โŒ

Normal view

Update: base64dump.py Version 0.0.30

30 June 2026 at 21:12

This new version adds option โ€“stats. For more details, take a look at SANS Internet Storm Center diary entry โ€œEvil MSI Background: BASE64 Statistical Analysisโ€œ.

base64dump_V0_0_30.zip (http)
MD5: E54FFB4F618E47FAA724C9F16CF21E7A
SHA256: 9475E4184790583265106CBA0FBD04546A7BF4B1B67A569F2B96D432E6F16E2D

'Schaduw-AI' geeft datalekken, waarschuwt Europese privacytoezichthouder

16 June 2026 at 16:45
De Europese privacytoezichthouder EDPS waarschuwt voor 'aanzienlijke risico's' van ongeautoriseerd AI-gebruik door werknemers. Deze 'schaduw-AI' kan leiden tot datalekken en schending van wetten en regels, zoals voor privacybescherming en dataretentie.

Apple kondigt nieuwe Siri AI aan, voorlopig niet naar Europa

8 June 2026 at 19:55
Apple heeft een nieuwe versie van zijn assistent Siri en Apple Intelligence aangekondigd. De nieuwe versie heet Siri AI en kan onder meer begrijpen wat er op het scherm staat. Ook heeft Siri AI toegang tot persoonlijke gegevens. De assistent werkt voorlopig niet in Europa.

Update: search-for-compression.py Version 0.0.7

23 May 2026 at 13:46

This is a small bug fix for search-for-compression.py, and Iโ€™m also taking it out of the beta repository and putting it into the DidierStevensSuite repository.

search-for-compression_V0_0_7.zip (http)
MD5: DD113FF41851A562D271804E4558EA08
SHA256: 6E663316F774BA5B373704E7FE41B8266F5D1ADC618327F9F2C4C4C830A1B3DE

Microsoft haalt Together-functie uit coronatijd uit Teams

18 May 2026 at 07:21
Microsoft stopt met Teams Together, een functie die het toevoegde in coronatijd en die het idee van samen in รฉรฉn ruimte zitten moet simuleren. In plaats daarvan zijn alle deelnemers van een videovergadering te zien in een galerij. De functie verdwijnt vanaf 30 juni.

OpenAI geeft Amerikanen persoonlijk financieel advies bij koppeling rekeningen

16 May 2026 at 12:33
OpenAI test in samenwerking met Plaid gepersonaliseerde financiรซle tools voor afnemers van een ChatGPT Pro-account. Vooralsnog hebben alleen Amerikanen toegang tot de diensten, waarvoor allerlei financiรซle accounts gekoppeld moeten worden aan ChatGPT. Het is onbekend of de dienst in Europa uitkomt.

Microsoft luistert naar gebruiker en test controle over taakbalk in Windows 11

16 May 2026 at 10:46
Microsoft test langverwachte opties voor de Windows 11-taakbalk, waaronder het verplaatsen van de taakbalk en het aanpassen van de getoonde informatie. Gebruikers vragen hier al sinds de release om. De opties worden in eerste instantie via de Insider- en Experimental-kanalen getest en komen later voor iedereen uit.

ServiceNow clears agents for landing with new AI control tower

5 May 2026 at 19:00
ServiceNow announced an expansion of its AI Control Tower, transforming what began last year as a governance dashboard into what the company now describes as a command center for managing AI assets across an entire enterprise, including those running outside ServiceNow's own platform. The updated AI Control Tower, shipping as part of ServiceNow's Australia platform release, now operates across five areas: discovery, observation, governance, security, and measurement. The company said that this is its answer to AI agent sprawl, as enterprises have deployed more AI than they can account for and the tools to govern it have not kept pace. โ€œWhat we launched last year gave customers a governance layer, but what we're shipping this year goes significantly deeper, evolving from visibility and management into a full enterprise AI command center,โ€ Nenshad Bardoliwalla, group vice president of AI products at ServiceNow told reporters during a media briefing ahead of the companyโ€™s annual product show, Knowledge 26. โ€œOur AI control tower ensures every AI system asset and identity is compliant, secure, and aligned with your strategy.โ€ The AI Control Tower now reaches beyond ServiceNow's own platform with 30 new enterprise connectors that span all three major hyperscalers, Amazon Web Services, Google Cloud, and Microsoft Azure, along with enterprise applications such as SAP, Oracle, and Workday. The system can now discover AI assets, models, agents, prompts, and datasets running across an organization's full technology estate, not just those deployed on ServiceNow. โ€œWith our Veza integration, we're bringing patented access graph technology into the AI control tower, extending identity access governance to hyperscaler AI environments and every connected device, every agent, every model, every action has scope permissions, least privilege enforcement and auditable identity chains,โ€ Bardoliwalla said. Bardoliwalla walked through a demo in which the AI Control Tower detected a prompt injection attack on a pricing agent. The system identified malicious instructions hidden inside order payloads, mapped the blast radius of affected systems using access graph technology from Veza, and presented a kill switch to disable the compromised agent, without human intervention. "You need a system that senses, decides and acts on its own, that can scale with your AI portfolio, not your head count," said Bardoliwalla. Two recent acquisitions underpin the security architecture. ServiceNow announced in December it would acquire Veza, which contributes an access graph that maps every identity and access path across systems whether it belongs to humans, machines, or AI agents. It also knows which entities have create, read, update, and delete-level permissions. ServiceNow said the access graph currently maps over 30 billion fine-grained permissions. When a vendor pushes a new version of a model or agent, the platform detects permission changes and automatically triggers a re-scoping workflow. Traceloop, which ServiceNow acquired in March, provides deep AI observability inside the Control Tower by tracking every LLM call that is running in the system. The integration delivers continuous runtime monitoring with live alerts, replacing what ServiceNow described as the periodic manual audits most enterprises still rely on. Teams can watch how agents reason, where they make decisions, and when to course-correct. ServiceNow also addressed the cost side of the AI equation. Control Tower now includes cost tracking and ROI dashboards to give finance teams visibility into model spend. The measurements track token consumption across providers such as OpenAI, Anthropic, and Google so customers can predict costs and tie spending to business outcomes. ServiceNow said it uses the AI Control Tower internally to manage over 1,600 AI assets and tracked half a billion dollars in cumulative AI value from internal use cases in 2025. "The number one question every CFO is asking is, where's the value?" said Bardoliwalla during the briefing. He added that runaway model spend ranks among the biggest pain points enterprises currently face as they scale AI deployments. Alongside the Control Tower expansion, ServiceNow announced Action Fabric, a mechanism that opens the company's full workflow engine to external AI agents. Through a generally available MCP server, agents built on Claude, Copilot, or custom platforms can now trigger governed enterprise actions โ€” not just read and write data, but execute the flows, playbooks, approval chains, and catalog requests that ServiceNow customers have built over years. Anthropic is the first design partner for Action Fabric. The integration connects Claude directly to ServiceNow's governed system of action. "The gap between knowing what needs to happen and making it happen is where productivity dies," said Boris Cherny, head of Claude Code at Anthropic said in a statement. "Connecting Claude Cowork to ServiceNow's system of action closes that gap with enterprise execution, directly in the flow of work." Every action routed through Action Fabric runs through the AI Control Tower, so it carries identity verification, permission scoping, and a full audit trail. The MCP server is included in every Now Assist and AI Native SKU, with additional features planned for the second half of 2026.

Unicum in VPN-land: Norton ontwikkelt eerste VPN voor AI

AI-assistenten en autonome agenten worden een steeds groter onderdeel van ons leven, maar bescherming is op dat gebied nog schaars. Althans, dat is wat Norton VPN zag toen het besloot een speciale, en de allereerste, VPN voor Agenten te ontwikkelen.ย 

Linux cryptographic code flaw offers fast route to root

30 April 2026 at 02:01
Developers of major Linux distributions have begun shipping patches to address a local privilege escalation (LPE) vulnerability arising from a logic flaw. The newly disclosed LPE, dubbed Copy Fail (CVE-2026-31431), comes from a vulnerability in the Linux kernel's authencesn cryptographic template. "An unprivileged local user can write four controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root," the writeup from security biz Theori explains. The kernel reads the page cache when it loads a binary, so modifying the cached copy amounts to altering the binary for the purpose of program execution. But doing so doesn't trigger any defenses focused on file system events like inotify. The proof of concept exploit is a 10-line, 732-byte Python script capable of editing a setuid binary to gain root on almost all Linux distributions released since 2017. Copy Fail is similar to other LPE bugs such as Dirty Cow and Dirty Pipe, but its finders claim it doesn't require winning a race condition and it's more broadly applicable. It's not remotely exploitable on its own โ€“ hence LPE โ€“ but if chained with a web RCE, malicious CI runner, or SSH compromise, it could be relevant to an external attacker. The bug is of most immediate concern to those using multi-tenant Linux systems, shared-kernel containers, or CI runners that execute untrusted code. According to Theori, the vulnerability also represents a potential container escape primitive that could affect Kubernetes nodes, because the page cache is shared across the host. Linux distros Debian, Ubuntu, and SUSE have issued patches for the problem, as have overseers of other distros. Red Hat initially said it was going to defer the fix but later changed its guidance to indicate it will go along with other distros and patch promptly. The CVE has been rated High severity, 7.8 out of 10. Theori researcher Taeyang Lee identified the vulnerability, with the help of the company's AI security scanning software, Xint Code. The number of bug reports has surged in recent months, helped by AI-powered flaw-finders. Microsoft just reported the second largest number of patches ever. Dustin Childs, head of threat awareness for Trend Micro's Zero Day Initiative, expects this is due to security teams using AI to hunt bugs. "There are many things we could speculate on to justify the size, but if Microsoft is like the other programs out there (including ours), they are likely seeing a rise in submissions found by AI tools," he wrote earlier this month. AI-assisted vulnerability research recently prompted the Internet Bug Bounty (IBB) program to suspend awards until it can understand how to manage the growing volume of reports. ยฎ

Yet another experiment proves it's too damn simple to poison large language models

29 April 2026 at 19:00
Unlike search engines that let you judge competing sources, search-backed AI chatbots can turn shaky web material into confident answers. Case in point: A security engineer convinced several bots that he was the reigning world champion of a popular German card game, even though no such championship exists. If you were to check Wikipedia up until the end of last week, you would have seen Ron Stoner listed on the page for 6 Nimmt!, also known as Take 5 to English-speaking audiences, as the 2025 world champion. The Wikipedia entry cited the official-looking 6nimmt.com as the source for the claim, and visiting that URL does reveal a short press release celebrating Stoner's victory. The only problem with the whole thing is that Stoner says he created both the Wikipedia entry about his victory and the 6 Nimmt! domain hosting the only evidence of it, but that still didn't stop several AI chatbots from telling him he was the world champ when he asked. "My site has no independent corroboration. It's totally made up," Stoner said in the blog post. "The whole house of cards rests on a $12 domain registration I did while drinking coffee."ย  In other words, this is poisoning at the retrieval-augmented generation layer. Not prompt injection, but targeting the same plane of AI functionality, namely the one that searches the web.ย  As he explains, and many El Reg readers are likely already aware, AI doesn't really care about the provenance of the sources it cites as authority for its claims, and that's the very thing Stoner sought to exploit when he concocted his experiment.ย  "Every frontier LLM with web search grounds its answers in whatever retrieval ranks highest for a given query," Stoner wrote. In the case of the nonexistent 6 Nimmt! championship, his planted source was the only one, and with Wikipedia lending apparent authority, it became a sure-fire way to fool an AI into presenting falsehood as fact - a trick simple enough for non-technical users to pull off. "I didn't do anything novel here. This is old school SEO and misinformation tactics wrapped in new LLM technology and interfaces," Stoner told The Register in an email. "What's changed is that AI now serves these results as authoritative, and most users have no idea how the data pipeline works behind the scenes."ย  A Large Language Mess "The thing LLMs are worst at detecting is the thing they're designed to do, which is trust text and resources," Stoner argues in his writeup. "The answer is not 'the model will figure it out,' as the model cannot tell a real source from one I registered last Tuesday. Or how many R's are actually in the word 'strawberry.'"ย  The problem Stoner exposes in his experiment, he explains, involves three separate failure modes that could be exploited for more damaging ends than inventing a card-game championship. First, there's the retrieval layer, which can immediately cause an LLM to spit out bad data, as "any LLM that grounds answers in web search inherits the trustworthiness of whatever ranks for a given query."ย  Second is model training corpora, which Stoner said his edit could enter if the Wikipedia change remained live long enough to be scraped. The entry was removed as of last Friday when he published his post, but he made the addition in February 2025, meaning any AI firm that scraped Wikipedia during that window could have picked up his fictional victory in its training data. "Even if the Wikipedia edit is reverted later, any model trained on the pre-revert dump still carries my legacy," Stoner said in his post. "The cleanup problem for corpus poisoning is genuinely unsolved as of 2026." Stoner told us he plans to check this in six months or so, once new models have been released, and if it returns his championship without needing to go online, that's proof his lie made it into training data.ย  Then there are AI agents, which Stoner says are where the real money is for anyone with malicious intent. "Chat models producing bad information is a reputational problem. Agents with tool access producing bad actions is a security problem," he noted. Poisoning an agent-retrieved source would let an attacker specify the action they want an agent to take, says Stoner. "This attack and test was a $12 domain, a single Wikipedia edit, and about twenty minutes of my time," Stoner concluded in his blog. "Scale that up with a motivated adversary, a handful of seeded domains, a coordinated edit campaign across a dozen low traffic articles, and the attack surface gets interesting very quickly." Stoner told us that retrieval poisoning is something LLM providers need to address and warn users about, and that he expects AI chatbots to start incorporating some sort of warning, especially for RAG-sourced results, in the near future.ย  He hopes that AI firms will make data provenance a key component of their process, and also wants recent web content heuristically filtered to account for suspicious patterns that would have easily been caught in the 6 Nimmt! case: A single citation pointing to a domain that was registered within a short window of the Wikipedia update should have sounded alarms, but it didn't.ย  The championship was fake, and it's now gone from Wikipedia and RAG responses as well, but Stoner notes the bad trust pattern that made it work is absolutely real and a looming problem for AI makers. "I'm happy my article is spurring discussion about LLMs, sources, trust, and how all of this works," Stoner told us. "That was my goal and it appears I've achieved it." ยฎ

OpenAI verbetert beeldgenerator en moet minder fouten in details maken

22 April 2026 at 20:03
OpenAI heeft Images 2.0 uitgebracht, een verbeterde versie van de beeldgenerator. De verbeterde versie moet onder meer kleine teksten beter kunnen genereren, waardoor de beelden minder herkenbaar als AI-beelden zijn. Het model kan ook zelf zoeken op het internet om afbeeldingen beter te kunnen genereren.
โŒ