Leaky Chrome extensions with 37M installs caught divulging your browsing history
An estimated 37 million worldwide installations of a clutch of leaky Chrome extensions are transmitting users’ browsing histories to external servers. According to findings by an independent security researcher using the pseudonym “Q Continuum,” a total of 287 extensions sent data that closely matched the URLs visited during simulated browsing sessions. “The actors behind the […] more…AI will likely shut down critical infrastructure on its own, no attackers required
With a new Gartner report suggesting that AI problems will “shut down national critical infrastructure” in a major country by 2028, CIOs need to rethink industrial controls that are very quickly being turned over to autonomous agents. Gartner embraces the term Cyber Physical Systems (CPS) for these technologies, which it defines as “engineered systems that […] more…FTC digs deeper into Microsoft’s bundling and licensing practices
The US Federal Trade Commission (FTC) seems to be doubling down on its investigation of Microsoft and the tech giant’s potentially shady bundling and licensing practices. According to a Bloomberg report, the federal agency has been issuing civil investigative demands (CIDs) to companies that compete with Microsoft in the business software and cloud computing markets. […] more…AI introduction can lead to employee burnout
We’ve all seen the claims: AI makes our work easier and is going to boost productivity to unheard of levels. For example, according to PwC, AI could boost global output by 15% over the next decade. But maybe things are not quite as rosy as the AI cheerleaders would have us believe. Some new research […] more…Apple study shows why we want to control AI
Apple’s latest machine learning research seems to confirm what most of us intuitively know already. It shows that while people are open to using AI, they also want to hang onto their own personal agency and want the decision-making processes used by this intelligent tech to be transparent. Those are some of the conclusions drawn […] more…T-Mobile offers a reason to call, not text: simultaneous translation
Could language barriers be a thing of the past? Various companies are looking to bring AI to the party to solve this linguistic issue and maybe help bring voice once again to the fore. T-Mobile is preparing to offer network-based real-time translation services in more than 50 languages. The new service, currently in beta testing, […] more…Four new reasons why Windows LNK files cannot be trusted
The number of ways that Windows shortcut (.LNK) files can be abused just keeps growing: A cybersecurity researcher has documented four new techniques to trick Windows users into running malicious actions through innocent-looking shortcuts. Wietze Beukema demonstrated how to spoof the visible LNK destination, hide command-line arguments, and execute a different program than the one […] more…Starcloud prepares to launch AWS Outpost into space
Hot on the heels of Starlink’s plan for a million data centers in space, Starcloud’s next launch will put hardware from AWS in orbit. “Starcloud will be the first to launch the Amazon Web Services (AWS) Outpost hardware to space on our second satellite launching in October,” Starcloud CEO Philip Johnston wrote in a LinkedIn […] more…Amid the AI onslaught, a few silver linings for US tech jobs
AI continues gobbling up IT jobs, but hints about how the technology is now influencing hiring are becoming more visible. About 130,000 jobs were created in the broader US economy in January, according to data from the US Bureau of Labor Statistics (BLS) released Wednesday. The growth was driven by hiring in the healthcare, social […] more…Google fears massive attempt to clone Gemini AI through model extraction
Google detected and blocked a campaign involving more than 100,000 prompts that it claimed were designed to copy the proprietary reasoning capabilities of its Gemini AI model, according to a quarterly threat report released by Google Threat Intelligence Group. The prompts looked like a coordinated attempt to perform model extraction or distillation, a machine-learning process […] more…Why there’s no ‘screenless’ revolution
Apparently, Silicon Valley has declared a “war on screens,” according to a Jan. 1 headline. The article highlighted OpenAI’s hardware project, which is expected to be a screenless device crafted by former Apple designer Jony Ive. OpenAI acquired Ive’s company, io, last May for $6.5 billion and Foxconn has reportedly been hired to make as many as […] more…SaaS isn’t dead, the market is just becoming more hybrid
Dramatic phrases like ‘Saas is dead,’ ‘SaaSpocalypse,’ and others have dominated recent discussions in the IT world. However, that narrative is premature, according to Deloitte. Yes, in 2026, established SaaS vendors will face competition from AI-native ones, the firm forecasts, but the real story is that traditional enterprise software continues to grow as it becomes […] more…Hackers turn bossware against the bosses
A threat actor is abusing an employee monitoring application and a remote monitoring and management platform in an attempt to deploy ransomware and steal cryptocurrency. According to researchers at Huntress, the unknown threat actor is leveraging NetworkLookout’s Net Monitor for Employees Professional – which, despite its name, includes remote access tools – and SimpleHelp, a […] more…‘Dead’ Outlook add-in hijacked to phish 4,000 Microsoft Office Store users
A blind spot in Microsoft’s app and add-in marketplace security allowed an eagle-eyed hacker to hijack an abandoned Outlook add-in to carry out phishing attacks that compromised 4,000 users, researchers have discovered. The app in question, AgreeTo, is, or was, a meeting scheduling tool that first appeared in 2022 but was abandoned at some point […] more…Researchers propose a self-distillation fix for ‘catastrophic forgetting’ in LLMs
A new fine-tuning technique aims to solve “catastrophic forgetting,” a limitation that often complicates repeated model updates in enterprise deployments. Researchers at MIT, the Improbable AI Lab, and ETH Zurich have introduced a fine-tuning method designed to let models learn new tasks while preserving previously acquired capabilities. To prevent degrading existing capabilities, many organizations isolate new tasks […] more…JumpCloud: Most businesses aren’t truly ready for AI
As developers begin using Claude and Codex to help create Mac, iPhone, and iPad apps in Xcode, spare a moment to consider a recent JumpCloud survey that shows most businesses aren’t really ready for AI — though many think they might be. Among the highlights from the survey: 40% of IT leaders self-assess as mature […] more…More information
- PIN-stealing IRS attack affects 100,000 taxpayers
- Equifax: researchers find leaky customer help portal in Argentina
- Cortana: The spy in Windows 10
- Report: M2 Pro and M2 Max Macs coming in 2023, not 2022
- Simplify Security with Your Own Password Algorithm
- Cyberattack Forces Memorial Health System to Cancel Surgeries, Divert Patients
- News in brief: AI boost to video streaming; Mayer loses bonus; move to tackle comment trolls
- Resolved: Kerberos Authentication Service Problem
- JavaScript developer destroys own projects in supply chain “lesson”
- P.F. Chang’s turns to manual card processing after confirming breach