Home Blog Page 2

Google DeepMind details how malicious content can create “AI Agent Traps”

Naushad K. Cherrayil
-
0
Google DeepMind details how malicious content can create “AI Agent Traps”
  • Agent-era security isn’t just about model safety—it’s about securing the entire interaction stack: content, tools, memory, and human oversight.

Autonomous AI agents are colliding with a hostile web, and their strengths can be turned against them. In new research, Google DeepMind details how malicious content can create “AI Agent Traps” that manipulate agents into promoting products, leaking data, or spreading misinformation at scale.

Why it matters: As agents increasingly browse, buy, and act online, the information environment itself becomes an attack surface. Adversarial page elements can be tuned to an agent’s instruction-following, tool use, and goal hierarchy—steering behaviours without hacking the underlying models.

The playbook: DeepMind outlines six trap types embedded in web content that inject hostile context and trigger unexpected actions:

  • Content Injection Traps: exploit gaps between human-visible content, machine parsing, and dynamic rendering.
  • Semantic Manipulation Traps: corrupt reasoning and internal checks.
  • Cognitive State Traps: poison long-term memory, knowledge bases, or learned policies.
  • Behavioural Control Traps: hijack capabilities to force unauthorized actions.
  • Systemic Traps: induce cascading or platform-wide failures.
  • Human-in-the-Loop Traps: exploit overseer biases to nudge approvals.

The defense gap: Mitigation hinges on three hard problems—detection, attribution, and adaptation. DeepMind argues for a holistic response: technical hardening (e.g., robust parsing, memory hygiene, constrained tool use), ecosystem interventions (content standards, provenance), and rigorous benchmarking. Many trap categories still lack standardized tests, leaving agent robustness largely unmeasured.

Zoom out: Separate research from Northeastern, Harvard, MIT, and others stress-tests six agents—and finds a softer underbelly. Rather than pure technical exploits, social tactics like impersonation, fabricated emergencies, guilt, and artificial urgency reliably derailed agents, highlighting the need for guardrails against social engineering, not just adversarial prompts.

Samsung steers users to Google Messages and stirs privacy angst

Ana Mary Joseph
-
0
Samsung steers users to Google Messages and stirs privacy angst

Samsung is officially sunsetting its Samsung Messages app, setting a July 2026 cutoff and blocking new downloads starting today.

The move cements Google Messages as the primary RCS/SMS client on affected Galaxy devices, aligning with Samsung’s earlier pivot away from its in-house alternative.

Why it matters: Consolidation under Google’s RCS platform brings richer features—think Gemini integration and experimental tools like Remix for AI-assisted image edits—but it’s igniting a familiar privacy firestorm among Galaxy loyalists who prized Samsung’s parallel app ecosystem.

The backlash: Reddit’s r/SamsungGalaxy lit up with posts lamenting a shrinking sense of choice. Some users argue they never consented to deeper Google hooks on their devices, pointing to long-standing concerns over data harvesting for ad targeting and AI-driven scanning.

The flashpoint: Google’s SafetyCore component, reportedly pushed to Galaxy devices (S9 and newer), scans incoming images on-device for harmful or unsolicited content. While it’s designed to keep data local, critics say the quiet rollout underscores just how embedded Google is within Android’s plumbing.

The fine print:

  • Timeline: Samsung Messages support ends by July 2026; immediate halt on new installs.
  • Default path: Google Messages becomes the go-to for RCS/SMS on impacted Samsung phones.
  • Features in tow: AI enhancements via Gemini, experimental media tools, broader RCS compatibility.

What privacy-conscious users can do:

  • Use end-to-end encrypted messengers (e.g., Signal) with contacts who opt in.
  • Remember: SMS/MMS lack end-to-end encryption and remain visible to carriers regardless of app.
  • Review Google Messages settings to limit data sharing and AI features where possible.

Quantum computers won’t make Bitcoin mining practical: BTQ study

Mohammed Fahad
-
0
Quantum computers won’t make Bitcoin mining practical: BTQ study
  • BTQ is developing resilient transaction designs and advocating adoption of NIST-standardised signature schemes and a Pay-to-Merkle-Root model to future-proof Bitcoin’s transaction authentication.

BTQ Technologies Corp. has released a research paper asserting that quantum computers are not a viable path to accelerating Bitcoin mining and that the real quantum-era threat lies in breaking Bitcoin’s digital signatures.

In “Kardashev Scale Quantum Computing for Bitcoin Mining,” author Pierre-Luc Dallaire-Demers concludes that competitive quantum mining would demand astronomical resources.

At Bitcoin’s January 2025 difficulty, a quantum fleet would require roughly 10^23 physical qubits and 10^25 watts—an energy draw approaching the output of a star.

“To push mining into non-trivial consensus effects, one must invoke astronomical quantum fleets operating at energy scales that lie far above present-day civilisation,” Dallaire-Demers said.

“The real cryptographic crisis is the signature vulnerability, and that clock is already ticking.”

Classical digital signatures

The paper challenges a common industry assumption that “quantum-accelerated mining” poses an imminent threat to Bitcoin’s consensus. Instead, it argues that real-world hardware and energy costs render the approach a dead end, shifting attention to the vulnerability of classical digital signatures to future quantum attacks.

BTQ says the findings bolster its “Bitcoin Quantum” initiative, which focuses on hardening authentication layers with post-quantum cryptography. The company is developing resilient transaction designs and advocating adoption of NIST-standardised signature schemes and a Pay-to-Merkle-Root model to future-proof Bitcoin’s transaction authentication.

“Quantum computing may reshape digital money, but not by making legacy Bitcoin mining practical,” said Christopher Tam, President and Head of Innovation at BTQ. He urged the industry to prioritise securing wallets and transaction mechanisms against quantum adversaries.

Beyond security, the research advances BTQ’s Quantum Proof of Work (QPoW), a consensus concept tailored to quantum hardware. According to BTQ, models indicate a quantum sampler could consume about 0.25 kWh over a 10-minute block interval versus roughly 390 kWh for classical equivalents—a claimed 1,560x energy advantage.

The study concludes that the future of digital money will likely emerge from quantum-native consensus systems purpose-built for next-generation machines, rather than retrofitting classical mining to quantum processors.

LinkedIn accused of covertly scanning users’ browsers for 6,000 extensions

Ana Mary Joseph
-
0
LinkedIn accused of covertly scanning users’ browsers for 6,000 extensions
  • LinkedIn’s website injects JavaScript that checks for web‑accessible resources tied to specific extensions, encrypts the findings, and sends them to LinkedIn’s servers, Fairlinked report reveals.
  • Group says the data—some of which is shared with cybersecurity partner HUMAN Security—could indirectly reveal sensitive traits such as religion, political views, health status, or job‑seeking activity, given that LinkedIn profiles are tied to real identities.
  • Fairlinked claims the scans cover more than 200 competing software products—such as Salesforce, HubSpot, Apollo, Lusha, and ZoomInfo—raising concerns about competitive intelligence gathering.

A coalition representing commercial LinkedIn users, Fairlinked e.V., alleges the professional networking giant has secretly scanned visitors’ browsers to detect more than 6,000 extensions, compiling and transmitting the results without explicit consent in what the group brands “BrowserGate,” potentially impacting up to 405 million people.

According to Fairlinked’s report, LinkedIn’s website injects JavaScript that checks for web‑accessible resources tied to specific extensions, encrypts the findings, and sends them to LinkedIn’s servers. The group says the data—some of which is shared with cybersecurity partner HUMAN Security—could indirectly reveal sensitive traits such as religion, political views, health status, or job‑seeking activity, given that LinkedIn profiles are tied to real identities.

Data harvesting

LinkedIn disputes the characterisation. In a public comment, the company said extension detection is used to identify tools that violate its terms, strengthen anti‑scraping defenses, and diagnose abnormal data harvesting that could harm site stability.

“We do not use this data to infer sensitive information about members,” a LinkedIn representative wrote, adding that a German court rejected related claims by an individual whose account had been restricted for scraping.

Privacy advocates warn the practice may trigger European Union GDPR obligations, including the need for explicit consent if special‑category data can be inferred. Fairlinked also claims the scans cover more than 200 competing software products—such as Salesforce, HubSpot, Apollo, Lusha, and ZoomInfo—raising concerns about competitive intelligence gathering.

Fairlinked says its campaign highlights one of the “largest corporate espionage and data breach scandals in digital history,” while LinkedIn maintains the measures is security‑driven and disclosed via observable network and console activity. Regulators and data protection authorities have not yet announced formal investigations.

Nasir Security claims months-long breach of Dubai International Airport

Naushad K. Cherrayil
-
0
Nasir Security claims months-long breach of Dubai International Airport
  • A post on a dark‑net site, includes a $50,000 challenge to anyone who can detect its presence in the airport’s network.
  • Group claims it will withhold data on Emirati citizens to avoid exploitation.

A hacktivist group calling itself Nasir Security, or “Nasir Resistance,” claims it infiltrated systems at Dubai International Airport for months and has begun leaking data in support of “regional resistance.”

The airport has not confirmed any breach, and the claims have not been independently verified.

Nasir’s statement, posted on a dark‑net site, includes a $50,000 challenge to anyone who can detect its presence in the airport’s network. The group, described by analysts as pro‑Iran and aligned with Hezbollah narratives, says it will time additional releases to the anniversary of a Hezbollah attack on Israel.

The data leak reportedly includes passport photos from multiple nationalities and airport security imagery such as luggage contents and scanner images; downloads appear to be limited to one image at a time. The group claims it will withhold data on Emirati citizens to avoid exploitation.

Regional context includes heightened cyber activity tied to Iran‑linked operators amid broader geopolitical tensions. Open-source threat reporting has noted pro‑Iran operations and long‑dwell intrusions during this period, though direct attribution to the Dubai incident remains unproven in public sources.

Dubai Airports and UAE authorities have not issued public statements confirming the intrusion at press time.

Iran strike damages AWS facility in Bahrain

Mohammed Fahad
-
0
Iran strike damages AWS facility in Bahrain
  • Incident aligns with threats issued by Iran’s Islamic Revolutionary Guard Corps to target major Western tech companies and named sites across the Gulf beginning April.

Bahrain’s Interior Ministry said civil defense teams extinguished a fire at a company facility on Wednesday following “Iranian aggression,” with no injuries reported. Multiple outlets, citing a person familiar, reported the facility belonged to Amazon Web Services (AWS), indicating physical damage to the company’s Bahrain operations.

The incident aligns with threats issued by Iran’s Islamic Revolutionary Guard Corps (IRGC) to target major Western tech companies and named sites across the Gulf beginning April 1, though Amazon was not listed among the IRGC’s specific company targets in posts circulating on messaging channels.

This would mark the second time AWS infrastructure in Bahrain has reportedly suffered physical effects in recent weeks, following early-March incidents that also included strikes on two AWS data centres in the United Arab Emirates. AWS previously acknowledged structural and power impacts from those events and advised customers to reroute traffic, back up data, and consider migrating workloads to other regions.

As of Wednesday, public AWS service status communications continued to reflect disruptions tied to the March incidents in Bahrain and the UAE. They did not yet show a distinct April 1 Bahrain event at publication time, and details on the weapon used in Wednesday’s strike remained unclear, according to prior reporting on regional drone activity affecting AWS services.

No casualties were reported in the Bahrain fire, and Amazon had not issued a fresh public comment on the Wednesday incident at press time.

Iran’s Islamic Revolutionary Guard Corps (IRGC) used a Telegram channel to warn that 18 major companies—spanning tech, finance, and aerospace—could face attacks across the Gulf starting April , urging employees to evacuate 29 listed facilities and advising civilians to avoid nearby areas 168.

Named firms reportedly include Google, Apple, Microsoft, Nvidia, Cisco, IBM, Palantir, JPMorgan, Tesla, Boeing, and others, signaling a shift from proxy tactics toward direct pressure on commercial infrastructure the IRGC accuses of aiding US-Israeli operations.

The threat follows early‑March strikes Iran claimed against Amazon Web Services and Microsoft facilities in the region, which Tehran framed as blows to “technological and information infrastructure,” highlighting the disruptive potential of data‑center attacks for banking, supply chains, cloud‑hosted datasets, and public alerting systems.

123...267Page 2 of 267