A widely used Node.js utility called fast-glob, relied on by thousands of projectsâ"including over 30 U.S. Department of Defense systems -- is maintained solely by a Russian developer linked to Yandex. While there's no evidence of malicious activity, cybersecurity experts warn that the lack of oversight in such critical open-source projects leaves them vulnerable to potential exploitation by state-backed actors. The Register reports: US cybersecurity firm Hunted Labs reported the revelations on Wednesday. The utility in question is fast-glob, which is used to find files and folders that match specific patterns. Its maintainer goes by the handle "mrmlnc", and the Github profile associated with that handle identifies its owner as a Yandex developer named Denis Malinochkin living in a suburb of Moscow. A website associated with that handle also identifies its owner as the same person, as Hunted Labs pointed out. Hunted Labs told us that it didn't speak to Malinochkin prior to publication of its report today, and that it found no ties between him and any threat actor. According to Hunted Labs, fast-glob is downloaded more than 79 million times a week and is currently used by more than 5,000 public projects in addition to the DoD systems and Node.js container images that include it. That's not to mention private projects that might use it, meaning that the actual number of at-risk projects could be far greater. While fast-glob has no known CVEs, the utility has deep access to systems that use it, potentially giving Russia a number of attack vectors to exploit. Fast-glob could attack filesystems directly to expose and steal info, launch a DoS or glob-injection attack, include a kill switch to stop downstream software from functioning properly, or inject additional malware, a list Hunted Labs said is hardly exhaustive. [...] Hunted Labs cofounder Haden Smith told The Register that the ties are cause for concern. "Every piece of code written by Russians isn't automatically suspect, but popular packages with no external oversight are ripe for the taking by state or state-backed actors looking to further their aims," Smith told us in an email. "As a whole, the open source community should be paying more attention to this risk and mitigating it." [...] Hunted Labs said that the simplest solution for the thousands of projects using fast-glob would be for Malinochkin to add additional maintainers and enhance project oversight, as the only other alternative would be for anyone using it to find a suitable replacement. "Open source software doesn't need a CVE to be dangerous," Hunted Labs said of the matter. "It only needs access, obscurity, and complacency," something we've noted before is an ongoing problem for open source projects. This serves as another powerful reminder that knowing who writes your code is just as critical as understanding what the code does," Hunted Labs concluded.

Read more of this story at Slashdot.

An anonymous reader quotes a report from 404 Media: 4chan and Kiwi Farms sued the United Kingdom's Office of Communications (Ofcom) over its age verification law in U.S. federal court Wednesday, fulfilling a promise it announced on August 23. In the lawsuit, 4chan and Kiwi Farms claim that threats and fines they have received from Ofcom "constitute foreign judgments that would restrict speech under U.S. law." Both entities say in the lawsuit that they are wholly based in the U.S. and that they do not have any operations in the United Kingdom and are therefore not subject to local laws. Ofcom's attempts to fine and block 4chan and Kiwi Farms, and the lawsuit against Ofcom, highlight the messiness involved with trying to restrict access to specific websites or to force companies to comply with age verification laws. The lawsuit calls Ofcom an "industry-funded global censorship bureau." "Ofcom's ambitions are to regulate Internet communications for the entire world, regardless of where these websites are based or whether they have any connection to the UK," the lawsuit states. "On its website, Ofcom states that 'over 100,000 online services are likely to be in scope of the Online Safety Act -- from the largest social media platforms to the smallest community forum.'" [...] Ofcom began investigating 4chan over alleged violations of the Online Safety Act in June. On August 13, it announced a provisional decision and stated that 4chan had "contravened its duties" and then began to charge the site a penalty of [roughly $26,000] a day. Kiwi Farms has also been threatened with fines, the lawsuit states. "American citizens do not surrender our constitutional rights just because Ofcom sends us an e-mail. In the face of these foreign demands, our clients have bravely chosen to assert their constitutional rights," said Preston Byrne, one of the lawyers representing 4chan and Kiwi Farms. "We are aware of the lawsuit," an Ofcom spokesperson told 404 Media. "Under the Online Safety Act, any service that has links with the UK now has duties to protect UK users, no matter where in the world it is based. The Act does not, however, require them to protect users based anywhere else in the world."

Read more of this story at Slashdot.

Starting with Word for Windows version 2509, Microsoft is making cloud saving the default behavior. New documents will automatically save to OneDrive (or another cloud destination), with dated filenames, unless users manually revert to local saving in the settings. From the report: "Anything new you create will be saved automatically to OneDrive or your preferred cloud destination", writes Raul Munoz, product manager at Microsoft on the Office Shared Services and Experiences team. Munoz backs up the decision with half a dozen advantages for saving documents to the cloud. From never losing progress and access anywhere to easy collaboration and increased security and compliance. While cloud saving is without doubt beneficial in some cases, Munoz fails to address the elephant in the room. Some users may not want that their documents are stored in the cloud. There are good reasons for that, including privacy. Summed up: - If you do not mind that Word documents are stored in the cloud, you do not need to become active. - If you mind that Word documents are stored in the cloud by default, you need to modify the default setting.

Read more of this story at Slashdot.

Google has eliminated more than one-third of its managers overseeing small teams, an executive told employees last week, as the company continues its focus on efficiencies across the organization. From a report: "Right now, we have 35% fewer managers, with fewer direct reports" than at this time a year ago, said Brian Welle, vice president of people analytics and performance, according to audio of an all-hands meeting reviewed by CNBC. "So a lot of fast progress there." At the meeting, employees asked Welle and other executives about job security, "internal barriers" and Google's culture after several recent rounds of layoffs, buyouts and reorganizations. Welle said the idea is to reduce bureaucracy and run the company more efficiently. "When we look across our entire leadership population, that['s mangers, directors and VPs, we want them to be a smaller percentage of our overall workforce over time," he said.

Read more of this story at Slashdot.

After losing his job in 2024, Eric Thompson spearheaded a working group to push for federal legislation banning "ghost jobs" -- openings posted with no intent to hire. The proposed Truth in Job Advertising and Accountability Act would require transparency around job postings, set limits on how long ads can remain up, and fine companies that violate the rules. CNBC reports: "There's nothing illegal about posting a job, currently, and never filling it," says Thompson, a network engineering leader in Warrenton, Virginia. Not to mention, it's "really hard to prove, and so that's one of the reasons that legally, it's been kind of this gray area." As Thompson researched more into the phenomenon, he connected with former colleagues and professional connections across the country experiencing the same thing. Together, the eight of them decided to form the TJAAA working group to spearhead efforts for federal legislation to officially ban businesses from posting ghost jobs. In May, the group drafted its first proposal: The TJAAA aims to require that all public job listings include information such as: - The intended hire and start dates - Whether it's a new role or backfill - If it's being offered internally with preference to current employees - The number of times the position has been posted in the last two years, and other factors, according to the draft language. It also sets guidelines for how long a post is required to be up (no more than 90 calendar days) and how long the submission period can be (at least four calendar days) before applications can be reviewed. The proposed legislation applies to businesses with more than 50 employees, and violators can be fined a minimum of $2,500 for each infraction. The proposal provides a framework at the federal level, Thompson says, because state-level policies won't apply to employers who post listings across multiple states, or who use third-party platforms that operate beyond state borders.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Hill: Republicans on the House Oversight and Government Reform Committee opened a probe into alleged organized efforts to inject bias into Wikipedia entries and the organization's responses. Chair James Comer (R-Ky.) and Rep. Nancy Mace (R-S.C.), chair of the panel's subcommittee on cybersecurity, information technology, and government innovation, on Wednesday sent an information request on the matter to Maryana Iskander, chief executive officer of the Wikimedia Foundation, the nonprofit that hosts Wikipedia. The request, the lawmakers said in the letter (PDF), is part of an investigation into "foreign operations and individuals at academic institutions subsidized by U.S. taxpayer dollars to influence U.S. public opinion." The panel is seeking documents and communications about Wikipedia volunteer editors who violated the platform's policies, as well as the Wikimedia Foundation's efforts to "thwart intentional, organized efforts to inject bias into important and sensitive topics." "Multiple studies and reports have highlighted efforts to manipulate information on the Wikipedia platform for propaganda aimed at Western audiences," Comer and Mace wrote in the letter. They referenced a report from the Anti-Defamation League about anti-Israel bias on Wikipedia that detailed a coordinated campaign to manipulate content related to the Israel-Palestine conflict and similar issues, as well as an Atlantic Council report on pro-Russia actors using Wikipedia to push pro-Kremlin and anti-Ukrainian messaging, which can influence how artificial intelligence chatbots are trained. "[The Wikimedia] foundation, which hosts the Wikipedia platform, has acknowledged taking actions responding to misconduct by volunteer editors who effectively create Wikipedia's encyclopedic articles. The Committee recognizes that virtually all web-based information platforms must contend with bad actors and their efforts to manipulate. Our inquiry seeks information to help our examination of how Wikipedia responds to such threats and how frequently it creates accountability when intentional, egregious, or highly suspicious patterns of conduct on topics of sensitive public interest are brought to attention," Comer and Mace wrote. The lawmakers requested information about "the tools and methods Wikipedia utilizes to identify and stop malicious conduct online that injects bias and undermines neutral points of view on its platform," including documents and records about possible coordination of state actors in editing, the kind of accounts that have been subject to review, and and of the panel's analysis of data manipulation or bias. "We welcome the opportunity to respond to the Committee's questions and to discuss the importance of safeguarding the integrity of information on our platform," a Wikimedia Foundation spokesperson said.

Read more of this story at Slashdot.

An anonymous reader shares a report: Security researchers from Palo Alto Networks' Unit 42 have discovered the key to getting large language model (LLM) chatbots to ignore their guardrails, and it's quite simple. You just have to ensure that your prompt uses terrible grammar and is one massive run-on sentence like this one which includes all the information before any full stop which would give the guardrails a chance to kick in before the jailbreak can take effect and guide the model into providing a "toxic" or otherwise verboten response the developers had hoped would be filtered out. The paper also offers a "logit-gap" analysis approach as a potential benchmark for protecting models against such attacks. "Our research introduces a critical concept: the refusal-affirmation logit gap," researchers Tung-Ling "Tony" Li and Hongliang Liu explained in a Unit 42 blog post. "This refers to the idea that the training process isn't actually eliminating the potential for a harmful response -- it's just making it less likely. There remains potential for an attacker to 'close the gap,' and uncover a harmful response after all."

Read more of this story at Slashdot.

Deforestation has killed more than half a million people in the tropics over the past two decades as a result of heat-related illness, a study has found. The Guardian: Land clearance is raising the temperature in the rainforests of the Amazon, Congo and south-east Asia because it reduces shade, diminishes rainfall and increases the risk of fire, the authors of the paper found. Deforestation is responsible for more than a third of the warming experienced by people living in the affected regions, which is on top of the effect of global climate disruption. About 345 million people across the tropics suffered from this localised, deforestation-caused warming between 2001 and 2020. For 2.6 million of them, the additional heating added 3C to their heat exposure. In many cases, this was deadly. The researchers estimated that warming due to deforestation accounted for 28,330 annual deaths over that 20-year period.

Read more of this story at Slashdot.

The FBI and other law enforcement and intelligence agencies around the world warned Wednesday that a Chinese-government hacking campaign that previously penetrated nine U.S. telecommunications companies has expanded into other industries and regions, striking at least 200 American organizations and 80 countries. From a report: The joint advisory was issued with the close allies in the Five Eyes English-language intelligence-sharing arrangement and also agencies from Finland, Netherlands, Poland and the Czech Republic, an unusually broad array meant to demonstrate global resolve against what intelligence officials said is a pernicious campaign that exceeds accepted norms for snooping. "The expectation of privacy here was violated, not just in the U.S., but globally," FBI Assistant Director Brett Leatherman, who heads the bureau's cyber division, told The Washington Post in an interview. Chinese hackers won deep access to major communication carriers in the U.S. and elsewhere, then extracted call records and some law enforcement directives, which allowed them to build out a map of who was calling whom and whom the U.S. suspected of spying, Leatherman said. Prominent politicians in both major U.S. parties were among the ultimate victims.

Read more of this story at Slashdot.

Phonemaker Nothing used professional stock photos to demonstrate its Phone 3's camera capabilities on retail demo units, according to The Verge. Five images the company presented as community-captured samples were licensed photographs from the Stills marketplace, taken with other cameras in 2023. The Verge verified EXIF data confirming one image predated the Phone 3's release. Co-founder Akis Evangelidis acknowledged the photos were placeholders intended for pre-production testing that weren't replaced before deployment to stores.

Read more of this story at Slashdot.

South Korea has passed a bill banning the use of mobile phones and smart devices during class hours in schools -- becoming the latest country to restrict phone use among children and teens. From a report: The law, which comes into effect from the next school year in March 2026, is the result of a bi-partisan effort to curb smartphone addiction, as more research points to its harmful effects. Lawmakers, parents and teachers argue that smartphone use is affecting students' academic performance and takes away time they could have spent studying.

Read more of this story at Slashdot.

Wikipedia's volunteer editors have rejected founder Jimmy Wales' proposal to use ChatGPT for article review guidance after the AI tool produced error-filled feedback when Wales tested it on a draft submission. The ChatGPT response misidentified Wikipedia policies, suggested citing non-existent sources and recommended using press releases despite explicit policy prohibitions. Editors argued automated systems producing incorrect advice would undermine Wikipedia's human-centered model. The conflict follows earlier tensions over the Wikimedia Foundation's AI experiments, including a paused AI summary feature and new policies targeting AI-generated content.

Read more of this story at Slashdot.

An anonymous reader quotes a report from ScienceAlert: A genetically modified pig lung transplanted into a brain-dead human patient functioned for nine days in a new achievement that reveals both the promise and significant challenges of xenotransplantation. Over the course of the experiment, the patient showed increasing signs of organ rejection before scientists at the First Affiliated Hospital of Guangzhou Medical University in China terminated the experiment, allowing the recipient to pass away. It's the first time a pig lung has been transplanted into a human patient, demonstrating a significant step forward, and giving scientists new problems to solve as they develop this emerging medical technique further. [...] The goal of the experiment was not to achieve a successful transplantation on the first try -- that would have been pretty incredible, but not a realistic expectation. Rather, the researchers wanted to observe how the patient's immune system responded to the transplanted organ. The patient was a 39-year-old man who was declared brain-dead by four separate clinical assessments after undergoing a brain hemorrhage. His family provided written informed consent for the experiment. The donor pig is what is known as a six-gene-edited pig, a Bama miniature pig with six CRISPR gene edits, housed in an isolated facility with rigorous disinfection protocols. These edits are all focused on minimizing the immune and inflammatory responses of the patient. In a careful surgical procedure, the pig's left lung was placed into the patient's chest cavity, and connected to their airways, arteries, and veins. The paper does not explain the fate of the pig, but donor pigs do not typically survive the removal of a major organ. The patient was also treated with a number of immunosuppressants that the researchers adjusted according to changes observed in the patient's body over time. Initially, all seemed well, with none of the immediate signs of hyperacute rejection in the critical few hours following the procedure. However, by 24 hours after the transplant had taken place, severe swelling (edema) was observed, possibly as a result of blood flow being restored to the area of the transplant. Antibody-mediated rejection damaged the tissue further on days three and six of the experiment. The result of the damage was primary graft dysfunction, a type of severe lung injury occurring within 72 hours of a transplant, and the leading cause of death in lung transplant patients. Some recovery was taking place by day nine, but the experiment had run its course. The research has been published in Nature Medicine.

Read more of this story at Slashdot.

Canada's tech job market has collapsed from its pandemic-era boom, with postings down 19% from 2020 levels. Analysts say the decline was sharper than the overall job market and worsened after ChatGPT's debut in 2022 fueled AI-driven shifts in workforce demand. The Canadian Press reports: "The Canadian tech world remains stuck in a hiring freeze," said Brendon Bernard, Indeed's senior economist. "While both the tech job market and the overall job market have definitely cooled off from their 2022 peaks, the cool off has been much sharper in tech." He thinks the fall was likely caused by the market adjusting after a pandemic boom in hiring along with recent artificial intelligence advances that have reduced tech firms' interest in expanding their workforces. "We went from this really hot job market with job postings through the roof to one where job postings really crashed, falling well below their pre-pandemic levels," Bernard said. However, he sees AI's recent boom as a "watershed moment." While much of the decline in tech job postings has been in software engineer roles, Indeed found hiring for AI-related jobs was still up compared to early 2020. In fact, machine learning engineers and roles that support AI infrastructure, such as data engineers and data centre technicians, were among the job titles with postings still above early-2020 levels. At the same time, Indeed saw postings for senior and manager-level tech jobs drop sharply from their 2022 peak, but as of early 2025, they were still up five per cent from their pre-pandemic levels. Meanwhile, basic and junior tech titles were down 25 per cent. When it compared Canada's overall decline in tech job postings, Indeed found the country's decrease from pre-pandemic levels was somewhat milder than the retrenchment it has observed in the U.S., U.K., France and Germany. The U.S. fall amounted to 34 per cent, while in the U.K. it was 41 per cent. France saw a 38 per cent drop and Germany experienced a 29 per cent decrease. "All this just highlights is that this tech hiring freeze is a global tech hiring freeze," Bernard said.

Read more of this story at Slashdot.

Google DeepMind's new "nano banana" model (officially named Gemini 2.5 Flash Image) has taken the top spot on AI image-editing leaderboards by delivering far more consistent edits than before. It's being rolled out to the Gemini app today. Ars Technica has the details: AI image editing allows you to modify images with a prompt rather than mucking around in Photoshop. Google first provided editing capabilities in Gemini earlier this year, and the model was more than competent out of the gate. But like all generative systems, the non-deterministic nature meant that elements of the image would often change in unpredictable ways. Google says nano banana (technically Gemini 2.5 Flash Image) has unrivaled consistency across edits -- it can actually remember the details instead of rolling the dice every time you make a change. This unlocks several interesting uses for AI image editing. Google suggests uploading a photo of a person and changing their style or attire. For example, you can reimagine someone as a matador or a '90s sitcom character. Because the nano banana model can maintain consistency through edits, the results should still look like the person in the original source image. This is also the case when you make multiple edits in a row. Google says that even down the line, the results should look like the original source material. Gemini's enhanced image editing can also merge multiple images, allowing you to use them as the fodder for a new image of your choosing. Google's example below takes separate images of a woman and a dog and uses them to generate a new snapshot of the dog getting cuddles -- possibly the best use of generative AI yet. Gemini image editing can also merge things in more abstract ways and will follow your prompts to create just about anything that doesn't run afoul of the model's guard rails.

Read more of this story at Slashdot.

Dish's parent company EchoStar is selling $23 billion worth of 5G spectrum licenses to AT&T and shifting Boost Mobile onto AT&T and T-Mobile networks, effectively abandoning its bid to become the fourth major U.S. wireless carrier. The Verge reports: As part of T-Mobile's deal to acquire Sprint in 2019, the Department of Justice stipulated that another company must replace it as the fourth major wireless carrier. Dish came forward to acquire Boost Mobile from Sprint, paying $1.4 billion to purchase the budget carrier and other prepaid assets. Since then, Dish has spent billions acquiring spectrum to build out its own 5G network, which the company said was close to reaching 80 percent of the US population as of last year, in line with the Federal Communications Commission's deadline to meet certain coverage requirements. But Dish struggled to repay mounting debt, leading it to rejoin EchoStar, the company it originally spun off from in 2008. And at the same time, it came under renewed pressure from the FCC to make use of its spectrum. In April, the Elon Musk-owned SpaceX wrote a letter to the FCC saying EchoStar "barely uses" the AWS-4 (2GHz) spectrum band for satellite connectivity. Weeks later, FCC chair Brendan Carr opened an investigation into EchoStar's 5G expansion, criticizing the company's slow buildout and claiming that it had lost Boost Mobile customers since its acquisition of the carrier. Carr also questioned EchoStar's use of the AWS-4 spectrum, which isn't included in its deal with AT&T. In July, Carr said that he's not concerned with having a fourth mobile provider, saying during an open meeting that there isn't a "magic number" of carriers needed in the US to maintain competition. "We're always looking at a confluence of different factors to make sure that there's sufficient competition," he said, as reported by Fierce Network. Now, EchoStar will become a hybrid mobile network operator, which is a carrier that operates on its own network, in addition to using other companies' infrastructure. As noted in the press release, Boost Mobile will provide connectivity through AT&T towers and the T-Mobile network. "This ensures the survival of Boost Mobile," [said Roger Entner, founder and lead analyst at Recon Analytics]. "It gives them money, but at the end, they don't have much of a network left."

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Register: A German court has told Apple to stop advertising its Watches as being carbon-neutral, ruling that this was misleading and could not fly under the country's competition law. Apple has been marketing its newest smartwatches as being carbon-neutral for nearly two years now, with an array of rationales. It claims that clean energy for manufacturing, along with greener materials and shipping, lop around three-quarters off the carbon emissions for each model of the Apple Watch. The remaining emissions are offset by the purchase of carbon credits, according to Apple. Deutsche Umwelthilfe (well, DUH – that's the acronym), a prominent environmental group, begged to differ on that last point. It applied for an injunction in May and Tuesday's ruling (in German), which will only be published in full later this week, led it to claim victory. The ruling means Apple can't advertise the Watch as a "CO2-neutral product" in Germany. [...] The ruling revolved around the Paraguayan forestry program that Apple claimed was offsetting some of the Watch's production emissions. The project involves commercial eucalyptus plantations on leased land, where the leases for three-quarters of the land will run out in 2029 with no guarantee of renewal. According to the court, consumers' expectations of carbon compensation schemes are shaped by the prominent 2015 Paris Agreement, which commits countries to achieving carbon neutrality by the second half of this century. It said consumers would therefore "assume" that the carbon-neutrality claims around the Apple Watch would mean neutrality was assured through 2050. That leaves a 21-year gap of uncertainty in this case. The Verified Carbon Standard program, in which Apple is participating, has a "pooled buffer account" scheme to hedge against this sort of uncertainty. However, the German court was not impressed, saying it would only allow Apple to monitor the situation after the leases run out, which is a far cry from definitely being able to keep offsetting those emissions if the plantation gets cleared.

Read more of this story at Slashdot.

BrianFagioli shares a report from NERDS.xyz: Hosting.com has acquired Rocket.net, bringing the fast-growing managed WordPress hosting company under its corporate umbrella. The move gives hosting.com a proven SaaS platform and a strong brand in WordPress hosting, while Rocket.net gains the capital and global reach of a much larger player. Financial details of the deal were not disclosed. Rocket.net will continue to operate under its own name, but it is now part of hosting.com's family of brands. As part of the deal, Rocket.net founder and CEO Ben Gabler has been appointed Chief Product Officer at hosting.com, where he will lead product and software engineering across the entire company. [...] For hosting.com, the acquisition strengthens its ability to serve a wider range of customers. The company, founded in 2019, already operates more than 20 data centers, powers over 3 million websites, and serves 600,000 customers worldwide with a team of 900 employees. The Rocket.net platform will now be rolled out across hosting.com's global footprint, including the USA, UK, Germany, and Singapore, as well as new regions such as Mexico, the UAE, and Australia. Both companies stress that their commitment to WordPress and open source will remain intact. Hosting.com already sponsors global WordCamps and encourages employees to contribute to the WordPress project, while Rocket.net has long positioned itself as a champion of the open web.

Read more of this story at Slashdot.

According to The Information, Apple executives have debated acquiring Mistral AI and Perplexity to strengthen its AI capabilities. MacRumors reports: Services chief Eddy Cue is apparently the most vocal advocate of a deal to buy AI firms to bolster the company's offerings. Cue previously supported propositions of Apple acquiring Netflix and Tesla, both of which Apple CEO Tim Cook turned down. Other executives such as software chief Craig Federighi have reportedly been reluctant to acquire AI startups, believing that Apple can build its own AI technology in-house. [...] Apple is said to be hesitant to do a deal, which would likely cost billions of dollars. Apple has rarely spent more than a hundred million dollars on an acquisition, with Beats at $3 billion and Intel's wireless modem business at $1 billion. If a federal ruling ends the $20 billion deal between Apple and Alphabet that makes Google the default search engine on its devices, the company could be compelled to acquire an AI-powered search startup to fill that gap. For now, Apple apparently told bankers that it plans to continue with its strategy of focusing on smaller deals in AI.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Before 16-year-old Adam Raine died by suicide, he had spent months consulting ChatGPT about his plans to end his life. Now, his parents are filing the first known wrongful death lawsuit against OpenAI, The New York Times reports. Many consumer-facing AI chatbots are programmed to activate safety features if a user expresses intent to harm themselves or others. But research has shown that these safeguards are far from foolproof. In Raine's case, while using a paid version of ChatGPT-4o, the AI often encouraged him to seek professional help or contact a help line. However, he was able to bypass these guardrails by telling ChatGPT that he was asking about methods of suicide for a fictional story he was writing. OpenAI has addressed these shortcomings on its blog. "As the world adapts to this new technology, we feel a deep responsibility to help those who need it most," the post reads. "We are continuously improving how our models respond in sensitive interactions." Still, the company acknowledged the limitations of the existing safety training for large models. "Our safeguards work more reliably in common, short exchanges," the post continues. "We have learned over time that these safeguards can sometimes be less reliable in long interactions: as the back-and-forth grows, parts of the model's safety training may degrade."

Read more of this story at Slashdot.