Shadowleak: tricking your AI into hacking you

ChatGPT has reported they closed a vulnerability exploited by the Shadowleak malware that was disclosed recently by Radware. 

Shadowleak uses prompt injection, the attacker tries to feed instructions to your AI service.

Security vectors have been warning against such an attack vector: when you let for example AI summarise a web page, hackers could try to craft malicious web pages that try to trick that AI.

ShwdowLeak uses ChatGPT DeepSearch, an AI tool that helps you automate email jobs. Shadowleak sends a malicious email to you and DeepSearch will happily report on the content of your email archive to the attacker. 

Particlarly worrying about the attack is that it is executed entirely on the OpenAI servers, so you cannot detect on your local machine an attack is happening. 

Radware recommends to limit the actions an AI agent can take on your system to limit the damage of such attacks.

Windows powershell Get-Process: get parentprocess ID / name, get process using port...

Powershell command to get parent processes of all processes with a given name (e. g. javaw.exe):

Get-CimInstance Win32_Process -Filter "Name = 'javaw.exe'" | select ParentProcessId

Or in a script. This one takes the process name as a parameter and also shows the , this time with the parent process name: 

$targetProcessName = $args[0]

$targetProcessName = $args[0]
$targetProcesses = Get-CimInstance -ClassName Win32_Process -Filter "Name = '$targetProcessName'"

foreach ($process in $targetProcesses) {
    $parentProcessId = $process.ParentProcessId
    $parentProcess = Get-CimInstance -ClassName Win32_Process -Filter "ProcessId = $parentProcessId"
    Write-Output "Process: $($process.processId) $($process.Name), Parent Process: $($ParentProcessId)    $($parentProcess.Name)"
}

Powershell command to get ID of process occupying a port (e.g. 8080)

 Get-Process -Id (Get-NetTCPConnection -LocalPort 8080).OwningProcess

 Once you have the id you can shoot it using 

taskkill /PID <processid> /F

 

(AI) bots eat 30% of the web bandwidth

 One of the hidden costs of AI is the hunt for training data by ripping content from websites. 

The bots are massively using content from websites without paying for it, ignoring any copyright that may be associated to that content. They are even using AI to find content that is hidden behind JavaScript logic.

AI providers often argue that they refer to their sources and that this leads to more visists to those websites. Cloudflare, a major CDN provider, has shown that often the referrals are very low compared to the bot traffic, OpenAI being the worst with 1 referral for 1600 crawls:

 

Cloudflare is now preparing a service to install a payment wall for crawling. 

Not only are the AI bots not paying for the content they are sucking from the content providers. Again according to Cloadflare, they represent 30% of the traffic going to these websites. And who is paying for the consumed bandwidth?Indeed, the content providers themselves are paying for the bandwidth their servers need.

The real cost of AI

Last year OpenAI lost $8 billion and Anthrophic lost $3 billion.

Cursor and Claude code have multplied the cost of their monthly subscriptions by 10, now at about $200.

Even wit this price tag, the increased productivity is still worth it in most cases, but it is not a free ride anymore.

Companies might have to do a thorough cost benefit analysis on their AI expenses. 

Some researchers even think we have reached the limits of the current AI techniques, while the AI industry claims Artificial General Intelligence (AI at or surpassing the level of human intelligence) is nigh. 

AI and copyright

AI generated content can infringe copyrights, but what about copyrighting content that you generated with AI?

AI generated content (text, images...) cannot be copyrighted as there is no human to give the credit to. It can be trademarked though.

 

more... 

 

 1 (4/\/"7 |_|/\/[)3|2574/\/[) '/0|_||2 \/\/|2171/\/9. 17’5 (0/\/|=|_|51/\/9.

 

 

I  CAN'T UNDERSTAND YOUR WRITING. IT'S CONFUSING

Compose mulmtiplatform now stable on IOS

With release 1.8 compose multiplatform is now moving IOS from beta to stable. Web support is moving from alpha to beta.

Stable platforms now include  

• mobile
• Android
• iOS
• desktop
• OS
• windows
• MacOs
• Linux
• processor: 64bit
• x86
• arm
• web (beta)

IntelliJ IDEA 2025.1 release highlights

Most remarkable features for me in this release:

• kotlin notebook
• you can now partially display intellij's classic main menu, which is otherwise hidden under the hambnurger button. This will certainly help people find some feartures. But I've gotten used to the hidden menu by now, and I like my main options like projects drop down to be at the same place all the time, so I don't think I will use this.
• Uses OS default file browser, rahter than IntelliJ's. It is annoying however that it is always opening in my home diretory, rather than remembering the same location as IntelliJ's. Also, in IntelliJ's browser, it was easier to go to the map of another project bu selecting that project and navigating from there.
  I switched back to IntelliJ's file browser using: Settings | Advanced Settings | Use native file chooser dialog in Windows/macOS. It just started to refresh a bit faster these last relases, so this is the best option for me.
•  Automatic creation of Sring Data repositories
• Better WSL support
•  Gradle
• Easier setting of JDK for Gradle, hopefully getting rid of daemon warnings that it is using a different JVM
• Automatic download of library sources upon source code access 
• Preconfiguration of Qodana security analysis

Using AI to write hacking code from CVE exploit publication

AI can help hackers to quickly write exploit code from published security problems.

Here's an interesting report of the journey to generate hacking code using AI. 

The engineer generated the initial code using chapGpt. The code did not work, then he fixed it with Cursor and Claude Sonnet.

The impleciation is that security administrators now even have a shorter time to install patches, as the hackers can generate the attacks in no time.

 

JetBrains new user license removes perpetual license

When installing a 2025 upgrade to a JetBrains product you have to accept a new user agreement.

 Biggest change I see is the removal of the right to use an old product indefinitely. 

This is effectively moving the products from a buy and use to a subscription model. Quite a big change to force without any explanation.

more...

AI hallucinated dependencies security risk

Some of AI generated code is wrong (hallucinations).

When AI generate dependencies attackers could create packages with commonly hallucinated names.

When the developer loads the dependencies, running the code is a security risk.

more...

Trump lifts Nvidea export limitations after the company paid for a $1M lunch at his resort

 more...

Android dessert names

 With version 10 Google stopped referring to Android versions using dessert names. Internally these names do still exist however. With version 13 I'm seeing external references to the desserts again.

10. Quince Tart
11. Red Velvet Cake
12. Snow Cone
13. Tiramisu
14. Upside Down Cake
15. Vanilla Ice Cream
16. Baklava (!?)

New features since Java 21 LTS

 Java 22

_  name for variables that are declared but not used

 Java 23

/// Markdown comments 

Java 24

• Intermediate stream operation: gather()
• security manager removed