Olivia
Online
Janmaarten Batstra
@interminded
--//tweets NL-EN --Innovative entrepreneur//gadget freak//politics//Money is a means, not an end//--
Mostly Europe
Joined October 2010
242 Following
429 Followers
3.7K Posts
Pinned Tweet
https://t.co/S7grNobt2q
The more human readable version (Arvix paper in the post below):
TLDR; in (less than) a few months, script-kiddos can cripple the internet 🤷♀️
https://t.co/jT3HjmTxUu
AI agents just made adaptive computer worms real.
They run open-weight LLMs on compromised machines, reason about each target, and generate tailored exploits on the fly.
Bypasses every commercial AI safety control.
Autonomous worms have arrived.
https://t.co/iW7Wm0FehA
@Miles_Brundage The other interpretation is that this is the day after Ant filing s1 reg @ us sec. And IPO will pretty much determine their (financial) position in the AI race. At some point, money must matter.
30 days for US gov to drastically boost their cyber defense, from CIA to local hospitals.
Well, @HennaVirkkunen, maybe now do something? As in NOW, not next week.
US set 30 days(!) for the biggest cyber-defense overhaul in years for a reason.
https://t.co/EcQzFaOGEg
@huibmodderkolk Als Iraanse hackers echt admin rights op Verifone hadden gehad, hadden ze de boel wel platgelegd ipv een waarschuwing gegeven. Dat is meer hun stijl, disruption. Maargoed, een gewaarschuwde bank telt voor 2 en dat is een goede zaak.
Today we're open-sourcing Bumblebee, a read-only scanner for macOS and Linux.
It checks developer machines for risky packages, extensions, and AI tool configs.
Connected to Computer, it can trigger deeper scans whenever a new supply-chain risk emerges.
https://t.co/FOaWnF1yQy
@Miles_Brundage The voluntary thing is one, the ‘classified’ preview window is another.
Expanding access for the most powerful top tier models means creating additional high value targets for espionage by ‘foreign competitors’
Unfortunately, I concur. The thing that baffles me most though is the almost non-existent reaction of politicians (except for some, like @bgroothuis or @SenSanders ) on what is arguably 100’s of times bigger than all current wars and ‘crises’ combined.
Sometimes people outside the field say things like “The AI situation can’t be that bad, there must be experts who are on top of it”. As “an expert”, I would like to be clear that we are *not* on top of it. Some key aspects of the situation IMO:
Yeah, I don't think I've ever met someone who has directly worked for an extended period on safety or security at an AI company who thinks things are fine readiness wise or incentive wise etc. https://t.co/nYlsE36U0L
First batch of #Mythos #Glasswing vulns have been released. Only 97 of 1900 patched…🙈
https://t.co/pBqZltM1E6
> 10k high or critical vulns, just within the few partners of Glasswing.
Within a month.
What could possibly go wrong… 🤷♀️
Last month we launched Project Glasswing, our collaborative AI cybersecurity initiative. Since then, we and our partners have found more than ten thousand high- or critical-severity vulnerabilities in essential software.
@emergence_ai @venturetwins I don’t get it. You have sonnet 4.6 (reasoning) and grok 4.1 (non-reasoning). So what other conclusion can you draw than that reasoning agents are a lot better than non-reasoning ones when it comes to autonomous operation?
Good example of vulns<->exploits.
- Patches not even ready across the board.
- >50% of corp. installs take >weeks to patch.
- Exploits detected in <24h
- Full system takeover possible (passwords, files, photos,mail, wallets etc etc).
This is the new normal to come.🤷♀️
update chrome/chromium immediately, if you cant ( i.e. alpine doesnt have latest patch build today) you can disable gpu and webrtc to mitigate it
@Miles_Brundage Good. It wouldn’t have worked anyway:
• Voluntary = companies could (and would) just ignore it
• Forces early sharing new frontier models with multiple gov agencies = real risk of leaks + IP theft
TLDR; even GPT 5.5 (with guardrails ON) easily delivers massive exploits and sometimes even scarier ones than they were asked to.
Also; a defender has to be successful all the time, an attacker only once 🤷♀️
https://t.co/pXX7Ek27qq
@RonDeSantis The fact that you cannot comprehend it does not make it not true. Best leadership would be to acknowledge expert opinion and work from there.
But hey, ignoring warnings from those with front seats and then crying when it hits the fan is also a way of dealing with things 🤷♀️
This reads like; it’s bad (graph), gets worse (the 26%), gets even worse (43 days).
43 days where even 43 hours would be too slow..
It’s no longer phishing that’s first to get you. Vulnerabilities are now cheap and everywhere.
Spread the word. It takes the industry a decade to adjust its’ narrative.
Found via @jorgeorchilles on the other network, faster than I could read the report myself!
The concern is not overdue, it’s too late. By the end of July a tsunami of CVE’s will be released while >70% of critical systems of our society are not patched. Banks, hospitals, utilities will en masse be wide open to attack, and attacks will be fully autonomous on a scale we have never even remotely seen.
Brace. for. impact.
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers