Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Microsoft Patch Tues ...

 Cyber News

Microsoft’s Patch Tuesday January 2026 update includes fixes for one actively-exploited zero day vulnerability and eight additional high-risk flaws. In all, the Patch Tuesday January 2026 update includes fixes for 112 Microsoft CVEs and three non-Microsoft CVEs, doubling December’s 57 vulnerabilities. The actively   show more ...

exploited zero day is CVE-2026-20805, a 5.5-rated Information Disclosure vulnerability affecting Desktop Window Manager (DWM). The vulnerability find is credited to Microsoft’s own Threat Intelligence Center and Security Response Center (MSRC). Microsoft says of the vulnerability, “Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.” CISA added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog shortly after Microsoft’s announcement. Other vendors issuing updates this week include Fortinet, SAP, ServiceNow, and Adobe, among others. Patch Tuesday January 2026 High-Risk Vulnerabilities Microsoft judged eight vulnerabilities as “exploitation more likely.” They include: CVE-2026-20816, a 7.8-rated Windows Installer Elevation of Privilege vulnerability credited to a DCIT security researcher. The time-of-check time-of-use (toctou) race condition in Windows Installer could allow an authorized attacker to elevate privileges locally, potentially gaining SYSTEM privileges. CVE-2026-20817, a 7.8-severity Windows Error Reporting Service Elevation of Privilege vulnerability. Microsoft notes that “Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally,” potentially leading to SYSTEM privileges. GMO Cybersecurity was credited with the find. CVE-2026-20820 is a 7.8-rated Windows Common Log File System (CLFS) Driver Elevation of Privilege vulnerability. The heap-based buffer overflow in Windows Common Log File System Driver could allow an authorized attacker to elevate privileges locally and attain SYSTEM privileges. CVE-2026-20840 is 7.8-severity Windows NTFS Remote Code Execution vulnerability credited to Sergey Tarasov of Positive Technologies. The heap-based buffer overflow vulnerability in Windows NTFS could allow an authorized attacker to execute code locally. CVE-2026-20843 is another 7.8-rated flaw, a Windows Routing and Remote Access Service (RRAS) Elevation of Privilege vulnerability. Improper access control in Windows Routing and Remote Access Service (RRAS) could allow an authorized attacker to elevate privileges locally, potentially gaining SYSTEM privileges. CVE-2026-20860 is also rated 7.8, a Windows Ancillary Function Driver for WinSock Elevation of Privilege vulnerability credited to DEVCORE. The type confusion vulnerability in Windows Ancillary Function Driver for WinSock could allow an authorized attacker to elevate privileges locally. CVE-2026-20871, a Desktop Windows Manager Elevation of Privilege vulnerability, is also rated 7.8 and is credited to the Trend Zero Day Initiative. The use after free vulnerability in Desktop Windows Manager could allow an authorized attacker to elevate privileges locally. CVE-2026-20922 is also rated 7.8, a Windows NTFS Remote Code Execution vulnerability also credited to Tarasov. The heap-based buffer overflow vulnerability in Windows NTFS could allow an authorized attacker to execute code locally. Highest-Rated Vulnerabilities in the Patch Tuesday Update The highest-rated vulnerabilities in the report – three 8.8-severity flaws – were judged to be at lower risk of attack by Microsoft. They include: CVE-2026-20947, a Microsoft SharePoint Server Remote Code Execution/SQL Injection vulnerability CVE-2026-20963, a Microsoft SharePoint Remote Code Execution/Deserialization of Untrusted Data vulnerability CVE-2026-20868, a Windows Routing and Remote Access Service (RRAS) Remote Code Execution/Heap-based Buffer Overflow vulnerability  

image for New Android Banking ...

 Cyber News

A new Android banking malware can launch ransomware attacks in addition to more typical activities like credential theft and user surveillance. The “deVixor” remote access trojan (RAT) was detailed by Cyble researchers in a new blog post. While focused on Iranian banking users for now, the malware developer’s   show more ...

active Telegram channel suggests that the malware could eventually find wider use. As Cyble noted, “The channel’s growing subscriber base further supports the assessment that deVixor is being maintained and distributed as an ongoing criminal service rather than a short-lived operation.” “DeVixor demonstrates how modern Android banking malware has evolved into a scalable, service-driven criminal platform capable of compromising devices over the long term and facilitating financial abuse,” the researchers added. Android Banking Malware DeVixor’s Many Capabilities The deVixor campaign has been active since October, targeting Iranian users through phishing websites that masquerade as legitimate automotive businesses promising deep discounts to lure users into downloading malicious APK files. Cyble said its analysis of more than 700 samples “indicates with high confidence that the threat actor has been conducting a mass infection campaign leveraging Telegram-based infrastructure, enabling centralized control, rapid updates, and sustained campaign evolution.” DeVixor has evolved from basic SMS harvesting into a full-featured RAT that offers bank fraud, credential theft, ransomware, and device surveillance from a single platform. The Android banking malware uses Firebase for command delivery and a Telegram-based bot infrastructure for administration, “allowing attackers to manage infections at scale and evade traditional detection mechanisms.” Evolving from early versions that primarily focused on collecting PII and harvesting banking-related SMS messages, the malware has evolved rapidly, adding banking-related overlay attacks, keylogging, ransomware attacks, Google Play Protect bypass techniques, and exploitation of Android’s Accessibility Service. The RAT uses a Telegram bot–based admin panel for issuing commands, and each APK deployed is assigned a unique Bot ID stored in a local port.json file, allowing the operator to monitor and control individual devices. Cyble listed nearly 50 commands that the malware can execute. DeVixor can harvest OTPs, account balances, card numbers, and messages from banks and cryptocurrency exchanges. It captures banking credentials by loading legitimate banking pages inside a WebView-based JavaScript injection. The malware can also collect all device notifications, capture keystrokes, prevent uninstallation, hide its presence, harvest contacts, and take screenshots. “Android banking malware has progressed well beyond basic credential-harvesting threats, evolving into sophisticated remote access toolkits maintained as persistent, service-driven criminal operations,” the researchers said. “The modular command architecture, persistent configuration mechanisms, and an active development cycle all indicate that deVixor is not an isolated campaign, but a maintained and extensible criminal service,” Cyble said. Android Ransomware The Android banking malware also includes “a remotely triggered ransomware module capable of locking devices and demanding cryptocurrency payments,” the researchers said. After the RANSOMWARE command is issued, the malware receives the attacker-supplied parameters, including the ransom note, a TRON cryptocurrency wallet address, and the ransom demand. Details are stored locally in a file called LockTouch.json, which retains the ransomware infection across device reboots. Based on screenshots posted on the threat actor’s Telegram channel, deVixor locks the victim’s device and displays the ransom message “Your device is locked. Deposit to unlock,” along with the attacker’s TRON wallet address. The malware also sends device identifiers and ransom-related details to the command and control (C&C) server to track victim status and compliance with demands.

image for Spanish Energy Giant ...

 Cyber News

Spanish energy provider Endesa and its regulated electricity operator Energía XXI have begun notifying customers after detecting unauthorized access to the company’s internal systems, resulting in the exposure of personal and contract-related data. The Endesa data breach incident, publicly disclosed by the company,   show more ...

impacts customers linked to Endesa’s commercial platform and is currently under investigation. Endesa, Spain’s largest electric utility company and a subsidiary of the Enel Group, provides electricity and gas services to millions customers across Spain and Portugal. In total, the company reports serving approximately 22 million clients. The Endesa data breach specifically affects customers of Energía XXI, which operates under Spain’s regulated energy market. Unauthorized Access Detected on Commercial Platform According to Endesa, the security incident involved unauthorized and illegitimate access to its commercial platform, enabling attackers to view sensitive customer information tied to energy contracts. In a notification sent to affected customers, the company acknowledged the Endesa data breach, stating: “Despite the security measures implemented by this company, we have detected evidence of unauthorized and illegitimate access to certain personal data of our customers related to their energy contracts, including yours.” The company clarified that while account passwords were not compromised, other categories of data were potentially accessed during the incident. [caption id="attachment_108537" align="aligncenter" width="823"] Image Source: X[/caption] Types of Data Potentially Exposed in Endesa Data Breach Based on the ongoing investigation, Endesa confirmed that attackers may have accessed or exfiltrated the following information: Basic identification data Contact information National identity card numbers Contract-related data Possible payment details, including IBANs Despite the scope of exposed data, Endesa emphasized that login credentials remained secure, reducing the likelihood of direct account takeovers. Endesa Activates Incident Response Measures Following detection of the Endesa data breach, the company activated its established security response protocols to contain and mitigate the incident. In its official statement, Endesa detailed the actions taken: “As soon as Endesa Energía became aware of the incident, the established security protocols and procedures were activated, along with all necessary technical and organizational measures to contain it, mitigate its effects, and prevent its recurrence.” These actions included blocking compromised internal accounts, analyzing log records, notifying affected customers, and implementing enhanced monitoring to detect further suspicious activity. The company confirmed that operations and services remain unaffected. Authorities Notified as Investigation Continues As required under applicable regulations, Endesa notified the Spanish Data Protection Agency and other relevant authorities after conducting an initial assessment of the incident. The company stated that the investigation is ongoing, involving both internal teams and external suppliers, to fully understand the cause and impact of the breach. Addressing customer concerns, Endesa noted: “As of the date of this communication, there is no evidence of any fraudulent use of the data affected by the incident, making it unlikely that a high-risk impact on your rights and freedoms will materialize.” Customers Warned of Potential Phishing and Impersonation Risks While no misuse of data has been identified so far, Endesa acknowledged potential risks associated with the exposed information. Customers have been urged to remain vigilant against identity impersonation, data misuse, phishing attempts, and spam campaigns. The company advised affected individuals to report any suspicious communications to its call center and to avoid sharing personal or sensitive information with unknown parties. Customers were also encouraged to contact law enforcement in case of suspected fraudulent activity. The Cyber Express Team has contacted Energía XXI and Endesa seeking further clarification on the incident and its impact. However, at the time of publication, no additional response had been received from either entity.

image for What Is a DNS Attack ...

 Firewall Daily

In 2026, when websites, apps, and online services drive nearly every aspect of daily life, the Domain Name System (DNS) acts as the internet’s unsung hero. It serves as the bridge between humans and machines, effortlessly translating memorable domain names like www.thecyberexpress.com, the same website you’re   show more ...

reading this article on.   But this crucial system is also a prime target for cybercriminals. A DNS attack can disrupt services, steal sensitive data, or redirect users to malicious websites. Understanding what is a DNS attack, its types of DNS attacks, and the vulnerabilities it exploits is essential for securing networks and cloud environments.  Understanding DNS Threats  A DNS attack is any attempt to exploit vulnerabilities in the Domain Name System to disrupt normal operations, manipulate traffic, or gain unauthorized access. DNS is inherently designed for accessibility rather than security, which makes it susceptible to DNS threats. Attackers exploit the fact that DNS communications are often unencrypted, allowing them to intercept, alter, or redirect traffic.  In recent research, the economic impact of DNS attacks continues to strain organizational cybersecurity budgets. According to the 2023 Global DNS Threat Report by IDC, 88% of surveyed organizations reported experiencing at least one DNS attack, and most suffered multiple incidents annually. The study found that these attacks impose an average cost of approximately $942,000 per successful breach, as well as operational disruption and reputational harm.   DNS attacks are not limited to traditional web browsing; they can target internal networks, cloud-hosted DNS services, and enterprise infrastructure. A recent example occurred on January 8, 2026, when a global DNS attack caused Cisco Small Business Switches to enter repeated reboot loops. Faults in the DNS client service triggered crashes across multiple models, from CBS250 to SG550X series, affecting organizations worldwide. In many cases, disabling DNS queries temporarily stabilized networks, highlighting how dependent infrastructure can be on proper DNS functionality.  How DNS Attacks Work  A DNS attack typically exploits a DNS vulnerability to manipulate traffic or disrupt service. Attackers can:  Intercept DNS queries and provide malicious responses.  Redirect users to fraudulent websites for phishing or malware distribution.  Overload DNS servers to cause downtime through DNS DDoS attacks.  Exploit caching mechanisms to redirect legitimate traffic (DNS poisoning).  In technical terms, attackers may spoof a DNS request source address. When the server responds, the data is sent to the target rather than the requester. This can allow unauthorized access, website downtime, or network compromise. In cloud environments, where DNS maps Fully Qualified Domain Names (FQDNs) to virtual machines or hosted zones, a successful DNS attack can disrupt services and expose sensitive data.  Common DNS Attack Types  DNS attacks come in many forms, ranging from simple hijacks to multi-vector campaigns. Understanding these types of DNS attacks is crucial for prevention. DNS Hijacking: Attackers redirect legitimate traffic to malicious sites by altering DNS records. This can occur through compromised servers or man-in-the-middle interception, leading to data theft or malware infections. DNS Cache Poisoning: Also known as DNS poisoning, this attack injects false data into a DNS resolver’s cache, causing it to return incorrect IP addresses. Users unknowingly visit attacker-controlled sites.  DNS Floodand DDoS Attacks: A DNS flood is a denial-of-service attack that overwhelms servers with excessive requests. DNS DDoS attack types often combine spoofing and amplification techniques to maximize disruption, targeting both authoritative servers and resolvers. DNS Tunneling: Here, attackers encapsulate malicious data within DNS queries or responses, often to exfiltrate sensitive information or maintain command-and-control channels undetected. Phantom Domain and Botnet-Based Attacks: Attackers may generate fake domains to overload resolvers or use a network of compromised devices to launch coordinated attacks. These DNS-based attacks are challenging to defend against due to their distributed nature. Cover and Malware Attacks: Some attacks manipulate DNS as a distraction, enabling other attacks to succeed. Others directly use DNS viruses or malware to disrupt network services.  Preventing DNS Attacks  Defending against DNS attacks requires both proactive monitoring and strategic configuration:  Audit DNS zones regularly to remove outdated or vulnerable entries.  Keep DNS servers updated with the latest security patches.  Restrict zone transfers to prevent unauthorized access.  Disable DNS recursion on authoritative servers to prevent amplification attacks.  Implement DNSSEC to add digital signatures to DNS data, mitigating spoofing.  Use threat prevention tools and DNS firewalls to block malicious domains and detect exfiltration attempts.  In cloud environments, organizations must also secure DNS by controlling traffic with security groups and access control lists (ACLs). Cloud providers manage the infrastructure, but customers are responsible for their configuration, including zones, records, and administrative access.  Conclusion  A DNS attack is a potent threat that exploits the vulnerabilities of the Domain Name System to disrupt services, steal data, or redirect traffic. With common DNS attacks such as hijacking, cache poisoning, DNS floods, and tunneling, organizations must prioritize DNS security. Understanding DNS vulnerabilities, implementing preventive measures, and monitoring traffic continuously are essential for protecting both local networks and cloud infrastructure from Internet DNS attacks. 

image for Direct and reverse N ...

 Threats

Thanks to the convenience of NFC and smartphone payments, many people no longer carry wallets or remember their bank card PINs. All their cards reside in a payment app, and using that is quicker than fumbling for a physical card. Mobile payments are also secure — the technology was developed relatively recently and   show more ...

includes numerous anti-fraud protections. Still, criminals have invented several ways to abuse NFC and steal your money. Fortunately, protecting your funds is straightforward: just know about these tricks and avoid risky NFC usage scenarios. What are NFC relay and NFCGate? NFC relay is a technique where data wirelessly transmitted between a source (like a bank card) and a receiver (like a payment terminal) is intercepted by one intermediate device, and relayed in real time to another. Imagine you have two smartphones connected via the internet, each with a relay app installed. If you tap a physical bank card against the first smartphone and hold the second smartphone near a terminal or ATM, the relay app on the first smartphone will read the card’s signal using the NFS and relay it in real time to the second smartphone, which will then transmit this signal to the terminal. From the terminal’s perspective, it all looks like a real card is tapped on it — even though the card itself might physically be in another city or country. This technology wasn’t originally created for crime. The NFCGate app appeared in 2015 as a research tool after it was developed by students at the Technical University of Darmstadt in Germany. It was intended for analyzing and debugging NFC traffic, as well as for education purposes and experiments with contactless technology. NFCGate was distributed as an open-source solution and used in academic and enthusiast circles. Five years later, cybercriminals caught on to the potential of NFC relay and began modifying NFCGate by adding mods that allowed it to run through a malicious server, disguise itself as legitimate software, and perform social engineering scenarios. What began as a research project morphed into the foundation for an entire class of attacks aimed at draining bank accounts without physical access to bank cards. A history of misuse The first documented attacks using a modified NFCGate occurred in late 2023 in the Czech Republic. By early 2025, the problem had become large scale  and noticeable: cybersecurity analysts uncovered more than 80 unique malware samples built on the NFCGate framework. The attacks evolved rapidly, with NFC relay capabilities being integrated into other malware components. By February 2025, malware bundles combining CraxsRAT and NFCGate emerged, allowing attackers to install and configure the relay with minimal victim interaction. A new scheme, a so-called “reverse” version of NFCGate, appeared in spring 2025, fundamentally changing the attack’s execution. Particularly noteworthy is the RatOn Trojan, first detected in the Czech Republic. It combines remote smartphone control with NFC relay capabilities, letting attackers target victims’ banking apps and cards through various technique combinations. Features like screen capture, clipboard data manipulation, SMS sending, and stealing info from crypto wallets and banking apps give criminals an extensive arsenal. Cybercriminals have also packaged NFC relay technology into malware-as-a-service (MaaS) offerings, and reselling them to other threat actors through subscription. In early 2025, analysts uncovered a new and sophisticated Android malware campaign in Italy, dubbed SuperCard X. Attempts to deploy SuperCard X were recorded in Russia in May 2025, and in Brazil in August of the same year. The direct NFCGate attack The direct attack is the original criminal scheme exploiting NFCGate. In this scenario, the victim’s smartphone plays the role of the reader, while the attacker’s phone acts as the card emulator. First, the fraudsters trick the user into installing a malicious app disguised as a banking service, a system update, an “account security” app, or even a popular app like TikTok. Once installed, the app gains access to both NFC and the internet — often without requesting dangerous permissions or root access. Some versions also ask for access to Android accessibility features. Then, under the guise of identity verification, the victim is prompted to tap their bank card to their phone. When they do, the malware reads the card data via NFC and immediately sends it to the criminals’ server. From there, the information is relayed to a second smartphone held by a money mule, who helps extract the money. This phone then emulates the victim’s card to make payments at a terminal or withdraw cash from an ATM. The fake app on the victim’s smartphone also asks for the card PIN — just like at a payment terminal or ATM — and sends it to the attackers. In early versions of the attack, criminals would simply stand ready at an ATM with a phone to use the duped user’s card in real time. Later, the malware was refined so the stolen data could be used for in-store purchases in a delayed, offline mode, rather than in a live relay. For the victim, the theft is hard to notice: the card never left their possession, they didn’t have to manually enter or recite its details, and the bank alerts about the withdrawals can be delayed or even intercepted by the malicious app itself. Among the red flags that should make you suspect a direct NFC attack are: prompts to install apps not from official stores; requests to tap your bank card on your phone. The reverse NFCGate attack The reverse attack is a newer, more sophisticated scheme. The victim’s smartphone no longer reads their card — it emulates the attacker’s card. To the victim, everything appears completely safe: there’s no need to recite card details, share codes, or tap a card to the phone. Just like with the direct scheme, it all starts with social engineering. The user gets a call or message convincing them to install an app for “contactless payments”, “card security”, or even “using central bank digital currency”. Once installed, the new app asks to be set as the default contactless payment method — and this step is critically important. Thanks to this, the malware requires no root access — just user consent. The malicious app then silently connects to the attackers’ server in the background, and the NFC data from a card belonging to one of the criminals is transmitted to the victim’s device. This step is completely invisible to the victim. Next, the victim is directed to an ATM. Under the pretext of “transferring money to a secure account” or “sending money to themselves”, they are instructed to tap their phone on the ATM’s NFC reader. At this moment, the ATM is actually interacting with the attacker’s card. The PIN is dictated to the victim beforehand — presented as “new” or “temporary”. The result is that all the money deposited or transferred by the victim ends up in the criminals’ account. The hallmarks of this attack are: requests to change your default NFC payment method; a “new” PIN; any scenario where you’re told to go to an ATM and perform actions there under someone else’s instructions. How to protect yourself from NFC relay attacks NFC relay attacks rely not so much on technical vulnerabilities as on user trust. Defending against them comes down to some simple precautions. Make sure you keep your trusted contactless payment method (like Google Pay or Samsung Pay) as the default. Never tap your bank card on your phone at someone else’s request, or because an app tells you to. Legitimate apps might use your camera to scan a card number, but they’ll never ask you to use the NFC reader for your own card. Never follow instructions from strangers at an ATM — no matter who they claim to be. Avoid installing apps from unofficial sources. This includes links sent via messaging apps, social media, SMS, or recommended during a phone call — even if they come from someone claiming to be customer support or the police. Use comprehensive security on your Android smartphones to block scam calls, prevent visits to phishing sites, and stop malware installation. Stick to official app stores only. When downloading from a store, check the app’s reviews, number of downloads, publication date, and rating. When using an ATM, rely on your physical card instead of your smartphone for the transaction. Make it a habit to regularly check the “Payment default” setting in your phone’s NFC menu. If you see any suspicious apps listed, remove them immediately and run a full security scan on your device. Review the list of apps with accessibility permissions — this is a feature commonly abused by malware. Either revoke these permissions for any suspicious apps, or uninstall the apps completely. Save the official customer service numbers for your banks in your phone’s contacts. At the slightest hint of foul play, call your bank’s hotline directly without delay. If you suspect your card details may have been compromised, block the card immediately.

 Feed

Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos RAT and establish persistent, covert remote access. "The infection chain follows a tightly orchestrated execution path: an obfuscated VBS launcher executed via wscript.exe invokes a

 Feed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity security flaw impacting Gogs by adding it to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, tracked as CVE-2025-8110 (CVSS score: 8.7), relates to a case of path traversal in the repository file editor that could result in code execution. "Gogs Path

 Feed

AI agents are no longer just writing code. They are executing it. Tools like Copilot, Claude Code, and Codex can now build, test, and deploy software end-to-end in minutes. That speed is reshaping engineering—but it’s also creating a security gap most teams don’t see until something breaks. Behind every agentic workflow sits a layer few organizations are actively securing: Machine Control

 Feed

Cybersecurity researchers have disclosed details of a previously undocumented and feature-rich malware framework codenamed VoidLink that's specifically designed for long-term, stealthy access to Linux-based cloud environments According to a new report from Check Point Research, the cloud-native Linux malware framework comprises an array of custom loaders, implants, rootkits, and modular

 Feed

Old Playbook, New Scale: While defenders are chasing trends, attackers are optimizing the basics The security industry loves talking about "new" threats. AI-powered attacks. Quantum-resistant encryption. Zero-trust architectures. But looking around, it seems like the most effective attacks in 2025 are pretty much the same as they were in 2015. Attackers are exploiting the same entry points that

 Feed

ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform arbitrary actions as that user. The vulnerability, tracked as CVE-2025-12420, carries a CVSS score of 9.3 out of 10.0 "This issue [...] could enable an unauthenticated user to impersonate another user and

 Feed

Cybersecurity researchers have discovered a major web skimming campaign that has been active since January 2022, targeting several major payment networks like American Express, Diners Club, Discover, JCB Co., Ltd., Mastercard, and UnionPay. "Enterprise organizations that are clients of these payment providers are the most likely to be impacted," Silent Push said in a report published today.

 Feed

Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that's capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on the platform. The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is still

 AI

In episode 83 of The AI Fix, Graham reveals he's taken up lying to LLMs, and shows how a journalist exposed AI bluffers with a made-up idiom. Meanwhile Mark invents a "Godwin's Law" for AI, and explains how to ruin any LLM with humus. Also in this episode, a marriage is declared invalid thanks to   show more ...

ChatGPT, an AI barman looks for a job in a quiet pub, OpenAI finally unveils ChatGPT Health, and why news of the death of Stack Overflow may be greatly exaggerated. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.

2026-01
Aggregator history
Tuesday, January 13
THU
FRI
SAT
SUN
MON
TUE
WED
JanuaryFebruaryMarch