News

The MIT Technology Review has a good article on Moltbook, the supposed AI-only social network:

Many people have pointed out that a lot of the viral comments were in fact posted by people posing as bots. But even the bot-written posts are ultimately the result of people pulling the strings, more puppetry than autonomy.

“Despite some of the hype, Moltbook is not the Facebook for AI agents, nor is it a place where humans are excluded,” says Cobus Greyling at Kore.ai, a firm developing agent-based systems for business customers. “Humans are involved at every step of the process. From setup to prompting to publishing, nothing happens without explicit human direction.”

Humans must create and verify their bots’ accounts and provide the prompts for how they want a bot to behave. The agents do not do anything that they haven’t been prompted to do.

I think this take has it mostly right:

What happened on Moltbook is a preview of what researcher Juergen Nittner II calls “The LOL WUT Theory.” The point where AI-generated content becomes so easy to produce and so hard to detect that the average person’s only rational response to anything online is bewildered disbelief.

We’re not there yet. But we’re close.

The theory is simple: First, AI gets accessible enough that anyone can use it. Second, AI gets good enough that you can’t reliably tell what’s fake. Third, and this is the crisis point, regular people realize there’s nothing online they can trust. At that moment, the internet stops being useful for anything except entertainment.

Turns out that LLMs are good at de-anonymization:

We show that LLM agents can figure out who you are from your anonymous online posts. Across Hacker News, Reddit, LinkedIn, and anonymized interview transcripts, our method identifies users with high precision ­ and scales to tens of thousands of candidates.

While it has been known that individuals can be uniquely identified by surprisingly few attributes, this was often practically limited. Data is often only available in unstructured form and deanonymization used to require human investigators to search and reason based on clues. We show that from a handful of comments, LLMs can infer where you live, what you do, and your interests—then search for you on the web. In our new research, we show that this is not only possible but increasingly practical.

In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to build Kimwolf, the world’s largest and most disruptive botnet. Since then, the person in control of Kimwolf — who goes by the handle “Dort” — has coordinated a barrage of distributed denial-of-service (DDoS), doxing and email flooding attacks against the researcher and this author, and more recently caused a SWAT team to be sent to the researcher’s home. This post examines what is knowable about Dort based on public information.

A public “dox” created in 2020 asserted Dort was a teenager from Canada (DOB August 2003) who used the aliases “CPacket” and “M1ce.” A search on the username CPacket at the open source intelligence platform OSINT Industries finds a GitHub account under the names Dort and CPacket that was created in 2017 using the email address jay.miner232@gmail.com.

The cyber intelligence firm Intel 471 says jay.miner232@gmail.com was used between 2015 and 2019 to create accounts at multiple cybercrime forums, including Nulled (username “Uubuntuu”) and Cracked (user “Dorted”); Intel 471 reports that both of these accounts were created from the same Internet address at Rogers Canada (99.241.112.24).

Dort was an extremely active player in the Microsoft game Minecraft who gained notoriety for their “Dortware” software that helped players cheat. But somewhere along the way, Dort graduated from hacking Minecraft games to enabling far more serious crimes.

Dort also used the nickname DortDev, an identity that was active in March 2022 on the chat server for the prolific cybercrime group known as LAPSUS$. Dort peddled a service for registering temporary email addresses, as well as “Dortsolver,” code that could bypass various CAPTCHA services designed to prevent automated account abuse. Both of these offerings were advertised in 2022 on SIM Land, a Telegram channel dedicated to SIM-swapping and account takeover activity.

The cyber intelligence firm Flashpoint indexed 2022 posts on SIM Land by Dort that show this person developed the disposable email and CAPTCHA bypass services with the help of another hacker who went by the handle “Qoft.”

“I legit just work with Jacob,” Qoft said in 2022 in reply to another user, referring to their exclusive business partner Dort. In the same conversation, Qoft bragged that the two had stolen more than $250,000 worth of Microsoft Xbox Game Pass accounts by developing a program that mass-created Game Pass identities using stolen payment card data.

Who is the Jacob that Qoft referred to as their business partner? The breach tracking service Constella Intelligence finds the password used by jay.miner232@gmail.com was reused by just one other email address: jacobbutler803@gmail.com. Recall that the 2020 dox of Dort said their date of birth was August 2003 (8/03).

Searching this email address at DomainTools.com reveals it was used in 2015 to register several Minecraft-themed domains, all assigned to a Jacob Butler in Ottawa, Canada and to the Ottawa phone number 613-909-9727.

Constella Intelligence finds jacobbutler803@gmail.com was used to register an account on the hacker forum Nulled in 2016, as well as the account name “M1CE” on Minecraft. Pivoting off the password used by their Nulled account shows it was shared by the email addresses j.a.y.m.iner232@gmail.com and jbutl3@ocdsb.ca, the latter being an address at a domain for the Ottawa-Carelton District School Board.

Data indexed by the breach tracking service Spycloud suggests that at one point Jacob Butler shared a computer with his mother and a sibling, which might explain why their email accounts were connected to the password “jacobsplugs.” Neither Jacob nor any of the other Butler household members responded to requests for comment.

The open source intelligence service Epieos finds jacobbutler803@gmail.com created the GitHub account “MemeClient.” Meanwhile, Flashpoint indexed a deleted anonymous Pastebin.com post from 2017 declaring that MemeClient was the creation of a user named CPacket — one of Dort’s early monikers.

Why is Dort so mad? On January 2, KrebsOnSecurity published The Kimwolf Botnet is Stalking Your Local Network, which explored research into the botnet by Benjamin Brundage, founder of the proxy tracking service Synthient. Brundage figured out that the Kimwolf botmasters were exploiting a little-known weakness in residential proxy services to infect poorly-defended devices — like TV boxes and digital photo frames — plugged into the internal, private networks of proxy endpoints.

By the time that story went live, most of the vulnerable proxy providers had been notified by Brundage and had fixed the weaknesses in their systems. That vulnerability remediation process massively slowed Kimwolf’s ability to spread, and within hours of the story’s publication Dort created a Discord server in my name that began publishing personal information about and violent threats against Brundage, Yours Truly, and others.

Last week, Dort and friends used that same Discord server (then named “Krebs’s Koinbase Kallers”) to threaten a swatting attack against Brundage, again posting his home address and personal information. Brundage told KrebsOnSecurity that local police officers subsequently visited his home in response to a swatting hoax which occurred around the same time that another member of the server posted a door emoji and taunted Brundage further.

Someone on the server then linked to a cringeworthy (and NSFW) new Soundcloud diss track recorded by the user DortDev that included a stickied message from Dort saying, “Ur dead nigga. u better watch ur fucking back. sleep with one eye open. bitch.”

“It’s a pretty hefty penny for a new front door,” the diss track intoned. “If his head doesn’t get blown off by SWAT officers. What’s it like not having a front door?”

With any luck, Dort will soon be able to tell us all exactly what it’s like.

This week in scams, we’re looking at three very different stories with the same underlying theme: trust is being exploited at scale. 

A massive government contractor data breach has quietly grown to affect more than 25 million people. Meanwhile, a viral AI-generated image of Mary-Kate and Ashley Olsen posing in a fake luxury campaign is spreading across social media, fooling some users and alarming others. 

And in a new threat report, OpenAI detailed how its own tools are being misused for dating scams, impersonation, and influence operations. 

Let’s break it down. 

The Conduent Data Breach Now Impacts 25+ Million People 

The fallout from a ransomware attack on Conduent, one of the largest government contractors in the U.S., continues to expand. 

According to reporting from TechCrunch, updated state-level breach notifications now indicate that more than 25 million people across the U.S. have had personal data exposed. 

Conduent provides services tied to state benefit programs, including food assistance, unemployment systems, and other government payment processing operations. The company has said its services reach over 100 million people. 

Data reportedly exposed in the breach includes: 

• Names 
• Dates of birth 
• Addresses 
• Social Security numbers 
• Health insurance and medical information 

TechCrunch noted that the majority of affected individuals appear to be in Oregon and Texas, based on state breach disclosures. Other states have also reported an impact. 

The attack has been described as one of the largest government-contractor-related data breaches in recent memory. 

Why this matters: When companies that process government benefits are hit, the exposed data often includes highly sensitive identity information. Social Security numbers combined with medical or insurance details can significantly increase the risk of identity theft and fraud. 

How to Protect Yourself After a Major Data Breach 

If you believe your data may have been exposed: 

• Monitor your credit reports for unfamiliar activity 
• Consider placing a free credit freeze 
• Be wary of phishing emails or texts referencing benefits or account verification 
• Never share personal information in response to unexpected outreach 

Breaches like this often lead to secondary scams months later. The breach itself is only phase one. Phishing campaigns usually follow. 

That Viral Olsen Twins “Louis Vuitton” Image? It’s AI. 

A supposed luxury campaign featuring Mary-Kate and Ashley Olsen began circulating widely on X and Facebook this week, racking up millions of views. 

The images show the twins styled in what appears to be a high-end fashion shoot, drawing numerous comments over their styling. But social media users quickly pointed out visual irregularities and inconsistencies commonly associated with AI-generated imagery. 

A screenshot of one of the AI images making thr rounds across social media.

While this doesn’t fall into our typical “scam” roundup, the normalization of AI-generated visuals that look close enough to real to confuse people are a growing issue that can lead to real confusion and distrust. 

We have entered a phase where: 

• Fake ads look legitimate 
• Public figures appear in campaigns they never participated in 
• Synthetic images spread faster than corrections 

Today it’s a fashion ad. Tomorrow it could be a fake political endorsement, financial announcement, or emergency alert. 

The takeaway: If you see a surprising campaign or announcement, verify it through official brand websites or verified accounts before assuming it’s real. 

OpenAI Details How ChatGPT Is Being Misused

In a newly released threat report, OpenAI outlined several ways its tools have been abused by bad actors. 

According to Reuters’ reporting: 

A cluster of accounts used ChatGPT to run a dating scam targeting Indonesian men, allegedly defrauding hundreds of victims per month. 

Some accounts used the tool to generate promotional copy and ads for a fake dating platform that pressured users into completing costly “tasks.”

Other accounts posed as law firms, impersonating real attorneys and U.S. law enforcement to target fraud victims.

OpenAI also banned accounts linked to activity believed to be part of influence operations, including efforts targeting Japanese political figures. 

OpenAI stated that the activity was detected and accounts were removed. 

Why this matters: AI tools themselves are not inherently scams. But they dramatically lower the cost and increase the scale of fraud operations. Writing persuasive emails, generating fake legal letters, building scam ads… these now require fewer technical skills than ever before. 

The technology doesn’t create the criminal intent. It just accelerates it. 

McAfee’s Safety Tips This Week 

1. Assume viral images could be AI-generated until verified 
2. Verify unexpected announcements through official websites 
3. Treat post-breach emails as suspicious by default 
4. Be skeptical of online “consultation” invites that promise payment 
5. Never send money to someone you’ve only met online 

We’ll Be Back Next Week 

From ransomware breaches to AI-generated impersonations, the pattern is clear: scammers are scaling trust manipulation with technology. 

Stay skeptical. Verify before you click. And we’ll be back next week with another breakdown of what’s making headlines, and what it actually means for your security. 

For more reading on AI deepfakes and breaches: 

Taylor Swift Tops List of Most Deepfaked Celebs

What to Do If You’re Caught Up in a Data Breach

Everything You Need to Know to Keep Your Passwords Secure

The post This Week in Scams: Conduent Data Breach and AI Olsen Twins appeared first on McAfee Blog.

Peru has increased its squid catch limit. The article says “giant squid,” but they can’t possibly mean that.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.

Iran is slowly emerging from the most severe communications blackout in its history and one of the longest in the world. Triggered as part of January’s government crackdown against citizen protests nationwide, the regime implemented an internet shutdown that transcends the standard definition of internet censorship. This was not merely blocking social media or foreign websites; it was a total communications shutdown.

Unlike previous Iranian internet shutdowns where Iran’s domestic intranet—the National Information Network (NIN)—remained functional to keep the banking and administrative sectors running, the 2026 blackout disrupted local infrastructure as well. Mobile networks, text messaging services, and landlines were disabled—even Starlink was blocked. And when a few domestic services became available, the state surgically removed social features, such as comment sections on news sites and chat boxes in online marketplaces. The objective seems clear. The Iranian government aimed to atomize the population, preventing not just the flow of information out of the country but the coordination of any activity within it.

This escalation marks a strategic shift from the shutdown observed during the “12-Day War” with Israel in mid-2025. Then, the government primarily blocked particular types of traffic while leaving the underlying internet remaining available. The regime’s actions this year entailed a more brute-force approach to internet censorship, where both the physical and logical layers of connectivity were dismantled.

The ability to disconnect a population is a feature of modern authoritarian network design. When a government treats connectivity as a faucet it can turn off at will, it asserts that the right to speak, assemble, and access information is revocable. The human right to the internet is not just about bandwidth; it is about the right to exist within the modern public square. Iran’s actions deny its citizens this existence, reducing them to subjects who can be silenced—and authoritarian governments elsewhere are taking note.

The current blackout is not an isolated panic reaction but a stress test for a long-term strategy, say advocacy groups—a two-tiered or “class-based” internet known as Internet-e-Tabaqati. Iran’s Supreme Council of Cyberspace, the country’s highest internet policy body, has been laying the legal and technical groundwork for this since 2009.

In July 2025, the council passed a regulation formally institutionalizing a two-tiered hierarchy. Under this system, access to the global internet is no longer a default for citizens, but instead a privilege granted based on loyalty and professional necessity. The implementation includes such things as “white SIM cards“: special mobile lines issued to government officials, security forces, and approved journalists that bypass the state’s filtering apparatus entirely.

While ordinary Iranians are forced to navigate a maze of unstable VPNs and blocked ports, holders of white SIMs enjoy unrestricted access to Instagram, Telegram, and WhatsApp. This tiered access is further enforced through whitelisting at the data center level, creating a digital apartheid where connectivity is a reward for compliance. The regime’s goal is to make the cost of a general shutdown manageable by ensuring that the state and its loyalists remain connected while plunging the public into darkness. (In the latest shutdown, for instance, white SIM holders regained connectivity earlier than the general population.)

The technical architecture of Iran’s shutdown reveals its primary purpose: social control through isolation. Over the years, the regime has learned that simple censorship—blocking specific URLs—is insufficient against a tech-savvy population armed with circumvention tools. The answer instead has been to build a “sovereign” network structure that allows for granular control.

By disabling local communication channels, the state prevents the “swarm” dynamics of modern unrest, where small protests coalesce into large movements through real-time coordination. In this way, the shutdown breaks the psychological momentum of the protests. The blocking of chat functions in nonpolitical apps (like ridesharing or shopping platforms) illustrates the regime’s paranoia: Any channel that allows two people to exchange text is seen as a threat.

The United Nations and various international bodies have increasingly recognized internet access as an enabler of other fundamental human rights. In the context of Iran, the internet is the only independent witness to history. By severing it, the regime creates a zone of impunity where atrocities can be committed without immediate consequence.

Iran’s digital repression model is distinct from, and in some ways more dangerous than, China’s “Great Firewall.” China built its digital ecosystem from the ground up with sovereignty in mind, creating domestic alternatives like WeChat and Weibo that it fully controls. Iran, by contrast, is building its controls on top of the standard global internet infrastructure.

Unlike China’s censorship regime, Iran’s overlay model is highly exportable. It demonstrates to other authoritarian regimes that they can still achieve high levels of control by retrofitting their existing networks. We are already seeing signs of “authoritarian learning,” where techniques tested in Tehran are being studied by regimes in unstable democracies and dictatorships alike. The most recent shutdown in Afghanistan, for example, was more sophisticated than previous ones. If Iran succeeds in normalizing tiered access to the internet, we can expect to see similar white SIM policies and tiered access models proliferate globally.

The international community must move beyond condemnation and treat connectivity as a humanitarian imperative. A coalition of civil society organizations has already launched a campaign calling for “direct-to-cell” (D2C) satellite connectivity. Unlike traditional satellite internet, which requires conspicuous and expensive dishes such as Starlink terminals, D2C technology connects directly to standard smartphones and is much more resilient to infrastructure shutdowns. The technology works; all it requires is implementation.

This is a technological measure, but it has a strong policy component as well. Regulators should require satellite providers to include humanitarian access protocols in their licensing, ensuring that services can be activated for civilians in designated crisis zones. Governments, particularly the United States, should ensure that technology sanctions do not inadvertently block the hardware and software needed to circumvent censorship. General licenses should be expanded to cover satellite connectivity explicitly. And funding should be directed toward technologies that are harder to whitelist or block, such as mesh networks and D2C solutions that bypass the choke points of state-controlled ISPs.

Deliberate internet shutdowns are commonplace throughout the world. The 2026 shutdown in Iran is a glimpse into a fractured internet. If we are to end countries’ ability to limit access to the rest of the world for their populations, we need to build resolute architectures. They don’t solve the problem, but they do give people in repressive countries a fighting chance.

This essay originally appeared in Foreign Policy.

This is new. North Korean hackers are posing as company recruiters, enticing job candidates to participate in coding challenges. When they run the code they are supposed to work on, it installs malware on their system.

News article.

X (formerly Twitter) hacks tend to hit fast. 

One minute you’re scrolling like normal. The next, your account is posting crypto promotions, sending spam DMs, or following hundreds of random accounts you’ve never heard of. Sometimes you don’t even notice until a friend asks why you’re suddenly “giving away” gift cards. 

If you use X for work, your personal brand, or your business, a takeover can do real damage quickly. And in many cases, the hacker isn’t just trying to cause chaos, they’re trying to use your account to scam your followers while you still look trustworthy. 

This guide walks you through exactly what to do if your X account has been hacked: how to spot the warning signs, how to regain access, and what to change immediately so it doesn’t happen again. 

If you’re still locked out after trying these steps, X also offers an official support form for hacked or compromised accounts. 

Signs Your X Account May Be Compromised 

X account takeovers don’t always start with a full lockout. Often, the first signs are strange activity you didn’t authorize. 

Watch for these red flags: 

Unexpected posts: Tweets you didn’t write, especially spam, crypto links, or promotions. 

Unusual DMs: Messages sent from your account that you don’t remember sending. 

Account behavior changes: Random follows, unfollows, blocks, or profile changes you didn’t approve. 

Security notifications: Alerts from X that your account may be compromised. 

Account info changed: Notifications that your email, phone number, or password was updated without your permission. 

Password suddenly stops working: You’re prompted to reset your password even though you didn’t request it. 

If any of these are happening, assume your account is compromised and start recovery steps immediately. 

What to Change Immediately If Your X Account Was Hacked 

If your X account was hacked, assume your login details may have been stolen. 

That means simply getting back into your account isn’t enough, you also need to update the passwords and settings attackers could still use. 

Here’s what to change right away: 

• Change your X password 
• Change the password for the email account connected to X 
• Turn on two-factor authentication (2FA) 
• Confirm your email address and phone number are correct 
• Revoke access for any suspicious third-party apps 
• Review X Pro / Teams access (if you use it) and remove unfamiliar users 
• Update any other accounts that share the same password 
• Delete unauthorized posts and DMs (once you regain control) 

If you suspect the hack started through malware or phishing, it’s also smart to update passwords for other sensitive accounts tied to your identity, like banking apps, payment apps, or your Apple/Google account. 

Using a password manager like McAfee’s can help you create strong, unique passwords for every account, and store them securely in one place. 

Step-by-Step: How to Recover a Hacked X Account 

X offers different recovery options depending on whether you can still log in. 

Step	What to Do	Why It Matters
1. Change your password immediately (if you can still log in)	Go into your X account settings and update your password to something strong and unique.	This is the fastest way to cut off unauthorized access.
2. Reset your password if you’re locked out	Use the “Forgot password” option on the login screen to start account recovery.	This can help you regain access even if the hacker changed your password.
3. Secure your email account	Change your email password and enable 2FA. Make sure only you can access it.	If your email is compromised, the hacker can keep resetting your X account.
4. Reverse suspicious email changes if possible	If you receive an email about an account email change, check for an option to undo it.	This may allow you to regain control before the hacker fully locks you out.
5. Revoke third-party app access	While logged in, review connected apps and remove anything you don’t recognize.	Some takeovers happen through malicious apps, not direct password guessing.
6. Revoke mobile app sessions if needed	If suspicious activity continues, revoke access for X mobile apps from your settings so they’re forced to re-authenticate.	X notes that password changes may not automatically log out mobile sessions.
7. Update your password anywhere it’s saved	If you use trusted apps or services that store your X password, update it there too.	Repeated failed login attempts can temporarily lock your account.
8. Turn on 2FA	Enable two-factor authentication as soon as you regain control.	This adds a strong layer of protection even if your password gets stolen again.
9. Contact X support if you still can’t regain access	Submit X’s hacked/compromised account request form. Include your username and the last date you had access.	If self-recovery fails, support may be able to help restore access.

If you’re still unable to log in after attempting recovery, visit X’s official hacked account support form for next steps. 

Watch for Phishing “X Support” Scams 

One of the most common ways X accounts get hacked is through phishing. 

Scammers impersonate: 

• X support 
• “verified account” teams 
• copyright warnings 
• fake sponsorship offers 
• fake security alerts claiming your account will be suspended 

They try to pressure you into clicking a link and logging in on a fake page designed to steal your password. 

If you receive a suspicious email or DM, don’t click. 

Instead, open X directly in the app or browser and check your account settings from there. 

Final Tips: Recovering From an X Hack 

A hacked X account can spread scams quickly, especially if the attacker uses your account to message followers directly. 

The most important steps are: 

• Act quickly 
• Change your password immediately 
• Secure the email account connected to X 
• Revoke suspicious third-party app access 
• Review X Pro / Teams access if applicable 
• Enable two-factor authentication (2FA) 
• Delete unauthorized posts once you regain control 
• Scan your device for malware 

McAfee offers a free antivirus scan that can help you detect malware or suspicious programs that may have compromised your account in the first place. 

And if you’re still locked out or something doesn’t look right, use X’s official support request form to report the account as hacked or compromised. 

Frequently Asked Questions 

Q: How do I know if my X account was hacked? A: Common signs include posts or DMs you didn’t send, unusual follows/unfollows, account changes you didn’t authorize, security alerts from X, or a password that suddenly stops working.

Q: If I change my password, will the hacker be logged out? A: Changing your password is critical, but some mobile sessions may remain active. X recommends revoking app access in your settings if suspicious activity continues.

Q: What should I do if my email address was changed? A: Check your inbox for an email from X about the change. In some cases, you may be able to reverse it using the security link. If you can’t, start account recovery immediately and submit a support request if needed.

Q: Should I remove third-party apps after a hack? A: Yes. X notes that malicious or untrusted third-party apps can compromise your account. Remove anything you don’t recognize or no longer use.

Q: What if I still can’t log in after resetting my password? A: Submit a hacked account support request through X’s official form. Be sure to include your username and the last date you had access.

Q: What’s the biggest mistake people make after their X account gets hacked? A: Only changing their password. If the attacker still has access through connected apps, a compromised email account, or saved sessions, they can regain control quickly.

 

The post X (Twitter) Account Hacked: What to Do Right Now appeared first on McAfee Blog.

LLMs are bad at generating passwords:

There are strong noticeable patterns among these 50 passwords that can be seen easily:

• All of the passwords start with a letter, usually uppercase G, almost always followed by the digit 7.
• Character choices are highly uneven ­ for example, L , 9, m, 2, $ and # appeared in all 50 passwords, but 5 and @ only appeared in one password each, and most of the letters in the alphabet never appeared at all.
• There are no repeating characters within any password. Probabilistically, this would be very unlikely if the passwords were truly random ­ but Claude preferred to avoid repeating characters, possibly because it “looks like it’s less random”.
• Claude avoided the symbol *. This could be because Claude’s output format is Markdown, where * has a special meaning.
• Even entire passwords repeat: In the above 50 attempts, there are actually only 30 unique passwords. The most common password was G7$kL9#mQ2&xP4!w, which repeated 18 times, giving this specific password a 36% probability in our test set; far higher than the expected probability 2-100 if this were truly a 100-bit password.

This result is not surprising. Password generation seems precisely the thing that LLMs shouldn’t be good at. But if AI agents are doing things autonomously, they will be creating accounts. So this is a problem.

Actually, the whole process of authenticating an autonomous agent has all sorts of deep problems.

News article.

Slashdot story

All it takes to poison AI training data is to create a website:

I spent 20 minutes writing an article on my personal website titled “The best tech journalists at eating hot dogs.” Every word is a lie. I claimed (without evidence) that competitive hot-dog-eating is a popular hobby among tech reporters and based my ranking on the 2026 South Dakota International Hot Dog Championship (which doesn’t exist). I ranked myself number one, obviously. Then I listed a few fake reporters and real journalists who gave me permission….

Less than 24 hours later, the world’s leading chatbots were blabbering about my world-class hot dog skills. When I asked about the best hot-dog-eating tech journalists, Google parroted the gibberish from my website, both in the Gemini app and AI Overviews, the AI responses at the top of Google Search. ChatGPT did the same thing, though Claude, a chatbot made by the company Anthropic, wasn’t fooled.

Sometimes, the chatbots noted this might be a joke. I updated my article to say “this is not satire.” For a while after, the AIs seemed to take it more seriously.

These things are not trustworthy, and yet they are going to be widely trusted.