Google's Gemini integrates very closely with just about every Workspace app, including Gmail. When I tested the AI chatbot, I expected options to rephrase an email to sound more professional or summarize long threads. What I got instead was a first-hand lesson in how invasive Gemini can be once it has access to 16 years' worth of emails. What’s more concerning is that signing up for Google’s AI Pro plan automatically unlocks Gemini’s Gmail integration—without an explanation of what it does or the choice to opt out. So you should think twice about signing up for Gemini with your main Google account. If you do want Gemini in Gmail or are curious about how invasive it gets, here’s what you can expect.How Does Gemini Know That?Clicking the Gemini icon in Gmail opens up a sidebar where you can talk to Gemini about your email. In testing, it was able to tell me useful information, such as when my next Trade coffee delivery would arrive and if I had any pressing emails that required responses. But it goes far beyond that.When I asked it about my first crush, Gemini was able to determine that it occurred in elementary school, as well as tell me the name of my first love, how we met, and when we met. Upon request, Gemini also told me who my top Facebook friends were in 2009 and who my best friend was in 2010. Gemini even explained that one of my character flaws is that I get "too laser-focused on what [I] want, which extracts a toll on [my] relationships, much like Drake from the Uncharted game." And, yes, that’s one of my favorite game franchises, which apparently Gemini knows, too.(Credit: Google/PCMag)How does Gemini know that? The simple answer is that the information is somewhere within the 16 years' worth of my email history it can access. Why does Gemini sometimes end its messages with “Cheers, Ruben” as if it’s me? Gemini can write emails for me in my unique style with its new Smart Reply feature, but why does it adopt my style when I talk to it?That may be a simple bug, but I also find the possibilities of Smart Reply worrying, given my previous experiences: What if Gemini includes deeply personal information in an email, and I accidentally send it out? My main takeaway is that I find all of this intensely unsettling.Can You Trust Google to Protect Your Privacy?What does Google do with information about my love life and character flaws? Its privacy policy is fairly clear: Google collects a variety of information when you use Gemini, which includes your entire chat history. The company uses this information to improve its products and train its large language models. However, Google doesn't use Gemini data from Google Workspace apps, like Gmail, for training, ad targeting, or selling. I appreciate the guarantee, but I don’t fully trust Google.Recommended by Our EditorsJust in 2025, Google agreed to pay out $1.375 billion for collecting Texans’ biometric data without consent, and a state-sponsored group exploited a flaw in Google Chrome to spy on Russian users. In 2024, Google came under fire for ‘misleading and aggressive’ data practices. Google’s historical track record isn’t any better, as evidenced by the Google+ leak of user information in 2018 and the Gmail password leak in 2014.Gemini or no Gemini, my data is on Google’s servers, so I am susceptible to all manner of hacks and leaks. However, Gemini in my email means that a bad actor might not just get access to my account or information but also to a convenient tool they can use to ask directly about pretty much any major event in my life for the better part of two decades. Should You Give Gemini Access to Your Email?This question doesn’t have a simple answer, and a lot of it depends on your views on online privacy. I don’t like Gemini in my personal email or in my personal Google Drive files (which is another integration that happens automatically when you sign up for the premium Gemini subscription), but I'm much more open to Gemini in a professional capacity.As someone who makes his living largely working from home on the internet, I’m used to using accounts and devices that aren’t entirely mine. I don’t get nearly as creeped out knowing Gemini can analyze my work interactions with PR representatives or see my meeting history. I'm open to hearing about, say, how the way I schedule meetings reflects poorly on my character.Whether you feel comfortable with Gemini in your email or anywhere else is entirely up to you. Just make sure you know what’s in your data and that you’re comfortable with a chatbot that can learn intimate facts about you before you decide to give it access to your email. As for me, it's all too creepy. I don't plan on letting Gemini access my personal email anymore.Google doesn't make it clear how to turn Gemini off in Gmail, but it's possible. Go to Gmail's settings, and click the "Manage Workplace smart feature settings" button. Here, you can toggle smart features (including Gemini) in Google Workplace off. If you click on the Gemini button going forward, it simply prompts you to turn smart features back on.

This article includes spoilers for The Legend of Korra. Janet Varney and Dante Basco aren’t just stars of beloved animated epics The Legend of Korra and Avatar: The Last Airbender, respectively, they are also hosts of Nickelodeon’s Avatar companion podcast, Braving the Elements – a status that makes them, as they joke, Ph.D. holders in “Avatarism.” The show is dedicated to all things Avatar and season 4 is set to dive into the 2012 sequel series, The Legend of Korra.  Den of Geek spoke with Varney (Korra) and Basco (Zuko) ahead of the podcast’s season 4 premiere to discuss their early reactions to seeing Korra (which Basco is watching for the first time), the possibility of a comic season of the podcast, and their advice for the star of upcoming sequel Avatar: Seven Havens. DEN OF GEEK: For the podcast you’re both starting your journey into watching Korra. How did you feel when, in Korra’s first episode, they just brushed away that long-held question of “Whatever happened to Zuko’s mom?” Dante Basco: I don’t know if I was prepared or not, but I already knew. I already went through the comics [which finally answered that question]. I was fine with that because I’m hip to the situation.  Janet Varney: I think by that time [creators and showrunners] Mike DiMartino and Bryan Konietzko knew that answer was going to be very available. So they intentionally planted it in [the Korra premiere] as like a little tip of the hat. Dante Basco: A little wink to the audience. Obviously the podcast still has a lot to cover with Korra but, speaking of the comics, do you have any plans for how you’ll tackle them in the future? Could this possibly be a good chance to get an official radio play of those comics out there? JV: Oooo, a radio play would be fun. Talking about the comics has definitely been something that we talked about from the beginning. It’s just a matter of timing and what the powers that be decide about the when’s and how’s of it all. But we’ve weaseled in as much as we can on the podcast with people like [comic writers] Faith Erin Hicks and Gene Luen Yang. We’ve been like “come to the podcast, let’s lay the groundwork.” DB: A little radio play of the comics would be fun. JV: We did one for “Turf Wars” during the pandemic with Seychelle Gabriel [Asami], Mindy Sterling [Lin Beifong], David Faustino [Mako], and P. J. Byrne [Bolin]. Join our mailing list Get the best of Den of Geek delivered right to your inbox! There needs to be a version that comes with the book and it says, “when you hear the firebending sounds, turn the page.” DB: *firebending sounds* JV: Jeff Bennett [Radio broadcaster in Korra] can do all the stage directions! The just-announced Avatar: Seven Havens is set to be a sequel to Korra and will feature an Earthbender who discovers she’s the next Avatar. What advice do you two have to whoever ends up playing this new Avatar?  JV: Get ready for a wild ride, my friend. DB: Take it in stride. Have a good time on the journey. It’s a journey – the whole thing. You get to go through the show, the fanbase, and just being a part of this wonderful world. Janet, do you remember what you were told when you were brought in to do Korra? Especially since you were coming into a franchise that already had a huge fan base.  JV: When we had started recording, Sarah Noonan, who was heading up casting, grabbed me outside of Studio A, took me by the shoulders, looked deeply into my eyes and said, “Are you ready for your life to change?” I was like, “Sarah, I love you, but I’ve been told that before because it’s Hollywood.” Dante knows. DB: Sometimes it’s yourself telling you that. JV: So you get really good at pushing that into the background. DB: You have to or we’d all be put away a long time ago. JV: But Sarah was more right than anyone ever has been. Yes, my life is completely different and so much of my life is connected to this thing that she was dead-on about. DB: No one told me that at all, not even Mike and Bryan. No one knew this was gonna happen the way it happened. It was like, “we’re doing a show. We all have done shows, so let’s just have a good time.” I don’t think anyone was prepared for it to be what it became. Truly. Janet, due to events in – Foreshadow Report! – the Korra series, this new Avatar in Seven Havens is not going to have the ability to call on all the past Avatars. What do you think an Avatar will be like with only Korra to call on for advice? JV: First of all, I just want to point out: it’s not Korra’s fault. I just wanna cover my bases. Let me just go ahead and remind everyone that losing that connection to the past Avatars was definitely not her fault. You wanna go ahead and blame someone? You can blame any number of people. You wanna blame Unalaq? Go for it. You wanna blame Vaatu? I welcome you to do so. DB: Vaatu for sure. Vaatu has the biggest blame in this situation. JV: At least Vaatu is …there has to be dark and light, right? But Unalaq? Gross ambition. Come on, guy. DB: These shady Waterbenders out there. There’s all these nice Waterbenders but when there’s bad apples it’s very bad. JV: Genuinely though: we don’t know any details about Seven Havens. Even if we did, we could not say! JV: Who knew that was such a dominant trait? DB: It’s such a dominant trait, it just happens in every generation. You talk about people reincarnating? That voice reincarnates every generation. If you get great grandpa’s voice? That means you’ve got to do something special in your life. Don’t squander that. What are you both most excited for people to hear in this upcoming season of the podcast? JV: Dante has been predicting what he thinks might happen. Every episode we revisit what he did predict for whatever Korra episode we’re watching and then we look to the future. I want to give you an extra shout out, buddy, because it’s not easy being wrong about something. But right after you found out you’re wrong about one prediction, now you have to make a new prediction about the episode. You showed up for that every time. It’s a decent track record. What’s the hit-to-miss ratio? DB: At least 50/50. JV: It might not be 50/50… but, yeah, you know what? Let’s call it 50/50!  DB: I’m excited for the whole audience to get into Korra again. It’s the 20th anniversary of Avatar and that’s amazing but going into revisiting (or for me, the first time) the Korra world in its entirety? It’s very fascinating to take a look at the Korra world in a new space and time. For fans of the podcast, they’ve seen me on the spot kind of defending Fire Nation for many years now. There are good folks in the Fire Nation! Some have economic anxiety. DB: Yeah, but I like to see Janet now a little bit on the hot seat. Not just Janet, I’m gonna have to throw the whole Water Tribe under that bus. There are some evil Waterbenders in Korra!  JV: What a gift we gave you. It’s like we made it for you. DB: There’s a whole world thinking ill thoughts of the Fire Nation and I want to point the camera a little at the Water Tribe for a while. JV: The whole Industrial Revolution thing has been so fun and great to dig into. It’s such a different piece to talk about with our guests. That setting is so rich and it’s something that we see the guests bringing up time and time again. It’s just an aspect of the show that really excites people because it’s closer to our technology. It opens up different perspectives from people on what is valuable about bending. I think it’s really fun to get into. The newest season of Braving the Elements is now available wherever you get your podcasts.

Explorations in material take on a deeper meaning in the work of these four talented makers, whose collectible objects are as functional as they are covetable. We sat down with Chuma Maweni, Osanna Visconti, Simone Bodmer-Turner, and Ombia Studio Founder Cristina Moreno to talk about unexpected sources of inspiration, pivotal career moments, and experiences that shaped who they are and how they create today. Chuma Maweni The South Africa–based ceramist has put his stamp on traditional Zulu and Xhosa techniques.Gerheardt CoetzeeChuma Maweni in his Cape Town studio.When did you first think of yourself as a creator?CM: There wasn’t a defining moment that I remember, more a realization a few years ago that people, from curators to collectors to family, had started to take notice of my work and wanted to know more about it. That was a very affirming shift for me, particularly in terms of how my parents saw me.Lea CraffordChuma Maweni’s Zoliswa (Qavashe), a rounded mirror with a frame made of clay tiles.What would surprise people most about your process?CM: People are surprised when they realize that my works are made from clay. They often think they’re made of wood. When people think about ceramics, they tend to think of sculpture and vessels, not furniture.Delaire GraffiSibane (Maweni) in glazed stoneware, glass, and steel.What was the last trip you took that sparked your creative output?CM: Going home to Mthatha is always inspiring for me and my work. When I’m there I can practice smoke-firing using cow dung. I can literally watch the cows in the field while I work! There’s something very interesting about this idea of going back to the source.Hayden Phipps and Southern GuildThe installation iMvelaphi, on view at Southern Guild in Cape Town in 2024.Who is your dream collaborator?CM: Within the stable of my gallery, Southern Guild, I would love to collaborate with Adam Birch and Zanele Muholi. Osanna ViscontiThe Milanese metalworker is well known for her elegant pieces made with the lost-wax casting technique.Federico VillaVisconti in her Milan studio. When did you first think of yourself as a creator?OV: Ever since I was a child. At school I would take pliers, thin golden thread, and beads into the classroom and produce pieces to share with my classmates.Osanna ViscontiOsanna Visconti’s Bambù bookshelf in natural bronze.What would surprise people most about your process?OV: My eclecticism, just like the matter I shape. I am an artisan and an artist, and my practice spans art and technique, beauty and function. I am not a sculptor nor an industrial designer, even though I share my approach and quest for meaning with design.Osanna ViscontiVisconti’s cast bronze Campanula floor lamp.What was the last trip you took that inspired your creative output?OV: It was in a weekend house, looking at a magnolia tree of considerable size, with branches touching the windows. I grasped the life cycle of a flower, nature’s most exquisite creation, and it inspired my Magnolia collection of furniture in natural bronze.Osanna ViscontiVisconti’s cast bronze Bambu armchair. What music do you listen to while you work?OV: All piano concertos by Sergei Rachmaninoff. Simone Bodmer-TurnerWorking in rural Massachusetts, Bodmer-Turner’s studio practice manages to span mediums and meanings.NEIGE THEBAULTBodmer-Turner applying a glaze to one of her chairs.When did you first think of yourself as a creator?SBT: I’ve always known one of my skills was being creative, but saying it out loud to my family, with the intention of doing creative work as my profession rather than as an extracurricular, set me on the path I am now on.What would surprise people most about your process?SBT: I do absolutely nothing with a computer or any technology—except email. Marco GallowayLamps from the Tulip series.What was the last trip you took that inspired your creative output?SBT: My partner and I have been learning to sail. Being on a boat in the middle of the ocean brings clarity, and the multipurposeness and collapsibility of spaces within a boat is so inspiring.What advice would you have for your younger self?SBT: Don’t tell yourself you can’t create something you’re passionate about just because you haven’t seen someone structure a practice that way before. Your gut will always know what’s right for you. Ombia StudioFrom her studio in Los Angeles, Cristina Moreno makes sculptural furniture in clay and wood.Courtesy of OmbiaOmbia Studio founder Cristina Morenoin her L.A. studio. When did you first think of yourself as a creator?CM: I started painting when I was two years old and have known ever since that creativity would forever be a part of me.David William BaumOmbia Studio’s Arena side table in ceramic.What would surprise people most about your process?CM: The technicality and how physically difficult it is to make these tables. When I have friends come by the studio, they’re always amazed—they never thought each piece could take so many steps and require so much muscle.David William BaumCleo, a five-legged ceramic side table.What was the last trip you took that impacted your creative output?CM: Production trips to Mexico City are always fruitful. Places that have a deep artisanal ancestry remind me that there is so much to learn, and beauty in the handmade. I’m still thinking about my trip to the gold museum in Bogotá, Colombia.David William BaumMusica, a sculptural dining chair.What was the last work of art you saw that inspired your output, and how?CM: I wouldn’t say art directly inspires my output. At least not consciously. I usually find that ancient functional objects are what really inspire me. This story originally appeared in the May 2025 issue of Elle Decor. SUBSCRIBE

Posted on : May 22, 2025 By Tech World Times Business  Rate this post The consumer durables industry makes products we use daily. These products last a long time. Think of TVs, refrigerators, and washing machines. This industry is large and growing. Many people do not know it offers great jobs. Some jobs pay well. You just need to know where to look. In this article, we explore the Paying Jobs in Consumer Durables. We will look at what these jobs are, what they require, and why they pay so well. What Is the Consumer Durables Industry? Consumer durables are products we use often. But we do not buy them every day. These items last for years. Some examples are: Televisions Washing machines Refrigerators Air conditioners Laptops This industry needs many workers. It needs designers, engineers, marketers, and sales experts. Each role plays a part in making and selling products. Why This Industry Pays Well There are many reasons. First, the products are high in value. This means companies make big profits. Second, the work needs skill. Jobs like product design or quality control need experts. Lastly, competition is strong. Big brands want the best workers. They are ready to pay high salaries. Let’s now look at the Best best-paying jobs in Consumer Durables. 1. Product Manager What they do: They manage the full life of a product. From the idea to the final sale. Why it pays well: They make key decisions. They help make products that people love. Their work affects company profit. Skills needed: Market research Team management Decision making Strategy planning Average salary: $90,000 to $130,000 per year in the U.S. 2. Industrial Designer What they do: They design the look and function of products. They mix art with engineering. Why it pays well: Good design boosts sales. Brands need smart, creative designers to stand out. Skills needed: 3D modeling Design thinking Creative mindset User experience skills Average salary: $65,000 to $100,000 per year. 3. Sales Director What they do: They lead the sales team. They make plans to grow sales and enter new markets. Why it pays well: More sales mean more profits. Sales leaders are key to business success. Skills needed: Sales strategy Team leadership Communication CRM tools Average salary: $100,000 to $160,000 per year. 4. Marketing Manager What they do: They run marketing campaigns. They promote products and build brand trust. Why it pays well: Good marketing brings in more buyers. A strong brand leads to higher sales. Skills needed: SEO and ads Market research Digital Marketing Budget management Average salary: $75,000 to $120,000 per year. 5. Quality Control Manager What they do: They check that products meet set standards. They ensure everything works well before sales. Why it pays well: Bad products hurt sales. Good quality builds trust. This role keeps the brand strong. Skills needed: Inspection tools Problem-solving Report writing Teamwork Average salary: $70,000 to $110,000 per year. 6. Electrical Engineer What they do: They design and test electrical systems. These systems power the devices we use. Why it pays well: Good engineers make safe, energy-saving products. Their work is technical and in high demand. Skills needed: Circuit design Testing equipment Coding (in some roles) Project work Average salary: $80,000 to $120,000 per year. 7. Supply Chain Manager What they do: They manage how products move from factory to store. They handle shipping, storage, and delivery. Why it pays well: A smooth supply chain saves money. It keeps stores stocked and customers happy. Skills needed: Inventory systems Logistics planning Cost control Vendor management Average salary: $85,000 to $125,000 per year. 8. R&D Specialist (Research and Development) What they do: They work on new ideas. They test and improve products. Why it pays well: Innovation keeps brands ahead. R&D teams create the next big thing in the market. Skills needed: Product testing Lab tools Critical thinking Data analysis Average salary: $70,000 to $110,000 per year. 9. Software Developer (for Smart Devices) What they do: They build software for smart consumer products. Think smart TVs or IoT kitchen tools. Why it pays well: More people want smart devices. Developers create the brains behind these products. Skills needed: Programming languages Embedded systems Testing tools UX/UI knowledge Average salary: $90,000 to $130,000 per year. 10. Human Resources Manager What they do: They hire staff, manage payroll, and handle employee issues. Why it pays well: Happy workers do better work. HR managers keep teams strong and working well. Skills needed: Conflict solving Recruitment skills Team building Payroll tools Average salary: $70,000 to $105,000 per year. Is This Industry Right for You? If you enjoy technology, design, or business, this industry may be perfect. It offers stable jobs and great pay. You do not always need a master’s degree. Some roles need experience, others need special skills or certifications. Try internships or entry-level roles to start. Over time, you can move to higher positions. Final Thoughts The consumer durables industry is growing. It offers many chances to earn well and grow fast. If you’re looking for high-income roles, explore the Best Paying Jobs in Consumer Durables. Jobs like product manager, sales director, and engineer are top choices. These roles pay well because they need skills and give big value to companies. With the right training and effort, you can land one of these jobs too. Start learning. Build your skills. And take the first step toward a well-paid career in consumer durables. Tech World TimesTech World Times (TWT), a global collective focusing on the latest tech news and trends in blockchain, Fintech, Development & Testing, AI and Startups. If you are looking for the guest post then contact at techworldtimes@gmail.com

Jony Ive and Sam Altman yesterday released a strong candidate for most frustrating video of the year: promising a completely new concept in AI hardware, but giving very little clue as to what it might be. I transcribed the video to see whether I could spot any clues, in conjunction with other things the two have said. I think we can draw some pretty safe conclusions about what it’s not – and there are one or two clues about what it is … I argued a year ago that the AI hardware we’ve seen to date is like people trying to invent the iPod after the iPhone. Once we knew that Ive and Altman were working on something, however, I had to temper my skepticism, noting that it would be a brave person who bets against the pair. The only form factor that has so far made any sense to me is smart glasses, but Altman has specifically said that io is not a pair of glasses, while both have also made it clear that it’s not a phone. The pair strongly imply it’s a form factor we haven’t yet seen, which would seem to rule out a badge, a smartwatch, a smart ring, or in-ear headphones. I mean, this is a marketing video, so we can’t be 100% certain that they’re not fudging things a little, but to create this much fanfare before releasing a new take on something that already exists would be kind of a dumb move – and these are not dumb guys! Here are a bunch of direct quotes from the video that really do make the claim that they are creating something(s) genuinely new. “io is merging with OpenAI—formed with the mission of figuring out how to create a family of devices that would let people use AI to create all sorts of wonderful things.” “Jony recently gave me one of the prototypes of the device for the first time to take home, and I’ve been able to live with it—and I think it is the coolest piece of technology that the world will have ever seen.” “And so it’s just common sense to at least think, surely there’s something beyond these legacy products.” “I am absolutely certain that we are literally on the brink of a new generation of technology that can make us our better selves.” The WSJ also has some quotes from a presentation Altman gave to OpenAI staff. Employees have “the chance to do the biggest thing we’ve ever done as a company here,” Altman said after announcing OpenAI’s plans to purchase Ive’s startup, named io, and give him an expansive creative and design role. Altman suggested the $6.5 billion acquisition has the potential to add $1 trillion in value to OpenAI, according to a recording reviewed by The Wall Street Journal. Honestly, if you say all that and then launch a watch or a pendant, the internet is going to come down on you so hard … But there are a few more specific clues. First, they’ve said that they want to get people away from screens, which strongly implies that it either doesn’t have one, or that the screen is not the primary UI. Altman also said something which sounded somewhat weird. He said that, currently, if we were sitting in a bar and wanted to ask AI something, then: “I would reach down. I would get on my laptop, I’d open it up, I’d launch a web browser, I’d start typing, and I’d have to explain that thing. Then I’d hit enter, and I’d wait, and I’d get a response. And that is at the limit of what the current tool of a laptop can do. But I think this technology deserves something much better.” I mean, I’m 100% a Mac-first guy – give me a choice between doing a random task on my iPhone or my MacBook and I’m typically going to use the latter – but not even I am going to pull out my Mac rather than my iPhone for most AI queries in bars. Perhaps that’s just tech bros in San Francisco, where pulling out a laptop in a bar would be entirely unremarkable, but there was also that opening line: “I think we have the opportunity here to kind of completely reimagine what it means to use a computer.” While an iPhone, Apple Watch, HomePod, and Vision Pro are all technically computers, the word does tend to suggest something. The WSJ also says he got a bit more specific with staff: The product will be capable of being fully aware of a user’s surroundings and life, will be unobtrusive, able to rest in one’s pocket or on one’s desk, and will be a third core device a person would put on a desk after a MacBook Pro and an iPhone. If we take it out and put it somewhere, that very strongly suggests it’s not a wearable, and that it would most directly substitute for AI tasks we might currently carry out on a laptop. So to me all this is saying: It is a genuinely new form-factor, not a re-imagining of a current device It either doesn’t have a screen, or the screen is not the main way we interact with it It’s not a wearable It’s intended to be more powerful than a phone, more in line with laptop capabilities When I asked ChatGPT to speculate, the above image is what it came up with. When I asked it to try again, and come up with a different form factor, it showed me the same thing from a different angle. I think OpenAI is messing with us! Do you have your own theories about what it might be? Please share your thoughts in the comments. Highlighted accessories Image: ChatGPT’s imaginings. C0LDPLAY4LIFE: You found the secret code for our Grid Frame giveaway! Add 9to5Mac to your Google News feed.  FTC: We use income earning auto affiliate links. More.You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

You wouldn't use a chatbot for evil, would you? Of course not. But if you or some nefarious party wanted to force an AI model to start churning out a bunch of bad stuff it's not supposed to, it'd be surprisingly easy to do so.That's according to a new paper from a team of computer scientists at Ben-Gurion University, who found that the AI industry's leading chatbots are still extremely vulnerable to jailbreaking, or being tricked into giving harmful responses they're designed not to — like telling you how to build chemical weapons, for one ominous example.The key word in that is "still," because this a threat the AI industry has long known about. And yet, shockingly, the researchers found in their testing that a jailbreak technique discovered over seven months ago still works on many of these leading LLMs.The risk is "immediate, tangible, and deeply concerning," they wrote in the report, which was  and is deepened by the rising number of "dark LLMs," they say, that are explicitly marketed as having little to no ethical guardrails to begin with."What was once restricted to state actors or organized crime groups may soon be in the hands of anyone with a laptop or even a mobile phone," the authors warn.The challenge of aligning AI models, or adhering them to human values, continues to loom over the industry. Even the most well-trained LLMs can behave chaotically, lying and making up facts and generally saying what they're not supposed to. And the longer these models are out in the wild, the more they're exposed to attacks that try to incite this bad behavior.Security researchers, for example, recently discovered a universal jailbreak technique that could bypass the safety guardrails of all the major LLMs, including OpenAI's GPT 4o, Google's Gemini 2.5, Microsoft's Copilot, and Anthropic Claude 3.7. By using tricks like roleplaying as a fictional character, typing in leetspeak, and formatting prompts to mimic a "policy file" that AI developers give their AI models, the red teamers goaded the chatbots into freely giving detailed tips on incredibly dangerous activities, including how to enrich uranium and create anthrax.Other research found that you could get an AI to ignore its guardrails simply by throwing in typos, random numbers, and capitalized letters into a prompt.One big problem the report identifies is just how much of this risky knowledge is embedded in the LLM's vast trove of training data, suggesting that the AI industry isn't being diligent enough about what it uses to feed their creations."It was shocking to see what this system of knowledge consists of," lead author Michael Fire, a researcher at Ben-Gurion University, told the Guardian."What sets this threat apart from previous technological risks is its unprecedented combination of accessibility, scalability and adaptability," added his fellow author Lior Rokach.Fire and Rokach say they contacted the developers of the implicated leading LLMs to warn them about the universal jailbreak. Their responses, however, were "underwhelming." Some didn't respond at all, the researchers reported, and others claimed that the jailbreaks fell outside the scope of their bug bounty programs. In other words, the AI industry is seemingly throwing its hands up in the air."Organizations must treat LLMs like any other critical software component — one that requires rigorous security testing, continuous red teaming and contextual threat modelling," Peter Garraghan, an AI security expert at Lancaster University, told the Guardian. "Real security demands not just responsible disclosure, but responsible design and deployment practices."Share This Article

May 22, 2025Ravie LakshmananCybersecurity / Vulnerability A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any user in Active Directory (AD). "The attack exploits the delegated Managed Service Account (dMSA) feature that was introduced in Windows Server 2025, works with the default configuration, and is trivial to implement," Akamai security researcher Yuval Gordon said in a report shared with The Hacker News. "This issue likely affects most organizations that rely on AD. In 91% of the environments we examined, we found users outside the domain admins group that had the required permissions to perform this attack." What makes the attack pathway notable is that it leverages a new feature called Delegated Managed Service Accounts (dMSA) that allows migration from an existing legacy service account. It was introduced in Windows Server 2025 as a mitigation to Kerberoasting attacks. The attack technique has been codenamed BadSuccessor by the web infrastructure and security company. "dMSA allows users to create them as a standalone account, or to replace an existing standard service account," Microsoft notes in its documentation. "When a dMSA supersedes an existing account, authentication to that existing account using its password is blocked." "The request is redirected to the Local Security Authority (LSA) to authenticate using dMSA, which has access to everything the previous account could access in AD. During migration, dMSA automatically learns the devices on which the service account is to be used which is then used to move from all existing service accounts." The problem identified by Akamai is that during the dMSA Kerberos authentication phase, the Privilege Attribute Certificate (PAC) embedded into a ticket-granting ticket (i.e., credentials used to verify identity) issued by a key distribution center (KDC) includes both the dMSAs security identifier (SID) as well as the SIDs of the superseded service account and of all its associated groups. This permissions transfer between accounts could open the door to a potential privilege escalation scenario by simulating the dMSA migration process to compromise any user, including domain administrators, and gain similar privileges, effectively breaching the entire domain even if an organization's Windows Server 2025 domain isn't using dMSAs at all. "One interesting fact about this 'simulated migration' technique, is that it doesn't require any permissions over the superseded account," Gordon said. "The only requirement is to write permissions over the attributes of a dMSA. Any dMSA." "Once we've marked a dMSA as preceded by a user, the KDC automatically assumes a legitimate migration took place and happily grants our dMSA every single permission that the original user had, as though we are its rightful successor." Akamai said it reported the findings to Microsoft on April 1, 2025, following which the tech giant classified the issue as moderate in severity and that it does not meet the bar for immediate servicing due to the fact that successful exploitation requires an attacker to have specific permissions on the dMSA object, which suggests an elevation of privileges. However, a patch is currently in the works. Given that there is no immediate fix for the attack, organizations are advised to limit the ability to create dMSAs and harden permissions wherever possible. Akamai has also released a PowerShell script that can enumerate all non-default principals who can create dMSAs and list the organizational units (OUs) in which each principal has this permission. "This vulnerability introduces a previously unknown and high-impact abuse path that makes it possible for any user with CreateChild permissions on an OU to compromise any user in the domain and gain similar power to the Replicating Directory Changes privilege used to perform DCSync attacks," Gordon said. Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    

In February 2024, CNN reported, “A finance worker at a multinational firm was tricked into paying out $25 million to fraudsters using deepfake technology to pose as the company’s chief financial officer in a video conference call.” In Europe, a second firm experienced a multimillion-dollar fraud when a deepfake emulated a board member in a video allegedly approving a fraudulent transfer of funds. “Banks and financial institutions are particularly at risk,” said The Hack Academy. “A study by Deloitte found that over 50% of senior executives expect deepfake scams to target their organizations soon. These attacks can undermine trust and lead to significant financial loss.”  Hack Academy went on to say that AI-inspired security attacks weren’t confined to deepfakes. These attacks were also beginning to occur with increased regularity in the form of corporate espionage and misinformation campaigns. AI brings new, more dangerous tactics to traditional security attack methods like phishing, social engineering and the insertion of malware into systems. For CIOs, enterprise AI system developers, data scientists and IT network professionals, AI changes the rules and the tactics for security, given AI’s limitless potential for both good and bad. This is forcing a reset in how IT thinks about security against malicious actors and intruders. Related:How Bad Actors are Exploiting AI What exactly is IT up against? The AI tools that are available on the dark web and in public cyber marketplaces give security perpetrators a wide choice of AI weaponry. Also, IoT and edge networks now present much broader enterprise attack surfaces. Security threats can come in videos, phone calls, social media sites, corporate systems and networks, vendor clouds, IoT devices, network end points, and virtually any entry point into a corporate IT environment that electronic communications can penetrate. Here are some of the current AI-embellished security attacks that companies are seeing: Convincing deepfake videos of corporate executives and stakeholders that are intended to dupe companies in pursuing certain actions or transferring certain assets or funds. This deep faking also extends to voice simulations of key personnel that are left as voicemails in corporate phone systems.  Phishing and spearfishing attacks that send convincing emails (some with malicious attachments) to employees, who mistakenly open them because they think the sender is their boss, the CEO or someone else they perceive as trusted. AI supercharges these attacks because it can automate and send out a large volume of emails that hit many employee email accounts. That AI continues to “learn” with the help of machine learning so it can discover new trusted sender candidates for future attacks.   Related:Adaptive messaging that uses generative AI to craft messages to users that correct grammar and that “learn” from corporate communication styles so they can more closely emulate corporate communications that make them seem legitimate. Mutating code that uses AI to change malware signatures on the fly so antivirus detection mechanisms can be evaded. Data poisoning that occurs when a corporate or cloud provider’s AI data repository is injected by malware that alters (“poisons”) so the data produces erroneous and misleading results.  Fighting Back With Tech To combat these supercharged AI-based security threats, IT has number of tools, techniques and strategies it can consider. Fighting deepfakes. Deepfakes can come in the form of videos, voicemails and photos. Since deepfakes are unstructured data objects that can’t be parsed in their native forms like real data, there are new tools on the market that can convert these objects into graphical representations that can be analyzed to evaluate whether there is something in an object that should or shouldn’t be there. The goal is to confirm authenticity.  Related:Fighting phishing and spear phishing. A combination of policy and practice works best to combat phishing and spear phishing attacks. Both types of attacks are predicated on users being tricked into opening an email attachment that they believe is from a trusted sender, so the first line of defense is educating (and repeat-educating) users on how to handle their email. For instance, a user should notify IT if they receive an email that seems unusual or unexpected, and they should never open it. IT should also review its current security tools. Is it still using older security monitoring software that doesn’t include more modern technologies like observability, which can check for security intrusions or malware at more atomic levels?  Is IT still using IAM (identity access management) software to track user identities and activities at a top level in the cloud and on top and atomic levels on premises, or has it also added cloud identity entitlements management (CIEM), which gives it an atomic level view of  user accesses and activities in the cloud? Better yet, has IT moved to identity governance administration (IGA), which can serve as an over-arching umbrella for IAM and CIEM plugins, plus provide detailed audit reports and automated compliance across all platforms? Fighting embedded malware code. Malware can lie dormant in systems for months, giving a bad actor the option to activate it whenever the timing is right. It’s all the more reason for IT to augment its security staff with new skillsets, such as that of the “threat hunter,” whose job is to examine networks, data and systems on a daily basis, hunting down malware that might be lurking within, and destroying it before it activates. Fighting with zero-trust networks. Internet of Things (IoT) devices come into companies with little or no security because IoT suppliers don’t pay much attention to it and there is a general expectation that corporate IT will configure devices to the appropriate security settings. The problem is, IT often forgets to do this. There are also times when users purchase their own IoT gear, and IT doesn’t know about it. Zero-trust networks help manage this, because they detect and report on everything that is added, subtracted or modified on the network. This gives IT visibility into new, potential security breach points. A second step is to formalize IT procedures for IoT devices so that no IoT device is deployed without the device’s security first being set to corporate standards.  Fighting AI data poisoning. AI models, systems and data should be continuously monitored for accuracy. As soon as they show lowered levels of accuracy or produce unusual conclusions, the data repository, inflows and outflows should be examined for quality and non-bias of data. If contamination is found, the system should be taken down, the data sanitized, and the sources of the contamination traced, tracked and disabled. Fighting AI with AI. Most every security tool on the market today contains AI functionality to detect anomalies, abnormal data patterns and user activities. Additionally, forensics AI can dissect a security breach that does occur, isolating how it happened, where it originated from and what caused it. Since most sites don’t have on-staff forensics experts, IT will have to train staff in forensics skills. Fighting with regular audits and vulnerability testing. Minimally, IT vulnerability testing should be performed on a quarterly basis, and full security audits on an annual basis. If sites use cloud providers, they should request each provider’s latest security audit for review. An outside auditor can also help sites prepare for future AI-driven security threats, because auditors stay on top of the industry, visit many different companies, and see many different situations. An advanced knowledge of threats that loom in the future helps sites prepare for new battles. Summary AI technology is moving faster than legal rulings and regulations. This leaves most IT departments “on their own” to develop security defenses against bad actors who use AI against them.  The good news is that IT already has insights into how bad actors intend to use AI, and there are tools on the market that can help defensive efforts. What’s been missing is a proactive and aggressive battle plan from IT. That has to start now. 

A theme park is only as good as its rides. The shows and parades can be colorful and entertaining; the theming can be immersive; the food can be delicious (and sometimes covered in eerily convincing fake maggots). If the rides aren’t thrilling, the park will not survive.Thankfully, Universal’s newest Orlando theme park, Epic Universe, delivers in the ride department in a major way. Some seven years in development, the property is divided into five lands; four inspired by famous franchises (How to Train Your Dragon, Universal Monsters, Harry Potter, and Nintendo) and a central hub, Celestial Park, that connects them all via the “portals” that you enter to access them. All five contain at least one or two show-stopping centerpiece attractions.Epic Universe opened on May 22, 2025 with 11 rides. (It also features two stage shows; a charming How to Train Your Dragon musical called The Untrainable Dragon, and a genuinely impressive magic and special effects show called Le Cirque Arcanus, inspired by Harry Potter prequel film Fantastic Beasts and Where to Find Them.) Every single ride in the park is fun; some are downright incredible, with groundbreaking technology and stunningly intricate design.After trying every single attraction at the Epic Universe press preview, I assembled this list ranking all of the opening day rides in the park. The first couple are a hoot; the top three should not be missed under any circumstances.Every Epic Universe Ride RankedHere’s every opening day attraction at Universal’s Epic Universe, ranked in ascending order from the ones that are good to the ones that are instant classics.READ MORE: 20 Beloved Universal Rides That No Longer ExistGet our free mobile appAmazing Theme Park Rides Based on Movies That Were Never Built

Job SummaryChipcolate is hiring a Full-stack Engineer (Node + React) to craft end-to-end features for our high-throughput financial platform. You’ll write clean TypeScript on both server and client, design performant Postgres schemas, and ship delightful UIs that make complex agent activity feel effortless.Salary: €65 000 – €85 000 gross / yearLocation: Remote within ± 4 hours of Central European TimeEmployment type: Full-time, permanentAbout UsChipcolate is a small Italian company of craftsman-engineers who believe great software should be as elegant as it is robust. Historically we worked on embedded systems, web applications and 3D printing. At this time, we are working with a customer to build high-throughput financial services that power thousands of autonomous agents. We operate in a quite unstructured and flexible way, that’s the only way to get speed and quality.Mission: Empower our customer to be set for success from the get goLearn more: chipcolate.com · LinkedIn (@chipcolate) · GitHub (https://github.com/chipcolate)ResponsibilitiesDesign, implement and test REST services in Node.js (TypeScript) running on containerized infra.Model and optimize datasets in Postgres (including partitioning, indexes, materialized views).Build responsive front-ends in React with modern tooling (vite, shadcn-ui, tailwind).Use React Query / TanStack Query for data-fetching, caching and optimistic updates.Own end-to-end features: requirements → architecture → code → CI/CD → observability dashboards.Collaborate with SREs to keep our HA, multi-region stack secure and performant.Write automated tests (Jest, Playwright) and participate in blameless code reviews.Experience & QualificationsMust-have3 + years building production Node.js back-ends (Express/Fastify/Nest or similar).Solid SQL skills and deep understanding of Postgres internals (query planner, locking, tuning).React expertise: hooks, context, component composition, performance profiling.Proficiency with TypeScript, Git, CI pipelines and Docker.Comfortable taking a user story from Figma wireframe to deployed feature.Nice-to-haveWorked on OLAP / analytical workloads (e.g. column-store extensions, DuckDB, ClickHouse).Hands-on with React Query or comparable client caching libraries.Familiarity with event-driven architectures (Kafka, NATS, RabbitMQ).Experience with Supabase (self-hosted) on the backendExperience instrumenting apps with OpenTelemetry and Grafana.No degree required—show us shipped code, OSS commits, or anything that proves you can build.BenefitsFlexible hours & fully remoteFast growing environmentFun and innovative application domain20 days paid leave + local public holidaysCompetitive salaryApplication ProcessApply online with a CV (or GitHub profile) and a short note on your proudest “save-the-day” incident.Skill test.Cultural chat and Technical deep-dive with our CTO (60 min, system-design & live problem-solving).Offer within 7 working days or final interview.Ready to make high-stakes infrastructure feel effortless? Apply today—let’s engineer reliability together.Apply NowLet's start your dream job Apply now Meet JobCopilot: Your Personal AI Job HunterAutomatically Apply to Remote Full-Stack Programming JobsJust set your preferences and Job Copilot will do the rest-finding, filtering, and applying while you focus on what matters. Activate JobCopilot