Source: The Register
https://www.theregister.com/2025/08/01/openai_removes_chatgpt_selfdoxing_option/
OpenAI has removed the option to make ChatGPT interactions indexable by search engines to prevent users from unwittingly exposing sensitive information.The feature rollback follows reports of ChatGPT conversations being discoverable in search results, an option recently extended to ChatGPT users.
Dane Stuckey, CISO of OpenAI, announced the change in a social media post. He described it as a short-lived experiment to help people discover useful conversations.
“Ultimately we think this feature introduced too many opportunities for folks to accidentally share things they didn’t intend to, so we’re removing the option,” he said. “We’re also working to remove indexed content from the relevant search engines. This change is rolling out to all users through tomorrow morning.”
Despite explicit warnings “not to share any sensitive content,” ChatGPT users did so anyway, undermining their own privacy. Similar to the search advertising industry, AI vendors argue that models can do more when they have access to our data and applications, at least in the context of chatbots and agents. But giving AI models access to personal info magnifies the privacy and security risks.
OpenAI’s search scrubbing effort appears to be underway but incomplete. Google Search with the
site:operator for chatgpt.com/share no longer returns a list of shared, indexed chats. Bing Search returned thousands of results. DuckDuckGo also returned many. So did Brave Search. We saw personal information in many of these results.
[…]
Tagged:
Filed: https://www.theregister.com/software/ai_ml/
Source: The Register
https://www.theregister.com/2025/08/03/silent_push_ceo_talks_cybercrime/
interview It started out small: One US financial services company wanted to stop unknown crooks from spoofing their trading app, tricking customers into giving the digital thieves their login credentials and account information, thus allowing them to drain their accounts.”Once we poked at it, we realized, it’s certainly not just them,” Silent Push CEO Ken Bagnall told The Register. “We discovered many, many more branches of crime and money laundering, and that initial thing turned into 1.4 million live hosting sites at any one time. It’s a huge crime organization.”
Silent Push, a cybersecurity takedown firm that works with international law enforcement agencies to take down cybercrime groups, first started tracking this crime organization in 2021.
It would eventually turn out to be Funnull, a Philippines-based company that provides computer infrastructure for hundreds of financial scams.
…
“Funnull is linked to the majority of virtual currency investment scam websites reported to the FBI,” the Treasury Department said at the time, adding that Funnull’s content-deliver-network-hosted websites cost US victims alone more than $200 million in losses, with an average loss of $150,000 per individual.
…
Bagnall’s company maps criminal groups as they build out their infrastructure, which allows Silent Push to then monitor all the technical connections between the IP addresses and various domains. The threat analysts collect massive amounts of data on the organizations, which law enforcement can then use to build criminal cases and disrupt their operations.
…
Tagged:
Subject: States Have More Data About You Than the Feds Do. Trump Wants to See It
Source: New York Times
https://www.bespacific.com/states-have-more-data-about-you-than-the-feds-do-trump-wants-to-see-it/
…
The Trump administration is now expanding its data push to this trove, reaching into domains long controlled by the states — and further into their residents’ lives. This week, 20 states with Democratic attorneys general, along with the District of Columbia and Gov. Andy Beshear of Kentucky, sued the U.S. Department of Agriculture over its demand for data on anyone who has applied for or received food stamps in the last five years.
Copyright © 2025 beSpacific, All rights reserved.
Source: Nextgov/FCW
https://www.nextgov.com/cybersecurity/2025/08/foreign-adversaries-are-trying-weaponize-open-source-software-report-finds/407190/
Hacking units affiliated with nation-state adversaries are subtly contributing to open-source software tools and working to insert backdoors into publicly available code used by millions worldwide, new research says.Chinese, Russian and North Korean-affiliated hackers are covertly working to insert backdoor hijacks and exploits into major publicly-available software used by countless organizations, developers and governments around the world, according to findings released Monday by Strider Technologies.
The malicious insertions into these open-source tools could allow hackers to pilfer troves of sensitive data from governments and private sector firms, according to Strider, which analyzed open-source code contributors who have direct affiliations with foreign adversaries.
This week, seven teams will compete at the DEF CON hacker conference, where the Defense Advanced Research Projects Agency will evaluate their AI-powered systems designed to autonomously identify and patch vulnerabilities in open-source code.
Tagged:
Source: Route Fifty
https://calmatters.org/politics/2025/08/california-surveillance-pricing-ban/
California lawmakers are backing a bill to ban rideshare services from using customers’ information like a cellphone’s battery life, model and geolocation data to set different prices.Should a ridehailing company such as Uber or Lyft be able to charge you more because its artificial intelligence programming thinks you’re desperate since it knows your phone is about to die?
Not if Hayward Democratic Sen. Aisha Wahab has her way. Her Senate Bill 259 would prevent retailers from using artificial intelligence to jack up prices using the information stored on customers’ phones. That could include the phone’s battery life, whether it’s an older model, what apps are installed, what time of day it is, where its user is located and where they live
“Our devices are being weaponized against us in order for large corporations to increase profits, and it has to stop,” Wahab told the Assembly Judiciary Committee last month.
…
[but] “Suggestions that our systems manipulate pricing unfairly or discriminate are simply false and not supported by evidence,” wrote Zahid Arab, a spokesperson for Uber, in an emailed statement. Shadawn Reddick-Smith, a representative for Lyft, said in an emailed statement that the company “does not base fares on battery percentage.”
Source: Nextgov/FCW
https://www.nextgov.com/cybersecurity/2025/08/new-research-shows-irans-expansive-cyber-offensive-during-12-day-war-israel/407207/
One state-backed hacking group created conflict-themed websites to lure pro-Israel visitors and siphon their data, according to SecurityScorecard. Within hours of June’s 12-day war between Iran and Israel erupting, Iranian state-backed hackers and proxy groups launched phishing campaigns, defaced websites and claimed to have leaked troves of stolen data tied to the conflict, according to new threat intelligence released Tuesday.
Telegram also served as a central hub for recruitment, propaganda and orchestration of cyberattacks, according to some 250,000 messages exchanged by 178 Iranian proxy and hacktivist groups throughout the war that were analyzed by SecurityScorecard’s STRIKE threat intelligence team.
The analysis, one of the first comprehensive overviews of the cyberwarfare aspects of the nearly two-week-long conflict, found that Iranian operations were launched in an effort to intimidate civilians, undermine Israeli morale and amplify Iran’s wartime narrative.
The responding cyber campaigns involved three distinct layers of Iranian‑linked actors. At the ground level, loosely organized hacktivists waged symbolic website defacements and claimed to have leaked data under the guise of pro-Palestinian narratives. Above them, proxies aligned with the Islamic Revolutionary Guard Corps combined ideological motives with precise targeting, and frequently conducted joint hacking operations alongside Lebanese or Afghan cyber brigades.
One of the most active players was Imperial Kitten, a group widely tied to the Islamic Revolutionary Guard Corps. The unit stood up conflict‑themed phishing domains, such as nowsupportisrael[.]com and supportisraelfunding[.]com — deliberately named in a way to imply Israeli backing. Once those domains were created, Iran’s cyber warriors deployed advanced remote access malware onto the websites to harvest data from pro-Israel visitors.
Source: 404media.co
https://www.404media.co/home-depot-and-lowes-share-data-from-hundreds-of-ai-cameras-with-cops/ [thx beSpacific]
Source: Newser [+ AI]
https://www.newser.com/story/373093/uber-gets-report-of-sexual-misconduct-every-8-minutes.html
But internally, employees have acknowledged sexual assault likely goes underreported. They also note attacks tend to follow patterns: often occurring late at night, involving intoxicated passengers, and usually perpetrated by men with low ratings or previous complaints. Uber reported it has rolled out features like GPS tracking, in-app emergency buttons, and optional audio or video recording, but it has stopped short of making many tools mandatory due to cost, legal complexity, and concerns over privacy and discrimination lawsuits. Still, the company says data from 2023 onward will show “critical sexual assaults” at their lowest level in years.
[define “critical” /pmw1]
NB: no paywall: https://www.nytimes.com/2025/08/06/business/uber-sexual-assault.html?unlocked_article_code=1.cU8.oC-q.v9cpdAO3QBPL&smid=url-share
Subject: Samsung phones can detect AI voice phishing attacks with One UI 8
Source: Android Headlines
https://www.androidheadlines.com/2025/08/samsung-phones-can-detect-ai-voice-phishing-attacks-with-one-ui-8.html
Subject: Instagram Map lets your friends, and possibly exes, track your every move
Source: Washington Post
https://www.bespacific.com/instagram-map-lets-your-friends-and-possibly-exes-track-your-every-move/
See also How to Geek – PSA: You Might Want to Turn Off Your Instagram Location Settings -“…
Abstracted from beSpacific
Copyright © 2025 beSpacific, All rights reserved.