Subject: AI is moving fast — and breaking things
Source: Business Insider
https://www.businessinsider.com/ai-challenges-companies-fast-paced-innovation-strategy-2026-3
- An error involving an AI tool was a primary driver of an outage at Amazon, highlighting risks in rapid tech adoption.
- The tech giant isn’t the only company to experience issues involving AI agents or AI-generated code.
- Organizations are adding guardrails and conducting audits to balance AI experimentation and risk.
“You have to know your own risk tolerance,” said Matt Rosenbaum, a principal researcher at The Conference Board, a nonprofit provider of data and insights for business leaders. “You also have to know what to do if things go wrong and what to change so it doesn’t happen again.”
Roughly two-thirds of workers have accepted AI-generated output without carefully checking it, and 72% have put less effort into their tasks because of AI, according to a global study by KPMG and the University of Melbourne. The findings are based on a survey of more than 30,000 workers between November 2024 and January 2025.
Source: Gizmodo
https://gizmodo.com/googles-smart-glasses-can-create-fake-photos-on-the-fly-2000733254
As big tech companies ready their excursion into smart glasses, a similar playbook is cementing, and that playbook is looking a lot like the one already set out by Meta and its Ray-Ban-branded AI glasses. Hardware from companies like Google, and potentially Samsung and Apple, seems to center around a few main key components. You’ve got cameras, some kind of AI/computer vision, speakers, a voice assistant, navigation, maybe a screen, and, of course, a streamlined way to use generative AI for faking real photos—wait, what?
By linking the smart glasses to Google’s image generator, Nano Banana, Bohn shows how you can instruct them to doctor up an image on the fly. In the video demo, Bohn asks Gemini to take a picture of people in the room using the smart glasses, but then superimpose them over the “really cool church in Barcelona that I forget the name of.” Based on the demo, it seems to do exactly that, taking people in the room and using AI to essentially Photoshop them in, so it looks as though they’re standing in front of the Sagrada Familia in Barcelona.
,,,
Explore more on these topics:
Source: TechRepublic
https://www.techrepublic.com/article/news-microsoft-authenticator-vulnerability-android-ios-login-codes/
A newly discovered vulnerability in Microsoft Authenticator could expose sensitive login codes to malicious apps on the same device, raising concerns about the security of one of the most widely used multi-factor authentication tools.
A vulnerability tracked as CVE-2026-26123 affects the Microsoft Authenticator app on both Android and iOS devices. According to security reports, the flaw could allow a malicious application installed on the same phone to intercept authentication information such as one-time login codes or special sign-in links.
…
Security researchers say the vulnerability centers on deep links, which are specially designed links that open a specific function within a mobile app and are often used to complete sign-in actions.
How the attack could happen – Experts say the flaw cannot be exploited remotely. Instead, a victim would first need to install a malicious application on their device and then accidentally select that app to handle an authentication deep link.
If that occurs, the malicious software could receive the login code or sign-in data intended for Microsoft Authenticator. An attacker could then potentially use that information to access services protected by the app.
Patch already available – Security researchers say the vulnerability has already been fixed in recent versions of the app. Users are therefore encouraged to install the latest update as soon as possible.
On iOS devices, users can update apps through the Apple App Store, while Android users can install updates via the Google Play Store.
Additional security changes coming – Separately, Microsoft is preparing another security upgrade for enterprise users. The company plans to restrict the use of Microsoft Authenticator on phones that have been jailbroken or rooted, which removes built-in operating system protections.
The move will roll out gradually for organizations using Microsoft Entra identity services. According to reports, the update will first warn users running modified devices, then block authentication features and remove stored account data if the device remains compromised.
…
Filed: https://www.techrepublic.com/topic/security/
Source: Business Insider
https://www.businessinsider.com/robot-dogs-quadruped-data-center-security-boston-dynamics-ghost-robotics-2026-3
- AI is driving a historic buildout of massive data centers spanning dozens of acres.
- Boston Dynamics and Ghost Robotics see an opportunity to provide mobile security with robot dogs.
- Boston Dynamics said customers can see a payoff within 2 years.
As companies pour billions into sprawling industrial campuses for cloud and AI computing, some data center operators are experimenting with four-legged bots — about the size of large dogs — that can patrol fences, inspect equipment, and flag any issues before they turn into costly outages.
“I was literally at a data center this week,” Merry Frayne, senior director of product management at Boston Dynamics, the maker of Spot, told Business Insider. “We’ve seen a huge, huge uptick in interest from data centers in the last year, I’d say, which is probably not surprising given the investment in that space.”
Robot dogs have already been deployed by first responders, the military, and in other industrial sectors such as oil and mining. But the rapid pace of data center buildouts is creating another niche for the mechanical quadrupeds.
At Boston Dynamics, customers typically look for a robot that can do more than perimeter patrol, Frayne said. Data center customers, in particular, look for industrial inspection, site mapping, and construction monitoring, in addition to security. This could mean using Spot to operate inside data centers to detect thermal anomalies, leaks, puddles, unusual sounds, or security issues such as doors propped open, she said.
He said the Vision 60 has a one-time MSRP starting at $165,000, depending on the configuration. “We know that the cost for a human guard is around $150,000,” Subhan said. “So we look at that ROI — instead of having two guards at $300,000, you can have one guard and a robot. And the robot obviously doesn’t get sick or go on vacation and things like that.”
Subject: UPMC notifies patients of possible medical record access
Source: WTAE
https://www.wtae.com/article/upmc-patient-records-health-gorilla/70772069
Some UPMC patients may have had their medical records improperly accessed, according to officials with UPMC.UPMC said it was notified by its electronic health vendor that some patient records may have been accessed through a national network used to exchange medical information.The health network said Health Gorilla requested access to patient information. UPMC said Health Gorilla wanted the data in order to help treat patients who were also connected to UPMC, claiming they had permission to do so.
David Hickton, director of Pitt’s Institute of Cyber Law, Policy and Security, said, “I would urge caution and patience.”Hickton, who has previously been a victim of identity theft, shared his experience, saying, “I have been a victim of this in the past. When I was on the Kennedy Center board years ago, as you get notice, you’re told what the extent of the disclosure is some provision is usually made to give you a credit monitoring service. And, you know, ultimately, if there’s more of a breach than we know at this point, there’ll be other steps that can be taken.”
Source: Android Headlines
https://www.androidheadlines.com/2026/03/dod-anthropic-national-security-risk-designation.html
The Trump administration has officially turned down Anthropic’s lawsuit, saying that blacklisting the AI company was a necessary step for national security, not a violation of free speech. The DOD cliaims that Anthropic’s ethical “red lines” make it too risky for the AI to be changed or turned off during military operations. A California court will soon decide if the “security risk” designation was a lawful protective measure or a retaliatory punishment.The Department of Defense (DOD) is doubling down on its decision to blacklist the AI firm Anthropic. In a 40-page court filing, the government has rejected Anthropic’s lawsuit claims of constitutional overreach, asserting that the company’s refusal to modify its AI “guardrails” constitutes a direct threat to the U.S. national security supply chain.
The Pentagon reaffirms Anthropic blacklist as security risk – At the heart of Anthropic’s lawsuit is the claim that the Pentagon is punishing the company for its ethical stance—an act they argue violates the First Amendment. However, the administration states that this is not a matter of “protected speech.” According to Reuters, the government argues that Anthropic’s refusal to allow “all lawful use” of its technology is a form of conduct, not expression.
…
Related Topics
Source: Android Headlines
https://www.androidheadlines.com/2026/03/android-16-vpn-bug-doesnt-have-a-fix-even-after-months.html
VPN service providers report that Android 16 has a weird bug that breaks VPN connections in the background without any warning to users. The bug reportedly persists even after months of initial reports. Google hasn’t explicitly said whether a fix is coming at the moment.It seems a long-standing bug in Android 16 is causing VPN apps to crash. Multiple VPN providers are reportedly waiting on Google to fix this for over half a year. Proton VPN, in a post on X, called out Google, saying that it knows about the bug that breaks VPN apps for seven months, but still hasn’t addressed it. The popular VPN app says that it first reported the bug in September 2025, but others like Mullvad VPN and WireGuard already reported it a month earlier.
Android 16 bug reportedly breaks VPN connection without any warning – The bug reportedly causes VPN services to stop functioning in the background, without any warnings. It usually happens when users receive updates to the VPN app via the Google Play Store when it’s active on the device. That said, the problem isn’t reportedly affecting all devices, so some users are apparently spared.
In a series of posts on X, Proton says that the bug corrupts Android’s network stack at the system level after a VPN update. It notes that this is leading to users blaming their VPN providers. The company says that restarting the app won’t fix the issue, but a full-device reboot or reinstalling the app does. But not all users would figure these out or would want to every time.
…
Related Topics
Source: Krebs on Security
https://krebsonsecurity.com/2026/03/feds-disrupt-iot-botnets-behind-huge-ddos-attacks/
The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets — named Aisuru, Kimwolf, JackSkid and Mossad — are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline.The Justice Department said the Department of Defense Office of Inspector General’s (DoDIG) Defense Criminal Investigative Service (DCIS) executed seizure warrants targeting multiple U.S.-registered domains, virtual servers, and other infrastructure involved in DDoS attacks against Internet addresses owned by the DoD.The government alleges the unnamed people in control of the four botnets used their crime machines to launch hundreds of thousands of DDoS attacks, often demanding extortion payments from victims. Some victims reported tens of thousands of dollars in losses and remediation expenses.
[…]
Subject: This Identity Firm Couldn’t Protect Its Own Customer Records
Source: Android Headlines
https://www.androidheadlines.com/2026/03/aura-identity-protection-company-data-breach.html
Aura, a company that sells identity theft protection, has confirmed a data breach that exposed roughly 900,000 customer records containing names and email addresses. The breach was carried out via a phone phishing attack by ShinyHunters, the same group behind high-profile hacks at AT&T and Salesforce.
Aura data breach exposes customer records – Aura has confirmed a data breach that resulted in customer records being exposed. To be more specific, about 900,000 records were revealed containing names and email addresses.
In a press release on its website, the firm says, “Aura is aware of an incident where one of our employees was the victim of a targeted phone phishing attack. We identified that an unauthorized third party gained access to that employee’s account for approximately one hour. Upon discovery, Aura immediately terminated access to the account and activated its incident response plan, engaged external cybersecurity and legal experts, and notified law enforcement.”
…
The company also says that the breach did not leak any sensitive information. “As our investigation into this security incident has progressed, we can confirm that no database supporting the Aura identity theft protection application was accessed in any way. No sensitive information provided by customers to Aura for monitoring purposes—such as Social Security numbers, financial information, credit records, or passwords—was compromised.”