Connect with us

Technology News

Major Lapse: Trump’s Acting Cyber Chief Allegedly Uploaded Sensitive Government Files To ChatGPT

Published

on

The acting head of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is under scrutiny for reportedly uploading sensitive “For Official Use Only” government documents to public AI platforms, including ChatGPT. The alleged actions bypassed standard security protocols and automated alerts, creating a potential risk of unauthorized data exposure.

Security Alerts Triggered
Reports indicate that the official’s actions prompted multiple warnings from the government’s automated security systems, which are designed to prevent accidental or malicious leaks of sensitive files. While the acting chief was reportedly allowed limited use of ChatGPT, other staff members were restricted from sharing documents on the platform.

Risk of Data Exposure
Uploading internal documents to large language models (LLMs) carries significant cybersecurity risks. AI platforms can retain and learn from user-submitted data, raising the possibility that confidential information could appear in responses to other users. Even files considered “unclassified” may contain operational details that must remain confidential under government policy.

Previous Controversies and Internal Action
The official’s appointment dates back to the Trump administration. Earlier reports indicated a failed counterintelligence polygraph test, later invalidated by the Department of Homeland Security. Following the incident, six staff members under the official’s supervision were suspended from accessing classified information.

CISA Statement
A CISA spokesperson stated that the official’s ChatGPT usage was limited in scope and duration. The Department of Homeland Security is conducting an investigation to determine the extent of any potential damage caused by the uploads.

Expert Warnings on AI and Sensitive Data
Cybersecurity experts stress that both government officials and private users should exercise extreme caution when uploading sensitive documents—including financial records, medical files, identification documents, or legal agreements—to AI platforms. AI providers often review chat data to improve system performance, which could inadvertently expose confidential information. Once incorporated into AI models, sensitive data may also resurface in responses to unrelated queries.

The incident highlights the ongoing challenges of integrating AI tools in secure environments, emphasizing the need for strict protocols and awareness of potential risks.

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Cyber Crime

Rigged Analytics: Hyderabad Techie Conned Of Lakhs By Counterfeit SEBI Stock Advisory Group

Published

on

By

Hyderabad Cyber Crime Police have registered a case after a 31-year-old software engineer allegedly lost ₹37 lakh in a complex investment scam involving a fake stock advisory group impersonating SEBI-registered analysts.

Authorities said the fraud was carried out over several weeks through a coordinated network that used fabricated trading platforms, manipulated data, and psychological pressure tactics to deceive the victim.

Fake SEBI-Linked Group Used to Build Investor Trust

According to investigators, the victim was added to an invite-only WhatsApp group claiming to provide premium stock market insights under the name “A15 SEBI Premium Market Analyst Insights.”

The group allegedly used forged certificates, fake registration details, and fabricated profit reports to appear legitimate. Members were also shown staged testimonials and transaction records to create the illusion of consistent trading success.

Police said these tactics were designed to build trust and encourage the victim to increase investments gradually.

Fraudulent Trading App Displayed Artificial Profits

Officials revealed that the victim was instructed to install a third-party application via an external link. The app reportedly simulated a live trading environment, showing fake profits and portfolio growth in real time.

Encouraged by the apparent returns, the victim transferred multiple payments into different bank accounts controlled by the fraud network. Over time, the total amount invested reached ₹37 lakh.

Investigators believe the system was entirely engineered to manipulate user perception and create false confidence in non-existent trading gains.

Withdrawal Attempt Triggered Scam Exposure

The scam reportedly escalated when the victim attempted to withdraw part of the displayed profits. At that stage, the operators allegedly blocked access and claimed regulatory violations had occurred in his trading account.

The fraudsters demanded an additional “compliance penalty” of 25% of the total balance to release the funds. When the victim questioned the demand, communication was abruptly terminated and account access was revoked.

Police said this pattern—blocking withdrawals followed by additional payment demands—is common in digital investment fraud cases.

Cybercrime Investigation and Fund Tracking Underway

Hyderabad Cyber Crime officials have registered the case under relevant provisions of the Bharatiya Nyaya Sanhita (BNS) and the Information Technology Act.

Forensic teams are currently tracking digital footprints, including IP addresses, communication channels, and linked bank accounts used to route the stolen funds. Authorities are also investigating suspected money mule networks involved in transferring the proceeds.

Authorities Issue Advisory on Fake Investment Platforms

Cybersecurity officials have issued a renewed warning to investors, particularly IT professionals, about rising fake trading schemes operating through messaging platforms and unofficial apps.

They stressed that legitimate financial institutions and SEBI-registered advisors do not operate investment groups through WhatsApp or distribute trading software via unverified links.

Citizens have been urged to immediately report suspicious financial activity to the national cybercrime helpline 1930 to improve chances of fund recovery.

Continue Reading

Cybersecurity

Anthropic Halts Release of Advanced AI “Claude Mythos” Amid Escalating Cybersecurity Concerns

Published

on

By

Anthropic, a leading artificial intelligence research firm, has decided against the public release of its latest AI system, Claude Mythos — internally referred to by the codename Capybara — due to profound cybersecurity risks. The company’s internal assessments, partially revealed through a leaked document, suggest the system dramatically outperforms prior AI models and possesses capabilities that could pose significant dangers if misused.

According to information emerging from internal sources and industry reporting, Claude Mythos marks a substantial leap beyond Anthropic’s previous flagship model, Opus. With dramatically enhanced reasoning, coding, and security analysis capacities, the new system was initially developed to push the boundaries of generative AI. However, the extent of its power has prompted the company to restrict access to only a select group of trusted personnel.

Why Anthropic Is Holding Back

The decision to withhold public distribution centers on serious cybersecurity implications. Internal documents reveal that Claude Mythos is capable of rapidly detecting software vulnerabilities and potentially exploiting them with unprecedented precision. These capabilities extend to advanced password cracking, system penetration, and identification of sensitive data exposures — functions that anthroposophical models have never exhibited at this scale.

Security analysts reviewing the leaked details warn that such features, if accessible to malicious actors, could facilitate large‑scale cyber attacks that are difficult to anticipate or mitigate.

“The risk profile of an AI model increases exponentially with its ability to analyze and exploit systems,” a cybersecurity specialist commented. “Unrestricted use of a system like Claude Mythos could lead to outcomes that are practically uncontrollable.”

Operating in “Defensive Mode”

In response to these concerns, Anthropic has placed Claude Mythos into what it terms a “defensive mode,” effectively limiting the model’s capabilities to controlled research environments. Company leaders have cited previous incidents in which powerful AI technologies were misapplied by hackers, both domestically and internationally, reinforcing the need for cautious rollout strategies.

Within Anthropic, officials emphasize that while Claude Mythos represents a major step forward in AI innovation, its deployment must be governed by strict safeguards. Leaders describe the AI as a potential asset for future technological advancements — but one that also demands a robust framework to prevent harmful use.

Balancing Innovation and Safety

Beyond cybersecurity tasks, Claude Mythos reportedly excels in areas such as complex problem‑solving, predictive analysis of digital threats, and pattern recognition across large data sets. These strengths have many in the tech community optimistic about its future applications — provided access and governance are handled responsibly.

Industry analysts have praised Anthropic’s strategy as an example of measured AI development, prioritizing public safety without stalling progress. The guarded approach reflects a growing trend among AI developers to embed risk awareness into technological breakthroughs.

As conversations around responsible AI usage intensify globally, Claude Mythos stands as both a testament to innovation and a reminder of the challenges inherent in releasing next‑generation artificial intelligence tools.

Continue Reading

Cybercrime

Courier Booking Turns Into ‘APK Trap’: Retired Army Officer Loses Lakhs in Cyber Fraud

Published

on

By

In a chilling reminder of the growing sophistication of online fraud, a retired Army officer from Chandigarh reportedly lost more than ₹12 lakh after falling victim to a cyber scam disguised as a courier service transaction. Authorities say the incident involved a malicious APK file that compromised his banking credentials, enabling cybercriminals to siphon off funds through unauthorized transactions.

Routine Courier Booking Turns Into Costly Trap

Colonel Rajbir Singh Duggal, 82, was attempting to send a parcel from Chandigarh to Pune when the scam unfolded. While searching online for the contact number of a well-known courier company, he reportedly called a number that appeared legitimate. The person on the other end claimed to be a company executive and guided him through the booking process.

During the conversation, he was instructed to make a small online payment of ₹10 to confirm the pickup. After initially encountering a failed transaction on his SBI account, he completed the payment via his HDFC credit card.

Shortly afterward, the caller directed him to download a mobile application via a link shared on WhatsApp, claiming it was necessary to complete the courier request. Trusting the instructions, the retired officer installed the APK file on his smartphone.

How Malicious APK Files Exploit Mobile Devices

Cybersecurity investigators revealed that the APK file was malware engineered to access sensitive information on the victim’s device. Once installed, the software obtained permissions that allowed it to monitor SMS messages, notifications, and on-screen activity.

Experts note that malicious applications often exploit Android’s accessibility settings. Once granted, these permissions let attackers intercept one-time passwords (OTPs), capture banking credentials, and even conduct financial transactions without the user’s knowledge. In this case, the fraudsters reportedly used stolen OTPs and account details to transfer over ₹12 lakh across multiple accounts.

Expert Warnings: Verify Contacts and Avoid Unknown Apps

Cybercrime specialists stress that scams of this nature combine technical tricks with social engineering. Prof. Triveni Singh, former IPS officer and cybercrime expert, warns that APK files circulated via messaging apps under the guise of courier services or delivery updates can be extremely dangerous.

Experts advise verifying all service contacts directly through official websites or verified mobile apps. They also emphasize that APK files from unknown sources should never be installed, as they can provide attackers full access to personal and financial information stored on smartphones.

Staying Safe in the Digital Age

The incident serves as a stark reminder of the importance of vigilance in online interactions. Avoiding suspicious links, confirming official contacts, and refusing to download unfamiliar applications remain the most effective defenses against cyber fraud.

As mobile banking and digital transactions become increasingly common, experts urge users of all ages to exercise caution and educate themselves about potential online threats.

Continue Reading

Trending

Copyright © 2022 420 Reports Marijuana News & Information Website | Reefer News | Cannabis News