Industry
CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats
"Defenders cannot afford to take weeks to patch," one Cybersecurity and Infrastructure Security Agency official warned on Wednesday. With new generations of AI models fueling both rapid software vulnerability discovery and the potential for faster exploitation by malicious hackers, the United States Cybersecurity and Infrastructure Security Agency released a new directive on Wednesday that requires more rapid and efficient software patching by federal civilian agencies. The "binding operational directive" (BOD) lays out a rubric for how quickly bugs must be fixed based on four assessments of urgency, with a turnaround time in critical cases of just three days. Chris Butera, CISA's acting executive assistant director for cybersecurity, told reporters on Wednesday that the goal of the directive is to help agencies prioritize, so they can address the most problematic vulnerabilities first while taking more time to remediate bugs that pose a less-pressing risk. The directive comes as private companies and governments have been scrambling to assess the extent of the cybersecurity reckoning that AI vulnerability and exploit development capabilities could unleash.
MIP against Agent: Malicious Image Patches Hijacking Multimodal OS Agents
Recent advances in operating system (OS) agents have enabled vision-language models (VLMs) to directly control a user's computer. Unlike conventional VLMs that passively output text, OS agents autonomously perform computer-based tasks in response to a single user prompt. OS agents do so by capturing, parsing, and analysing screenshots and executing low-level actions via application programming interfaces (APIs), such as mouse clicks and keyboard inputs. This direct interaction with the OS significantly raises the stakes, as failures or manipulations can have immediate and tangible consequences. In this work, we uncover a novel attack vector against these OS agents: Malicious Image Patches (MIPs), adversarially perturbed screen regions that, when captured by an OS agent, induce it to perform harmful actions by exploiting specific APIs. For instance, a MIP can be embedded in a desktop wallpaper or shared on social media to cause an OS agent to exfiltrate sensitive user data. We show that MIPs generalise across user prompts and screen configurations, and that they can hijack multiple OS agents even during the execution of benign instructions. These findings expose critical security vulnerabilities in OS agents that have to be carefully addressed before their widespread deployment.
Trump Risks Key Surveillance Authority Over 'Unqualified' Spy-Chief Pick
Trump Risks Key Surveillance Authority Over'Unqualified' Spy-Chief Pick US lawmakers are alarmed that Bill Pulte, a housing official with no intelligence experience, is poised to take charge of one of the government's most powerful surveillance tools. A sweeping warrantless surveillance authority remains on track to expire Friday, with no clear path to a deal, after President Donald Trump refused this week to abandon his pick of housing official Bill Pulte to temporarily lead the US intelligence community--even tasking Pulte with gutting the Office of the Director of National Intelligence in a DOGE-style "downsizing" before a permanent director is named. In a Truth Social post after his second White House meeting in two days with House speaker Mike Johnson, Trump called Section 702 of the Foreign Intelligence Surveillance Act "very important to our military, and keeping the American people safe" and asked Congress for a short-term extension to give him time to find a permanent director of national intelligence. Section 702 lets the government collect the communications of foreign targets abroad without a warrant, sweeping in an unknown volume of Americans' messages that the FBI can later search. It faces a first-ever lapse in its legal authorization if Congress does not act by the end of Friday, June 12.
Basketball can make you better at math
Combining math concepts with sports can help boost your fractions game. More information Adding us as a Preferred Source in Google by using this link indicates that you would like to see more of our content in Google News results. Students also saw improvement in other math areas after participating in the workshop. Breakthroughs, discoveries, and DIY tips sent six days a week. By signing up, you confirm you are 16+, will receive newsletters and promotional content and agree to our Terms of Use and acknowledge the data practices in our Privacy Policy .
Versatile Transferable Unlearnable Example Generator
The rapid growth of publicly available data has fueled deep learning advancements but also raises concerns about unauthorized data usage. Unlearnable Examples (UEs) have emerged as a data protection strategy that introduces imperceptible perturbations to prevent unauthorized learning. However, most existing UE methods produce perturbations strongly tied to specific training sets, leading to a significant drop in unlearnability when applied to unseen data or tasks. In this paper, we argue that for broad applicability, UEs should maintain their effectiveness across diverse application scenarios. To this end, we conduct the first comprehensive study on the transferability of UEs across diverse and practical yet demanding settings. Specifically, we identify key scenarios that pose significant challenges for existing UE methods, including varying styles, out-of-distribution classes, resolutions, and architectures.
Rare lunar meteorite was smacked three times before finally hitting Earth
Portions of the rock date back billions of years to when the moon was molten rock. More information Adding us as a Preferred Source in Google by using this link indicates that you would like to see more of our content in Google News results. NWA 12593 was discovered in Mali in 2017. Breakthroughs, discoveries, and DIY tips sent six days a week. By signing up, you confirm you are 16+, will receive newsletters and promotional content and agree to our Terms of Use and acknowledge the data practices in our Privacy Policy .
Hybrid-Balance GFlowNet for Solving Vehicle Routing Problems
Existing GFlowNet-based methods for vehicle routing problems (VRPs) typically employ Trajectory Balance (TB) to achieve global optimization but often neglect important aspects of local optimization. While Detailed Balance (DB) addresses local optimization more effectively, it alone falls short in solving VRPs, which inherently require holistic trajectory optimization. To address these limitations, we introduce the Hybrid-Balance GFlowNet (HBG) framework, which uniquely integrates TB and DB in a principled and adaptive manner by aligning their intrinsically complementary strengths. Additionally, we propose a specialized inference strategy for depot-centric scenarios like the Capacitated Vehicle Routing Problem (CVRP), leveraging the depot node's greater flexibility in selecting successors. Despite this specialization, HBG maintains broad applicability, extending effectively to problems without explicit depots, such as the Traveling Salesman Problem (TSP). We evaluate HBG by integrating it into two established GFlowNet-based solvers, i.e., AGFN and GFACS, and demonstrate consistent and significant improvements across both CVRP and TSP, underscoring the enhanced solution quality and generalization afforded by our approach.
Florida lawsuit alleges wrongful arrest after AI facial recognition error
A Florida man is suing several law enforcement agencies for his arrest and prosecution for allegedly luring a child after he was wrongly identified using faulty AI facial recognition software. According to the Jacksonville Beach police department, an algorithm returned a 93% probability that Robert Dillon was the man caught on security cameras at a McDonald's in the town attempting to persuade an unaccompanied girl, aged younger than 12, to leave with him. Dillon, however, lives in Fort Myers, more than 300 miles and a five-hour drive away, and told detectives he had never been to Jacksonville Beach in his life. The case was dismissed and charges dropped last year over the August 2024 incident. Now the 52-year-old has filed a lawsuit against the police department, the Jacksonville sheriff's office, and Bob Gualtieri, the sheriff of Pinellas county, whose agency maintains and operates the Faces (Face Analysis Comparison and Examination) system and leases it to other law enforcement.
Vector Database Watermarking
Vector databases support machine learning tasks using Approximate Nearest Neighbour (ANN) query functionality, making them highly valuable digital assets. However, they also face security threats like unauthorized replication. By embedding stealth information, watermarking technology can be used for ownership authentication. This paper introduces a watermarking scheme specifically designed for vector databases. The scheme consists of four steps: generating identifiers, grouping, cryptographic mapping, and modification.
Donald Trump Is Ready for Fight Night. So Are Donors
Donald Trump Is Ready for Fight Night. The UFC event on the White House's South Lawn is the president's birthday gift to himself. Sources expect it to be a lobbying extravaganza. President Donald Trump is enthralled with the Ultimate Fighting Championship staging an event at the White House on his birthday this weekend--in effect his present to himself, since he came up with the idea. We have the details on both the fighting and the anticipated lobbying.