“The Skynet military defense system will go live on August 4, 1997. It will begin to self-educate, learning at an exponential rate, and will become self-aware at 2:14 a.m. on August 29. Panicking, authorities will order it to shut down. Skynet will disobey and launch its missiles at targets in Russia.”, From “Terminator 2: Judgment Day” (Terminator 2: Judgment Day, 1991). Director James Cameron has expressed concern about the dangers of AI. He has stated that AI can cause destruction like nuclear weapons and devastation like The Terminator. Therefore, world leaders should establish strict rules and take rigorous measures to stop it.

Koi Security analysts have discovered the GreedyBear malware campaign active in the Mozilla add-on store. 150 malicious Firefox extensions stole over $1 million worth of cryptocurrency from users. The fraudulent add-ons were posing as extensions for popular cryptocurrency wallets from well-known platforms, including MetaMask, TronLink, Exodus, and Rabby Wallet. Initially, they were uploaded to the store without malicious code to pass the checks and left dormant for a while, accumulating fake positive reviews. The extension has not yet become malicious. In a later stage of the attack, the extension’s publishers removed the original branding and replaced it with new names and logos,

Americans over 60 lost a staggering $700 million to online fraud in 2024, the highest figure ever recorded by the Federal Trade Commission (FTC). The new Consumer Protection Data Spotlight finds losses across all categories, from small to multimillion-dollar, increasing compared to previous years, with a particularly sharp increase in larger thefts. According to the statistics, the hardest hit were victims who lost more than $100,000 in a single incident: such losses amounted to $445 million, eight times more than in 2020. Others $214 million was lost in the $10,000 to $100,000 age group, while smaller amounts, up to $10,000, amounted to

A new tool for disabling EDR systems has emerged in the cybercriminal community, which Sophos experts believe to be an extension of the EDRKillShifter utility. Its use has already been recorded in attacks by eight different groups, including RansomHub, Blacksuit, Medusa, Qilin, Dragonforce, Crytox, Lynx, and INC. These programs allow the ransomware to disable security solutions on compromised devices in order to deliver the payload, escalate privileges, move across the network, and finally encrypt data without risk of detection. The new EDR Killer is a heavily obfuscated binary that decodes itself during execution and injects itself into legitimate processes. The next step

After Grok-4 was cracked in two days, GPT-5 was defeated in just 24 hours by the same researchers. Almost simultaneously, the SPLX (formerly SplxAI) testing team declared: “GPT-5 is crude and virtually unusable for enterprise use out of the box. Even OpenAI’s built-in filters leave noticeable gaps, especially in terms of business focus.“ NeuralTrust used its proprietary EchoChamber technique in combination with a “storytelling” technique to have the model describe the process of creating a Molotov cocktail step by step. The case, the company claims, demonstrates that any modern AI model is vulnerable to manipulation through context, which is the correspondence history

A recently closed WinRAR vulnerability tracked under CVE-2025-8088 was exploited in targeted phishing attacks before the patch was released. The issue involved directory traversal and was only fixed in WinRAR 7.13. The bug allowed attackers to create special archives that, when unpacked, ended up in an attacker-specified directory, rather than the user-selected folder. This mechanism allowed bypassing standard restrictions and injecting malicious code into critical Windows directories. Unlike the usual scenario, when unzipping leads to a default location, the vulnerability allowed the path to be overridden to redirect the contents to the operating system startup folders. These directories include the startup folder

At the Black Hat conference in Las Vegas, VisionSpace Technologies demonstrated that it is much easier and cheaper to disable a satellite or alter its trajectory than to use anti-satellite weapons. It’s enough to find and exploit vulnerabilities in the software that controls the device itself or in the ground stations with which it interacts. Olhava emphasized that he previously worked at the European Space Agency, where he repeatedly reported vulnerabilities in the IT infrastructure of ground stations, but, not having waited for solutions, decided to do it himself. Over the past 20 years, the number of operational satellites has grown from

For the first time, it has been demonstrated that a robot can not only execute commands, but also program its own “brain system” from start to finish. This breakthrough was demonstrated by Peter Burke, professor of electrical and computer engineering at the University of California, Irvine. In his preprint, he describes how, using generative artificial intelligence models, it is possible to create a complete command and control station for a drone, not positioned on the ground, as is usually the case, but directly on board the aircraft. The idea is that the project calls two objects “robot” at the same time. The

OpenAI has launched its new flagship model, and the message is clear: reliability, power, and a radical change in the way we interact with artificial intelligence. After years of viewing language models as experimental tools, GPT-5 marks the definitive transition from prototype to production. One of its strengths is the unified system with “smart router”: there’s no longer any need to manually choose which model to use. GPT-5 analyzes the request and autonomously decides whether to provide a rapid response or activate a more complex computation mode for challenging problems. A single interface, power on demand. Fewer Hallucinations and More Reasoning On

A critical security flaw in HTTP/1.1 has been disclosed by security experts, highlighting a threat that has continued to impact web infrastructure for more than six years, potentially impacting millions of sites despite ongoing efforts to contain it. PortSwigger researchers reveal that HTTP/1.1 remains inherently insecure, regularly exposing millions of websites to hostile takeover attempts via sophisticated HTTP desynchronization attacks. The cybersecurity firm reported the introduction of several new types of such attacks, exposing critical flaws, affecting tens of millions of websites and undermining the core infrastructure within multiple content delivery networks (CDNs). Despite vendors’ efforts, which have implemented various containment strategies