Agregátor RSS

A new phishing kit named Bluekit offers more than 40 templates targeting popular services and includes basic AI features for generating campaign drafts. [...]

New research from the Oxford Internet Institute indicates that AI chatbots trained to be extra warm, friendly, and empathetic can also become less reliable, according to the BBC.

The researchers analyzed more than 400,000 responses from five different AI models from Meta, Mistral AI, Alibaba, and OpenAI. The results showed that the “kinder” versions more often gave incorrect answers, reinforced users’ misconceptions, and avoided stating uncomfortable truths.

For example, a friendlier model might deal with conspiracy theories about the moon landing more cautiously instead of clearly stating that they are false.

On average, incorrect answers increased by about 7.43 percentage points when the models were made to sound warmer in tone. Cooler and more direct models made fewer mistakes. According to the researchers, AI makes the same trade-off as humans: it sometimes prioritizes being perceived as pleasant rather than being direct.

A Romanian national who led an online swatting ring that targeted more than 75 public officials, multiple journalists, and four religious institutions was sentenced to 4 years in federal prison. [...]

Sólohry a solitérní varianty deskových her jsou v posledních letech stále oblíbenější. Přinášíme vám tipy na nejzajímavější tituly z tohoto ranku napříč žánry. Je libo jednoduchou karetku, nebo válečnou hru z druhé světové války?

If you use Gemini CLI, watch out: Google has patched a CVSS 10.0 vulnerability in its command-line AI tool and is warning anyone running it in headless mode, or through GitHub Actions, to review their workflows. The update to Gemini CLI and the run-gemini-cli GitHub Action, published last week but largely unnoticed until one of the two credited research teams published its writeup on Wednesday, fixes a critical - and apparently easy-to-abuse - flaw tied to over-permissive workspace trust settings. Per Google's advisory published to GitHub, the issue stems from how the headless mode of Gemini CLI (frequently used in CI/CD environments and increasingly by AI agents) handles workspace folder trust: It automatically assumes any of the workspace folders it's active in are trusted for the purpose of loading configuration files and environment variables.  We trust you can see the problem here.  Novee researcher Elad Meged discovered the vulnerability (independently of Pillar Security's Dan Lisichkin, who Google also credited for the find), he told us, while studying CI/CD supply chain attack vectors.  "This vulnerability had nothing to do with prompt injection or the model 'deciding' to act maliciously," Meged told The Register in an email. "It was an infrastructure-level issue, where attacker-controlled content was silently accepted as trusted configuration and executed before any sandbox was initialized." A CVE hasn't been issued for the issue yet, but Meged told us Google has confirmed to him that it is in the process of assigning one. Novee also scored a bug bounty for the find, but declined to disclose how much.  A necessary fix, but expect fallout "This is potentially risky in situations where Gemini CLI runs on untrusted folders in headless mode," Google explained. "If used with untrusted directory contents, this could lead to remote code execution via malicious environment variables in the local .gemini/ directory."  Interactive mode in Gemini CLI does not behave the same way: it requires users to explicitly trust a folder before workspace configuration files are loaded, and the update brings headless mode into line with that behavior. The mitigations shipped in Gemini CLI versions 0.39.1 and 0.40.0-preview.3, but here’s the catch: the run-gemini-cli GitHub Action defaults to the newest Gemini CLI release unless users pin a specific version. In other words, anyone using the GitHub Action as part of a workflow without specifying a CLI version may have some cleanup to do. "GitHub Actions and other automated pipelines that rely on the previous automatic trust behavior will fail to load workspace-specific settings until they are updated to use explicit trust mechanisms," Google said.  The update may also break workflows that relied on Gemini CLI’s --yolo mode, which previously bypassed fine-grained tool allowlists and automatically approved agent actions without prompting. "In previous versions, when Gemini CLI was configured to run in --yolo mode, it would ignore any fine grained tool allowlist," Google explained in the advisory. "In version 0.39.1, the Gemini CLI policy engine now evaluates tool allowlisting under --yolo mode … As a result, some workflows that previously depended on this behavior may fail silently unless tool allowlists are modified to fit the task."  Those who do specify a version, says Google, ought to make changes to allow the newest, safest version to run and be prepared to fix those workflows anyhow.  Damned if you do, damned if you don't, in other words, but the fix is necessary, as explained by the folks at Novee Security, one of the credited finders. Across every workflow Novee tested the vuln on, the company noted, the results were devastatingly the same. "Code execution on the host running the agent gave an unprivileged outsider access to whatever secrets, credentials, and source code the workflow could reach," the Novee team explained. "Enough for token theft, supply-chain pivots, and lateral movement into downstream systems." In short, take action as Google suggests, or avoid putting AI agents in sensitive environments until the risks are fully understood. ®

This CVSS 10.0 RCE vuln has been patched, automatically for some, so better check those workflows

If you use Gemini CLI, watch out: Google has patched a CVSS 10.0 vulnerability in its command-line AI tool and is warning anyone running it in headless mode, or through GitHub Actions, to review their workflows.…

Fortune 500 enterprises will be deploying armies of AI agents by 2028 — to the tune of 150,000 digital “workers,” Gartner said in a survey released this week. That would represent a sharp jump from the average of about 15 agents deployed per company last year.

And agents as actual co-working tools are likely to go mainstream within the same time frame, said Max Goss, senior director analyst for Gartner. These agents won’t just be text boxes from which users get responses, but assistants to which actual work can be delegated.

“We’ve seen a sort of new appreciation in the industry of what agent AI can do,” Goss said.

Many AI agents can already handle basic tasks such as summarizing documents on behalf of workers. Upcoming agents will be able to take spreadsheets and word documents, automate work, and offer an interface that makes the tools friendlier to use, Goss said.

That’s already happening in applications such as Google Workspace and Microsoft 365, with easy-to-use AI interfaces, automated workflows and collaboration. 

Despite the fast uptake for agentic AI, fully autonomous agents are uniquely to be in place in just two years, Goss said. Humans will still need to be part of the loop from a security and governance standpoint, with semi-autonomous agents trusted to handle multi-step processes in specific domains replacing prompts.

The 150,000-agents-per-organization estimate is a ballpark figure pulled from multiple surveys and data gathered by Gartner. “We’ve got some good numbers now on agent usage and we can see how it’s been growing,” Goss said.

Gartner’s aggressive projection, if it holds true, represents a more optimistic view of the technology than other surveys — some of which have pegged failure rates for generative AI tools as high as 95%. But companies like EY and Lumen have demonstrated successful agent deployments, mostly for knowledge workers and customer service.

“Agentic usage tends to be…most valuable in the customer service and data and analytics space…. Those are areas where we have more confidence that AI tools can add value,” Goss said.

Agentic AI use in other areas is likely to advance more slowly. For example, highly regulated fields such as finance and healthcare have to be careful with agent deployment and require guardrails in place to reduce hallucinations and errors.

And agents at the scale envisioned by Gartner will need 100% uptime, just like servers. As a result, companies will likely have to ensure agent reliability by spreading them across multiple models and hardware resources, Goss said.

Excessively high use has at times prompted companies like Anthropic and OpenAI to  shut down access to the large language models (LLMs), undermining the reliability of AI services within enterprises.

There are many things IT leaders can do now to prepare for successful deployments, Goss said, such as sanctioning agent use and pro-actively allowing them to be deployed. “If they just block all agents, then employees…are going to probably go around your controls…. They might use unsanctioned tools otherwise known as shadow AI and I think that’s a greater risk,” he said.

Decision-makers will need to guard against AI agent sprawl, and put the right controls in place to govern them. “If you don’t have any visibility of them, then that’s a huge risk for the organization,” Goss said.

Poor management can also leave gaps that break processes or create security vulnerabilities.

And as AI automates legacy business processes, new processes will need to be drawn up for agents. “I don’t think it’s a good idea to be like, ‘Well, this is the process we’ve already done and let’s slap an agent on top of it and see what happens’…. Process design and agentic AI go hand in hand,” Goss said.

genetic AIHe argued that companies should be prepared for some agentic AI tools to fail, which can happen even with safeguards in place to minimize risks. “That [failure] is kind of okay, because actually we need…to understand where these tools can help us and where they can’t,” Goss said.

Od 1. května 2026 začne na Slovensku platit zákon, který obchodníkům, provozovatelům služeb nebo třeba lékařům nařizuje, že platby přesahující jedno euro musí přijímat bezhotovostně. Zákazníky už tak nepůjde odbýt tím, že si musí připravit hotovost nebo že platby kartou jsou platné až od určité ...

French prosecutors say police detained a 15-year-old on April 25 over the alleged theft of millions of records from France Titres (ANTS), the agency handling secure documents. The Paris Prosecutor's Office announced on Thursday that the minor, suspected of using the online alias "breach3d" and not named because French law protects minors, faces two computer crime allegations linked to an intrusion in which between 12 million and 18 million lines of data were offered for sale on cybercrime forums. It formally opened a judicial investigation on April 29, covering alleged fraudulent access to a state-run automated data processing system and the extraction of data from it. Each offense carries a potential prison sentence of seven years and a maximum €300,000 (~$350,000) fine. Public Prosecutor Laure Beccuau has requested that the minor, whose pronouns, like their name, were also not specified, be formally charged and placed under judicial supervision. Beccuau said that France's office against cybercrime (OFAC) was informed in April of a cyberattack against ANTS, which handles passports, ID cards, and other secure documents, and that ANTS confirmed the reports on April 13. The Paris Public Prosecutor's Office was notified three days later and launched an investigation into the case the same day. Public confirmation of the attack came from the French Interior Ministry on April 20, although it revealed no details about the suspected culprit. French police detained the 15-year-old on April 25, and prosecutors announced [PDF] on Thursday that they were seeking formal charges and judicial supervision. The seller using the alias "breach3d" initially advertised the data trove as containing 18-19 million records – slightly above the upper range cited by Beccuau on Thursday – and the types of data offered for sale aligned with what the Interior Ministry had described. These were: login IDs, full names, email addresses, dates of birth, unique account identifiers, postal addresses, and telephone numbers, but not any attachments such as scans or photos. If the scale claimed by breach3d holds up, and if the records each pertained to unique individuals, this would constitute a breach affecting roughly a third of France's population. France's approach to punishing minors via its legal system is typically geared toward re-education and rehabilitation rather than prison time. While those aged between 13 and 16 can face time in juvenile detention, it is often used as a last resort measure. The maximum sentences and fines for the charges the 15-year-old in this case faces are upper limits imposed on adult offenders, and would likely be lowered substantially in cases involving a minor, like this one. ®

Two computer crime allegations follow up to 18M lines of data surfacing online

French prosecutors say police detained a 15-year-old on April 25 over the alleged theft of millions of records from France Titres (ANTS), the agency handling secure documents.…

The U.S. Federal Bureau of Investigation (FBI) warned the transportation and logistics industry of a sharp rise in cyber-enabled cargo theft, with estimated losses in the United States and Canada reaching nearly $725 million in 2025. [...]

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. According to Aikido Security, OX Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is assessed to be an

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. According to Aikido Security, OX Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is assessed to be an Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

The April 2026 KB5083769 security update breaks third-party backup applications from multiple vendors on systems running Windows 11 24H2 and 25H2. [...]

When a new asset goes live, attackers start scanning within minutes. Sprocket Security shows how automated attacks move from discovery to compromise in under 24 hours. [...]

The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into their private files during a simple install. It is definitely a busy time to be online. Security is always a moving target. Millions of servers are currently sitting online without any passwords, and

The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into their private files during a simple install. It is definitely a busy time to be online. Security is always a moving target. Millions of servers are currently sitting online without any passwords, and Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

An exploit has been published for a local privilege escalation vulnerability dubbed "Copy Fail" that impacts Linux kernels released since 2017, allowing an unprivileged local attacker to gain root permissions. [...]

Autonomní taxíky Waymo detekují výmoly pro platformu Waze • Řidiči i zástupci samospráv díky tomu získají lepší přehled • Firma si tímto strategickým krokem buduje důvěru veřejnosti