In June, headlines read like science fiction: AI models "blackmailing" engineers and "sabotaging" shutdown commands. Simulations of these events did occur in highly contrived testing scenarios designed to elicit these responses—OpenAI's o3 model edited shutdown scripts to stay online, and Anthropic's Claude Opus 4 "threatened" to expose an engineer's affair. But the sensational framing obscures what's really happening: design flaws dressed up as intentional guile. And still, AI doesn't have to be "evil" to potentially do harmful things.

These aren't signs of AI awakening or rebellion. They're symptoms of poorly understood systems and human engineering failures we'd recognize as premature deployment in any other context. Yet companies are racing to integrate these systems into critical applications.

Consider a self-propelled lawnmower that follows its programming: If it fails to detect an obstacle and runs over someone's foot, we don't say the lawnmower "decided" to cause injury or "refused" to stop. We recognize it as faulty engineering or defective sensors. The same principle applies to AI models—which are software tools—but their internal complexity and use of language make it tempting to assign human-like intentions where none actually exist.

Read full article

Comments

© Colin Anderson Productions via Getty Images

Phishing emails are being used to steal account credentials to generate fake jobs and visa schemes.

Many businesses still don't have cyber insurance, despite brokers anticipating a rise in claims.

The new Online Safety Act means that age verification is now a fact of life when you’re browsing from the UK. But are your selfie or ID being stored safely?

Malicious SVG files on adult websites hide JavaScript that hijacks Facebook sessions, secretly liking posts, and potentially exposing victims to identity theft and credential harvesting.

Devs are keeping the malicious packages, claiming they're undated and shouldn't be used anyway.

After reporters found dozens of firms hiding privacy tools from search results, US senator Maggie Hassan insists the companies explain their practices—and pledge to improve access to privacy controls.

Exclusive: A dating gossip app for men exposed thousands of users' personal data, including scans of driver's licenses. The app's developer, Xavier Lampkin, won't say if he plans to notify affected users about the app's security lapse.

---

Russia's APT28 tested LLM-powered malware on Ukraine. The same tech that breaches enterprises is now selling for $250/month on the dark web.Read More

---

Anthropic’s Claude Sonnet 4 now supports a 1 million token context window, enabling AI to process entire codebases and complex documents in a single request—redefining software development and enterprise AI workflows.Read More

---

New research reveals how OS agents — AI systems that control computers like humans — are rapidly advancing while raising serious security and privacy concerns.Read More

A high-severity zero-day in the widely used WinRAR file compressor is under active exploitation by two Russian cybercrime groups. The attacks backdoor computers that open malicious archives attached to phishing messages, some of which are personalized.

Security firm ESET said Monday that it first detected the attacks on July 18, when its telemetry spotted a file in an unusual directory path. By July 24, ESET determined that the behavior was linked to the exploitation of an unknown vulnerability in WinRAR, a utility for compressing files, and has an installed base of about 500 million. ESET notified WinRAR developers the same day, and a fix was released six days later.

Serious effort and resources

The vulnerability seemed to have super Windows powers. It abused alternate data streams, a Windows feature that allows different ways of representing the same file path. The exploit abused that feature to trigger a previously unknown path traversal flaw that caused WinRAR to plant malicious executables in attacker-chosen file paths %TEMP% and %LOCALAPPDATA%, which Windows normally makes off-limits because of their ability to execute code.

Read full article

Comments

© Getty Images

The Wikimedia Foundation has lost its legal challenge against the Online Safety Act, but it may still be on the right track to resist new rules.

Improper authentication bug found in Microsoft Exchange hybrid environments that could grant threat actors lateral movement across the network.

A hacker with a conscience targeted Kimsuky and leaked tools, logs, and more.

Don't pay extra to store your videos and unlock extra security features – these smart cams do it all as standard.

Dozens of companies are hiding how you can delete your personal data, The Markup and CalMatters found.

Officials are reportedly blaming a recent breach of the U.S. federal court's filing system on Russia, whose hackers used the access to snoop on midlevel criminal cases in the New York City area and other jurisdictions.

Two hackers broke into the computer of a North Korean government hacker and leaked its contents, offering a rare glimpse inside the secretive nation's spying operations.

Two years ago, researchers in the Netherlands discovered an intentional backdoor in an encryption algorithm baked into radios used by critical infrastructure–as well as police, intelligence agencies, and military forces around the world–that made any communication secured with the algorithm vulnerable to eavesdropping.

When the researchers publicly disclosed the issue in 2023, the European Telecommunications Standards Institute (ETSI), which developed the algorithm, advised anyone using it for sensitive communication to deploy an end-to-end encryption solution on top of the flawed algorithm to bolster the security of their communications.

But now the same researchers have found that at least one implementation of the end-to-end encryption solution endorsed by ETSI has a similar issue that makes it equally vulnerable to eavesdropping. The encryption algorithm used for the device they examined starts with a 128-bit key, but this gets compressed to 56 bits before it encrypts traffic, making it easier to crack. It’s not clear who is using this implementation of the end-to-end encryption algorithm, nor if anyone using devices with the end-to-end encryption is aware of the security vulnerability in them.

Read full article

Comments

© Photo illustration by WIRED staff/Getty Images