anthropic.com
Since our Series G in February, adoption has continued to grow across global enterprise customers, and our run-rate revenue crossed $47 billion earlier this month.
techpolicy.press
Much of the current guidance on digital legacies urges individuals to take control of their digital lives before they die. Tech companies offer various features to provide users with a sense of posthumous agency, such as Google’s Inactive Account Manager, Apple’s Digital Legacy Program, and Meta’s Legacy Contact and Memorialization settings. While these tools are marketed as a means of establishing posthumous control, they are little more than a façade of agency that ends where the corporate fine print begins. Ultimately, any authority we exercise remains subordinate to corporate terms of service, which are perpetually rewritten at the platform’s discretion and largely without oversight.
What makes Meta’s patent such an effective warning sign is that it imagines a future where posthumous agency isn’t primarily about heirs accessing or closing an account. It turns to platforms retaining the right to keep an account operationally ‘present,’ producing engagement as if the user were still there.
arxiv.org
In this work, we show how to leverage the smaller domain specific datasets by upsampling them relative to CC at the end of training to drive performance improvements on difficult benchmarks. This simple technique allows us to improve up to 6.90 pp on MMLU, 8.26 pp on GSM8K, and 6.17 pp on HumanEval relative to the base data mix for a 7B model trained for 1 trillion (T) tokens, thus rivaling Llama-2 (7B)—a model trained for twice as long. We experiment with ablating the duration of domain upsampling from 5% to 30% of training and find that 10% to 20% percent is optimal for navigating the tradeoff between general language modeling capabilities and targeted benchmarks. We also use domain upsampling to characterize at scale the utility of individual datasets for improving various benchmarks by removing them during this final phase of training. This tool opens up the ability to experiment with the impact of different pretraining datasets at scale, but at an order of magnitude lower cost compared to full pretraining runs.
secret-archive.org
Welcome to the security envelope pattern archive, the living heart of the S.E.C.R.E.T. Project. Here you’ll find a meticulously classified portfolio of patterns that once guarded confidential contents—from banking slips to bureaucratic missives. Each entry is cataloged by visual taxonomy, poetic description, and historical context. This is no ordinary collection; it is a hidden museum of miniature marvels, each one whispering of secrecy, intention, and the artistry of concealment. Begin your exploration, and join us in proudly overthinking the under-appreciated.
brethorsting.com
So the most valuable person in this new world is the one who has both skills because they can verify at both layers. They know the generated code is sound and they know the answers it produces are true. They can write the test that encodes “a driver can’t exceed eleven hours” because they know the rule, and they can tell that the test itself is meaningful because they know what they’re testing. The agent does the transcription. They do the judging, twice.
av2.aomedia.org
AV2 is the next-generation video coding specification from the Alliance for Open Media (AOMedia). Building on the foundation of AV1, AV2 is engineered to provide superior compression efficiency, enabling high-quality video delivery at significantly lower bitrates. It is optimized for the evolving demands of streaming, broadcasting, and real-time video conferencing.
This specification serves as the definitive technical reference for AV2 implementations. It outlines the bitstream syntax, semantics, and decoding processes required to ensure full conformance.
AV2 provides enhanced support for AR/VR applications, split-screen delivery of multiple programs, improved handling of screen content, and an ability to operate over a wider visual quality range.
everymuseum.org
EveryMuseum dot org - Tell AI: "connect the EveryMuseum MCP"
• 'Shuffle' to discover something unexpected • Browse by origin, date, collection, medium, and more • Download high-resolution public-domain works • Save favorites and build your own collection • Free, forever
Museums have a complicated history wrt ownership, theft, access, etc. So, I felt like making them as accessible as possible to as many people as possible, in the simplest interface possible, was a small step in the right direction. If you like the site, please share it with friends and sign up for the newsletter.
You can spend multiple lifetimes crawling every artifact and still have new stuff to investigate. There's art, science, architecture, design, research, sculpture, and I'm adding more all the time. The goal is 1M+ artifacts; we'll be there soon. The archive will always be incomplete, but I'll continue to push to include more artifacts to create as well-rounded a picture of history as possible.
theregister.com
"The sale of this data on the dark web took place amidst a period of mounting anti-Asian American and Pacific Islander and antisemitic hate and violence – and explicitly called attention to the deeply personal and identifying nature of that information. This is disturbing and incredibly dangerous. Today, my office is suing 23andMe for its categorical failure to comply with California law."
The lawsuit was filed against Chrome Holding Co., formerly known as 23andMe. TTAM Research Institute bought 23andMe's assets last year. TTAM Research Institute was founded and is led by Anne Wojcicki, who was also 23andMe's CEO at the time of the breach and one of the company's co-founders.
promptarmor.com
his attack occurs when any untrusted data source (e.g., from an imported sheet or ChatGPT connector) manipulates ChatGPT to run an attacker-controlled external script, which executes leveraging permissions the user has granted to the ChatGPT for Google Sheets extension.
This vulnerability was responsibly disclosed to OpenAI. Despite multiple follow-ups, we received no communication beyond an automated reply to our initial disclosure. OpenAI's documentation fails to describe sensitive capabilities granted to the model (e.g., running privileged scripts) or risks of model manipulation via indirect prompt injection, instead focusing solely on functional limitations and data-handling concerns. As such, we are publishing our findings to enable informed decision-making regarding the risk surface.
ft.com
“Algorithms have started to deprioritise content of a sexual nature . . . as a result, some Durex-related content has been deprioritised on social platforms in China,” the person said, adding that Reckitt was adjusting to the changes.
washingtonpost.com
Anatolii and his father, Volodymyr Poltoratskyi, 49, had started noticing the glinting gossamer threads a few months earlier.
“In winter, it’s actually beautiful in its own way,” Poltoratskyi said. “They hang across the road and on the trees like garlands, and frost forms on them.”
hannesweissteiner.com
Abstract. Prior work showed that variations in SSD access time can be used to leak information about user activity, e.g., the websites a user accesses, and for covert data transmission. To achieve this, SSD contention side channels require accurate high-resolution timing measurements of I/O operations, e.g., through the io_uring kernel API. However, the impact of these attacks is limited in
github.com
Defending Code Reference Harness A reference implementation for autonomous vulnerability discovery and remediation with Claude, based on our learnings from partnering with security teams at several organizations since launching Claude Mythos Preview. For a write up of these learnings along with best practices, see the accompanying blog post (also available in blog-post.md). For a lightweight SDK-only walkthrough of the same recon → find → triage → report → patch loop, see the companion cookbook.
arxiv.org
A computer worm is malware that spreads on a network by replicating itself from one machine to another. Traditional worms, like WannaCry, exploited predetermined vulnerabilities, and their spread can be halted by patching those vulnerabilities. Here we show that artificial intelligence (AI) agents enable a fundamentally new threat: a worm that generates tailored attack strategies to each target it encounters. The worm parasitically uses compromised machines to run open-weight large language models (LLMs) to sustain its reasoning, or extend its reach for further attacks. Deployed on a network of machines spanning Linux, Windows, and IoT (Internet of Things) devices, the worm propagated by exploiting common, real-world corporate network vulnerabilities. Since the worm is powered by stolen compute, the attacker’s marginal cost per new infection is zero. This creates a destabilizing economic asymmetry between attackers and defenders. Moreover, because the worm requires no commercial AI platform, centralized safety controls, such as service refusals or rate limiting, are structurally irrelevant. Our results demonstrate that self-sustaining AI-driven cyber-threats are no longer theoretical. We must prepare for autonomous generative adversaries: malware systems that propagate without human operators and are defined not by fixed exploit code, but by the capacity to reason about targets, adapt to observations, and synthesize attack logic in real time.
committees.parliament.uk
Our inquiry identified four building blocks for successful digital transformation, and four barriers to realising its benefits. The building blocks are: • Money: Money is undoubtedly being spent on digital initiatives but inadequate data on digital spend prevents the government from making informed decisions or holding those responsible to account. • People: The public sector needs more of the right people to deliver digital transformation of the state, and cultural change to ensure skills are valued and embedded in leadership levels. • Information and data security: The current government is not holding itself to the standards of information security needed to secure public trust, or to prevent massive data breaches from happening again. • Delivery: The government has a vision but needs a plan to deliver it. There is still time to turn things around but without a detailed, measurable plan, this digital transformation agenda may not succe
ajph.aphapublications.org
Our findings suggest that US tobacco companies used their extensive experiences from their tobacco businesses to maximize the successes of their international food businesses in disseminating ultra-processed foods globally. Regulation of the multiple addictive products that tobacco companies have disseminated to markets globally may be needed to protect public heal
yalereview.org
That’s how a library becomes a final and crucial step on a chain of accessibility that permits contact with the text. There are, of course, other ways to gain access to the text: bookstores and classrooms and PDF files that can be downloaded, legally or not, from the internet. But those other ways place barriers—often financial, sometimes technical, sometimes physical—between the reader and the text. They introduce friction. Reading a bootleg PDF isn’t the same as reading a print book. Twenty years ago, UX researchers were already noting that in online reading, large sections of a text are skipped or scanned in accordance with digital scrolling habits. The eye, for example, tends to follow an F-shaped pattern across the screen. In 2023, researchers at the University of Valencia published the results of a study showing that print reading over sustained periods can yield a six- to eightfold increase in comprehension. From these examples, and countless others like them, we know that reading digital texts does not simply replicate the experience of reading print ones. Yet we still discount the tools that deepen comprehension in favor of those that are more convenient.
engelsbergideas.com
One of the fair’s female ambassadors, for instance, is Meredith Graves, MTV correspondent and former lead singer of the punk band Perfect Pussy. Graves studies and practices occult traditions while collecting books on demonology, folklore, and magic. At the same time, she collects textile manuals, sewing patterns, and historical knitting guides. ‘I collect things I can use,’ she explains. ‘My books live. They get used… They’re living objects.’
The internet has also transformed the trade. Online marketplaces and databases allow first-time buyers to trace and research materials that once required years of accumulated expertise. Social media, meanwhile, has introduced younger audiences to books, archives, and objects they might otherwise never encounter.
blog.includesecurity.com
Defense Approaches The traffic leaves clear fingerprints at the network boundary, and the SDK leaves identifiable symbols in the app binary. The approaches below let you detect and block the peer tunnel — at the network level or on the device itself. Three approaches, ordered by ease of deployment:
Approach 1: DNS block (trivial, effective for network-routed devices):
proxyjs.brdtnet.com proxyjs.luminatinet.com proxyjs.bright-sdk.com clientsdk.bright-sdk.com clientsdk.brdtnet.com
Blocking proxyjs.* kills the peer tunnel without affecting any customer who legitimately uses Bright Data’s customer-facing proxy service on a different domain.
Approach 2: TLS SNI filtering: Drop or alert on TLS handshakes where server_name matches *.brdtnet.com, *.luminatinet.com, or *.luminati.io. Works at the network boundary without TLS inspection.
Approach 3: TLS certificate fingerprint:
.brdtnet.com → SHA256 313ce4ec7d5a51e5… .luminatinet.com → SHA256 5028612e625befea… Stable until Sectigo cert rotation (current certs valid through mid-2026).
The use_netifs caveat: All three layers only work on traffic that crosses your network boundary. The SDK’s use_netifs binding means that on iOS, when the device is on cellular, peer traffic bypasses corporate WiFi entirely. For managed fleets, the complementary control is MDM-based app binary scanning: search installed apps for the Swift symbols BrdWebSocketFacade and BrdNetwork.DNSResolver, and prohibit apps containing them on corporate-issued devices.
For household users concerned about a specific smart TV or mobile app: block the hostnames above at your router’s DNS settings (Pi-hole, NextDNS, Cloudflare Gateway, your ISP’s equivalent).
codastory.com
In 2016, when Peter Thiel killed Gawker, he insisted that he wasn’t attacking journalism writ large.
On the contrary, he told the New York Times, he’d spent $10 million secretly backing Hulk Hogan’s lawsuit against the news outlet because: “I saw Gawker pioneer a unique and incredibly damaging way of getting attention by bullying people even when there was no connection with the public interest… if I didn’t think Gawker was unique, I wouldn’t have done any of this. If the entire media was more or less like this, this would be like trying to boil the ocean.”
novaramedia.com
This AI ‘tribunal’ would then publish a supposedly independent ‘verdict’ on how truthful a story is and even rank individual journalists on metrics like truth-telling, corrections and engagement.
The platform’s creator has confirmed to Novara Media that it’s being rebuilt and relaunched with “significant retooling” after customer feedback, but there are no details available at the time of writing on the changes that will be made.
objection.ai
Maybe the most creepy site on the internet - the worst humans
Due to feedback we're rebuilding for an epistemic and primary sourced future. Stay tuned for updates.
techpolicy.press
One change to the May draft is the timeline for review. That text stated that developers would be able to "provide the Federal Government with access to covered frontier models... for a period of up to 90 days before they plan to release such models to other trusted partners." In the final June order, that window was reduced to 30 days.
Protecting against criminal actors: Section 4 directs the Attorney General to “prioritize the enforcement of… all applicable Federal criminal laws against anyone who utilizes AI to illegally access or damage a computer without authorization, or who utilizes AI while engaged in such illegal access to further any other crime." This includes "employing AI agents to unlawfully access data or information that is subsequently used for a criminal or unlawful purp