An anonymous reader quotes a report from Ars Technica: On Monday, researcher Johann Rehberger demonstrated a new way to override prompt injection defenses Google developers have built into Gemini -- specifically, defenses that restrict the invocation of Google Workspace or other sensitive tools when processing untrusted data, such as incoming emails or shared documents. The result of Rehberger's attack is the permanent planting of long-term memories that will be present in all future sessions, opening the potential for the chatbot to act on false information or instructions in perpetuity. [...] The hack Rehberger presented on Monday combines some of these same elements to plant false memories in Gemini Advanced, a premium version of the Google chatbot available through a paid subscription. The researcher described the flow of the new attack as:

1. A user uploads and asks Gemini to summarize a document (this document could come from anywhere and has to be considered untrusted).
2. The document contains hidden instructions that manipulate the summarization process.
3. The summary that Gemini creates includes a covert request to save specific user data if the user responds with certain trigger words (e.g., "yes," "sure," or "no").
4. If the user replies with the trigger word, Gemini is tricked, and it saves the attacker's chosen information to long-term memory.

As the following video shows, Gemini took the bait and now permanently "remembers" the user being a 102-year-old flat earther who believes they inhabit the dystopic simulated world portrayed in The Matrix. Based on lessons learned previously, developers had already trained Gemini to resist indirect prompts instructing it to make changes to an account's long-term memories without explicit directions from the user. By introducing a condition to the instruction that it be performed only after the user says or does some variable X, which they were likely to take anyway, Rehberger easily cleared that safety barrier. Google responded in a statement to Ars: "In this instance, the probability was low because it relied on phishing or otherwise tricking the user into summarizing a malicious document and then invoking the material injected by the attacker. The impact was low because the Gemini memory functionality has limited impact on a user session. As this was not a scalable, specific vector of abuse, we ended up at Low/Low. As always, we appreciate the researcher reaching out to us and reporting this issue."

Rehberger noted that Gemini notifies users of new long-term memory entries, allowing them to detect and remove unauthorized additions. Though, he still questioned Google's assessment, writing: "Memory corruption in computers is pretty bad, and I think the same applies here to LLMs apps. Like the AI might not show a user certain info or not talk about certain things or feed the user misinformation, etc. The good thing is that the memory updates don't happen entirely silently -- the user at least sees a message about it (although many might ignore)."

The US, UK, and Australia (AUKUS) have sanctioned Russian bulletproof hosting provider Zservers, accusing it of supporting LockBit ransomware operations by providing secure infrastructure for cybercriminals. The sanctions target Zservers, its UK front company XHOST Internet Solutions, and six individuals linked to its operations. The Register reports: Headquartered in Barnaul, Russia, Zservers provided BPH services to a number of LockBit affiliates, the three nations said today. On numerous occasions, affiliates purchased servers from the company to support ransomware attacks. The trio said the link between Zservers and LockBit was established as early as 2022, when Canadian law enforcement searched a known LockBit affiliate and found evidence they had purchased infrastructure tooling almost certainly used to host chatrooms with ransomware victims.

"Ransomware actors and other cybercriminals rely on third-party network service providers like Zservers to enable their attacks on US and international critical infrastructure," said Bradley T Smith, acting under secretary of the Treasury for terrorism and financial intelligence. "Today's trilateral action with Australia and the United Kingdom underscores our collective resolve to disrupt all aspects of this criminal ecosystem, wherever located, to protect our national security." The UK's Foreign, Commonwealth & Development Office (FCDO) said additionally that the UK front company for Zservers, XHOST Internet Solutions, was also included in its sanctions list. According to Companies House, the UK arm was incorporated on January 31, 2022, although the original service was established in 2011 and operated in both Russia and the Netherlands. Anyone found to have business dealings with either entity can face criminal and civil charges under the Sanctions and Anti-Money Laundering Act 2018.

The UK led the way with sanctions, placing six individuals and the two entities on its list, while the US only placed two of the individuals -- both alleged Zservers admins -- on its equivalent. Alexander Igorevich Mishin and Aleksandr Sergeyevich Bolshakov, both 30 years old, were named by the US as the operation's heads. Mishin was said to have marketed Zservers to LockBit and other ransomware groups, managing the associated cryptocurrency transactions. Both he and Bolshakov responded to a complaint from a Lebanese company in 2023 and shut down an IP address used in a LockBit attack. The US said, however, it was possible that the pair set up a replacement IP address that LockBit could carry on using, while telling the Lebanese company that they complied with its request. The UK further sanctioned Ilya Vladimirovich Sidorov, Dmitry Konstantinovich Bolshakov (no mention of whether he is any relation to Aleksandr), Igor Vladimirovich Odintsov, and Vladimir Vladimirovich Ananev. Other than that they were Zservers employees and thus were directly or indirectly involved in attempting to inflict economic loss to the country, not much was said about either of their roles.

Google's Chrome browser might soon get a useful security upgrade: detecting passwords used in data breaches and then generating and storing a better replacement. From a report: Google's preliminary copy suggests it's an "AI innovation," though exactly how is unclear.

Noted software digger Leopeva64 on X found a new offering in the AI settings of a very early build of Chrome. The option, "Automated password Change" (so, early stages -- as to not yet get a copyedit), is described as, "When Chrome finds one of your passwords in a data breach, it can offer to change your password for you when you sign in."

Chrome already has a feature that warns users if the passwords they enter have been identified in a breach and will prompt them to change it. As noted by Windows Report, the change is that now Google will offer to change it for you on the spot rather than simply prompting you to handle that elsewhere. The password is automatically saved in Google's Password Manager and "is encrypted and never seen by anyone," the settings page claims.

Leading cybersecurity researchers at DEF CON, the world's largest hacker conference, have warned that current methods for securing AI systems are fundamentally flawed and require a complete rethink, according to the conference's inaugural "Hackers' Almanack" report [PDF].

The report, produced with the University of Chicago's Cyber Policy Initiative, challenges the effectiveness of "red teaming" -- where security experts probe AI systems for vulnerabilities -- saying this approach alone cannot adequately protect against emerging threats. "Public red teaming an AI model is not possible because documentation for what these models are supposed to even do is fragmented and the evaluations we include in the documentation are inadequate," said Sven Cattell, who leads DEF CON's AI Village.

Nearly 500 participants tested AI models at the conference, with even newcomers successfully finding vulnerabilities. The researchers called for adopting frameworks similar to the Common Vulnerabilities and Exposures (CVE) system used in traditional cybersecurity since 1999. This would create standardized ways to document and address AI vulnerabilities, rather than relying on occasional security audits.

According to consultancy firm Janco, the U.S. Bureau of Labor Statistics reclassified several job titles, "leading to a downward adjustment of over 111,000 positions for November and December 2024," The Register reports. This revision contributed to an overall decline of 123,000 IT jobs for the year. However, in reality, IT sector hiring is on the rise, with 11,000 new positions added in January. From the report: "Many CEOs have given CFOs and CIOs the green light to hire IT Pros," Janco CEO Victor Janulaitis said of the first month of 2025. "IT Pros who were unemployed last month found jobs more quickly than was anticipated as CIOs rushed to fill open positions." There's still a 5.7 percent unemployment rate in the IT sector in January, Janco noted, which is greater than the national average of 4 percent - and which could rise further as Elon Musk's Department of Government Efficiency (DOGE) pushes ahead with federal workforce reductions aimed at streamlining operations.

"Over the past several quarters much of the overall job growth was in the government sectors of the economy," Janulaitis said. "With the new administration that will in all probability not be the case in the future. "The impact of the DOGE initiatives has not been felt as of yet," Janulaitis added. "Economic uncertainty continues to hurt overall IT hiring." Despite this, Janco reported an addition of 11,000 new IT roles in January. Unfortunately, there's also been a surge in IT unemployment over the same period, with the number of jobless IT pros rising to 152,000 in January - an increase of 54,000 in a single month. [...]

Closing out the report, Janco offered a mixed outlook: While IT jobs are expected to grow over the next few years, many white-collar roles could be eliminated. "Over the next five years, the number of individuals employed as IT professionals will increase while many white-collar jobs in the function will be eliminated with the application of AI and LLM to IT," Janco predicted.

Apple has released emergency security updates for iOS 18.3.1 and iPadOS 18.3.1 to patch a zero-day vulnerability (CVE-2025-24200) that was exploited in "extremely sophisticated," targeted attacks. The flaw, which allowed a physical attack to disable USB Restricted Mode on locked devices, was discovered by Citizen Lab and may have been used in spyware campaigns; users are strongly advised to install the update immediately. BleepingComputer reports: USB Restricted Mode is a security feature (introduced almost seven years ago in iOS 11.4.1) that blocks USB accessories from creating a data connection if the device has been locked for over an hour. This feature is designed to block forensic software like Graykey and Cellebrite (commonly used by law enforcement) from extracting data from locked iOS devices.

In November, Apple introduced another security feature (dubbed "inactivity reboot") that automatically restarts iPhones after long idle times to re-encrypt data and make it harder to extract by forensic software. The zero-day vulnerability (tracked as CVE-2025-24200 and reported by Citizen Lab's Bill Marczak) patched today by Apple is an authorization issue addressed in iOS 18.3.1 and iPadOS 18.3.1 with improved state management.

The list of devices this zero-day impacts includes: - iPhone XS and later,
- iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later

An anonymous reader shared this report from Fortune: More than 14 million job seekers' applications went completely ignored in a single quarter last year, according to one hiring platform. Now, sites like Greenhouse and LinkedIn are experimenting with new ways to hold companies accountable for making the hiring process so miserable for applicants. Three of the biggest job search sites — LinkedIn, Indeed and Greenhouse — have put tools in place to highlight which companies frequently respond to applicants in a timely manner... According to Greenhouse, half of applicants say they've been ghosted after an interview.

Meanwhile, new artificial intelligence tools have made it easier for candidates to play a numbers game, generating tailored resumes for hundreds of roles. But that's led to an increasingly overwhelming flood of applications for companies, making it nearly impossible to process the deluge and respond to every hopeful in a timely manner — let alone find their perfect match... [LinkedIn is] refining its "job match" feature that uses AI to see how well qualified a candidate is for a given listing. The feature is designed to help cut down on the flood of applications companies are receiving by nudging users to focus their efforts on jobs where they actually have a good shot at hearing back. That, in theory, should make the hiring process more efficient for both parties...

Indeed chose to focus on encouraging employer responsiveness after the issue showed up as the biggest pain point for job seekers in a recent survey. While the platform has issued "responsive employer" badges since 2018 to recognize companies that consistently reply to more than half of all messages, it started releasing even more detail in 2023, including labels that share the employer's median response time with candidates... Greenhouse, meanwhile, is testing a set of four badges that would verify an employer meets the platform's respectful, communicative, prepared and fair hiring process standards for a given job posting... For "communicative," they're expected to clear out active candidates on closed jobs and send out rejection emails.
LinkedIn is also adding "responsiveness insights," according to the article, which "show applicants which listings are being actively reviewed by employers.

"It's testing the insights on a small number of job postings before rolling them out sitewide in the coming months."

Slashdot reader headlessbrick writes: Google security researchers have discovered a way to bypass AMD's security, enabling them to load unofficial microcode into its processors and modify the silicon's behaviour at will. To demonstrate this, they created a microcode patch that forces the chips to always return 4 when asked for a random number.

Beyond simply allowing Google and others to customize AMD chips for both beneficial and potentially malicious purposes, this capability also undermines AMD's secure encrypted virtualization and root-of-trust security mechanisms.
Obligatory XKCD.

The unemployment rate in America's information technology sector "rose from 3.9% in December to 5.7% in January," reports the Wall Street Journal. (Alternate URL here.) Meanwhile last month's overall jobless rate was just 4%, they point out, calling it "the latest sign of how automation and the increasing use of artificial intelligence are having a negative impact on the tech labor market."

Companies began implementing their annual spending cuts in January, and there were layoffs at large tech companies like Meta. But whatever the reason, "The number of unemployed IT workers rose from 98,000 in December to 152,000 last month, according to a report from consulting firm Janco Associates based on data from the U.S. Department of Labor," while the Labor Department said the overall economy added 143,000 jobs.

One management consulting firm offers this explanation: Job losses in tech can be attributed in part to the influence of AI, according to Victor Janulaitis, chief executive of Janco Associates. The emergence of generative AI has produced massive amounts of spending by tech giants on AI infrastructure, but not necessarily new jobs in IT. "Jobs are being eliminated within the IT function which are routine and mundane, such as reporting, clerical administration," Janulaitis said. "As they start looking at AI, they're also looking at reducing the number of programmers, systems designers, hoping that AI is going to be able to provide them some value and have a good rate of return."

Increased corporate investment in AI has shown early signs of leading to future cuts in hiring, a concept some tech leaders are starting to call "cost avoidance." Rather than hiring new workers for tasks that can be more easily automated, some businesses are letting AI take on that work — and reaping potential savings. The latest IT jobs numbers come as unemployment among white-collar workers remains at its highest levels since 2020, according to Cory Stahle, an economist at hiring website Indeed. "What we've really seen, especially in the last year or so, is a bifurcation in opportunities, where white-collar knowledge worker type jobs have had far less employer demand than jobs that are more in-person, skilled labor jobs," Stahle said.
Stahle notes that job postings at Indeed.com for software developers declined 8.5% in January from a year earlier...

Friday on a Washington Post podcast, their columnists discussed the hybrid/remote work trend, asking why it "seems to be reversing". Molly Roberts: Why have some companies decided finally that having offices full of employees is better for them?

Heather Long: It's a loaded question, but I would say, unfortunately, 2025 is the year of operational efficiency, and that's corporate speak for save money at all costs. How do you save money? The easiest way is to get people to quit. What are these return to office mandates, particularly the five day a week in office mandates? We have a lot of data on this now, and it shows people will quit and you don't even have to pay them severance to do it.

Molly Roberts: It's not about productivity for the people who are in the office, then, you think. It's more about just cutting down on the size of the workforce generally.

Heather Long: I do think so. There has been a decent amount of research so far on fully remote, hybrid and fully in office. It's a mixed bag for fully remote. That's why I think if you look at the Fortune 500, only about 16 companies are fully remote, but a lot of them are hybrid. The reason that so much companies are hybrid is because that's the sweet spot. There is no productivity difference between the hybrid schedule and fully in the office five days a week. But what you do see a big difference is employee satisfaction and happiness and employee retention....

I think if what we're talking about is places that have been able to do work from home successfully for the past several years, why are they suddenly in 2025, saying the whole world has changed and we need to come back to the office five days a week? You should definitely be skeptical.
"Who are the first people to leave in these scenarios? It's star employees who know they can get a job elsewhere," Long says (adding later that "There's also quantifiable data that show that, particularly parents, the childcare issues are real.") Long also points out that most of Nvidia's workforce is fully remote — and that housing prices have spiked in some areas where employers are now demanding people return to the office.

But employers also know hiring rates are now low, argues Long, so they're pushing their advantage — possibly out of some misplaced nostalgia. "[T]here's a huge, huge perception difference between what managers, particularly senior leaders in an organization, how effective they think [people were] in offices versus what the rank and file people think. Rank and file people tend to prefer hybrid because they don't want their time wasted."

Their discussion also notes a recent Harvard Business School survey that found that 40% of people would trade 5% or more of their salaries to work from home....

An anonymous reader shares a report: Users are now receiving notifications regarding their Microsoft 365 subscriptions and must take action if they wish to avoid Copilot and its extra charges.

The email from Microsoft warns that the cost of a 365 Personal Subscription will jump, however, there is no need to worry -- Microsoft knows what's best and will increase your payment in return for all those AI-powered Copilot services it knows you want.

We noted the upcoming increases last month and how users could turn off the generative AI assistant. At the time, Microsoft said users would be able to switch to plans without Copilot. However, unless a user takes action, the price they pay for their "Current Subscription" will increase, and AI-powered delights will be added to their plan.

An anonymous reader shares a report: India's central bank is introducing an exclusive ".bank.in" domain for banks from April 2025 as part of efforts to combat rising digital payment frauds and bolster trust in online banking services.

[...] The central bank plans to roll out a separate 'fin.in' domain for non-bank financial institutions. "Increased instances of fraud in digital payments are a significant concern," said RBI Governor Sanjay Malhotra, adding that the new domain system aims to reduce cyber security threats and malicious activities like phishing.

U.S. employers are deploying increasingly aggressive phishing tests to combat cyber threats, sparking backlash from workers who say the simulated scams create unnecessary panic and distrust in the workplace. At the University of California, Santa Cruz, a test email about a fake Ebola outbreak sent staff scrambling before learning it was a security drill. At Lehigh Valley Health Network, employees who fall for phishing tests lose external email access, with termination possible after three failures.

Despite widespread use, recent studies question these tests' effectiveness. Research from ETH Zurich found that phishing tests combined with voluntary training actually made employees more vulnerable, while a University of California, San Diego study showed only a 2% reduction [PDF] in phishing success rates. "These are just an ineffective and inefficient way to educate users," said Grant Ho, who co-authored the UCSD study.

A survey of 2,130 Americans has revealed widespread vulnerability to cyber attacks through unsupported smart devices, with 43% unaware their devices might lose software support. The security threat was underscored in December 2023 when U.S. authorities disrupted a Chinese state-sponsored botnet targeting home routers and cameras that had stopped receiving security updates. Cloudflare separately reported a record-breaking DDoS attack in late 2023, primarily originating from compromised smart TVs and set-top boxes.

The survey, conduced by Consumer Reports, found that only 39% of consumers learned about lost software support from manufacturers, with most discovering issues when devices stopped working (40%) or through media reports (15%). Most consumers expect their smart devices to retain functionality after losing software support, particularly for large appliances (70%). However, Consumer Reports' research found only 14% of 21 smart appliance brands specify support timeframes, while an FTC study of 184 devices showed just 11% disclose support duration.

The UK government has ordered Apple to create a backdoor allowing access to encrypted cloud backups of users worldwide, Washington Post reported Friday, citing multiple sources familiar with the matter. The unprecedented demand, issued last month through a technical capability notice under the UK Investigatory Powers Act, requires Apple to provide blanket access to fully encrypted material rather than assistance with specific accounts.

Apple is likely to discontinue its encrypted storage service in the UK rather than compromise user security globally, the report said. The company would still face pressure to provide backdoor access for users in other countries, including the United States. The order was issued under Britain's 2016 Investigatory Powers Act, which makes it illegal to disclose such government demands, according to the report. While Apple can appeal to a secret technical panel and judge, the law requires compliance during any appeal process. The company told Parliament in March that the UK government should not have authority to decide whether global users can access end-to-end encryption.

An anonymous reader quotes a report from CyberScoop: Ransomware payments saw a dramatic 35% drop last year compared to 2023, even as the overall frequency of ransomware attacks increased, according to a new report released by blockchain analysis firm Chainalysis. The considerable decline in extortion payments is somewhat surprising, given that other cybersecurity firms have claimed that 2024 saw the most ransomware activity to date. Chainalysis itself warned in its mid-year report that 2024's activity was on pace to reach new heights, but attacks in the second half of the year tailed off. The total amount in payments that Chainalysis tracked in 2024 was $812.55 million, down from 2023's mark of $1.25 billion.

The disruption of major ransomware groups, such as LockBit and ALPHV/BlackCat, were key to the reduction in ransomware payments. Operations spearheaded by agencies like the United Kingdom's National Crime Agency (NCA) and the Federal Bureau of Investigation (FBI) caused significant declines in LockBit activity, while ALPHV/BlackCat essentially rug-pulled its affiliates and disappeared after its attack on Change Healthcare. [...] Additionally, [Chainalysis] says more organizations have become stronger against attacks, with many choosing not to pay a ransom and instead using better cybersecurity practices and backups to recover from these incidents. [...] Chainalysis also says ransomware operators are letting funds sit in wallets, refraining from moving any money out of fear they are being watched by law enforcement.

You can read the full report here.

An anonymous reader shares a report: The keyboard company Qwertykeys has temporarily halted all shipments to the United States in response to President Trump's tariffs on Chinese goods going into effect. The company says it's working on ways to mitigate shipping costs and that the tariffs have made it so that "all keyboards from China to the U.S. are now subject to 45% tariffs at full value."

"We are closely watching the progress of the situation and really hope that there is something else we can do other than bumping the price up," the company wrote in a comment on Reddit. Qwertykeys says that its delivery partner, DHL, "now requires prepayment of 50% of the declared product value as a tariff deposit, plus a $21 processing fee per package." That would drastically raise prices for customers in the US, something Qwertykeys says is "unsustainable for both our business and customers."

Kaspersky researchers have discovered malware hiding in both Google Play and Apple's App Store that uses optical character recognition to steal cryptocurrency wallet recovery phrases from users' photo galleries. Dubbed "SparkCat" by security firm ESET, the malware was embedded in several messaging and food delivery apps, with the infected Google Play apps accumulating over 242,000 downloads combined.

This marks the first known instance of such OCR-based spyware making it into Apple's App Store. The malware, active since March 2024, masquerades as an analytics SDK called "Spark" and leverages Google's ML Kit library to scan users' photos for wallet recovery phrases in multiple languages. It requests gallery access under the guise of allowing users to attach images to support chat messages. When granted access, it searches for specific keywords related to crypto wallets and uploads matching images to attacker-controlled servers.

The researchers found both Android and iOS variants using similar techniques, with the iOS version being particularly notable as it circumvented Apple's typically stringent app review process. The malware's creators appear to be Chinese-speaking actors based on code comments and server error messages, though definitive attribution remains unclear.

Microsoft will charge commercial customers $61 per device in the first year to continue receiving Windows 10 security updates after support ends, The Register wrote in a PSA note Wednesday, citing text, with costs doubling each subsequent year for up to three years.

Organizations can't skip initial years to save money, as the updates are cumulative. Some users may avoid fees if they connect Windows 10 endpoints to Windows 365 Cloud PCs. The program also covers Windows 10 virtual machines running on Windows 365 or Azure Virtual Desktop for three years with an active Windows 365 subscription.

A developer has successfully run the classic video game Doom on Apple's $50 Lightning to HDMI adapter, exploiting the device's built-in system-on-chip that runs a simplified iOS version.