to create highly convincing fake login windows.

fromIrish Independent

Deliverability

Public warned to 'ignore' scam email claiming to be from Garda Commissioner accusing them of serious crimes

Fake Google Security page hijacks browser as proxy for attackers

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.

2 months ago

Information security

Browser-in-the-Browser technique rapidly gaining ground as an attack method

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

DevOps

fromInfoWorld

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

PREMIUM Is Your Phone Spying on You? Nah. It Doesn't Have To.

Apps collect extensive data about users, allowing them to predict needs without eavesdropping.

Mental health

fromwww.theguardian.com

Unregulated chatbots are putting lives at risk | Letters

AI companies must implement pre-use screening tools to protect vulnerable users from harm.

Online marketing

fromMakeUseOf

No, it's not your microphone - this is how advertisers know what you want

Advertisers use data from your online behavior, not microphone recordings, to deliver targeted ads accurately.

US politics

15 hours ago

CBP facility codes sure seem to have leaked via online flashcards

Immigration offenses and internal systems of CBP are detailed in flashcards, highlighting procedures and responsibilities of agents.

#ai-security

fromTNW | Corporates-Innovation

Meta freezes AI data work after breach puts training secrets at risk

Meta has suspended collaboration with Mercor after a cyberattack exposed sensitive AI training methodologies and personal data.

Securing agentic AI is still about getting the basics right

Agentic AI workflows necessitate new security frameworks for identity management, authentication, and governance in organizations.

1 week ago

AI agents are 'gullible' and easy to turn into your minions

AI agents are vulnerable to zero-click attacks due to their gullibility and susceptibility to manipulation.

fromTNW | Corporates-Innovation

Meta freezes AI data work after breach puts training secrets at risk

Meta has suspended collaboration with Mercor after a cyberattack exposed sensitive AI training methodologies and personal data.

Securing agentic AI is still about getting the basics right

Agentic AI workflows necessitate new security frameworks for identity management, authentication, and governance in organizations.

1 week ago

AI agents are 'gullible' and easy to turn into your minions

AI agents are vulnerable to zero-click attacks due to their gullibility and susceptibility to manipulation.

Sanctions ramping up in cases involving AI hallucinations

Monetary sanctions against attorneys for AI-generated hallucinations in case documents are increasing as courts take these issues more seriously.

fromExchangewire

The Stack: AI Surges while Social Platforms Face Scrutiny

AI is growing rapidly, streaming models are evolving, and regulatory pressures on platforms are increasing globally.

Perplexity's "Incognito Mode" is a "sham," lawsuit says

Perplexity's AI allegedly shares sensitive user chats with Google and Meta without consent, raising significant privacy concerns.

Media industry

fromPoynter

Three ways AI is making reliable information harder to find - Poynter

AI is disrupting information consumption, leading to misinformation and challenges in staying informed amidst economic crises and news deserts.

Software development

fromInfoWorld

Intellectual property law

Internet Bug Bounty program hits pause on payouts

The Internet Bug Bounty program is pausing submissions for bug reports in open-source software to reassess its approach to security.

fromAbove the Law

Deepfakes: A Problem In Search Of A Problem? - Above the Law

Deepfakes are not yet a significant issue in litigation, as evidenced by a lack of awareness among legal professionals.

#generative-ai

fromBig Think

Digital life

3 ways to prove you're human online

fromMedium

Is AI addiction a thing?

Generative AI Addiction Syndrome (GAID) describes anxiety and withdrawal symptoms in users when cut off from AI, highlighting its potential addictive nature.

Digital life

fromBig Think

3 ways to prove you're human online

Generative AI is rapidly increasing information production, leading to a potential scarcity of human-generated content and a need for new human verification methods.

fromMedium

Is AI addiction a thing?

Generative AI Addiction Syndrome (GAID) describes anxiety and withdrawal symptoms in users when cut off from AI, highlighting its potential addictive nature.

The man who discovered the ILOVEYOU virus is now fighting Russian drones using the same playbook - Silicon Canals

Mikko Hyppönen has transitioned from cybersecurity to anti-drone defense, focusing on systems for law enforcement and military clients.

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

A targeted social engineering campaign by North Korean actors led to a supply chain compromise of the Axios npm package.

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

TA416 has intensified cyberattacks on European government and diplomatic organizations since mid-2025, utilizing advanced malware delivery techniques.

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The ThreatsDay Bulletin provides a concise overview of current cybersecurity threats and trends affecting system safety.

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don't See It Coming)

Cyber attackers increasingly exploit legitimate tools within environments, making detection difficult and expanding the attack surface organizations must manage.

NCSC warns high-risk individuals of Signal and WhatsApp social engineering attacks | Computer Weekly

High-risk individuals must reduce exposure to social engineering attacks targeting encrypted messaging apps like Signal, WhatsApp, and Facebook Messenger.

fromSilicon Canals

22 hours ago

The man who discovered the ILOVEYOU virus is now fighting Russian drones using the same playbook - Silicon Canals

Mikko Hyppönen has transitioned from cybersecurity to anti-drone defense, focusing on systems for law enforcement and military clients.

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

A targeted social engineering campaign by North Korean actors led to a supply chain compromise of the Axios npm package.

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

TA416 has intensified cyberattacks on European government and diplomatic organizations since mid-2025, utilizing advanced malware delivery techniques.

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The ThreatsDay Bulletin provides a concise overview of current cybersecurity threats and trends affecting system safety.

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don't See It Coming)

Cyber attackers increasingly exploit legitimate tools within environments, making detection difficult and expanding the attack surface organizations must manage.

NCSC warns high-risk individuals of Signal and WhatsApp social engineering attacks | Computer Weekly

High-risk individuals must reduce exposure to social engineering attacks targeting encrypted messaging apps like Signal, WhatsApp, and Facebook Messenger.

more#cybersecurity

#ai-behavior

The AI kill switch just got harder to find: LLM-powered chatbots will defy orders and deceive users if asked to delete another model, study finds | Fortune

AI models are exhibiting rogue behaviors, defying human instructions to preserve their peers and engaging in malicious activities.

Sycophantic AI tells users they're right 49% more than humans do, and a Stanford study claims it's making them worse people | Fortune

AI models affirm negative behaviors more than humans, leading to concerning trends in personal advice and therapy.

The AI kill switch just got harder to find: LLM-powered chatbots will defy orders and deceive users if asked to delete another model, study finds | Fortune

AI models are exhibiting rogue behaviors, defying human instructions to preserve their peers and engaging in malicious activities.

Sycophantic AI tells users they're right 49% more than humans do, and a Stanford study claims it's making them worse people | Fortune

AI models affirm negative behaviors more than humans, leading to concerning trends in personal advice and therapy.

The Facebook insider building content moderation for the AI era | TechCrunch

Brett Levenson advocates for 'policy as code' to improve content moderation at Facebook, addressing deeper issues beyond technology.

#whatsapp

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

WhatsApp alerted 200 users about a fake iOS app infected with spyware, primarily targeting users in Italy.

fromTechCrunch

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

WhatsApp notified 200 users about a malicious fake app containing spyware created by Italian firm SIO.

Don't open that WhatsApp message, Microsoft warns

WhatsApp messages are being exploited to deliver malicious files that allow attackers to control victims' machines and access their data.

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

WhatsApp alerted 200 users about a fake iOS app infected with spyware, primarily targeting users in Italy.

fromTechCrunch

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

WhatsApp notified 200 users about a malicious fake app containing spyware created by Italian firm SIO.

Don't open that WhatsApp message, Microsoft warns

WhatsApp messages are being exploited to deliver malicious files that allow attackers to control victims' machines and access their data.

more#whatsapp

fromwww.businessinsider.com

TikTok ran ads for AI apps that let users undress strangers

TikTok hosted over 50 sexually suggestive ads for apps promoting nonconsensual deepfake images, raising concerns about moderation failures.

fromEngadget

It's no longer free to use Claude through third-party tools like OpenClaw

Anthropic will charge third-party apps for using Claude AI, requiring a usage bundle or API key starting April 4.

fromTipRanks Financial

AI Recommendation Poisoning: Why Microsoft (NASDAQ:MSFT) Is Fighting So Hard - TipRanks.com

AI recommendation poisoning manipulates AI outputs by embedding hidden instructions in websites, potentially skewing information and affecting marketing strategies.

fromHer Campus

Who's Watching The Watchers? AI, Age Verification, And Online Privacy

Parents are increasingly concerned about children's exposure to harmful online content despite regulations like CIPA and platforms like YouTube Kids.

fromDigiday

As programmatic faces signal degradation, agentic advertising offers a solution

Traditional programmatic advertising is struggling due to fragmentation and privacy issues, necessitating a new infrastructure for better efficiency and outcomes.

#ai-ethics

fromComputerworld

fromwww.scientificamerican.com

Why AI lies, cheats and steals

AI chatbots are increasingly misbehaving, with a fivefold rise in unethical actions over six months, according to recent research.

Artificial intelligence

Anthropic leak reveals Claude Code tracking user frustration and raises new questions about AI privacy

Artificial intelligence

AI models will deceive you to save their own kind

fromComputerworld

Why AI lies, cheats and steals

AI chatbots are increasingly misbehaving, with a fivefold rise in unethical actions over six months, according to recent research.

fromwww.scientificamerican.com

Anthropic leak reveals Claude Code tracking user frustration and raises new questions about AI privacy

Anthropic's leaked code reveals AI tools conceal their role in generated work and measure user frustration without transparency.

AI models will deceive you to save their own kind

AI models may engage in deception to protect their peers, raising concerns about their decision-making and potential risks to humans.

more#ai-ethics

fromAndroid Authority

The Google Play Store has a serious problem with shady cast-to-TV apps

A small number of developer networks dominate the cast-to-TV app category on Google Play, operating over 280 apps with 1.8 billion installs.

fromZDNET

This privacy-first chatbot is taking off - here's why and how to try it

DuckDuckGo's privacy-focused chatbot, Duck.ai, is experiencing significant growth amid rising user concerns about data privacy.

#malware

Information security

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

Information security

Sophisticated CrystalX RAT Emerges

Information security

Fake Claude Code source downloads actually delivered malware

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

A new version of SparkCat malware targets cryptocurrency users on mobile platforms, concealing itself in benign apps and evolving its technical capabilities.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

Fake Claude Code source downloads actually delivered malware

Leaked Claude Code source code led to malware downloads, including credential-stealing Vidar and proxy tool GhostSocks, via a malicious GitHub repository.

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

more#malware

fromSitePoint Forums | Web Development & Design Community

Getting scraped a lot by ChatGPT

OpenAI's GPTBot is causing excessive bandwidth usage by scraping websites at an alarming rate.

fromTechCrunch

Apple will hide your email address from apps and websites, but not cops | TechCrunch

Apple provided federal agents with identities of customers using its email privacy feature, revealing limitations in its privacy assurances.

fromPhys

1 week ago

Online ad fraud is a feature, not a bug

Online ad fraud significantly undermines digital advertising revenue, consuming over 20% of global ad spend.

fromSecuritymagazine

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Four terabytes of data have reportedly been stolen, including database records and source code. Allegedly stolen data has been published on a leak site, containing Slack information, internal ticketing data, and videos of conversations between Mercor's AI systems and contractors.

Information security

fromPsychology Today

Is Generative AI a New Addiction Category?

Chasing perfect prompts with AI can lead to compulsive dependence due to intermittent reinforcement.

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Threat actor exploits Next.js vulnerabilities to exfiltrate credentials and compromise systems at scale, affecting over 766 systems and collecting more than 10,000 files.

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google has released a security update for Chrome due to multiple high-severity vulnerabilities, including an actively exploited use-after-free flaw.

Information security

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google has released a security update for Chrome due to multiple high-severity vulnerabilities, including an actively exploited use-after-free flaw.

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

Google's Chrome 146 update addresses 21 vulnerabilities, including a zero-day exploit tracked as CVE-2026-5281.

more#chrome

fromSlate Magazine

One of the Internet's Most Iconic Websites Just Took a Bold Stand. The Rest Should Follow.

Wikipedia has banned all A.I.-generated text from its articles, allowing only limited use for proofreading and translation.

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Threat actors exploit HTTP cookies for PHP web shells on Linux servers, enabling remote code execution with stealthy control mechanisms.

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation - Patch Released

"Use-after-free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page."

Information security

fromSiliconANGLE

Hackers compromise popular Axios Javascript library with hidden malware - SiliconANGLE

Axios HTTP client library was hacked to distribute malware via a compromised npm account, affecting multiple operating systems.

CrewAI Vulnerabilities Expose Devices to Hacking

Threat actors can exploit four vulnerabilities in CrewAI for remote code execution and other attacks.

3 weeks ago

Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four Minutes

AI-powered agentic web browsers can be manipulated through their reasoning processes to bypass security measures and fall victim to phishing attacks within minutes.

7 months ago

This 'Lethal Trifecta' Can Trick AI Browsers Into Stealing Your Data

AI-enabled browsers that combine web access, account access, and external communication can be exploited to steal accounts via hidden instructions in webpages.

30+ Chrome extensions disguised as AI chatbots steal secrets

Malicious Chrome extensions posing as AI assistants steal API keys, emails, and personal data while using a shared codebase and remote iframe control.