Veteran security engineer Niels Provos is working on a new technical approach designed to stop autonomous AI agents from taking actions you haven’t specifically authorized.

His open-source software solution, called IronCurtain, aims to neutralize the risk of an LLM-powered agent “going rogue” – whether through prompt injection or the agent gradually deviating from the user’s original intent over the course of a long session.

How does IronCurtain work?

In the last few months, there have been reports of autonomous AI agents going off the rails due to agentic misalignment).

Instead of allowing them unlimited access to the user’s system, IronCurtain makes sure that the agent will not interact with it directly, and that its intended actions will be first be analyzed by a separate trusted process.

“Every agent, whether a direct LLM session or Claude Code running in a Docker container, goes through the same pipeline,” says Provos.

Once the user gives it an instruction, the agent writes TypeScript code that runs inside a V8 isolated virtual machine, and issues typed function calls that map to MCP tool calls (i.e., requests an AI sends to external tools through the Model Context Protocol so they can do things).

These tool-call requests are forwarded to the trusted process – a MCP proxy – that acts as a policy engine, and will “decide” whether each call should be allowed, denied (blocked), or escalated to a human for approval.

The four layers of IronCurtain (Source: Niels Provos)

The decisions of this policy engine rely on a “constitution”: a set of guiding principles and concrete guidance written in plain English by the user and “translated” into a security policy by IronCurtain.

“A compiler LLM translates the English into per-interface rules using a library of verified policy primitives. A test scenario generator creates cases designed to find gaps and contradictions. A verifier checks that the compiled rules match the original intent. A judge iteratively refines the policy until it meets the spirit of the constitution as well as it can,” Provos explains.

“Evaluation happens in two phases. First, structural invariants: protected paths (like the constitution itself and audit logs) are always denied, sandbox-contained paths are auto-allowed, and unknown tools are rejected. Second, compiled policy rules: each argument is checked against the rules generated from your constitution. Each argument role is evaluated independently and the most restrictive result wins.”

Once the tool-call requests have been allowed either by the trusted process or by the human, they are forwared to standard Model Context Protocol servers that provide filesystem access, git operations, and other capabilities. They instruct tools to execute the asked-for actions.

Results flow back through the trusted process to the agent, which is never allowed to access the user’s filesystem, sensitive credentials (e.g,. OAuth tokens, API keys, service account secrets), or environment variables. It is also prevented from accessing and modifying its own policy files, audit logs, or configuration.

IronCurtain is still in development, and Provos describes it as an early research effort. The code has been released publicly so developers and security researchers can test the approach and suggest improvements.

Subscribe to our breaking news e-mail alert to never miss out on the latest breaches, vulnerabilities and cybersecurity threats. Subscribe here!

from Help Net Security https://ift.tt/7GwFenT

Meta is stepping up the fight against scams on its platforms by filing multiple lawsuits targeting companies and individuals in Brazil, China, and Vietnam who used deceptive tactics to run scam ads.

The company said it has taken technical enforcement actions in these cases, including suspending payment methods used in the scams, disabling accounts linked to those operations, and blocking domains associated with scam sites. Meta shared this information with industry partners so other platforms can block the same offenders.

In Brazil, individuals and companies were accused of using altered images and voices of celebrities, as well as deepfakes of a prominent physician, to promote unapproved healthcare products and sell courses teaching others how to replicate the tactics.

Meta also sued a China-based technology firm it says used celebrity-bait ads to lure users in the United States and Japan into fraudulent investment groups.

“To fight celeb-bait scams, we developed protections for celebrities whose images are repeatedly used in these schemes. This program currently protects the images of more than 500,000 celebrities and public figures around the world,” the company said in the announcement.

In Vietnam, Meta brought a case against an individual accused of running a subscription fraud scheme that used cloaking to bypass ad review systems and generate unauthorized recurring charges.

The company said it is improving its ability to detect cloaking using AI tools that help identify harmful redirects, reject scam ads more quickly, and respond faster to user reports.

In recent years, Meta has faced growing criticism over its efforts to tackle scams. Some reports suggested that in 2024, up to 10% of its revenue was generated from ads tied to scams and banned goods.

Meta is also reviewing its Business Partner program to tighten oversight and reduce the risk of partners helping clients bypass enforcement systems.

from Help Net Security https://ift.tt/xVPbovz

We may earn a commission from links on this page. Deal pricing and availability subject to change after time of publication.

If you need to start a cordless tool kit or replace a set that’s worn out or broken, this Ridgid 18-volt, eight-tool combo set has all the basics you need for home DIY and beginner woodworking projects. Because cordless tools can be expensive, getting a good deal on a set is a way to stretch your DIY budget. I’ve used this set for shop work building shelving and displays, and the tools are durable and the batteries hold a charge well after years of use. At 65% off, it’s a great deal for eight tools and

Ridgid 18-volt eight-tool combo set

$283.00

$799.00 Save $516.00

$283.00

$799.00 Save $516.00

batteries.

Why I recommend Ridgid tools

Ridgid tools has been around for a century, and it makes tools with a reputation for durability and good battery life. The company is best known for inventing the pipe wrench in 1923, and since then, they have developed a line of over 30 cordless tools that can be used for anything from lawn care to carpentry. Ridgid is unique in the industry of cordless tools for offering a lifetime warrantee on their tools sold through Home Depot that includes the batteries. Once you own this set and register it with the company, you will have the battery set for as long as you want to use the tools.

I used the Ridgid tools that come in this bundle on the set of a haunted house over the course of several years and they held up, without the need for a warrantee replacement even with daily use for several hours of overtime a day. The impact driver and drill are well-balanced and comfortable to use and the new, slimmer batteries are lightweight, allowing smaller precision tools like the drywall cutout tool to be operated easily.

Why this Ridgid combo set is a good deal

The Ridgid 18-volt, eight-tool combo set is on sale at Home Depot right now for $283, 65% off its regular price. The set comes with a drill, an impact driver, a circular saw, a reciprocating saw, a random orbital sander, a work light, a mini shop vac, a blower, a 4-amp-hour battery, a 2-amp-hour battery, a charger, and a tool bag.

Because this set comes with a set of batteries covered by a lifetime warranty, you’ll save a lot on replacing batteries over time as well as in the short term by shopping the sale. In order to access the warranty on this set, you need to register the set with proof of purchase within 90 days of buying them, and they have to come from Home Depot to be eligible for the coverage. The warranty also covers all of the 18-volt tools that Ridgid makes, so if anything goes wrong, you can get a replacement or a repair at no cost.

A tool set that comes with a drill and driver is a good way to start, and this set also has saws and some accessories to build your home DIY kit. The mini shop vac is great for a home shop in a mixed use space, like a basement because you can clean up quickly using the same batteries you use for your driver and saw.

Our Best Editor-Vetted Tech Deals Right Now

Apple AirPods 4 Active Noise Cancelling Wireless Earbuds — $139.99 (List Price $179.00)

Samsung Galaxy S26 Ultra 6.9" 512GB Privacy Display Smartphone + $200 Gift Card — $1,299.99 (List Price $1,699.99)

Samsung Galaxy Buds 4 AI Noise Cancelling Wireless Earbuds + $20 Amazon Gift Card — $179.99 (List Price $199.99)

Google Pixel 10a 128GB 6.3" Unlocked Smartphone + $100 Gift Card — $499.00 (List Price $599.00)

Apple iPad 11" 128GB A16 WiFi Tablet (Blue, 2025) — $329.99 (List Price $349.00)

Apple Watch Series 11 [GPS 46mm] Smartwatch with Jet Black Aluminum Case with Black Sport Band - M/L. Sleep Score, Fitness Tracker, Health Monitoring, Always-On Display, Water Resistant — $329.00 (List Price $429.00)

Amazon Fire TV Soundbar — $99.99 (List Price $119.99)

Deals are selected by our commerce team

from Lifehacker https://ift.tt/5O8ye2n

If you are planning spring or summer travel, you may want to slow down and pay close attention to the process. Scammers have a lot to gain by targeting travelers: The Federal Trade Commission tracked more than 58,000 reports of travel, vacation, and timeshare plan fraud in 2024 totaling $274 million in losses. And AI is helping them get away with it.

How scammers are targeting travelers

Some of the most common travel scams involve impersonation: of people, brands, and listings. For example, fraudsters will post fake vacation rental listings and collect payment (sometimes by pressuring you to use wire transfers or peer-to-peer apps) and leave you stranded with no place to stay or stuck in accommodations way worse than what you booked and paid for. On the back end of a trip, a dishonest host may try to make fraudulent damage claims and pressure you into paying hundreds or thousands of dollars for something you didn't do.

Scammers will also impersonate travel agents and booking platforms, allowing them to collect sensitive personal information and money before you clock the fraud. Booking.com is a common target for scams. Multiple campaigns have used a spoofed version of the site to spread malware—another known as "I Paid Twice" targeted both Booking.com and Expedia.

Other travel scams involve fake flight cancellation notifications (which direct you to rebook on a phishing website), fake customer service numbers promoted via both sponsored ads and legitimate business listings, and deals that are too good to be true.

AI facilitates travel scams

These days, even savvy consumers can fall victim to these travel scams. As travel expert and consumer advocate Christopher Elliott writes for The Seattle Times, AI has rendered traditional scam red flags practically obsolete. We can no longer rely on obvious grammar and spelling errors to differentiate between what's real and what isn't, as tools like ChatGPT and Gemini are capable of nearly flawless replication of human speech and generating authentic-looking content—like photos, rental listings, and entire websites—in almost no time.

According to McAfee, one of the most common ways AI has changed the travel scam landscape is via voice cloning. Threat actors can make deepfake calls using just a few seconds of voice samples pulled from promotional material or customer service recordings. You may not be able to differentiate between a fake airline representative, hotel staff, or travel agent and a real one, and fraudsters use this to get everything from passport information to credit card numbers.

AI also makes phishing attempts far harder to spot, as scammers can craft booking confirmations and other communication using authentic branding and perfect text. And fake booking sites (as described above), rental listings, and tour pages are nearly indistinguishable from real ones, thanks to AI-generated photos, videos, and reviews.

How to identify AI-powered travel scams

Thankfully, AI hasn't eliminated every scam indicator. Urgency should always raise alarms, as scammers count on targets responding to demands before having time to think. If you're being pressured to provide information or pay money or book before a deal expires, it might be a scam. Slow down and verify before taking action.

If you're asked to send money via crypto, wire transfers, gift cards, or apps like Venmo and Zelle, it's almost certainly a scam. Always book travel over trusted platforms using credit cards, which have fraud protection and can be tracked or disputed.

If a customer service rep contacts you about your trip, ask them to verify your booking details before providing any additional information. If they cannot confirm things like your reservation number or card on file, they are likely not legitimate. If you're unsure, hang up and call the hotel, airline, or travel agent using contact information obtained from an official source.

Finally, check travel websites carefully for subtle signs of a scam. Be wary of URL tricks like homograph attacks and typosquatting, which are used to spread malware. Legitimate businesses will also have contact information and privacy policies on their websites. Avoid getting to websites through search results and unsolicited emails and social media messages—instead, go directly through trusted communication or type the correct URL into the address bar.

from Lifehacker https://ift.tt/DkqfEhm

Instagram will soon alert parents if their teen repeatedly searches for content related to suicide and self-harm on the platform. According to an announcement from Meta, these notifications will be available to parents in the U.S., UK, Australia, and Canada who supervise their teen's accounts starting next week.

As TechCrunch reports, this feature is being rolled out amid numerous lawsuits over how Meta and other tech companies have failed to protect kids and teens across their platforms.

How the new safety alerts work

Instagram will use teens' search activity to generate alerts. Searches that are flagged include "phrases promoting suicide or self-harm, phrases that suggest a teen wants to harm themselves, and terms like ‘suicide’ or ‘self-harm,'" according to Meta.

Parents will receive alerts via email, text, or WhatsApp as well as an in-app notification. The message lets parents know that their teen has "repeatedly searched" for content related to suicide or self-harm and includes resources for supporting teens.

Instagram already blocks searches associated with suicide and self-harm, directing users to resources instead. While users can post about their personal experiences, Meta's policies do not allow content that promotes or glorifies these topics, and Instagram hides related content from teens (even if it's from someone they follow).

Enable parental supervision on Instagram

To receive alerts, parental supervision must be enabled on your teen's account. Supervision allows parents to set app time limits, enable sleep mode, and monitor and manage things like account settings, followers, accounts followed, content topics searched, and app usage. Parental supervision is available for teens ages 13–17, and teens have to agree to participate.

To send a supervision invite to your teen, open the More menu in the bottom-left and click Settings. Select Supervision > Create Invite, review the information, and hit Continue. From here, you can copy the invite to send via any messaging app. Note that teens can decline supervision requests—the feature is opt-in for both parties.

from Lifehacker https://ift.tt/d1SBLwo

At least 25 million people have had their personal information stolen in a major hack on business services company Conduent. The data breach itself isn't new—it was initially disclosed in January 2025, and Conduent has already notified millions of individuals whose data was compromised in the incident. However, the breach is now believed to be larger in scale than previously reported, possibly among the largest to affect healthcare.

Who is Conduent?

Conduent is a New Jersey-based business processing outsourcing (BPO) company that provides services like printing, payment, and document and claims processing to state and federal government agencies as well as large commercial and transportation organizations. According to the company's 2025 annual report, these offerings include disbursement of benefits, such as food assistance and child support, and administration of government healthcare programs (like Medicaid). For large corporations, services include workplace and unemployment benefits management.

Conduent was spun off from Xerox in 2017 and now employs around 51,000 people worldwide.

What happened with the Conduent breach?

In January 2025, Conduent suffered an outage that was later confirmed to be the result of a "cybersecurity incident." The disruption lasted several days, during which agencies across the U.S. were unable to process some benefit payments. While the breach was discovered in January, hackers reportedly gained access to Conduent's systems months earlier on October 21, 2024. The Safepay ransomware gang later took credit for the attack.

While Conduent confirmed in April 2025 that client information had been stolen in the breach, it didn't begin notifying affected individuals until October. According to those notices, the compromised data included names, Social Security numbers, dates of birth, health insurance policy information, and medical information.

How many people were impacted by the breach?

The scope of the breach continues to grow, but the total number of individuals affected currently sits around 25 million. The greatest impact appears to be in Texas and Oregon, though residents in California, Delaware, Maine, Massachusetts, New Hampshire, and New Mexico have also received notices. (For reference, the total number of users impacted by the 2024 ransomware attack on Change Healthcare is now estimated at 190 million.)

What to do if you were affected

If you receive a notice saying your information was compromised, you should take every precaution to secure your identity: At a minimum, ensure your credit is frozen, and set up a one-year fraud alert on your credit files to prevent someone from applying for credit using your information. None of the notices we've seen have offered any type of credit monitoring or identity theft protection services to affected individuals, but you could utilize these services as well.

At this point—given the ubiquity of data breaches and information compromise—you should be keeping a close eye on your credit report and financial accounts at all times to quickly catch anything suspicious. If you do find fraudulent activity, report it to your bank and/or credit issuer immediately, and file an identity theft report.

from Lifehacker https://ift.tt/Tx3EbSg

CloudCasa has announced enhancements to its backup and recovery platform designed to support Red Hat OpenShift environments across core, edge, and hybrid cloud deployments.

The latest CloudCasa updates introduce SMB protocol support as a backup storage target, enabling organizations to leverage existing SMB-based storage, including deployments using an SMB operator on Red Hat OpenShift clusters, for Kubernetes and Red Hat OpenShift data protection. This added flexibility helps customers align backup architectures with existing enterprise storage strategies while maintaining consistency across environments.

CloudCasa has also delivered storage efficiency enhancements optimized for edge and resource-constrained sites, helping organizations reduce storage footprint and bandwidth usage while protecting distributed Red Hat OpenShift workloads. These improvements support Red Hat OpenShift deployments at the edge, where efficient and resilient data protection is essential.

CloudCasa already supports file-level restore from persistent volume claims (PVCs) in Red Hat OpenShift, allowing users to recover individual files from container-based workloads without restoring entire applications or volumes. Building on this existing capability, CloudCasa now extends granular recovery to virtualized workloads with new support for file-level restore from virtual machine backups for Red Hat OpenShift Virtualization users, enabling faster recovery and reduced operational overhead for VM-based applications running on Red Hat OpenShift.

“Organizations running Red Hat OpenShift expect flexible and consistent data protection across containers, virtual machines, and edge environments,” said Ryan Kaw, VP of Global Sales and Alliances at CloudCasa. “By expanding backup storage options and extending file-level recovery from PVCs to virtual machines on Red Hat OpenShift, CloudCasa helps customers improve resilience while simplifying operations across hybrid cloud architectures.”

By expanding backup target options, improving storage efficiency, and extending granular recovery capabilities to Red Hat OpenShift Virtualization, CloudCasa helps customers strengthen data resilience while maintaining operational consistency.

from Help Net Security https://ift.tt/ZIo0YDy