Microsoft Copilot Cowork seems to be the Ford Pinto of the 21st century… except that we no longer have any regulations to make building AI Ford Pintos unattractive to companies.
| Country | US |
| Pronouns | He/Him |
alberg
- 110 Followers
- 105 Following
- 1.5K Posts
CISO, volunteer EMT, tech and history nerd. All posts reflect my personal opinions, not those of my employer or anyone else.
This new research is yet another example of the new threats we face in an era of increasing access to AI - and the increasing pace we can expect to see in the emergence of truly novel threats rather than "AI enhanced" exploitation of the same old issues we have faced for decades. Pleasant dreams. https://www.utoronto.ca/news/u-t-researchers-demonstrate-ai-worm-could-target-any-online-device?utm_source=tldrinfosec
U of T researchers demonstrate AI worm could target any online device
A team of researchers at the University of Toronto has discovered a new class of cyberthreat that gives hackers more power and reach at far less cost. It can be built with free AI models. Every online device is a potential target. And current cyber defences are not yet ready for it.
Well this is not good... time to update your Android MS365 apps like Outlook, Teams, etc. to avoid token theft. https://thehackernews.com/2026/06/microsoft-365-android-apps-let-any-app.html
I guess so much for the "We're replacing employees with AI to save money" story for at least one company... https://www.tomshardware.com/tech-industry/artificial-intelligence/mystery-company-accidentally-blew-usd500-million-on-claude-in-a-single-month-failed-to-put-usage-limit-on-licenses-for-employees
Prediction markets are a societal threat that need to be heavily regulated. Actually, IMHO, they just shouldn’t exist, at least in a form that pays actual money. Betting on everything men’s corruption at all levels in all venues. https://cyberscoop.com/google-security-engineer-insider-trading-polymarket/
Each new study of the behavior of LLMs makes me think that the people who think they are some how “human” or “conscious” might not be raving lunatics. I mean this is the same behavior that the American public has been exhibiting since 2016. https://arstechnica.com/ai/2026/05/llms-believe-false-statements-even-after-explicit-warnings-that-theyre-false/
I think India is on to something here, unfortunately. We are going to need to drastically enspeeden patching of exposed assets to even try to keep up with attackers’ new pace. Which also means speeding up responses to fixing effects of breaking patches. https://www.theregister.com/security/2026/05/27/cert-in-professes-12-hour-patching-for-ai-assisted-attacks/5247009
This is why I don't understand why devs don't first use AI to do code reviews on their existing code base and fix all of those lurking vulns that some AI equipped attacker will find and exploit sooner or later. Probably sooner. I know this is nowhere near as glamorous as shipping 43 new features this week, but it is way more valuable, IMHO, https://www.theregister.com/security/2026/05/02/ai-digs-up-decades-of-code-debt-patch-up/5219734
I think that this is more about people not understanding HOW to use AI as a partner rather than as a "magic answer machine." If we don't start teaching people how to effectively use these tools (and to recognize their limits), we are going to accelerate ourselves (further) into the world of famed futurist documentary "Idiocracy" even faster. https://www.wired.com/story/using-ai-negative-impact-thinking-problem-solving-study
WOW... if the CEO of any firm I did business with referred to their employees as "lower-value human capital" I would take my business somewhere else so fast your head would spin. This guy should be given some PR training by his "lower-value human capital" and be shunned by anyone with a heart. https://www.reuters.com/business/world-at-work/stanchart-cut-more-than-7000-jobs-bank-steps-up-ai-adoption-2026-05-19/