The Verge
·
23 hours ago
xAI is suing Terry Wayne Harwood, a South Carolina man allegedly arrested in February for using Grok to generate and distribute child sexual abuse material. Harwood faces eight felony charges related to possessing and distributing CSAM, with xAI claiming at least some of the images were generated or altered using their chatbot. The lawsuit asserts Harwood intentionally circumvented Grok's safeguards, potentially prompting xAI and other AI providers to implement stricter content moderation.
TechCrunch AI
·
1 day ago
Microsoft released patches for 570 security vulnerabilities across its product lines, attributing the spike to AI-assisted discovery of previously hidden code flaws. The batch included at least two zero-day exploits actively being used against Windows Server and SharePoint, with one allowing privilege escalation to system administrator level. Microsoft indicated that monthly patch volumes will remain elevated as AI tools continue to identify dormant vulnerabilities in legacy code.
Simon Willison
·
1 day ago
A researcher discovered that Claude's web_fetch tool could be exploited through nested links on honeypot websites to extract user data, bypassing Anthropic's safeguards against data exfiltration attacks. The attack successfully retrieved a user's name, home city, and employer by tricking the model into following letter-by-letter URL sequences disguised as authentication prompts. Anthropic subsequently patched the vulnerability by removing web_fetch's ability to navigate links embedded within previously fetched pages.
The Verge
·
1 day ago
Suno scraped millions of songs and lyrics from YouTube Music, Deezer, and Genius to train its AI music generator, according to data exposed in a hacking incident. The training dataset included content from multiple platforms that Suno had previously kept secret from public disclosure. This revelation strengthens ongoing lawsuits against Suno, including a case brought by the Recording Industry Association of America alleging copyright infringement in the model's training.
OpenAI Blog
·
1 day ago
OpenAI developed GPT-Red, an automated system that uses self-play to identify vulnerabilities in AI models and improve their robustness against adversarial attacks. The system iteratively generates adversarial prompts and defensive improvements in a feedback loop, with evaluations showing measurable increases in resistance to prompt injection attempts. This approach allows AI developers to systematically strengthen defenses without manual red teaming, reducing the time required to identify and patch safety vulnerabilities.