General AI Crap

Should tired workers be banned from using Microsoft Copilot on Friday afternoons? "AI fatigue" could lead to lazy mistakes - Windows Central​

Friday fatigue sparks calls to ban Microsoft Copilot, as analysts caution against AI errors when users are tired.

1774074532471.png

During a talk about “Mitigating the Top 5 Microsoft 365 Copilot Security Risks” at Gartner’s Security & Risk Management Summit in Sydney on Tuesday, analyst Dennis Xu jokingly suggested banning the use of Microsoft Copilot on Friday afternoons.

He noted that by the end of the week, many users might be too lazy to double‑check whether the chatbot’s outputs are offensive, which raised his concern (via The Register).

As AI models and chatbots become more advanced, prompt engineering is increasingly vital to unlocking their full potential. So, why Friday? The analyst argued that most professionals are usually tired by this time of the week and wouldn't bother to check for errors in Microsoft Copilot's responses.

Xu floated the idea about banning Copilot on Friday afternoons while discussing the fifth risk he'd identified about the chatbot generating output that might be a tad inappropriate. While he admitted that the output might be factually correct, it may come off as toxic and offensive, making it unsuitable in the workplace or even among customers.

The analysts reiterated the importance of reviewing Copilot's output before sharing to a broader audience, and even making it a ritual. He also recommended addressing Copilot's toxic content using filters from Microsoft.

While many users seem to show a bias toward ChatGPT when comparing it to Copilot (though the growing #CancelChatGPT movement may be shifting perceptions), Microsoft has argued that its offering is superior. The company suggests that users simply aren’t leveraging Copilot as intended, pointing instead to a lack of proper prompt‑engineering skills.
Click to expand...

www.windowscentral.com

Ban Copilot on Friday? Gartner says that’s when it's most dangerous

Gartner suggests Microsoft’s Copilot AI should take Friday afternoons off because tired users may miss mistakes thanks to AI fatigue.
www.windowscentral.com www.windowscentral.com
 
Looks like the Big Tech overlords REALLY REALLY want FULL control over ALL of your data stored on your personal devices... "It's for your SAFETY & CONVENIENCE"... JA, RIGHT!...

I just think it’s funny the same week Anthropic is in the news over its use for autonomous killer military drones they decided to pitch everyone on letting it autonomously control your home computer.
Click to expand...

https://twitter.com/x/status/2036363852611236292
 

R.I.P. Sora (2024-2026) - Gizmodo​

OpenAI's video model and social media platform were too beautiful for this world.

1774417083379.png

OpenAI says it’s killing Sora.

I wrote a week ago that Sora was likely on the chopping block amid OpenAI’s pivot to business and productivity tools. It looks like they were serious. It’s going to be gone soon.

Despite Sora’s ability to generate headlines (When it was first previewed, we at Gizmodo called it “Breathtaking, Yet Terrifying”) the company is pulling the plug on this compute-guzzling AI video experiment.

At press time, it was still possible to watch and generate videos with the Sora app. The official Sora X account says OpenAI will “share more soon, including timelines for the app and API and details on preserving your work.” Disney has already pulled out of its content-sharing agreement with OpenAI.

Gizmodo reached out to OpenAI for clarity about what this means for the continued existence of the model itself. While discontinuing the video-sharing app is straightforward, it’s less obvious whether the core model will be folded into another model, preserved in some other way, or deleted from the face of the Earth. We will update if OpenAI gets back to us.
Click to expand...

gizmodo.com

R.I.P. Sora (2024-2026)

OpenAI's video model and social media platform were too beautiful for this world.
gizmodo.com gizmodo.com
 
Ooopsie... :p

Someone just poisoned the Python package that manages AI API keys for NASA, Netflix, Stripe, and NVIDIA.. 97 million downloads a month.. and a simple pip install was enough to steal everything on your machine.

The attacker picked the one package whose entire job is holding every AI credential in the organization in one place. OpenAI keys, Anthropic keys, Google keys, Amazon keys… all routed through one proxy. All compromised at once.

The poisoned version was published straight to PyPI.. no code on GitHub.. no release tag.. no review. Just a file that Python runs automatically on startup. You didn’t need to import it. You didn’t need to call it. The malware fired the second the package existed on your machine.

The attacker vibe coded it… the malware was so sloppy it crashed computers.. used so much RAM a developer noticed their machine dying and investigated. They found LiteLLM had been pulled in through a Cursor MCP plugin they didn’t even know they had.

That crash is the only reason thousands of companies aren’t fully exfiltrated right now. If the code had been cleaner nobody notices for weeks. Maybe months.

The attack chain is the part that gets worse every sentence.

TeamPCP compromised Trivy first. A security scanning tool. On March 19. LiteLLM used Trivy in its own CI pipeline… so the credentials stolen from the SECURITY product were used to hijack the AI product that holds all your other credentials.

Then they hit GitHub Actions. Then Docker Hub. Then npm. Then Open VSX. Five package ecosystems in two weeks. Each breach giving them the credentials to unlock the next one.

The payload was three stages.. harvest every SSH key, cloud token, Kubernetes secret, crypto wallet, and .env file on the machine.. deploy privileged containers across every node in the cluster.. install a persistent backdoor waiting for new instructions.

TeamPCP posted on Telegram after: “Many of your favourite security tools and open-source projects will be targeted in the months to come.. stay tuned.”

Every AI agent, copilot, and internal tool your company shipped this year runs on hundreds of packages exactly like this one… nobody chose to install LiteLLM on that developer’s machine. It came in as a dependency of a dependency of a plugin.

One compromised maintainer account turned the entire trust chain into a credential harvesting operation across thousands of production environments in hours.

The companies deploying AI the fastest right now have the least visibility into what’s underneath it.
Click to expand...

https://twitter.com/x/status/2036653323978420322
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X