Two and a Half Bens

24 - Marginally Plausible Bullshit

* Notes to be added Follow SirBemrose [https://bemrose.social/ryan], Pheonix [https://lotuseffect.social/@Pheonix], and PhoneBoy [https://lotuseffect.social/@PhoneBoy] on Mastodon

23 - Zero-Day Explitive

* Canvas hack forces some Tennessee universities to push back finals. What happened? [https://www.commercialappeal.com/story/news/education/2026/05/08/canvas-hacked-what-happened-tennessee-data-breach/89991586007/] * GoDaddy customer claims registrar transferred 27-year-old domain without any security checks [https://www.theregister.com/on-prem/2026/04/29/non-profits-godaddy-nightmare-and-the-it-chaos-that-ensued/5226239] * British kids using fake mustaches, IDs, and VPNs to bypass online age checks, study finds [https://cybernews.com/privacy/uk-kids-bypass-age-verification/] * Why is Claude always blackmailing people? [https://www.pcworld.com/article/3134799/why-is-claude-always-blackmailing-people.html] * Meta isn’t doing enough to keep kids off Facebook and Instagram, rules EU [https://www.theverge.com/tech/920313/meta-facebook-instagram-eu-dsa-age-verification] * Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue [https://www.tomshardware.com/tech-industry/artificial-intelligence/claude-powered-ai-coding-agent-deletes-entire-company-database-in-9-seconds-backups-zapped-after-cursor-tool-powered-by-anthropics-claude-goes-rogue] * California tech company Cloudflare to lay off more than 1,000 workers, cites AI [https://archive.ph/kdAJl] * As the most severe Linux threat in years surfaces, the world scrambles [https://arstechnica.com/security/2026/04/as-the-most-severe-linux-threat-in-years-surfaces-the-world-scrambles/] * New Linux 'Dirty Frag' zero-day gives root on all major distros [https://www.bleepingcomputer.com/news/security/new-linux-dirty-frag-zero-day-with-poc-exploit-gives-root-privileges/] * Critical vm2 sandbox bug lets attackers execute code on hosts [https://www.bleepingcomputer.com/news/security/critical-vm2-sandbox-bug-lets-attackers-execute-code-on-hosts/] * Microsoft was worried OpenAI would run off to Amazon and ‘shit-talk’ Azure [https://www.theverge.com/report/926771/microsoft-openai-amazon-worries-shit-talk-azure] * Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack [https://www.theregister.com/security/2026/04/29/microsoft-patch-fell-short-new-windows-flaw-exploited/5227153] * Researchers gaslit Claude into giving instructions to build explosives [https://www.theverge.com/ai-artificial-intelligence/923961/security-researchers-mindgard-gaslit-claude-forbidden-information] * Study finds even the best AI models lose money betting on soccer [https://www.techspot.com/news/112043-new-study-shows-even-best-ai-models-lost.html] * First US Integrated Humanoid Robot Factory To Build 100,000 NEO Robots By 2027 [https://www.zerohedge.com/ai/first-us-integrated-humanoid-robot-factory-build-100000-neo-robots-2027] * Microsoft Edge Stores Passwords In Plaintext In RAM [https://yro.slashdot.org/story/26/05/06/2014204/microsoft-edge-stores-passwords-in-plaintext-in-ram] * Chrome forces 4Gb AI model into every device without permission [https://www.thatprivacyguy.com/blog/chrome-silent-nano-install/] * AskJeeves shut down 1 May 2026 [https://www.ask.com/] Follow SirBemrose [https://bemrose.social/ryan], Pheonix [https://lotuseffect.social/@Pheonix], and PhoneBoy [https://lotuseffect.social/@PhoneBoy] on Mastodon

22 - Raw Dogging the Internet

* Firestarter malware survives Cisco firewall updates, security patches [https://www.bleepingcomputer.com/news/security/firestarter-malware-survives-cisco-firewall-updates-security-patches] * Apple and Google Broke Their Own Rules by Promoting 'Nudify' Apps, Report Says [https://www.cnet.com/tech/services-and-software/apple-google-app-store-undressing-apps-report-news/] * Anthropic quietly pulls Claude Code from Pro plan and hands local model advocates their strongest argument yet [https://startupfortune.com/anthropic-quietly-pulls-claude-code-from-pro-plan-and-hands-local-model-advocates-their-strongest-argument-yet/] * You’re about to feel the AI money squeeze [https://www.theverge.com/ai-artificial-intelligence/917380/ai-monetization-anthropic-openai-token-economics-revenue] * I Just Vibe Coded a Global Mass Surveillance Site in 2 Hours With OpenAI's Codex. It Was Terrifyingly Easy [https://www.pcmag.com/articles/i-vibe-coded-global-mass-surveillance-site-in-2-hours-with-openai-terrifying] * Chaotic Eclipse [https://deadeclipse666.blogspot.com] * BlueHammer PoC for Windows Defender Exploited by Researchers to Escalate Privileges [https://cybersecuritynews.com/bluehammer-poc-for-windows-defender/] * Disgruntled hacker drops second zero-day Windows Defender exploit just hours after Microsoft patches first one [https://cybernews.com/security/second-public-windows-defender-exploit-released/] * Chaotic Eclipse [A secretive AI hacking system has sparked a global scramble] * https://archive.ph/Qcp1g [Anthropic’s most dangerous AI model just fell into the wrong hands] * https://archive.ph/GkT3F [MacOS networking timebombs after 50 days, and nobody knew] * https://www.tomshardware.com/software/macos/macos-has-a-49-7-day-networking-time-bomb-built-in-that-only-a-reboot-fixes-comparison-operation-on-unreliable-time-value-stops-machines-dead-in-their-tracks [The RAM shortage could last years] * https://www.theverge.com/ai-artificial-intelligence/914672/the-ram-shortage-could-last-years [Contrary to popular superstition, AES 128 is just fine in a post-quantum world] * https://arstechnica.com/security/2026/04/contrary-to-popular-superstition-aes-128-is-just-fine-in-a-post-quantum-world/ [X makes it 1,900 percent more expensive to post links] * https://archive.ph/G5mEM [Regular Password Resets Aren’t as Safe as You Think] Follow SirBemrose [https://bemrose.social/ryan], Pheonix [https://lotuseffect.social/@Pheonix], and PhoneBoy [https://lotuseffect.social/@PhoneBoy] on Mastodon

21 - May Cause Silent Data Corruption

* iOS 26.4 age verification is proving a disaster for some users — here's how to fix it or stop the update [https://www.techradar.com/phones/iphone/ios-26-4-age-verification-is-proving-a-disaster-for-some-users-heres-how-to-fix-it-or-stop-the-update] * Apple age verification failing for some – here's what to try [https://9to5mac.com/2026/03/26/apple-age-verification-failing-for-some-heres-what-to-try/] * Apple asked to investigate after Jersey users hit by age-check barriers [https://jerseyeveningpost.com/news/2026/03/30/apple-contacted-over-software-update-issue-affecting-some-ci-users/] * Dad stuck in support nightmare after teen lied about age on Discord [https://arstechnica.com/tech-policy/2026/04/dad-stuck-in-support-nightmare-after-teen-lied-about-age-on-discord/] * Teenager’s Gemini mistake locks entire family out of Google accounts [https://www.pcworld.com/article/3104521/teenagers-gemini-mistake-locks-entire-family-out-of-google-accounts.html] * WireGuard VPN developer can't ship software updates after Microsoft locks account [https://techcrunch.com/2026/04/08/wireguard-vpn-developer-cant-ship-software-updates-after-microsoft-locks-account/] * Developer of VeraCrypt encryption software says Windows users may face boot-up issues after Microsoft locked his account [https://techcrunch.com/2026/04/08/veracrypt-encryption-software-windows-microsoft-lock-boot-issues/] * Microsoft suspends dev accounts for high-profile open source projects [https://www.bleepingcomputer.com/news/microsoft/microsoft-suspends-dev-accounts-for-high-profile-open-source-projects/] * Action Required: Account Verification for Windows Hardware Program Begins October 16, 2025 [https://techcommunity.microsoft.com/blog/hardware-dev-center/action-required-account-verification-for-windows-hardware-program-begins-october/4455452] * After 16 years and $8 billion, the military’s new GPS software still doesn’t work [https://arstechnica.com/space/2026/03/after-16-years-and-8-billion-the-militarys-new-gps-software-still-doesnt-work/] * Microsoft says poisoned AI acts normal until a trigger word makes it ‘blow up’ [https://www.pcworld.com/article/3103845/microsoft-says-poisoned-ai-acts-normal-until-a-trigger-word-makes-it-blow-up.html] * Max severity Flowise RCE vulnerability now exploited in attacks [https://www.bleepingcomputer.com/news/security/max-severity-flowise-rce-vulnerability-now-exploited-in-attacks/] * USB Cable Blockers [https://amzn.to/4mnPMbD] * Entire Claude Code CLI source code leaks thanks to exposed map file [https://arstechnica.com/ai/2026/03/entire-claude-code-cli-source-code-leaks-thanks-to-exposed-map-file/] * This Startup Is Hiring an ‘AI Bully.’ Should Your Company Do the Same? [https://www.inc.com/chris-morris/this-startup-is-hiring-an-ai-bully-should-your-company-do-the-same/91322289] * Microsoft Copilot is now injecting ads into pull requests on GitHub [https://www.neowin.net/news/microsoft-copilot-is-now-injecting-ads-into-pull-requests-on-github-gitlab/] * GitHub backs down, kills Copilot PR ‘tips’ after backlash [https://www.theregister.com/2026/03/30/github_copilot_ads_pull_requests/] * America Dependent On Chinese Electrical Parts For AI Build-Out [https://www.zerohedge.com/energy/america-dependent-chinese-electrical-parts-ai-build-out] * AI Models Lie, Cheat, and Steal to Protect Other Models From Being Deleted [https://archive.ph/KbsZi] * Amazon discontinuing support for older Kindles [https://archive.ph/2NGNe] * GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack  [https://www.securityweek.com/gpubreach-root-shell-access-achieved-via-gpu-rowhammer-attack/] Follow SirBemrose [https://bemrose.social/ryan], Pheonix [https://lotuseffect.social/@Pheonix], and PhoneBoy [https://lotuseffect.social/@PhoneBoy] on Mastodon

20 - C-Suite FOMO

* GrapheneOS won't comply with age check laws for operating systems [https://www.androidauthority.com/grapheneos-age-check-verification-laws-3651019/] * Linux Distros Resistance against Age-Verification Laws [https://grigio.org/linux-distros-resistance-against-age-verification-laws/] * GitHub - BryanLunduke/DoesItAgeVerify: The age verification status of Open Source Operating Systems · GitHub [https://github.com/BryanLunduke/DoesItAgeVerify] * Ageless Linux - Wikipedia [https://en.wikipedia.org/wiki/Ageless_Linux] * THAT law and it's copies here and abroad [https://forum.artixlinux.org/index.php/topic,9304.msg55607.html#msg55607] * Revert "userdb: add birthDate field to JSON user records (#40954)" by paramazo · Pull Request #41179 · systemd/systemd · GitHub [https://github.com/systemd/systemd/pull/41179] * Android developer verification: Balancing openness and choice with safety [https://android-developers.googleblog.com/2026/03/android-developer-verification.html] * iCloud user learns ‘Hide My Email’ privacy does not apply to serious threats [https://9to5mac.com/2026/03/26/icloud-user-learns-hide-my-email-privacy-does-not-apply-to-serious-threats/] * Apple discontinues the Mac Pro with no plans for future hardware [https://9to5mac.com/2026/03/26/apple-discontinues-the-mac-pro/] * The 2026 farm bill quietly hands big tech control over American farmland. Here’s the fine print [https://archive.ph/MQ010] * An AI agent destroyed this coder’s entire database. He’s not the only one with a horror story [https://fortune.com/2026/03/18/ai-coding-risks-amazon-agents-enterprise/] * The AI Dirty List [https://aidirtylist.info] * Wikipedia:Signs of AI writing - Wikipedia [https://en.wikipedia.org/wiki/Wikipedia:Signs_of_AI_writing] * The Story of EVi - NerdNextDoor's Blog [https://nerdnextdoor.net/the-story-of-evi.html] * The deadliest poison known to AI [https://iocaine.madhouse-project.org/] * Tiny Township Fears Iran Drone Strikes Because of New Nuclear Weapons Datacenter [https://www.404media.co/tiny-city-fears-iran-drone-strikes-because-of-new-nuclear-weapons-datacenter/] * COBOL Is the Asbestos of Programming Languages [https://archive.ph/H0IEa] * March Windows updates break Teams, OneDrive sign-ins [https://www.bleepingcomputer.com/news/microsoft/kb5079473-march-windows-11-update-breaks-microsoft-account-sign-ins/] * Microsoft Confirms Samsung Galaxy Connect App Caused Windows 11 C: Drive Access Bug [https://windowsreport.com/microsoft-confirms-samsung-galaxy-connect-app-caused-windows-11-c-drive-access-bug] * HackerOne discloses employee data breach after Navia hack [https://www.bleepingcomputer.com/news/security/hackerone-discloses-employee-data-breach-after-navia-hack/] * This new FCC rule could upend the router market [https://www.fastcompany.com/91514788/fcc-foreign-made-routers-security-risks] * The Tech Bubble Might Finally Be Popping [https://slate.com/technology/2026/03/ai-openai-sam-altman-disney-sora-shutdown.html] * Security experts at RSAC keep calling AI stupid [https://www.pcworld.com/article/3099195/security-experts-at-rsac-keep-calling-ai-stupid.html] Follow SirBemrose [https://bemrose.social/ryan], Pheonix [https://lotuseffect.social/@Pheonix], and PhoneBoy [https://lotuseffect.social/@PhoneBoy] on Mastodon