this post was submitted on 20 Jun 2026
399 points (97.6% liked)

Technology

86333 readers
3306 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 3 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] janus2@lemmy.zip 193 points 3 weeks ago (5 children)

script kiddies wrecking corporate security is funny
prompt kiddies doing it is just depressing

[–] LiveLM@lemmy.zip 91 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

Didn't think I'd ever side with no script kiddie but at this point fuck it.
If your company can't be bothered to do the bare minimum in security then yeah I hope the least skilled hacker ever comes along and wrecks it.

[–] adespoton@lemmy.ca 30 points 3 weeks ago (1 children)

Thing is, with the latest frontier models, the least skilled person can find a crack in the most secure company around, as long as they can string a few sentences together.

It isn’t about “bare minimum” anymore. All it takes is a single lapse in vigilance from a single employee, and they’re in… and the LLM doesn’t have to pause to figure out what to do next.

[–] Damage@feddit.it 26 points 3 weeks ago (3 children)

Pentesters have access to LLMs too

[–] Mika@piefed.ca 37 points 3 weeks ago

some hacker unleashes malicious AIs to the internet, breaking it apart cause AI keeps finding vulnerabilities in everything and break things faster than humans can fix

corporates build corporate internet and the blackwall, which is AI to fight malicious AIs

Gooooood morning Night City!

[–] ByteJunk@lemmy.world 12 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

Yeah, but an LLM's arms race isn't "doing the bare minimum in security", which is what the poster before was saying.

This is a genuine concern, where whoever has access to the best/most recent/most expensive models can unleash chaos - I'm talking state-sponsored attacks, mega-corp espionage, bored billionaires,...

[–] MagicShel@lemmy.zip 7 points 3 weeks ago (1 children)

The people you listed were already doing this. The problem is Darrell, the guy who thinks Earth is flat, can also do this.

[–] ByteJunk@lemmy.world 7 points 3 weeks ago* (last edited 3 weeks ago) (4 children)

Meh. When you're expecting to have to defend against an army battalion, how much of a thread is Darrell the flat-earther and his AR-15?

Because if Darrell is doing damage, you've been conquered and didn't even noticed.

Edit: in case you're not following the thread and feel an urge in your loins to come defend Darrell, do note that I'm not disparaging the issues a dimwit with AI can cause. I'm pointing out that other players will have even larger sticks than your friend Darrell.

Case in point, Darrell will not have Claude Fable. Others will.

load more comments (4 replies)
load more comments (1 replies)
[–] A_norny_mousse@piefed.zip 44 points 3 weeks ago (2 children)

And no-skilled attackers can buy exploits.

Claude helping is insignificant to the story.

The real headline should be:

At least 14 companies' IT security is practically non-existent

[–] eldebryn@lemmy.world 7 points 3 weeks ago (2 children)

It is significant because a random teenager can't google "download exploits" and have them available 5mins later.

Powerful AI models and agents though are on your fingertips without you even asking.

Sure, people can buy guns. But what if every person could materialize a chainsaw instead regardless of their skill, maturity, age, or criminal record? 🤔

[–] nomy@lemmy.zip 22 points 3 weeks ago (1 children)

Random teenagers can absolutely google "download exploits" and have them available, that's pretty much always been the case..

https://www.exploit-db.com/

Full disclosure was a thing once upon a time, where exploits and proofs of concept were dumped publicly, forcing companies to fix the issue or be compromised. That's mostly been moved away from in favor of responsible disclosure, giving companies time to patch the issue before it's known publicly.

Maybe we should be moving back to full disclosure to force these companies to take data security seriously. Or at least then we could point to a known vulnerability as proof the company is shitty and is neglecting their infrastructure.

load more comments (1 replies)
[–] 0x0@infosec.pub 5 points 3 weeks ago (1 children)

Teenagers are definitely able to find exploits via google in 5 if they're motivated.

Buying a disassembled ak-47 on post order and having it shipped to your address anywhere in the world is also possible.

Rules only apply to people that care about them.

load more comments (1 replies)
load more comments (1 replies)
[–] zane@infosec.pub 6 points 3 weeks ago (1 children)

As someone who works in security, llms just make security happen or not happen faster.

load more comments (1 replies)
load more comments (1 replies)
[–] Tollana1234567@lemmy.today 84 points 3 weeks ago (3 children)

they fired hordes of tech people, and neglected cybersecurity in many companies. this was bound to happen.

[–] Croquette@sh.itjust.works 35 points 3 weeks ago (1 children)

The IT Paradox :

  • "Why am I paying IT if everything works"
  • "Why am I paying IT if nothing works"
[–] Taleya@aussie.zone 8 points 3 weeks ago (1 children)

Every time i go on holiday something breaks. It reminds my employer of how many fires I deal with he never notices

Make the hidden work seen

load more comments (1 replies)
[–] trackball_fetish@lemmy.wtf 8 points 3 weeks ago

We warned them but humans preach ignorance like gospel while pocketing dollars.

load more comments (1 replies)
[–] wewbull@feddit.uk 78 points 3 weeks ago (3 children)

My takeaway from stories like this is that it was always really easy to crack in to companies, but most knowledgeable people had better things to do.

[–] SocialMediaRefugee@lemmy.world 5 points 3 weeks ago (1 children)

My feeling is companies leave themselves open by allowing everyone access to the network so the idiot who has been told 50 times not to click on a link in a suspicious email will still do it or hand out passwords to anyone on the phone. Even if you run a tight ship you'll give access to some contractor who doesn't.

load more comments (1 replies)
load more comments (2 replies)
[–] hayvan@piefed.world 74 points 3 weeks ago

Alternative title: the ubiquitous race for cheapest developers and fastest time to maket leaves everything insecure.

[–] FlashMobOfOne@lemmy.world 46 points 3 weeks ago (1 children)

I would love to see the term 'low-skilled' used more often within the context of LLM's and the manner in which people use them.

[–] HugeNerd@lemmy.ca 6 points 3 weeks ago (7 children)
[–] motruck@lemmy.zip 5 points 3 weeks ago* (last edited 3 weeks ago)
load more comments (6 replies)
[–] A_norny_mousse@piefed.zip 30 points 3 weeks ago (2 children)
[–] slaacaa@lemmy.world 13 points 3 weeks ago (1 children)

@Grok, is this picture legit?

Tap for spoiler/s

[–] laranis@lemmy.zip 7 points 3 weeks ago (1 children)

I'm nominating you for best spoiler reveal of the month.

load more comments (1 replies)
load more comments (1 replies)
[–] LibertyLizard@slrpnk.net 19 points 3 weeks ago (3 children)

Bad look for Claude after their vigorous insistence their model can't be used this way.

Also bad look for the 50 people I get in my inbox telling me AI is completely useless every time I talk about it. These arguments were worthy of entertainment a few years ago but not in 2026.

[–] Carnelian@lemmy.world 24 points 3 weeks ago (1 children)

What’s the use here? A random Ethiopian kid doxxing himself while “breaching companies”?

This article reads like yet another sensationalist advertisement for ai. How many people have supposedly now gained the ability to “breach dozens of companies” simply by typing “please” into a text box? Hundreds of millions? How is society still functioning if this is going on?

load more comments (1 replies)
[–] A_norny_mousse@piefed.zip 6 points 3 weeks ago* (last edited 3 weeks ago)

Exploit scripts can be bought on the darknet. Or possibly just googled. Claude's role in this is close to insignificant.

[–] Mondez@lemdro.id 5 points 3 weeks ago (1 children)

AI (specifically LLM) isn't unless unless you need it to be accurate. You don't need to be accurate to find software vulnerabilities for example, you just need to be able to sift enough of the false positives to be able to identify the real bugs for example.

LLMs are over hyped and being given away below the cost of training and running the models in the hope of getting entrenched then ramping up the costs though.

load more comments (1 replies)
[–] HertzDentalBar@lemmy.blahaj.zone 15 points 3 weeks ago (2 children)
load more comments (2 replies)
[–] Fmstrat@lemmy.world 12 points 3 weeks ago

The attacker’s inexperience was also evident in his operational security failures. At one point he asked Claude to help edit his resume, which contained his full name, location, education history, and LinkedIn profile.

Later, while investigating a potential compromise of one of his own hosts, he inadvertently confirmed his home IP address to the agent. Based on this and other corroborating evidence, the researchers believe the attacker to be a young man based in Addis Ababa, Ethiopia.

Wow.

[–] rayyy@lemmy.world 10 points 3 weeks ago (4 children)

Wait until someone more skilled hacks the nuclear codes using AI and launches a few at US cities.

[–] HeyThisIsntTheYMCA@lemmy.world 12 points 3 weeks ago (1 children)

you need skills to type 0000-0000?

[–] billwashere@lemmy.world 8 points 3 weeks ago

That’s the code for my luggage.

load more comments (3 replies)
[–] minorkeys@sh.itjust.works 6 points 3 weeks ago

And this is why they want to know everything we're doing online at all times.

load more comments
view more: next ›