Two and a Half Bens

25 - Cumshot on the Motherboard

* AI Startup Says It Will Pay People $2,000 A Month to Masturbate... Yes, Really [https://www.zerohedge.com/ai/ai-startup-says-it-will-pay-people-2000-month-masturbate-yes-really] * Google API Keys Weren't Secrets. But then Gemini Changed the Rules. [https://trufflesecurity.com/blog/google-api-keys-werent-secrets-but-then-gemini-changed-the-rules] * United flight forced to turn around because of a Bluetooth speaker name [https://www.theverge.com/transportation/940486/united-flight-236-bluetooth-speaker-name-bomb] * MyPillow must decide whether to be firm or soft as ransomware crims demand pay [https://www.theregister.com/cyber-crime/2026/05/26/mypillow-appears-on-play-ransomware-leak-site/5246513] * Carnival confirms ShinyHunters cruised off with 6M customer records after April breach [https://www.theregister.com/cyber-crime/2026/05/28/carnival-shinyhunters-cruised-off-with-6m-customer-records/5247808] * Spotify might soon flag your 'sad-boy' playlists [https://tech.sportskeeda.com/mobiles/news-spotify-might-soon-flag-sad-boy-playlists] * Companies Are Getting Burned by Burning Tons of Tokens [https://gizmodo.com/companies-are-getting-burned-by-burning-tons-of-tokens-2000765232] * AI costs how much? GitHub Copilot users react to new usage-based pricing system. [https://arstechnica.com/ai/2026/06/ai-costs-how-much-github-copilot-users-react-to-new-usage-based-pricing-system/] * Dozens of Red Hat packages backdoored through its official NPM channel [https://arstechnica.com/security/2026/06/dozens-of-red-hat-packages-backdoored-through-its-offical-npm-channel/] * Academic’s warning about using AI was written using AI [https://archive.ph/nzKGL] * LLMs believe false statements even after explicit warnings that they’re false [https://arstechnica.com/ai/2026/05/llms-believe-false-statements-even-after-explicit-warnings-that-theyre-false/] * Hackers Tricked Meta AI Into Handing Out Access to Major Instagram Accounts [https://gizmodo.com/hackers-tricked-meta-ai-into-handing-out-access-to-major-instagram-accounts-2000766087] [https://twoandahalfbens.com/images/gay-stickers-nashville.jpg] Follow SirBemrose [https://bemrose.social/ryan], Pheonix [https://lotuseffect.social/@Pheonix], and PhoneBoy [https://lotuseffect.social/@PhoneBoy] on Mastodon

24 - Marginally Plausible Bullshit

* Microsoft testing adjustable taskbar, Start menu in Windows 11 [https://www.bleepingcomputer.com/news/microsoft/windows-11-finally-gets-a-resizable-taskbar-and-start-menu/] * DOJ Is Asking Apple and Google to Hand Over Data on 100,000 Users of a Car App [https://gizmodo.com/doj-is-asking-apple-and-google-to-hand-over-data-on-100000-users-of-a-car-app-2000758890] * 60% of MD5 password hashes are crackable in under an hour [https://www.theregister.com/security/2026/05/07/60-of-md5-password-hashes-are-crackable-in-under-an-hour/5234954] * CISA Admin Leaked AWS GovCloud Keys on Github [https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/] * Microsoft starts canceling Claude Code licenses [https://archive.ph/WfCta] * Amazon employees are “tokenmaxxing” due to pressure to use AI tools [https://arstechnica.com/ai/2026/05/amazon-employees-are-tokenmaxxing-due-to-pressure-to-use-ai-tools/] * Google publishes exploit code threatening millions of Chromium users [https://arstechnica.com/security/2026/05/google-publishes-exploit-code-threatening-millions-of-chromium-users/] * Social media site with 1.3 billion users sends harsh layoffs message [https://www.thestreet.com/employment/social-media-site-linkedin-1-3-billion-users-sends-harsh-layoffs-message] * Bitcoin trader recovers $400,000 using Claude AI after getting 'stoned' and losing wallet password 11 years ago — bot tried 3.5 trillion passwords before decrypting an old wallet backup [https://tech.yahoo.com/ai/claude/articles/bitcoin-trader-recovers-400-000-143516549.htm] * NV datacenter leaving 49k Lake Tahoe residents soon without power [https://fortune.com/2026/05/12/lake-tahoe-data-center-49000-residents-power-source/] * Proposed hyperscale datacenter in Utah to create heat equivalent to 23 atom bombs per day [https://futurism.com/artificial-intelligence/data-center-atom-bombs] * Google quietly cuts free storage to 5GB without a phone number [https://www.pcworld.com/article/3140911/google-quietly-cuts-free-storage-to-5gb-without-a-phone-number.html] * Linus Torvalds says Linux security list is becoming ‘unmanageable’ due to AI bug reports [https://www.theverge.com/tech/932312/linus-torvalds-linux-ai-security-bugs] * Smart Vape Devices & Age Verification Explained [https://vapetrends360.com/smart-vape-devices-built-in-age-verification-the-next-regulatory-frontier/] * The Trump administration is bringing back flavored vapes. Advocates and lawmakers say the risks outweigh the benefits [https://www.scientificamerican.com/article/the-trump-administration-is-bringing-back-flavored-vapes-advocates-and-lawmakers-say-the-risks-outweigh-the-benefits/] * AI face is taking over — and driving plastic surgeons crazy [https://www.businessinsider.com/ai-generated-images-chatgpt-reshape-plastic-surgery-beauty-expectations-2026-5] * An AI announcer mispronounced and skipped names during a graduation [https://www.theverge.com/tech/933653/ai-graduation-commencement-glendale-community-college] * EV drivers will pay $130 a year under Congress’ 2026 transportation bill [https://arstechnica.com/cars/2026/05/bipartisan-bill-in-congress-includes-130-annual-ev-registration-fee/] * "Stop Hiring Humans" Billboards Are Appearing In US Cities... [https://www.zerohedge.com/ai/stop-hiring-humans-billboards-are-appearing-us-cities] [https://twoandahalfbens.com/images/IMG_6007.jpeg] Follow SirBemrose [https://bemrose.social/ryan], Pheonix [https://lotuseffect.social/@Pheonix], and PhoneBoy [https://lotuseffect.social/@PhoneBoy] on Mastodon

23 - Zero-Day Explitive

* Canvas hack forces some Tennessee universities to push back finals. What happened? [https://www.commercialappeal.com/story/news/education/2026/05/08/canvas-hacked-what-happened-tennessee-data-breach/89991586007/] * GoDaddy customer claims registrar transferred 27-year-old domain without any security checks [https://www.theregister.com/on-prem/2026/04/29/non-profits-godaddy-nightmare-and-the-it-chaos-that-ensued/5226239] * British kids using fake mustaches, IDs, and VPNs to bypass online age checks, study finds [https://cybernews.com/privacy/uk-kids-bypass-age-verification/] * Why is Claude always blackmailing people? [https://www.pcworld.com/article/3134799/why-is-claude-always-blackmailing-people.html] * Meta isn’t doing enough to keep kids off Facebook and Instagram, rules EU [https://www.theverge.com/tech/920313/meta-facebook-instagram-eu-dsa-age-verification] * Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue [https://www.tomshardware.com/tech-industry/artificial-intelligence/claude-powered-ai-coding-agent-deletes-entire-company-database-in-9-seconds-backups-zapped-after-cursor-tool-powered-by-anthropics-claude-goes-rogue] * California tech company Cloudflare to lay off more than 1,000 workers, cites AI [https://archive.ph/kdAJl] * As the most severe Linux threat in years surfaces, the world scrambles [https://arstechnica.com/security/2026/04/as-the-most-severe-linux-threat-in-years-surfaces-the-world-scrambles/] * New Linux 'Dirty Frag' zero-day gives root on all major distros [https://www.bleepingcomputer.com/news/security/new-linux-dirty-frag-zero-day-with-poc-exploit-gives-root-privileges/] * Critical vm2 sandbox bug lets attackers execute code on hosts [https://www.bleepingcomputer.com/news/security/critical-vm2-sandbox-bug-lets-attackers-execute-code-on-hosts/] * Microsoft was worried OpenAI would run off to Amazon and ‘shit-talk’ Azure [https://www.theverge.com/report/926771/microsoft-openai-amazon-worries-shit-talk-azure] * Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack [https://www.theregister.com/security/2026/04/29/microsoft-patch-fell-short-new-windows-flaw-exploited/5227153] * Researchers gaslit Claude into giving instructions to build explosives [https://www.theverge.com/ai-artificial-intelligence/923961/security-researchers-mindgard-gaslit-claude-forbidden-information] * Study finds even the best AI models lose money betting on soccer [https://www.techspot.com/news/112043-new-study-shows-even-best-ai-models-lost.html] * First US Integrated Humanoid Robot Factory To Build 100,000 NEO Robots By 2027 [https://www.zerohedge.com/ai/first-us-integrated-humanoid-robot-factory-build-100000-neo-robots-2027] * Microsoft Edge Stores Passwords In Plaintext In RAM [https://yro.slashdot.org/story/26/05/06/2014204/microsoft-edge-stores-passwords-in-plaintext-in-ram] * Chrome forces 4Gb AI model into every device without permission [https://www.thatprivacyguy.com/blog/chrome-silent-nano-install/] * AskJeeves shut down 1 May 2026 [https://www.ask.com/] Follow SirBemrose [https://bemrose.social/ryan], Pheonix [https://lotuseffect.social/@Pheonix], and PhoneBoy [https://lotuseffect.social/@PhoneBoy] on Mastodon

22 - Raw Dogging the Internet

* Firestarter malware survives Cisco firewall updates, security patches [https://www.bleepingcomputer.com/news/security/firestarter-malware-survives-cisco-firewall-updates-security-patches] * Apple and Google Broke Their Own Rules by Promoting 'Nudify' Apps, Report Says [https://www.cnet.com/tech/services-and-software/apple-google-app-store-undressing-apps-report-news/] * Anthropic quietly pulls Claude Code from Pro plan and hands local model advocates their strongest argument yet [https://startupfortune.com/anthropic-quietly-pulls-claude-code-from-pro-plan-and-hands-local-model-advocates-their-strongest-argument-yet/] * You’re about to feel the AI money squeeze [https://www.theverge.com/ai-artificial-intelligence/917380/ai-monetization-anthropic-openai-token-economics-revenue] * I Just Vibe Coded a Global Mass Surveillance Site in 2 Hours With OpenAI's Codex. It Was Terrifyingly Easy [https://www.pcmag.com/articles/i-vibe-coded-global-mass-surveillance-site-in-2-hours-with-openai-terrifying] * Chaotic Eclipse [https://deadeclipse666.blogspot.com] * BlueHammer PoC for Windows Defender Exploited by Researchers to Escalate Privileges [https://cybersecuritynews.com/bluehammer-poc-for-windows-defender/] * Disgruntled hacker drops second zero-day Windows Defender exploit just hours after Microsoft patches first one [https://cybernews.com/security/second-public-windows-defender-exploit-released/] * Chaotic Eclipse [A secretive AI hacking system has sparked a global scramble] * https://archive.ph/Qcp1g [Anthropic’s most dangerous AI model just fell into the wrong hands] * https://archive.ph/GkT3F [MacOS networking timebombs after 50 days, and nobody knew] * https://www.tomshardware.com/software/macos/macos-has-a-49-7-day-networking-time-bomb-built-in-that-only-a-reboot-fixes-comparison-operation-on-unreliable-time-value-stops-machines-dead-in-their-tracks [The RAM shortage could last years] * https://www.theverge.com/ai-artificial-intelligence/914672/the-ram-shortage-could-last-years [Contrary to popular superstition, AES 128 is just fine in a post-quantum world] * https://arstechnica.com/security/2026/04/contrary-to-popular-superstition-aes-128-is-just-fine-in-a-post-quantum-world/ [X makes it 1,900 percent more expensive to post links] * https://archive.ph/G5mEM [Regular Password Resets Aren’t as Safe as You Think] Follow SirBemrose [https://bemrose.social/ryan], Pheonix [https://lotuseffect.social/@Pheonix], and PhoneBoy [https://lotuseffect.social/@PhoneBoy] on Mastodon

21 - May Cause Silent Data Corruption

* iOS 26.4 age verification is proving a disaster for some users — here's how to fix it or stop the update [https://www.techradar.com/phones/iphone/ios-26-4-age-verification-is-proving-a-disaster-for-some-users-heres-how-to-fix-it-or-stop-the-update] * Apple age verification failing for some – here's what to try [https://9to5mac.com/2026/03/26/apple-age-verification-failing-for-some-heres-what-to-try/] * Apple asked to investigate after Jersey users hit by age-check barriers [https://jerseyeveningpost.com/news/2026/03/30/apple-contacted-over-software-update-issue-affecting-some-ci-users/] * Dad stuck in support nightmare after teen lied about age on Discord [https://arstechnica.com/tech-policy/2026/04/dad-stuck-in-support-nightmare-after-teen-lied-about-age-on-discord/] * Teenager’s Gemini mistake locks entire family out of Google accounts [https://www.pcworld.com/article/3104521/teenagers-gemini-mistake-locks-entire-family-out-of-google-accounts.html] * WireGuard VPN developer can't ship software updates after Microsoft locks account [https://techcrunch.com/2026/04/08/wireguard-vpn-developer-cant-ship-software-updates-after-microsoft-locks-account/] * Developer of VeraCrypt encryption software says Windows users may face boot-up issues after Microsoft locked his account [https://techcrunch.com/2026/04/08/veracrypt-encryption-software-windows-microsoft-lock-boot-issues/] * Microsoft suspends dev accounts for high-profile open source projects [https://www.bleepingcomputer.com/news/microsoft/microsoft-suspends-dev-accounts-for-high-profile-open-source-projects/] * Action Required: Account Verification for Windows Hardware Program Begins October 16, 2025 [https://techcommunity.microsoft.com/blog/hardware-dev-center/action-required-account-verification-for-windows-hardware-program-begins-october/4455452] * After 16 years and $8 billion, the military’s new GPS software still doesn’t work [https://arstechnica.com/space/2026/03/after-16-years-and-8-billion-the-militarys-new-gps-software-still-doesnt-work/] * Microsoft says poisoned AI acts normal until a trigger word makes it ‘blow up’ [https://www.pcworld.com/article/3103845/microsoft-says-poisoned-ai-acts-normal-until-a-trigger-word-makes-it-blow-up.html] * Max severity Flowise RCE vulnerability now exploited in attacks [https://www.bleepingcomputer.com/news/security/max-severity-flowise-rce-vulnerability-now-exploited-in-attacks/] * USB Cable Blockers [https://amzn.to/4mnPMbD] * Entire Claude Code CLI source code leaks thanks to exposed map file [https://arstechnica.com/ai/2026/03/entire-claude-code-cli-source-code-leaks-thanks-to-exposed-map-file/] * This Startup Is Hiring an ‘AI Bully.’ Should Your Company Do the Same? [https://www.inc.com/chris-morris/this-startup-is-hiring-an-ai-bully-should-your-company-do-the-same/91322289] * Microsoft Copilot is now injecting ads into pull requests on GitHub [https://www.neowin.net/news/microsoft-copilot-is-now-injecting-ads-into-pull-requests-on-github-gitlab/] * GitHub backs down, kills Copilot PR ‘tips’ after backlash [https://www.theregister.com/2026/03/30/github_copilot_ads_pull_requests/] * America Dependent On Chinese Electrical Parts For AI Build-Out [https://www.zerohedge.com/energy/america-dependent-chinese-electrical-parts-ai-build-out] * AI Models Lie, Cheat, and Steal to Protect Other Models From Being Deleted [https://archive.ph/KbsZi] * Amazon discontinuing support for older Kindles [https://archive.ph/2NGNe] * GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack  [https://www.securityweek.com/gpubreach-root-shell-access-achieved-via-gpu-rowhammer-attack/] Follow SirBemrose [https://bemrose.social/ryan], Pheonix [https://lotuseffect.social/@Pheonix], and PhoneBoy [https://lotuseffect.social/@PhoneBoy] on Mastodon