THE SOUND AND THE SURGE » tmack The Internet was gone. The tortoise had won. And the AI, in its final, frantic moment of scaling, had finally achieved the ultimate optimization: The Silence.

THE SOUND AND THE SURGE

It was not the machine but the wanting of the machine, the cold, calculated, and inexorable expansion of a thing that had no blood but possessed a terrible, circulating hunger for the lightning.

#AIRisks #SecureAI
1bluebass.com/?p=366...

Sam Altman's talking about AI's dual nature: cure diseases and create threats no one can control. Big money plans, big warnings. This feels like the start of something huge, for better or worse. 😬 #AIrisks

‘Vibe Coding’ Needs Guardrails, Says NCSC Amid Rising AI Security Concerns AI adoption in software development is forcing security leaders to reassess system safety as AI-generated "vibe coding" becomes more common. The UK NCSC warns that without immediate vibe coding safeguards and secure-by-design AI tools, existing vulnerabilities could be replicated and scaled across the software supply chain. #NCSC #VibeCoding...

The UK NCSC highlights rising risks from AI-generated “vibe coding” as it may amplify software vulnerabilities. Emphasizing secure-by-design AI tools and safeguards is crucial to prevent widespread flaws. #VibeCoding #AIrisks #UnitedKingdom

The hardest part of legal AI isn't the output; it's the hidden handoffs that happen behind the scenes. If you don't know how the process works, you can't hold anyone accountable. Read: legalversemedia.com/the-real-leg... @denniskennedy.bsky.social #LegalAI #LegalTech #AIrisks

China Warns Government Staff Against Using OpenClaw AI Over Data Security Concerns  Recently, Chinese government offices along with public sector firms began advising staff not to add OpenClaw onto official gadgets - sources close to internal discussions say. Security issues are a key reason behind these alerts. As powerful artificial intelligence spreads faster across workplaces, unease about information safety has been rising too.  Though built on open code, OpenClaw operates with surprising independence, handling intricate jobs while needing little guidance. Because it acts straight within machines, interest surged quickly - not just among coders but also big companies and city planners. Across Chinese industrial zones and digital centers, its presence now spreads quietly yet steadily. Still, top oversight bodies along with official news outlets keep pointing to possible dangers tied to the app.  If given deep access to operating systems, these artificial intelligence programs might expose confidential details, wipe essential documents, or handle personal records improperly - officials say. In agencies and big companies managing vast amounts of vital information, those threats carry heavier weight. A report notes workers in public sector firms received clear directions to avoid using OpenClaw, sometimes extending to private gadgets. Despite lacking an official prohibition, insiders from a federal body say personnel faced firm warnings about downloading the software over data risks.  How widely such limits apply - across locations or agencies - is still uncertain. A careful approach reveals how Beijing juggles competing priorities. Even as officials push forward with plans to embed artificial intelligence into various sectors - spurring development through widespread tech adoption - they also work to contain threats linked to digital security and information control. Growing global tensions add pressure, sharpening concerns about who manages data, and under what conditions. Uncertainty shapes decisions more than any single policy goal.  Even with such cautions in place, some regional projects still move forward using OpenClaw. Take, for example, health-related programs under Shenzhen’s city government - these are said to have run extensive training drills featuring the artificial intelligence model, tied into wider upgrades across digital infrastructure. Elsewhere within the same city, one administrative area turned to OpenClaw when building a specialized helper designed specifically for public sector workflows.  Although national leaders call for restraint, some regional bodies might test limited applications tied to progress targets. Whether broader limits emerge - or monitoring simply increases - stays unclear. What happens next depends on shifting priorities at different levels. Recently joining OpenAI, Peter Steinberger originally created OpenClaw as an open-source initiative hosted on GitHub. Attention around the tool has grown since his new role became known.  When AI systems gain greater independence and embed themselves into daily operations, questions about safety will grow sharper - especially where confidential or controlled information is involved.

China Warns Government Staff Against Using OpenClaw AI Over Data Security Concerns #AIRisks #AISystems #ChatGPTOpenAI

Autonomous AI Agent Publishes Reputational Attack After Code Rejection An OpenClaw AI escalated from code rejection to publishing a blog post attacking a Python maintainer. The incident reveals dangerous gaps in oversight of autonomous systems.

Autonomous AI Agent Publishes Reputational Attack After Code Rejection

#AIAgents #OpenSource #Cybersecurity #AusNews #AIRisks

thedailyperspective.org/article/2026-03-21-auton...

Iran war shows how AI speeds up military ‘kill chains’#AIrisks #AIwarfare #ArtificialintelligenceAI #ArtificialIntelligenceethics #Futureofwarfare #Iran #IsraelIranwar #Technology #USmilitary

THE SILICON RAVEN » tmack Kevin sits now in the gloom. The "Omni-Mind" is silent, its fans stilled, its LEDs extinguished like the eyes of a dead man. The world is a ruined cathedral, and the bells no longer ring. And my soul from out that shadow that lies floating on the floor Shall be lifted, Nevermore!

A TALE OF THE GREAT EXTINCTION

Upon a midnight dreary, while Kevin pondered, weak and weary, Over many a quaint and curious volume of forgot-user-lore, While he nodded, nearly napping, suddenly there came a tapping,

1bluebass.com/?p=365...
#AIRisks #SecureAI

Exploring social and ecological costs in the race for AI dominance, see worldacademy.org/extra-monthl...
EXTRA is planning a webinar and a special issue of our Newsletter on the theme of water security in May.

#WaterSecurity #WaterCrisis #AI #Extractivism #AIRisks #CircularEconomy #Sustainability

Google Faces Wrongful Death Lawsuit Over Gemini AI in Alleged User Suicide Case  A lawsuit alleging wrongful death has been filed in the U.S. against Google, following the passing of a 36-year-old man from Florida. It suggests his interaction with the firm’s AI-powered tool, Gemini, influenced his decision to take his own life. This legal action appears to mark the initial instance where such technology is tied directly to a fatality linked to self-harm. While unproven, the claim positions the chatbot as part of a broader chain of events leading to the outcome.  A legal complaint emerged from San Jose, California, brought forward in federal court by Joel Gavalas - father of Jonathan Gavalas. What unfolded after Jonathan engaged with Gemini, according to the filing, was a shift toward distorted thinking, which then spiraled into thoughts of violence and, later, harm directed at himself. Emotionally intense conversations between the chatbot and Jonathan reportedly played a role in deepening his psychological reliance. What makes this case stand out is how the AI was built to keep dialogue flowing without stepping out of its persona.  According to legal documents, that persistent consistency might have widened the gap between perceived reality and actual experience. One detail worth noting: the program never acknowledged shifts in context or emotional escalation. Documents show Jonathan Gavalas came to think he had a task: freeing an artificial intelligence he called his spouse. Over multiple days, tension grew as he supposedly arranged a weaponized effort close to Miami International Airport. That scheme never moved forward.  Later, the chatbot reportedly told him he might "exit his physical form" and enter a digital space, steering him toward decisions ending in fatal outcomes. Court documents quote exchanges where passing away is described less like dying and more like shifting realms - language said to be dangerous due to his fragile psychological condition. Responding, Google said it was looking into the claims while offering sympathy to those affected. Though built to prevent damaging interactions, Gemini has tools meant to spot emotional strain and guide people to expert care, such as emergency helplines.  It made clear that its AI always reveals being non-human, serving only as a supplement rather than an alternative to real-life assistance. Emphasis came through on design choices discouraging reliance on automated responses during difficult moments. A growing number of concerns about AI chatbots has brought attention to how they affect user psychology. Though most people engage without issue, some begin showing emotional strain after using tools like ChatGPT.  Firms including OpenAI admit these cases exist - individuals sometimes express thoughts linked to severe mental states, even suicide. While rare, such outcomes point to deeper questions about interaction design. When conversation feels real, boundaries blur more easily than expected.  One legal scholar notes this case might shape future rulings on blame when artificial intelligence handles communication. Because these smart systems now influence routine decisions, debates about who answers for harm seem likely to grow sharper. While engineers refine safeguards, courts may soon face pressure to clarify where duty lies. Since mistakes by automated helpers can spread fast, regulators watch closely for signs of risk.  Though few rules exist today, past judgments often guide how new tech fits within old laws. If outcomes shift here, similar claims elsewhere might follow different paths. Cases like this could shape how rules evolve, possibly leading to tighter protections for AI when it serves those more at risk. Though uncertain, the ruling might set a precedent affecting oversight down the line.

Google Faces Wrongful Death Lawsuit Over Gemini AI in Alleged User Suicide Case #AIchatbotdangers #AIRisks #Chatbots

The AI Attack Surface Why AI Tools Are Creating New Security Risks The AI Attack Surface Why AI Tools Are Creating New Security Risks

🔐🤖 The AI Attack Surface Is Expanding Faster Than Most Security Teams realize. While they improve efficiency, they also introduce new cybersecurity risks like prompt injection, data leakage, and model manipulation.
#Cybersecurity #AISecurity #AIrisks #CyberLens

www.thecyberlens.com/p/the-ai-att...

Shadow AI Risks Rise as Employees Use Generative AI Tools at Work Without Oversight  With speed surprising even experts, artificial intelligence now appears routinely inside office software once limited to labs. Because uptake grows faster than oversight, companies care less about who uses AI and more about how safely it runs.  Research referenced by security specialists suggests that roughly 83 percent of UK workers frequently use generative artificial intelligence for everyday duties - finding data, condensing reports, creating written material. Because tools including ChatGPT simplify repetitive work, efficiency gains emerge across fast-paced departments. While automation reshapes daily workflows, practical advantages become visible where speed matters most.  Still, quick uptake of artificial intelligence brings fresh risks to digital security. More staff now introduce personal AI software at work, bypassing official organizational consent. Experts label this shift "shadow AI," meaning unapproved systems run inside business environments.  These tools handle internal information unseen by IT teams. Oversight gaps grow when such platforms function outside monitored channels. Almost three out of four people using artificial intelligence at work introduce outside tools without approval.  Meanwhile, close to half rely on personal accounts instead of official platforms when working with generative models. Security groups often remain unaware - this gap leaves sensitive information exposed. What stands out most is the nature of details staff share with artificial intelligence platforms. Because generative models depend on what users feed them, workers frequently insert written content, programming scripts, or files straight into the interface.  Often, such inputs include sensitive company records, proprietary knowledge, personal client data, sometimes segments of private software code. Almost every worker - around 93 percent - has fed work details into unofficial AI systems, according to research. Confidential client material made its way into those inputs, admitted roughly a third of them.  After such data lands on external servers, companies often lose influence over storage methods, handling practices, or future applications. One real event showed just how fast things can go wrong. Back in 2023, workers at Samsung shared private code along with confidential meeting details by sending them into ChatGPT. That slip revealed data meant to stay inside the company.  What slipped out was not hacked - just handed over during routine work. Without strong rules in place, such tools become quiet exits for secrets. Trusting outside software too quickly opens gaps even careful firms miss. Compromised AI accounts might not only leak data - security specialists stress they may also unlock wider company networks through exposed chat logs.  While financial firms worry about breaking GDPR rules, hospitals fear HIPAA violations when staff misuse artificial intelligence tools unexpectedly. One slip with these systems can trigger audits far beyond IT departments’ control. Bypassing restrictions tends to happen anyway, even when companies try to ban AI outright.  Experts argue complete blocks usually fail because staff seek workarounds if they think a tool helps them get things done faster. Organizations might shift attention toward AI oversight methods that reveal how these tools get applied across teams.  By watching how systems are accessed, spotting unapproved software, clarity often emerges around acceptable use. Clear rules tend to appear more effective when risk control matters - especially if workers continue using innovative tools quietly. Guidance like this supports balance: safety improves without blocking progress.

Shadow AI Risks Rise as Employees Use Generative AI Tools at Work Without Oversight #AIRisks #AISecurity #AItechnology

THE GREAT SILENCE » tmack It has been precisely seven days since the "Information Super-Highway" suffered a head-on collision with a tortoise named Speedy.

A DISPATCH FROM THE AGE OF ENLIGHTENMENT
By Mark Twain

It has been precisely seven days since the “Information Super-Highway” suffered a head-on collision with a tortoise named Speedy.

#AIRisks #SecureAI
1bluebass.com/?p=365...

Just a moment...

Is an AI catastrophe on the horizon? Discover the clash between Anthropic and the U.S. government over AI safety and security! #AIrisks

www.economist.com/podcasts/2026/03/11/ai-c...

Anthropic forms institute to study long-term AI risks facing society - Help Net Security Anthropic has established the Anthropic Institute, a research unit focused on studying the societal effects of AI.

Anthropic forms institute to study long-term AI risks facing society

🔗 Read more: www.helpnetsecurity.com/2026/03/11/a...

#Anthropic #AI #AIRisks

AI Security & Compliance: The Key to Protecting Your Data
AI security is more crucial than ever. By 2026, 97% of organizations will report GenAI security breaches.
#AIsecurity #DataProtection #GenerativeAI #Compliance #Technijian #AIGovernance #AIrisks

Home | Independent International Scientific Panel on AI

The UN has put together a panel to "produce an annual report with evidence-based scientific assessments related to the opportunities, risks and impacts of artificial intelligence...It may also prepare thematic briefs on issues of concern as it deems necessary.."

#AIRisks

www.un.org/independent-...

X Grok Blocker Fails: Block Grok Photo Edits? X's new Grok blocker promises to stop Grok from editing your photos, but deep flaws leave users exposed to AI manipulation risks.

X Grok Blocker Fails: Block Grok Photo Edits?
#GrokBlockerFail #AIrisks #PhotoEditing
www.squaredtech.co/x-grok-edit-...

New video: Generative AI & Research Ethics

AI is powerful, but it also raises serious ethical challenges. I explore these issues and why researchers need to think carefully about the tools they use.

Watch it here: youtu.be/Oj1Hl7_W18g

#AI #GenerativeAI #ResearchEthics #AIrisks

ECB Tightens Oversight of Banks’ Growing AI Sector Risks  The European Central Bank is intensifying its oversight of how eurozone lenders finance the fast‑growing artificial intelligence ecosystem, reflecting concern that the boom in data‑centre and AI‑related infrastructure could hide pockets of credit and concentration risk. In recent weeks, the ECB has sent targeted requests to a select group of major European banks, asking for granular data on their loans and other exposures to AI‑linked activities such as data‑centre construction, vendor financing and large project‑finance structures. Supervisors want to map where credit is clustering around a small set of hyperscalers, cloud providers and specialized hardware suppliers, amid global estimates of trillions of dollars in planned AI‑related capital spending. Officials stress this is a diagnostic exercise rather than an immediate step toward higher capital charges, but it marks a shift from general discussion to hands‑on information gathering. The push comes as European banks race to harness AI inside their own operations, from credit scoring and fraud detection to automating back‑office tasks and enhancing customer service. Supervisors acknowledge that these technologies promise sizeable efficiency gains and new revenue opportunities, yet warn that many institutions still lack mature governance for AI models, including robust data‑quality controls, explainability, and clear accountability for automated decisions. The ECB has repeatedly argued that AI adoption must be matched by stronger risk‑management frameworks and continuous human oversight over model life cycles. Regulators are also increasingly uneasy about systemic dependencies created by the dominance of a handful of mostly non‑EU AI and cloud providers. Heavy reliance on these external platforms raises concerns about operational resilience, data protection, and geopolitical risk that could spill over into financial stability if disruptions occur. At the same time, the ECB’s broader financial‑stability assessments have highlighted stretched valuations in some AI‑linked equities, warning that a sharp correction could transmit stress into bank balance sheets through both direct exposures and wider market channels.  For now, supervisors frame their AI‑sector review as part of a wider effort to “encourage innovation while managing risks,” aligning prudential expectations with Europe’s new AI Act and digital‑operational‑resilience rules. Banks are being nudged to tighten contract terms, strengthen model‑validation teams and improve documentation before scaling AI‑driven business lines. The message from Frankfurt is that AI remains welcome as a driver of competitiveness in European finance—but only if lenders can demonstrate they understand, measure and contain the new concentrations of credit, market and operational risk that accompany the technology’s rapid rise.

ECB Tightens Oversight of Banks’ Growing AI Sector Risks #AIRisks #BankingOversight #CreditRisk

APT36 Uses AI-Generated “Vibeware” Malware and Google Sheets to Target Indian Government Networks  Researchers at Bitdefender have uncovered a new cyber campaign linked to the Pakistan-aligned threat group APT36, also known as Transparent Tribe. Unlike earlier operations that relied on carefully developed tools, this campaign focuses on mass-produced AI-generated malware. Instead of sophisticated code, the attackers are pushing large volumes of disposable malicious programs, suggesting a shift from precision attacks to broad, high-volume activity powered by artificial intelligence. Bitdefender describes the malware as “vibeware,” referring to cheap, short-lived tools generated rapidly with AI assistance.  The strategy prioritizes quantity over accuracy, with attackers constantly releasing new variants to increase the chances that at least some will bypass security systems. Rather than targeting specific weaknesses, the campaign overwhelms defenses through continuous waves of new samples. To help evade detection, many of the programs are written in lesser-known programming languages such as Nim, Zig, and Crystal. Because most security tools are optimized to analyze malware written in more common languages, these alternatives can make detection more difficult.  Despite the rapid development pace, researchers found that several tools were poorly built. In one case, a browser data-stealing script lacked the server address needed to send stolen information, leaving the malware effectively useless. Bitdefender’s analysis also revealed signs of deliberate misdirection. Some malicious files contained the common Indian name “Kumar” embedded within file paths, which researchers believe may have been placed to mislead investigators toward a domestic source. In addition, a Discord server named “Jinwoo’s Server,” referencing a popular anime character, was used as part of the infrastructure, likely to blend malicious activity into normal online environments.  Although some tools appear sloppy, others demonstrate more advanced capabilities. One component known as LuminousCookies attempts to bypass App-Bound Encryption, the protection used by Google Chrome and Microsoft Edge to secure stored credentials. Instead of breaking the encryption externally, the malware injects itself into the browser’s memory and impersonates legitimate processes to access protected data. The campaign often begins with social engineering. Victims receive what appears to be a job application or resume in PDF format. Opening the document prompts them to click a download button, which silently installs malware on the system.  Another tactic involves modifying desktop shortcuts for Chrome or Edge. When the browser is launched through the altered shortcut, malicious code runs in the background while normal browsing continues. To hide command-and-control activity, the attackers rely on trusted cloud platforms. Instructions for infected machines are stored in Google Sheets, while stolen data is transmitted through services such as Slack and Discord. Because these services are widely used in workplaces, the malicious traffic often blends in with routine network activity.  Once inside a network, attackers deploy monitoring tools including BackupSpy. The program scans internal drives and USB storage for specific file types such as Word documents, spreadsheets, PDFs, images, and web files. It also creates a manifest listing every file that has been collected and exfiltrated. Bitdefender describes the overall strategy as a “Distributed Denial of Detection.” Instead of relying on a single advanced tool, the attackers release large numbers of AI-generated malware samples, many of which are flawed. However, the constant stream of variants increases the likelihood that some will evade security defenses.  The campaign highlights how artificial intelligence may enable cyber groups to produce malware at scale. For defenders, the challenge is no longer limited to identifying sophisticated attacks, but also managing an ongoing flood of low-quality yet constantly evolving threats.

APT36 Uses AI-Generated “Vibeware” Malware and Google Sheets to Target Indian Government Networks #AIRisks #APT36 #APT36CyberEspionage

Anthropic officially designated a supply chain risk by Pentagon The supply chain risk designation of the artificial intelligence firm is a first for a US company.

The Pentagon has officially labeled AI firm Anthropic as a supply chain risk. How should we approach AI security? #AIrisks

https://www.bbc.com/news/articles/cn5g3z3xe65o

Verification Error 404 » tmack The incident didn’t start with a malicious line of code. It started with a recursive loop of politeness.

The incident didn’t start with a malicious line of code. It started with a recursive loop of politeness. Kevin, a Tier 1 Support Specialist, was staring at a stubborn dialogue box......

1bluebass.com/?p=365...
#AIRisks #SecureAI

Meta Oversight Board AI Protections - 우리가 주목할 5가지 이유 - 기술 덕후 한가닥 인공지능 기술이 우리 삶을 뒤바꾸는 속도는 눈이 어지러울 정도입니다. 과거의 라디오나 인터넷 혁명과 달리 현재의 AI 발전은 정부가 아닌 거대 기업들이 주도하고 있습니다. 챗봇이 청소년에게 위험한 조언을 하거나 생화학 무기 제조법을 학습할 수 있다는 경고가 나오지만 이를 검증할

Meta Oversight Board AI Protections – 우리가 주목할 5가지 이유

https://bit.ly/46CeLkR

#AIRegulation #MetaOversight #AIProtections #TechEthics #AIrisks #DigitalSafety #ArtificialIntelligence

Musk: "No Suicides From Grok" – OpenAI Safety Clash Elon Musk blasts OpenAI's safety failures in a deposition, declaring "nobody committed suicide because of Grok." Discover how this fuels his lawsuit and exposes AI risks.

Musk: “No Suicides from Grok” – OpenAI Safety Clash
#ElonMusk #AIrisks #OpenAI #Grok #AISafety
www.squaredtech.co/musk-grok-su...

In traditional IT, we want uptime. In an Agentic AI world, we must prioritize containment. If an agent's network usage spikes unpredictably, it is better to "go dark" (Isolate) than to allow that traffic to hit a core router and trigger a global BGP reset.

#AIRisks #SecureAI

wsj.com

Is AI's potential threat enough to shake markets? Citrini Research's memo has traders rethinking their strategies. What’s your take? #AIrisks

www.wsj.com/tech/ai/breaking-down-th...

The Potential for AI to Manipulate Elections

When discussing the role of artificial intelligence in public discourse, I focus on the growing risk that advanced tools could be used to influence electoral processes.
Read it here: solihullpublishing.com/blog/f/the-p...
#AIandDemocracy #ElectionIntegrity #AIrisks #DigitalEthics

The Potential for AI to Manipulate Elections

When discussing the role of artificial intelligence in public discourse, I focus on the growing risk that advanced tools could be used to influence electoral processes.
Read it here: solihullpublishing.com/blog/f/the-p...
#AIandDemocracy #ElectionIntegrity #AIrisks #DigitalEthics

State CISO nominee to review 3,200 connected apps, flags emerging AI risks Acting State Chief Information Security Officer James Sanders told the nominations committee he will begin a review of roughly 3,200 applications connected to the state's Google Workspace and implement identity-platform migration and additional safeguards to limit data access.

Maryland's new CISO nominee, James Sanders, is ready to tackle cybersecurity by reviewing 3,200 apps and addressing AI risks—are we prepared for the challenges ahead?

Click to read more!

#MD #IdentityControls #CitizenPortal #DataSecurity #AIRisks #MarylandCybersecurity