It turns out that one of the most common ways to check security on the Internet is just child’s play for ChatGPT Agent. The irony is that the test requires you to prove that you «not a bot», which the OpenAI bot managed to do…
Category: security – Page 5
Flaw in Gemini CLI AI coding assistant allowed stealthy code execution
A vulnerability in Google’s Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers’ computers using allowlisted programs.
The flaw was discovered and reported to Google by the security firm Tracebit on June 27, with the tech giant releasing a fix in version 0.1.14, which became available on July 25.
Gemini CLI, first released on June 25, 2025, is a command-line interface tool developed by Google that enables developers to interact directly with Google’s Gemini AI from the terminal.
Microsoft: macOS Sploitlight flaw leaks Apple Intelligence data
Attackers could use a recently patched macOS vulnerability to bypass Transparency, Consent, and Control (TCC) security checks and steal sensitive user information, including Apple Intelligence cached data.
TCC is a security technology and a privacy framework that blocks apps from accessing private user data by providing macOS control over how their data is accessed and used by applications across Apple devices.
Apple has fixed the security flaw tracked as CVE-2025–31199 (reported by Microsoft’s Jonathan Bar Or, Alexia Wilson, and Christine Fossaceca) in patches released in March for macOS Sequoia 15.4 with “improved data redaction.”
Pushing the limits of chip design
Khalifa University is building the foundation for a smarter, more secure and more connected world, one silicon chip at a time.
In the rapidly evolving world of artificial intelligence and smart devices, the System-on-Chip Lab (SoCL) at Khalifa University is emerging as a regional hub of innovation. Led by Baker Mohammad, a professor of Computer and Information Engineering and a veteran with 15 years of experience at tech giants Intel and Qualcomm, the lab is uniquely positioned to bridge the gap between fundamental research and market-ready solutions.
“We’re the only facility in the region with comprehensive expertise across the full electronics design stack, from devices to circuits to systems,” Mohammad explains. This distinctive capability allows the lab to address critical challenges in energy-efficient, high-performance edge devices for data-intensive AI applications, while also integrating hardware security to protect sensitive user data.
Hackers breach Toptal GitHub account, publish malicious npm packages
Hackers compromised Toptal’s GitHub organization account and used their access to publish ten malicious packages on the Node Package Manager (NPM) index.
The packages included data-stealing code that collected GitHub authentication tokens and then wiped the victims’ systems.
Toptal is a freelance talent marketplace that connects companies with software developers, designers, and finance experts. The company also maintains internal developer tools and design systems, most notably Picasso, which they make available through GitHub and NPM.
OpenAI CEO Sam Altman warns of an AI ‘fraud crisis’
OpenAI CEO Sam Altman says the world may be on the precipice of a “fraud crisis” because of how artificial intelligence could enable bad actors to impersonate other people.
“A thing that terrifies me is apparently there are still some financial institutions that will accept a voice print as authentication for you to move a lot of money or do something else — you say a challenge phrase, and they just do it,” Altman said. “That is a crazy thing to still be doing… AI has fully defeated most of the ways that people authenticate currently, other than passwords.”
The comments were part of his wide-ranging interview about the economic and societal impacts of AI at the Federal Reserve on Tuesday. He also told the audience, which included, representatives of large US financial institutions, about the role he expects AI to play in the economy.
