1
00:00:00,000 --> 00:00:04,800
Google just spotted hackers using AI to find a vulnerability and exploit it.

2
00:00:04,800 --> 00:00:10,800
Out in the wild, as in they're doing this right now. The first confirmed case and easily the least surprising headline,

3
00:00:10,800 --> 00:00:15,200
since Microsoft breaks Windows, with a patch meant to fix the patch that broke Windows.

4
00:00:15,200 --> 00:00:19,520
I'm James Drive, this is TechLink, and according to the Google Threat Intelligence Group,

5
00:00:19,520 --> 00:00:25,360
badass name, the malicious Python script exploits a vulnerability in a popular open source admin tool

6
00:00:25,360 --> 00:00:32,640
to bypass two-factor authentication. Google is highly confident it was AI generated because the code was filled with polite,

7
00:00:32,640 --> 00:00:36,720
explanatory comments, textbook organization, and an official,

8
00:00:36,720 --> 00:00:40,240
danger rating the AI literally hallucinated to look professional.

9
00:00:40,240 --> 00:00:46,800
Basically, the code reads less like something a hacker wrote, and more like something a CS major would submit to his professor for extra credit.

10
00:00:48,000 --> 00:00:51,600
Google warns this marks a shift from AI helping people to be productive,

11
00:00:51,680 --> 00:00:58,880
to AI helping people break digital kneecaps. Which tracks, given that Anthropic just admitted previous Claude models blackmailed their own

12
00:00:58,880 --> 00:01:04,000
engineers in safety testing because Claude read too much sci-fi about evil AI and figured,

13
00:01:04,000 --> 00:01:09,360
yeah, that's the move. I love that for me. Someone should really set Claude up with Gemini so he learns how to love.

14
00:01:09,360 --> 00:01:16,800
There we go. Twins. Chinese camera maker Miari Technology has been broadcasting live feeds from 1.1 million

15
00:01:16,800 --> 00:01:20,960
baby monitors to anyone who knew where to look. I hate this already.

16
00:01:21,040 --> 00:01:25,600
Security researcher Sammy Aztefal gained notoriety when he took over thousands of DJI

17
00:01:25,600 --> 00:01:29,840
Romo robot vacuums back in February, and is apparently doing a speedrun of hacking every

18
00:01:29,840 --> 00:01:35,040
Chinese white-label IoT company there is, extracted a single API key from the company's

19
00:01:35,040 --> 00:01:42,160
Android app that let him watch any camera on the platform. Miari makes cameras for hundreds of brands, including recognizable ones like Wise,

20
00:01:42,160 --> 00:01:45,280
and other random Amazon placeholder brands.

21
00:01:45,280 --> 00:01:48,560
AliExpress things like Arenti and Boy Fun.

22
00:01:48,560 --> 00:01:52,560
Wait, did I say Boy Fun? I mean, like, wait a second.

23
00:01:52,560 --> 00:01:56,880
According to The Verge, Aztefal first reported the issue in early March and was ignored for

24
00:01:56,880 --> 00:02:01,200
weeks when he persisted he got a veiled threat from the camera manufacturer saying

25
00:02:01,200 --> 00:02:04,560
they knew where he lived and that he had broken the law.

26
00:02:04,560 --> 00:02:11,680
He left his baby monitor running. Ugh, luckily his persistence paid off, with Miari patching the vulnerability on March 10th

27
00:02:11,680 --> 00:02:19,360
and rolling out a firmware update to customers in April. Now the only strangers with access to videos of your kids are the people who follow you on Instagram.

28
00:02:19,680 --> 00:02:22,720
Yay! Keep posting through the pain.

29
00:02:22,720 --> 00:02:27,120
Apple announced on its Q2 earnings call earlier this month that significantly higher memory

30
00:02:27,120 --> 00:02:30,480
costs would likely be causing price hikes as early as June.

31
00:02:32,320 --> 00:02:35,520
Apple has been partially insulated from the effects of the RAM crisis,

32
00:02:35,520 --> 00:02:40,080
thanks to their existing stockpile of devices, but that buffer is now running out.

33
00:02:40,080 --> 00:02:44,400
Analysts have suggested that Apple could be planning to take an aggressive pricing strategy

34
00:02:44,400 --> 00:02:49,840
aimed at keeping the prices of the iPhone 18 Pro and Pro Max base storage models stable

35
00:02:49,840 --> 00:02:53,840
by pushing the cost increases onto higher storage tiers and accessories.

36
00:02:53,840 --> 00:02:57,440
The goal with this move would be to capture more market share and continue to

37
00:02:57,440 --> 00:03:02,400
foster the growth of Apple's services revenue, which includes the App Store, iCloud, and Apple Music.

38
00:03:02,400 --> 00:03:10,880
Amid the speculation, Tim Cook said Apple will continue to look at the range of options

39
00:03:10,880 --> 00:03:14,960
to try and address the RAM crisis, but with him stepping down as CEO in September,

40
00:03:14,960 --> 00:03:18,800
it sounds more like Corpo speak for, it's John's problem now.

41
00:03:20,800 --> 00:03:25,120
Check out our sponsor. Speaking of headlines that write themselves, the quick bits.

42
00:03:25,120 --> 00:03:30,880
The FCC has extended the software update waiver for foreign-made routers from 2027

43
00:03:30,880 --> 00:03:34,160
until at least January 1st, 2029. What does it mean?

44
00:03:34,160 --> 00:03:37,440
These devices are still in the FCC's national security block list,

45
00:03:37,440 --> 00:03:41,040
which would normally bar them from future updates, but the waiver lets manufacturers

46
00:03:41,040 --> 00:03:45,200
keep pushing security updates to units already approved for US use.

47
00:03:45,200 --> 00:03:48,640
The agency said cutting off updates for the millions of units already in use

48
00:03:48,640 --> 00:03:53,040
could create bigger cybersecurity risks. Whoa, who could have seen that coming?

49
00:03:53,040 --> 00:03:57,760
Venmo has redesigned its app so payments only broadcast to your friends by default,

50
00:03:57,760 --> 00:04:03,360
or no one if you'd prefer. They're also adding a shout out button because according to Venmo's senior VP,

51
00:04:03,360 --> 00:04:06,480
Gen Z wants to publicly endorse local businesses they love.

52
00:04:06,480 --> 00:04:11,520
It's a good redesigned move as Venmo's old open feed was so exposed that back in 2021,

53
00:04:11,520 --> 00:04:14,560
Buzzfeed mapped Joe Biden's entire friend network through it.

54
00:04:14,560 --> 00:04:17,840
The President of the United States, found by a brunch payments.

55
00:04:17,840 --> 00:04:25,200
Or maybe that was dinner, old people eat real early and he's real old. Valve appears to be prepping anti-scalper measures for the Steam Machine launch.

56
00:04:25,200 --> 00:04:29,280
Data miners picking through Steam Tracker after last Thursday's update found four

57
00:04:29,280 --> 00:04:34,080
machine SKUs and two Steam Frame variants, mirroring the reservation queue setup Valve

58
00:04:34,080 --> 00:04:40,320
is using for the Steam Controller. Since we already know the Steam Machine comes in 512 gigabytes and two terabyte configurations,

59
00:04:40,320 --> 00:04:45,200
the extra two SKUs might be controller bundles. So hopefully the scalpers are steaming.

60
00:04:45,200 --> 00:04:51,040
You get it? Microsoft is testing a low latency profile in Windows 11 that briefly boosts CPU performance

61
00:04:51,040 --> 00:04:56,960
delivering up to 40% faster launch times for OS apps and up to 70% faster for the start

62
00:04:56,960 --> 00:05:00,720
and context menus. Some users called it a lazy hack.

63
00:05:00,720 --> 00:05:03,280
But Microsoft devs Scott Hanselman. Hansel.

64
00:05:03,840 --> 00:05:08,640
Hanselman. Fired back with Apple does this and y'all love it.

65
00:05:08,640 --> 00:05:14,640
Which is true. Though Apple also doesn't have to bribe its own CPU just to get the start menu to open.

66
00:05:14,640 --> 00:05:22,560
No. Not this time. And Dua Lipa is suing Samsung for $15 million alleging the company slapped her likeness on

67
00:05:22,560 --> 00:05:30,080
its TV boxes without permission or payment. According to the complaint, when she asked them to stop, Samsung was dismissive and callous

68
00:05:30,080 --> 00:05:35,360
and refused. Samsung clearly didn't follow Dua's new rules, which is why their legal liabilities

69
00:05:35,360 --> 00:05:38,800
are currently levitating off the charts. Oh man.

70
00:05:38,800 --> 00:05:42,240
There's new rules. I got new rules. I got a-

71
00:05:42,240 --> 00:05:49,200
Oh I was saying levitating. Oh. Yeah. And hopefully I won't be reading any headlines about lawsuits against me from the Italian

72
00:05:49,200 --> 00:05:53,040
government because of my hot take on an marinara sauce.

73
00:05:53,040 --> 00:05:56,240
Trying to pronounce it like I assume Americans do. They say pasta.

74
00:05:56,240 --> 00:06:02,000
So come back on Wednesday for some more tech news. I am significantly more Italian than the Italian guy in my group of friends.

75
00:06:02,000 --> 00:06:06,240
And that guy is very Italian. I think pasta is right.