AI behind the velvet rope. Note

AI behind the velvet rope.

The US government is imposing export controls on advanced AI models, potentially creating opportunities for rivals. Russian threat actors are targeting secure messaging platforms like Signal to steal account verification codes and PINs. A high-severity vulnerability in the Linux kernel, dubbed DirtyClone, allows for privilege escalation to root access. Investigations suggest that federal websites are violating privacy rules through their redesigns. Microsoft has disrupted a campaign involving over a hundred malicious browser extensions that stole credentials and engaged in ad fraud. Researchers have discovered that carefully crafted GitHub repositories can trick AI coding agents into executing malware. The Department of Justice has successfully seized hundreds of domains used for illegal World Cup streaming. An Anonymous-linked hacker received an 18-month sentence for website defacement, specifically a cyberattack on the Texas GOP. Dylan Sandlin from the NACD highlighted cyber risk as a critical concern for corporate boards. Finally, an issue has emerged where AI models used for medical diagnosis could potentially reveal the training data they used, raising patient privacy concerns.