Tech Risk Reading Picks

1. Premature to impose AI privacy regulations: OpenAI CEO Sam Altman argued that it is premature to impose strict privacy regulations on AI, citing the technology’s rapid evolution and unpredictable societal impact. Speaking at a major privacy summit, Altman emphasized the need for a dynamic, responsive approach to regulation, as challenges emerge. He highlighted concerns about users sharing deeply personal information with AI systems, despite the lack of legal confidentiality protections like those offered by doctors or lawyers. However, he offered no concrete solutions, suggesting society—not tech companies—must establish new frameworks. Meanwhile, lawmakers at the event acknowledged the importance of regulating AI, with one noting the urgency of balancing innovation with risk mitigation. [more]

2. Critics on brief Gemini safety evaluation: Google has released a brief six-page “model card” for its Gemini 2.5 Pro AI model, weeks after making the model publicly available in preview form—a delay that has drawn criticism from AI governance experts. Critics, including Kevin Bankston of the Center for Democracy and Technology, argue the documentation lacks key safety evaluation details, such as results from red-teaming tests, and reflects a concerning trend of reduced transparency as AI companies rush to market. Google denies any breach of its commitments and says more detailed technical documentation will follow when the full model family is released. The company’s move mirrors similar behavior from other AI firms like Meta and OpenAI, which have also scaled back on releasing safety information, prompting broader concerns about declining standards in AI safety and accountability. [more]

3. AI risk - Slopsquatting: Slopsquatting is a rising cybersecurity threat where attackers exploit AI-generated "hallucinations" — fictional software package names invented by tools like ChatGPT or GitHub Copilot — by registering these fake packages with malicious code. Unlike typosquatting, which targets human spelling errors, slopsquatting leverages developers’ misplaced trust in AI-generated suggestions. A major study analyzing over half a million AI-generated code snippets found nearly 1 in 5 included hallucinated packages, some of which repeatedly appeared across multiple runs, making them predictable for attackers. This risk is amplified by "vibe coding," a growing trend where developers rely heavily on AI to write and suggest code with minimal verification. To stay safe, experts urge developers to manually verify packages, use security tools, and avoid blindly copying install commands from AI outputs. Encouragingly, newer AI models like GPT-4 Turbo are beginning to detect and flag such hallucinations with increasing accuracy. [more]

4. EU banned AI assistants in virtual meetings: The European Union has introduced a ban on AI-powered virtual assistants during online meetings, which are typically used for tasks like transcribing, note-taking, and recording visuals or audio. This move follows a presentation by the European Commission to Digital Innovation Hubs, where the rule was announced, though no specific rationale was provided. While AI agents, such as those in video conferencing software or CRM systems, are not inherently insecure, concerns about security arise from their ability to operate autonomously and unpredictably, potentially interacting with other AI systems. With the rise of such technologies, including advancements by companies like OpenAI and Anthropic, AI agents are becoming increasingly prevalent, with predictions indicating that by 2028, a significant portion of enterprise applications and daily work tasks will be AI-driven. [more]

5. 1 BTC if you crack Bitcoin’s encryption: Project 11, a quantum computing research group, has launched the "QDay Prize," offering 1 BTC (around $85,000) to the first team that can use a quantum computer to crack a simplified version of Bitcoin’s elliptic curve cryptography (ECC), aiming to assess the urgency of the quantum threat to blockchain security. While current Bitcoin encryption uses 256-bit ECC, the challenge involves much smaller keys (1–25 bits) to simulate future risks. The initiative highlights growing concerns that quantum computers—capable of solving complex problems far faster than traditional machines—could eventually break the cryptographic foundations securing Bitcoin’s $1.7 trillion ecosystem. Developers across blockchains like Solana and Ethereum are already introducing quantum-resistant solutions, and Project 11 stresses the importance of proactive planning to defend against what could one day be a catastrophic vulnerability. [more]

6. Bruce Schneier AMA on complex tech topics: In a wide-ranging AMA, cybersecurity expert Bruce Schneier tackled complex issues spanning AI, NSA surveillance, cryptography, and broader societal threats. He emphasized the emotional toll of constant cyber crises, warning of deliberate strategies that foster “rage fatigue.” Schneier critiqued the global impact of tech-related trade wars, highlighted the ethical imperative in cryptography, and called out the “AI snake oil” saturating the market while recognizing AI’s real value in incident response. He argued that cybersecurity is minor compared to systemic threats like inequality and climate change, and stressed that true security demands more than performance — it requires values, legislation, and resisting monopolistic control. Despite a generally somber outlook, Schneier expressed hope in collective action, diverse AI development, and the growing awareness of these intersecting challenges. [more]

7. Attacking Entra ID: The "Cookie Bite" attack, uncovered by Varonis Threat Labs, exploits two Azure Entra ID session cookies—ESTSAUTH and ESTSAUTHPERSISTENT—to hijack authenticated Microsoft 365 sessions, bypassing multi-factor authentication and granting attackers persistent access to services like Outlook and Teams. By using a browser extension and PowerShell automation, threat actors can stealthily extract and reuse these cookies, enabling lateral movement, data theft, and internal impersonation—all while appearing as legitimate users. This proof-of-concept highlights a serious threat affecting millions of organizations using Azure Entra ID and underscores the need for stronger browser security and anomaly detection mechanisms. [more]

Web3 Cryptospace Spotlight

1. Recovered all $7M in hack: KiloEx, a decentralized exchange (DEX) for trading perpetual futures, successfully recovered all $7 million lost in a recent sophisticated hack that exploited its price oracle system across multiple blockchain networks. In recognition of assistance in the recovery, the DEX is awarding 10% of the recovered funds to white hat hackers. The legal closure of the case is underway with help from experts and judicial authorities. While the incident underscores persistent vulnerabilities in decentralized finance, the community-led recovery effort stands out in a landscape where most hacked funds remain unrecovered. [more]

2. Hacker made deal to take only 10%: The ZKsync Association has successfully recovered nearly $5.7 million worth of tokens stolen during an April 15 security breach involving its airdrop distribution contract. The hacker exploited a vulnerability to mint 111 million unclaimed ZK tokens but later agreed to return 90% of the stolen assets in exchange for a 10% bounty, completing the transfers within a 72-hour safe harbor deadline. Despite the recovered amount exceeding the original $5 million due to token price increases, the ZK token's price remained largely unaffected. No user funds were compromised, and a full incident report is expected from ZKsync soon. [more]

3. Backdoor planted: An up-and-coming Ethereum-based DeFi project called The ROAR lost nearly $800,000 in a premeditated exploit orchestrated by a rogue developer who embedded a backdoor into the staking contract from the start. The developer preset their wallet’s staked amount in the contract’s constructor, granting them withdrawal rights without actually staking, and later dumped the tokens after the project gained traction. Security firm Hacken revealed that this wasn't a code flaw but deliberate malicious logic planted during deployment, serving as a stark warning to DeFi projects about the dangers of over-trusting developers and the ongoing vulnerability of the space to insider threats. [more]

4. XRP malicious library: A serious vulnerability in the XRP Ledger ecosystem was swiftly patched after a threat actor exploited a stolen developer’s access token to publish malicious code in recent versions of the xrpl.js library on Node Package Manager (NPM). Though major services like Xaman Wallet and XRPScan remained unaffected, the malicious versions—v4.2.1 to v4.2.4 and v2.14.2—posed a significant supply chain risk, potentially allowing attackers to steal private keys from compromised applications. The flaw did not affect the XRP Ledger itself but targeted the widely-used JavaScript toolkit. The XRP Ledger Foundation quickly responded by releasing a secure update (v4.2.5), urging developers to upgrade immediately. [more]