Unsupervised Learning NO. 481

UPDATES

Hey, hope you’re doing well!

• Open Jobs in InfoSec THE LIST

• Humans > Tech 👇🏻

• An absolute must-listen podcast on the future of work after AI, with the CEO of Fiverr. This guy gets it. THE POST | THE PODCAST | THE VIDEO

• I sat down with my bestie Jason Haddix and talked about RSA Takeaways. Great conversation across multiple topics (Security, Creating, AI, etc.) VIDEO

• AI is going to force us to invent Artificial Scarcity for art & personality. VIDEO

• Why I still include Twitter/X links: I know many of you have left Twitter and are inconvenienced when I link to it for stories or analysis. I am sympathetic to this. I was a massive Elon supporter and now I’m not anymore. If there were a better service for AI/Security news I would use it, but there isn’t yet. And since my job in this context is to provide analysis of what’s going on, I’m forced to use X. It remains by far the best monitoring system for what’s happening in InfoSec and AI. Please consider keeping a read-only account just so you can stay up on the latest stuff. There are evil people behind most of the products and services we all use every day; don’t penalize yourself for someone else’s flaws. I recommend you keep an account so you can read the stuff I and others find (while ignoring the garbage of browsing the main feed).

• Working on a sick video on the future of personal and corporate hacking, bug bounty, etc.!

• Looking forward to presenting at Nahamcon on the 22nd!

• EDC this weekend! (No newsletter next week)

CYBERSECURITY

North Korea Leverages AI to Scale IT Worker Fraud Operations
Okta's research shows North Korea is recruiting remote tech workers via elaborate AI-backed schemes to bypass sanctions and fund the regime. What’s crazy to me is how they’ll just work like normal employees if they don’t see anything to hack. THE ARTICLE | VIDOC DEEPFAKE FRAUD ARTICLE

Cisco Patches Critical IOS XE Vulnerability Allowing Device Hijacking
A hard-coded JWT in Cisco IOS XE allows unauthenticated attackers to take complete control of wireless LAN controllers. Requires a specific setting is enabled, though. THE ARTICLE

Business Email Compromise Attacks Dominate Cyber Claims
AtBay says BEC and funds transfer fraud made up 60% of all cyber claims in 2024, with average BEC losses jumping 23% to $35,000. THE ARTICLE

Insight Partners Confirms Investor Data Stolen In January Breach
VC Insight Partners confirmed that sensitive employee and investor data was stolen during a January cyberattack. Exposed data includes fund information, banking details, tax information, and personal employee data. THE ARTICLE

Curl Project Fires Back At AI-Generated Vulnerability Reports
Daniel Stenberg, creator of the essential curl project, says they're being "DDoSed" with fake AI-generated security reports and plans to ban submitters of "AI slop." THE ARTICLE | DAN’S LINKEDIN POST

NATIONAL SECURITY

British Spies Link Russian Cyberattacks to Sabotage Plots
UK cyber chief Richard Horne warns that Russian hackers are actively aiding physical sabotage within Britain. "Cyber means are offering threat actors the capacity for reconnaissance and the ability to target a physical threat," Richard Horne THE ARTICLE

Poland Accuses Russia Of 'Unprecedented' Election Interference
Poland's digital affairs minister warned that Russia is targeting critical infrastructure and spreading disinformation to disrupt their upcoming presidential election. THE ARTICLE

AI

You Can Now Export Deep Research Reports to PDF
Tons of people were frustrated because the deep research output from ChatGPT wasn’t in a nice format for sharing and consuming. They’ve fixed that with PDF output. THE ANNOUNCEMENT

Anthropic Rolls Out Web Search API for Claude
Anthropic released an API that lets devs build Claude-powered apps capable of searching the web for up-to-date information. That’s a lot of startups that just got affected by this, and it will continue to happen as more and more app functionality moves into the AI platforms themselves. THE ARTICLE

Continuous Thought Machines
Continuous Thought Machines (CTM) uses something called recurrent architecture to let language models continuously update their thoughts during response generation. The claim is that it’s more like we humans do it. THE PAPER | HACKER NEWS DISCUSSION 

AI Comes to Human Resources Interactions
Companies are deploying AI assistants with human-like personas to handle traditional HR functions once performed by actual people. Some of the fastest growing uses of AI are going to be in places where the current solution with humans is already really bad and really time-consuming. Like customer service and HR interactions. THE ARTICLE

Claude's System Prompt Leaked: Over 24k Tokens With Tools
Claude’s system prompt got published, and it contains over 24,000 tokens of instructions and tool documentation. But Anthropic says they’ve improved it since the version showed. THE ARTICLE

Venture Capital Will Have to Pivot to AI
Venture Capital seems to be looking at AI as their last hope. Or at least their next one. 57.9% of global venture capital went to AI startups in Q1 2025, with most going to OpenAI.

I personally think VC and PE are about to change massively, with investment companies becoming AI Solution Factories. I just don’t think most traditional companies can compete with this model, and I think a LOT of the money sunk into VC investments is never coming back. VC ARTICLE | TECHCRUNCH ARTICLE ON AI STARTUPS

AI Ambient Voice Tech Reduces Physician Burnout By 70% At Ottawa Hospital
Microsoft's DAX Copilot at The Ottawa Hospital automatically creates clinical notes from doctor-patient conversations, saving physicians seven minutes per patient encounter. Early results show 93% of patients report equal or better care experiences with the AI assistant present. THE ARTICLE

OpenAI's $3B Windsurf Move Was to Buy the Vibe Coders
OpenAI's purchase of Windsurf seems to be a play at getting the developers, and getting them in the OpenAI ecosystem, more than wanting the editor itself. THE ARTICLE

TECHNOLOGY

Apple to Add Tiny AI Cameras to AirPods and Watches
According to Bloomberg's Mark Gurman, Apple plans to embed small cameras in AirPods and Apple Watches by 2027.

If this is true, it’s massive!

Recall my predicted path of DAs and Cameras/Microphone monitoring for us…

And of course that includes—most importantly—the cameras on your person. Facing behind you and in front of you. And microphones.

This is one of the absolute killer apps of Digital Assistants—constant security monitoring of your vicinity and those of your loved ones. THE ARTICLE | AI’S PREDICTABLE PATH

Microsoft Lays Off More Than 6,000 Employees
Microsoft is cutting over 6,000 jobs across all levels of the company, affecting about 3% of its workforce. THE ARTICLE | PREVIOUS LAYOFFS | MANAGEMENT COMMENTS | ACTIVISION CUTS

Tech Stocks Surge As US-China Tariff War Pauses
Stocks jumped massively after tariffs were largely relaxed for 90 days. Apple went up especially, since so much of their business is entangled with China. THE ARTICLE

iOS 19 to Sync Wi-Fi Portal Logins Between Apple Devices

Apple's (finally) planning to let users enter captive Wi-Fi portal details just once and have them sync across all their devices. THE ARTICLE 

Engineers Develop Wearable Heart Attack Detection Technology
Researchers at UBC have created a wearable patch that can detect heart attacks up to two hours before they happen. The device detects specific proteins released during cardiac distress, potentially saving millions of lives annually. THE ARTICLE

HUMANS

Everyone Is Cheating Their Way Through College
More students are using AI tools for assignments, and many professors can't tell the difference between human and AI work.

"The genie is out of the bottle—we can try to police it, but it's here to stay," Stanford professor Michael Bernstein.

I think there is fundamental confusion about what technology is good and bad for. The general question we should be asking ourselves is whether we’re working for the tech or tech is working for us. Or, as the CEO of Fiverr put it, are we upgrading AI or is AI upgrading us?

We need to know first principles. We need to understand how the world works. We need to know how to think. And tech can and should help us do that better than ever before. And it is, for many people reading this newsletter.

The problem is people not doing that, and using tech as a means of opting out of work. But maybe that distinction always existed, and the more powerful the tech becomes, it just exaggerates and exacerbates the difference. THE ARTICLE | HACKER NEWS DISCUSSION

The Effect of ChatGPT on Students' Learning Performance
Strange story to come after that first one. A new meta-analysis shows ChatGPT has significant positive effects on students' learning performance, perception, and higher-order thinking skills.

People are upset about this, I think because they see the opposite happening. To me it’s because of the distinction between the types of people using the technology. It’s a mindset difference.

For voraciously curious learners, it enhances them. For people who want to do as little as possible, it enables that even more. That distinction is what to look for here.

The tech is the lever, not the problem itself. THE PAPER

DOGE Renames Mass Layoff Tool Sound Less Negative
The Department of Government Efficiency has rebranded its auto-layoff tool from "AutoRIF" to "Workforce Reshaping Tool". Yeah, reshaping. ARTICLE

AI Becoming Top Choice For Therapy
HBR reports that "therapy/companionship" is now the top use case for generative AI, with many people preferring bots over human therapists. THE ARTICLE | TOP AI USE CASES | MENTAL HEALTH SAFEGUARDS

Mass Spectrometry Method Identifies Pathogens Within Minutes
A new mass spectrometry technique can identify dangerous pathogens in just minutes compared to traditional methods that take days or even weeks. The method identifies 98% of common bacterial pathogens correctly within five minutes. THE ARTICLE

Why Bell Labs Worked: Freedom and Trust for Genius
Bell Labs succeeded because it gave brilliant people complete freedom to explore and create without micromanagement or productivity metrics. Imagine if we enabled everyone on the planet to perform in this way, as a matter of course.

"I've always pursued my interests without much regard for final value or value to the world. I've spent lots of time on totally useless things." — Claude Shannon THE ARTICLE

Intelligence on Earth Evolved Independently At Least Twice
Scientists have determined that birds and mammals evolved their neural pathways for intelligence completely separately, despite achieving similar cognitive abilities. THE ARTICLE

The Growing Intersection Of Novel Writing And Game Narrative Development
Game writing and novel writing are increasingly overlapping career paths, with creators moving back and forth between the two storytelling mediums. "The plot in a novel was harder to construct... in a game, a player will investigate simply because the world exists." — Jon Ingold THE ARTICLE

DISCOVERY

Mithra: Security Scanner For LLM-Integrated APIs
Mithra is a new security scanner specifically designed to test REST APIs that use LLMs, checking for both traditional vulnerabilities and LLM-specific risks like prompt injection and context leakage. THE PROJECT | REDDIT ANNOUNCEMENT 

Cursor + Browser Control: Self-Improving Coding Agent
Jason Zhou demonstrates how combining Cursor with Playwright MCP enables AI coding agents to interact with browsers. VIDEO

SQLmap AI: Adding Natural Language to SQL Injection Tools
SQLmap AI — An extension of the popular SQLmap tool that allows security testers to perform SQL injection attacks using natural language prompts. THE PROJECT

Wtfis: A Human-Friendly Domain and IP Lookup Tool
A command-line OSINT tool that gathers information about domains, hostnames, and IPs in a beautifully formatted way that's designed for humans, not machines. THE PROJECT

The Vulnerable MCP Project 
A full site dedicated to securing MCP servers. News, tools, etc. Well-put-together. THE SITE

Four Ways Bad Employees Cost You THE POST

21 Observations From People Watching
A wedding painter shares insights on reading people's internal architecture through their conversation style, body language, and social interactions. THE ARTICLE

How to Title Your Blog Post or Whatever
Most writers spend far less time on titles than they should, which is unfortunate since titles disproportionately affect whether people read the work. ORIGINAL ARTICLE | HACKER NEWS DISCUSSION | DYNOMIGHT BLOG

Exporting Private GitHub Issues to Markdown
Simon Willison shows how to extract notes from private GitHub issues as markdown. THE ARTICLE

Someone Turned Everything Into An AI Podcast
Google's NotebookLM can transform any text into a surprisingly engaging AI podcast with banter, metaphors, and well-organized segments. It actually adds relevant context not explicitly mentioned in the original documents. THE ARTICLE

IPinfo Offers Free Unlimited Country-Level Geolocation and ASN Details
IPinfo just launched a free tier that gives developers unlimited access to country-level IP geolocation and ASN data with no strings attached. THE TOOL