Heather Adkins - Ꜻ - Spes consilium non est

China is restricting overseas travel for top AI professionals in private firms such as Alibaba and DeepSeek, suggesting an escalation in measures intended to safeguard its technology and catch up to the US in a pivotal sphere. Government agencies have begun imposing restrictions on individuals involved in advanced AI work and considered strategically important to the country, people familiar with the matter said. bloom.bg/4uy8OPC 📷: Qilai Shen/Bloomberg

I guess maybe I should get the roof waterproofed before winter. 💦

More frontier model vulnerability research news.

Don't often see this kind of analysis of Middle East infrastructure: Over 3 months this year, 1,350 hacker command-and-control servers found being hosted across 98 regionaly providers. Saudi Telecom Company hosts 981 , or 72.4%, of them. hunt.io/blog/middle-ea…

UPDATE: So far we've identified 639 compromised npm package versions across 323 unique packages in tonight’s Mini Shai-Hulud wave. That includes 558 versions across 279 unique @​antv packages. Most were detected within ~6 minutes of publication. socket.dev/blog/antv-pack…

Gemini Omni doesn't just build scenes that look real, it reasons about what should happen next. It combines an intuitive understanding of physics with Gemini's knowledge of history, science, and cultural context. Rolling out today starting with video outputs to Google AI Plus, Pro and Ultra subscribers globally through the @Geminiapp + Google Flow, and @YouTube Shorts this week.

Move over, Mythos: Open-source AI systems have been finding serious bugs in critical software for months. I wrote about how a recent DARPA challenge sparked a sea change in AI's bug-finding power, and how it could especially help critical infrastructure. cybersecuritydive.com/news/ai-vulner…

Nice write up from the Cloudflare team, but the post here is misleading. Patch faster is not the wrong answer, because most teams are patching on the order of weeks or months. You must patch faster than that right now. But I will agree that 2 hours is infeasible beyond the occasional emergency CVSS 10. And defense in depth is a part of the arsenal, now the whole story.

🚨 The WHO has now declared the Ebola outbreak in the Democratic Republic of the Congo and Uganda a global public health emergency. So far: • 246 suspected cases • 80 deaths • Fatality rate in past Bundibugyo Ebola outbreaks: 30–50% • Health workers already among the dead • Cases spreading across multiple health zones • Imported cases confirmed in Uganda This isn’t the more well-known Ebola strain either. It’s Bundibugyo virus, and there is currently NO licensed vaccine or specific treatment for it. Most suspected cases are adults aged 20–39, with women making up over 60% of cases, highlighting how fast it spreads through households and caregiving. Several contacts reportedly became sick and died before they could even be isolated. The outbreak is centred in a major mining and migration hub near the borders of Uganda and South Sudan, raising fears of wider regional spread.

Those early whole company @Google ski trips were fun! I'm eighth from the left in the top row, wearing the white bathrobe (ninth if you count Susan's baby, Ari)

😅

‼️🚨 Pwn2Own Berlin 2026 just hit a wall. For the first time in 19-years, ZDI rejected dozens of working zero-day RCE submissions because organizers ran out of contest slots. Rejected hackers are now going public with PoC demos and direct vendor disclosures, breaking Pwn2Own's usual secrecy. ▪️ AI surfaces a massive wave of 0-day RCEs. ▪️ Submissions overwhelm ZDI past max capacity. ▪️ Slots run out. Researchers with working chains get rejected. ▪️ "Revenge disclosures" begin. ← we are here. Confirmed casualties so far: ▪️ @xchglabs : 86 vulnerabilities prepared (PyTorch, NVIDIA, Linux KVM, Oracle, Docker, Ollama, Chroma, LiteLLM, llama.cpp). All rejected. Now reporting directly to vendors with writeups dropping as patches land. ▪️ @ggwhyp : full-chain Firefox RCE on Windows. Rejected. Publicly demoed (HTML page → cmd.exe → calc.exe). Responsibly disclosed to Mozilla. ▪️ @yunsu_dev : working RCE chain, rejected. Submitting elsewhere. ▪️ @ryotkak : tried to register for 3+ weeks. ZDI confirmed "at maximum capacity, can't add extra contest days." Considered canceling flight and hotel. ▪️ @anzuukino2802 : Claude Code RCE PoC. Rejected. ▪️ @desckimh : 0-day RCEs in Ollama and LM Studio. Rejected. Reported impact: a community-estimated 150+ researchers tried to register. Accepted contestants are now being warned about collisions. Rejected vulnerabilities going to bug bounty programs may trigger pre-event patches that invalidate the work of those who got in. ZDI has not publicly addressed the capacity issue. The event still runs May 14-16 in Berlin.

I'd prefer to say every vulnerability is knowable. This isn't the same thing as one person or method being able to find every vulnerability (interesting thoughts on that from Lukasz here). My point being: stop tying yourself into knots figuring out if that CVSS 5.4 is exploitable in your WIDGETFOO environment, and also findable by someone else. Just go fix it.

@philvenables Although, I suppose if one is being pedantic, pedestrianism means something else too... weirdly so.

@philvenables Pedestrianism implies you're on foot. You can trespass, not on foot. ;-) If one were to be pedantic.

What has gone wrong with the ability of journalists to report objectively on anything these days? “Pedestrian” as opposed to trespasser.

Another sign that over time AI will sift out the shallow-medium depth bugs, and devs will just fix them as a matter of course. This will shift the VRP market substantially. If you're a bug bounty platform or a VRP researcher, refocus your time and energy. If you're a defender, deploy patches or deprecate, even those lower-severity LPE bugs.

Process isolation on Windows is sorely needed so I'm really delighted to see Chrome 138 start shipping this. Try it out (you'll need to switch it manually for testing)! Protect those 🍪🍪🍪!

@alexanderjaeger @SeanWrightSec

@SeanWrightSec "Hey @argvee we did block all binaries and webpages related to AI across the company and for all Chrome users, enjoy great weekend." (this is meant to be fun)

Scare your CISO in 1 sentence including the word AI…

Excited to see how this will evolve the thinking on cyber safety review boards. It's good timing as we enter into the era of machine-speed hacking driven by the emergency of powerful AI models. 👀🎉🚀

When AI hits security there will be signs