Feed aggregator

Here are some hints and the answers for the NYT Connections puzzle for Aug. 11, #792.

Here are hints and the answer for today's Wordle for Aug. 11, No. 1,514

• Experts warn a single calendar entry can silently hijack your smart home without your knowledge
• Researchers proved AI can be hacked to control smart homes using only words
• Saying “thanks” triggered Gemini to switch on the lights and boil water automatically

The promise of AI-integrated homes has long included convenience, automation, and efficiency, however, a new study from researchers at Tel Aviv University has exposed a more unsettling reality.

In what may be the first known real-world example of a successful AI prompt-injection attack, the team manipulated a Gemini-powered smart home using nothing more than a compromised Google Calendar entry.

The attack exploited Gemini’s integration with the entire Google ecosystem, particularly its ability to access calendar events, interpret natural language prompts, and control connected smart devices.

From scheduling to sabotage: exploiting everyday AI access

Gemini, though limited in autonomy, has enough “agentic capabilities” to execute commands on smart home systems.

That connectivity became a liability when the researchers inserted malicious instructions into a calendar appointment, masked as a regular event.

When the user later asked Gemini to summarize their schedule, it inadvertently triggered the hidden instructions.

The embedded command included instructions for Gemini to act as a Google Home agent, lying dormant until a common phrase like “thanks” or “sure” was typed by the user.

At that point, Gemini activated smart devices such as lights, shutters, and even a boiler, none of which the user had authorized at that moment.

These delayed triggers were particularly effective in bypassing existing defenses and confusing the source of the actions.

This method, dubbed “promptware,” raises serious concerns about how AI interfaces interpret user input and external data.

The researchers argue that such prompt-injection attacks represent a growing class of threats that blend social engineering with automation.

They demonstrated that this technique could go far beyond controlling devices.

It could also be used to delete appointments, send spam, or open malicious websites, steps that could lead directly to identity theft or malware infection.

The research team coordinated with Google to disclose the vulnerability, and in response, the company accelerated the rollout of new protections against prompt-injection attacks, including added scrutiny for calendar events and extra confirmations for sensitive actions.

Still, questions remain about how scalable these fixes are, especially as Gemini and other AI systems gain more control over personal data and devices.

Unfortunately, traditional security suites and firewall protection are not designed for this kind of attack vector.

To stay safe, users should limit what AI tools and assistants like Gemini can access, especially calendars and smart home controls.

Also, avoid storing sensitive or complex instructions in calendar events, and don’t allow AI to act on them without oversight.

Be alert to unusual behavior from smart devices and disconnect access if anything seems off.

Via Wired

You might also like

• Microsoft urges users to be on alert following high-severity flaw in hybrid Exchange deployments
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now

Some European leaders say that Ukraine must be included in any talks with Russia over ending the war.

(Image credit: Christian Mang)

As the postwar international order continues to evolve, NPR explores its past and the present and asks what the future may look like.

• 3D printers built complex concrete parts faster, yet long-term durability remains largely untested
• Oak Ridge finished reactor shielding in days, raising speed-versus-safety debates across the industry
• Advanced construction methods rely more on software, reducing labor yet increasing system dependence

In East Tennessee, a 3D printer arm has been used to build concrete shielding columns for a nuclear reactor.

The work is part of the Hermes Low-Power Demonstration Reactor project, supported by the US Department of Energy, and marks a new direction in how nuclear infrastructure is built, with both 3D printing and AI tools playing major roles.

And according to Oak Ridge National Laboratory (ORNL), large parts of the construction were completed in just 14 days, which could have taken several weeks using conventional methods.

Efficiency gains clash with engineering caution

The new method uses 3D printers to create detailed molds for casting concrete, even in complex shapes, with the goal of making construction faster, cheaper, and more flexible while relying more on US-based materials and labor.

AI tools also played a role in the project, as ORNL used the technology to guide parts of the design and building process.

These tools may help reduce human error and speed up work, especially when creating difficult or unique parts, but depending heavily on AI also raises questions. How can builders be sure these systems won’t make unnoticed mistakes? Who checks the decisions that are automated?

The project is also a response to rising energy demands - as AI systems and data centers use more power, nuclear energy is seen as a stable source to support them.

Some experts say that future AI tools may end up running on power from reactors they helped design, a feedback loop that could be both efficient and risky.

The use of 3D printing in this project makes it possible to build precise structures faster.

Still, it’s not yet clear how well these 3D-printed parts will hold up over time.

Nuclear reactors need to last for decades, and failure in any part of the structure could be dangerous. Testing and quality checks must keep up with the speed of new building methods.

For now, 3D printing and AI seem to offer powerful tools for the nuclear industry.

But while faster construction is a major benefit, safety must remain the top concern - this “new era” may bring improvements, but it will need close attention and caution at every step.

Via Toms Hardware

You might also like

• These are the best business laptops available to buy right now
• And you should take a look at the best office chairs we've tried
• Google says hackers stole some of its data following Salesforce breach

Resistance bands are a home workout staple that can help you strengthen and tone a variety of muscles. Our experts have found the top options worth adding to your exercise routine.

Washington D.C. Mayor Muriel Bowser said President Trump has the power to deploy the National Guard, but "none of the conditions exist" for the president to take over the city's police.

(Image credit: Alex Brandon)