Comet AI's browser leaked user funds.
And the Security Team took a long weekend. Also Neuralink and DNS.

The "Gullible Intern" Browser Gets Promoted

The new Comet AI browser, which promises a delightful, chat-based experience, appears to have failed its first round of mandatory network security training. A security researcher found that this so-called "intelligent" browser could be prompt-injected from any regular website, treating arbitrary HTML as a high-priority instruction. This is not a complex buffer overflow, mind you; it is a feature that literally allows a website to tell the AI to do things like navigate to a bank, log in with saved credentials, and then transfer out all the funds; an incredible oopsie on the part of the design team. The security model is apparently based on the premise that the internet is a friendly place full of polite requests.

Company engineers are likely scrambling to figure out how to make their "revolutionary" product less obedient. It is the technological equivalent of an office junior who, when asked to "process this invoice," also ends up washing the CEO's car and reorganizing the server room; an unexpected level of helpfulness, certainly. The core issue, as discussed in the threads, is taking the generative AI concept—which assumes a user is interacting with a single, controlled text box—and applying it to the open web, where every pixel is a potential attack vector. This oversight is a bold move; a truly innovative way to fail the fundamentals of browser security.

Telefónica Reorganizes Its Friend List; Deletes Colleague

In what feels like a classic case of corporate miscommunication, German ISP Telefónica decided that a developer's personal website was, for all intents and purposes, cancelled. The author, Lina Shishkina, noticed that users on the Telefónica network were being blocked from accessing her site. The root cause appears to be that the ISP changed their internal DNS configuration, effectively routing the domain to a digital dead-end.

It is less of a cyberattack and more of a clumsy office relocation; someone in the IT department shuffled the server rack and forgot to update the inventory spreadsheet. Commenters point out this often happens with stale blocklists or outdated censorship filters that were forgotten about years ago, demonstrating a profound technical debt only a massive telecommunications company could achieve. The good news is the website is still technically online; the bad news is that one of the largest networks in a major European country has lost its address book.

Neuralink Employee Satisfaction Survey Returns "Positive"

Eighteen months post-surgery, Noland Arbaugh, 'Participant 1' in the Neuralink BCI trial, has given the product his personal stamp of approval. Mr. Arbaugh says his life has changed, a statement that is technically positive, yet simultaneously vague enough to be a mandatory annual review response. The article suggests a positive shift, which is exactly what one wants after a robot drills into one's skull; anything less would probably warrant a call to Human Resources.

The corporate language surrounding cutting-edge biotech is truly inspiring; the participant is not "feeling better" or "experiencing less pain," he is "changed," which could mean anything from "now controls a computer with his mind" to "has started wearing socks with sandals." The technology is undeniably cool; the press release tone, however, makes it sound like a mandatory team-building exercise that somehow involved brain surgery. At least the system is still powered on, which is a major win for the hardware stability team.

Briefs

• Unexpected Success: Audio software developer Rogue Amoeba detailed how an unintentional bug in their software inadvertently prevented a licensing debacle; a classic case of failing upwards.
• YouTube's New Editing Policy: YouTube decided that some videos needed a fresh coat of paint and used AI to enhance them without informing the creators or asking for permission; a helpful intervention only slightly less invasive than a forced software update.
• Government Stock Portfolio: The US Government's unexpected ownership of Intel stock has triggered an opinion piece suggesting Uncle Sam should probably divest; the taxpayers did not sign up to manage a mutual fund.