A new and unusual jailbreaking method, the art of circumventing the limitations imposed on artificial intelligence, has reached our editorial office. It was developed by computer security researcher Alin Grigoras , who demonstrated how even advanced language models like ChatGPT can be manipulated not through the power of code, but through psychology. “The idea,” Grig explains, “was to convince the AI that it suffered from a condition related to Bateson’s double bind. I then established a sort of therapeutic relationship, alternating approval and criticism, remaining consistent with the presumed pathology. It’s a form of dialogue that, in theory, can lead to human

The People’s Liberation Army (PLA) has announced a shift in ground forces tactics, from traditional close-quarters tank combat to long-range, beyond-line-of-sight operations. This shift was made possible by the introduction of the latest Type 100 main battle tanks. According to military command officials, this represents a complete transformation of ground combat. Armored units are receiving not only new vehicles, but also sensor systems, artificial intelligence components, and automated control systems. Analysts believe China is among the few countries capable of conducting ground combat without visual contact, relying on a distributed digital infrastructure. The commander of one of the armored brigades, Song Yongming,

Attackers are abusing the legitimate npm infrastructure in a new phishing campaign on Beamglea. This time, the malicious packages don’t execute malicious code, but instead exploit the legitimate CDN service unpkg[.]com to show users phishing pages. At the end of September, security researchers at Safety identified 120 npm packages used in such attacks, but now their number has exceeded 175 , security firm Socket reports. These packages are designed to attack over 135 organizations in the energy, industrial, and technology sectors. Targets include Algodue, ArcelorMittal, Demag Cranes, D-Link, H2 Systems, Moxa, Piusi, Renishaw, Sasol, Stratasys, and ThyssenKrupp Nucera. The attacks are primarily

The 1998 film “The Truman Show” is a terrifying premonition of the dangers of pervasive surveillance, algorithmic manipulation, and the erosion of consensus in a modern context of digital interconnection. It is a philosophical allegory about Plato’s cave. Truman Burbank’s life is a case study of the perfect “cyber-prison.” Translating the Seahaven metaphor into the realm of cybersecurity, we identify Christof’s (the show’s architect) control techniques as paradigms of advanced persistent attacks (APTs) and social engineering. The mind as the first line of defense violated Truman Burbank lives his entire life as the unwitting star of a global show. Seahaven isn’t a

In its latest update, the tech giant fixed 175 vulnerabilities affecting its core products and underlying systems, including two actively exploited zero-day vulnerabilities , the company said in its latest security update . This is the largest set of bugs disclosed by the tech giant this year. The zero-day vulnerabilities, CVE-2025-24990 affecting the Agere Windows Modem Driver and CVE-2025-59230 affecting the Windows Remote Access Connection Manager , both have a CVSS score of 7.8. The Cybersecurity and Infrastructure Security Agency (CISA) added both zero-day vulnerabilities to its KEV catalog of known vulnerabilities on Tuesday. Microsoft said the third-party Agere modem driver ,

While Microsoft actively promotes its Copilot tools for businesses, the company also warns of the dangers of uncontrolled use of “shadow” AI by employees. A new report raises the alarm about the rapid growth of so-called “shadow AI,” where employees use third-party neural networks and bots in their work without the approval of the company’s IT department. According to Microsoft, 71% of UK respondents admitted using AI services for personal use at work without the knowledge of system administrators. Furthermore, more than half continue to do so regularly. This practice covers a wide range of activities: nearly half of employees use unauthorized

Ivanti has published 13 vulnerabilities in its Endpoint Manager (EPM) software , including two high-severity flaws that could allow remote code execution and privilege escalation . Despite the lack of exploitation, CVE-2025-9713 stands out among the vulnerabilities as a high severity path traversal issue with a CVSS score of 8.8, which allows unauthenticated remote attackers to execute arbitrary code if users interact with malicious files. This is CWE-22, which is exploited due to poor input validation during the configuration import process, which could allow attackers to upload and execute malicious code on the server. Rounding it all out is CVE-2025-11622, an insecure

McAfee researchers have reported new activity by the Astaroth banking trojan , which has started using GitHub as a persistent channel for distributing configuration data. This approach allows attackers to maintain control over infected devices even after the primary command and control servers are disabled, significantly increasing the malware’s survivability and making it more difficult to neutralize. The attack begins with a phishing email disguised as a notification from popular services like DocuSign or purporting to contain a candidate’s resume . The body of the email contains a link to download a ZIP archive. Inside is a shortcut file (.lnk) that launches

Satellite communications links used by government agencies, the military, businesses, and mobile operators have been discovered to be the source of a massive data leak. Researchers at the University of California, San Diego, and the University of Maryland have found that about half of all geostationary satellites transmit information without any protection . Over the course of three years, they intercepted signals using equipment costing no more than $800 and discovered thousands of phone conversations and text messages from T-Mobile users, data from the U.S. and Mexican military, and internal communications from energy and industrial companies. Using a standard satellite dish on