We can now add cybercrimes to the list of growing concerns associated with artificial intelligence. Google's Threat Intelligence Group (GTIG) said it discovered, for the first time ever, a threat actor using a zero-day exploit that it believes was developed by AI. Zero-day vulnerabilities are often the most dangerous since they're unknown to the targets, leaving them with zero days to prepare for the attack. Google said in the report the threat actor was planning to use it in a mass exploitation event, but its proactive discovery may have prevented its use. Google added that it doesn't believe its own Gemini models were used, but still has high confidence an AI model was part of discovering the vulnerability and weaponizing an exploit.

NHS England said it had'strict policies in place for managing access to patient data'. NHS England said it had'strict policies in place for managing access to patient data'. Palantir's access to identifiable NHS England patient data is'dangerous', MPs say Health service has given US tech firm'unlimited access' to certain data to build integrated platform, according to reports Mon 11 May 2026 08.01 EDTLast modified on Mon 11 May 2026 10.06 EDT MPs have warned that an NHS decision to grant Palantir access to identifiable patient information in its plan to use AI to improve the health service is "dangerous" and will fuel public fears that data privacy is not being prioritised. NHS England has allowed staff from the US tech firm and other contractors to access patient data before it has been pseudonymised, despite internal fears of a "risk of loss of public confidence", the Financial Times reported. The health service made the move to allow Palantir to access the data in recent weeks according to the reports, which revealed an internal NHS briefing that said it would allow "unlimited access to non-NHSE staff" to part of the NHS's federated data platform (FDP), which holds identifiable patient information.

Plus: Meta officially kills encrypted Instagram DMs, the Trump administration targets "violent left wing extremists," leaked documents reveal Russia's school for elite hackers, and more. Cramming for finals is bad enough without the platform you use to do your schoolwork suddenly shutting down. Unfortunately for countless students across the US, that's exactly what they faced on Thursday after Canvas went into "maintenance mode" following a ransomware attack on education tech firm Instructure. Hackers using the name ShinyHunters claimed responsibility for the breach, and experts say the chaos they caused shows how far these actors will go to extort their victims. Did you know that Google Chrome includes an automatic download of the Gemini Nano AI model?

These cuddly, connected companions could disrupt everything from make-believe to bedtime stories. No wonder some lawmakers want them banned. The main antagonist of, in theaters this summer, is a green, frog-shaped kids' tablet named Lilypad, a genius new villain for the beloved Pixar franchise . But if Pixar had its ear to the ground, it might have used an AI kids' toy instead. AI toys are seemingly everywhere, marketed online as friendly companions to children as young as three, and they're still a largely unregulated category.

Chrome users were caught off guard by a 4-GB Google AI model baked into Chrome, sparking privacy concerns. You might not want to. If you use Google's Chrome browser for desktop, there's probably a Gemini Nano AI model running on your computer right now and taking up about 4 GB of space. That's not necessarily a bad thing, but if you didn't know about it and don't want it, there's a way to turn it off. The file started auto-downloading for Chrome users in 2024 after Google built Gemini Nano into the browser.

Disneyland uses facial recognition at certain entry gates to speed up arrival and prevent fraud. Participation is optional, and data is deleted within 30 days.

This update matters significantly as it patches over double the vulnerabilities from the previous version, covering high-risk, medium-risk, and low-risk security issues. Chrome automatically updates across Windows, macOS, Android, and iOS platforms, though users can manually check via Help menu for immediate protection.

NordVPN leads with fastest speeds and advanced features, while Mullvad offers exceptional privacy at $5 monthly and ExpressVPN provides extensive US coverage. Utah's new law creates uncertainty for VPN users, potentially leading to traffic blocking or invasive identity checks by websites. Utah residents are facing a major shift in online privacy. A new state law, Senate Bill 73, has made Utah the first state to specifically target VPN use as part of its online age-verification rules, holding websites responsible even when users attempt to mask their location with a VPN. Privacy advocates warn the law could pressure websites into blocking VPN traffic entirely or expanding invasive identity checks for everyone.

World Password Day is the perfect time to update old or reused passwords. Credential stuffing attacks make even one weak password a risk to multiple accounts.

When Stick Figure's six-year-old song shot up the charts, the band was thrilled. But its viral moment was spurred by unauthorized AI remixes. The California-based reggae band Stick Figure has been around for 20 years, eight albums, and countless hours on the road, but lead vocalist and guitarist Scott Woodruff has never seen a track take off like "Angels Above Me" did this past week. The six-year-old song hit number one on the iTunes sales charts in six different countries, including the United Kingdom, Austria, and Canada, skyrocketing "out of nowhere," according to Woodruff. Stick Figure has had plenty of thrilling milestones before, with albums repeatedly hitting number one in the reggae category, and hit singles amassing hundreds of millions of streams.