Prime Matter, the publisher of the upcoming System Shock remake, has found itself in a bit of hot water after posting an AI-generated image of SHODAN, the series' villain and quintessential evil AI. (Well, maybe tied with GLadOS.) While the concept in itself isn't terrible – an AI painting an AI makes a kind of sense – the post has raised ethical concerns about AI being used in an official capacity and putting real artists out of work. — Read the rest

No one knows who owns the Google Cloud drive that exposed 1.2 billion user records, seemingly merged from data-brokers like People Data Labs and Oxydata, who may have simply sold the data to a customer that performed the merge operation and then stuck the resulting files on an unprotected server, which was discovered in October by researcher Vinny Troia using Binaryedge and Shodan.

The MQ-9 Reaper unmanned aerial vehicle is a scary piece of hardware, capable of unleashing hell on an unsuspecting target from miles away, without ever being seen. It's the sort of hardware that you don't want falling into the wrong hands—even the details of how it operates are best kept squirreled away. — Read the rest

Last month, Argentinian security researcher Ezequiel Fernandez published CVE-2018-9995, a vulnerability he discovered in dozens of brands of DVR that are all based on the same white-label devices, TBK's DVR4104 and DVR4216. — Read the rest

To launch an effective Denial of Service attack, your bots need to overwhelm your target with a flood of requests; the more bandwidth and computing-power your target has, the more you need to knock them off the internet.

Chinese state media reports on a $28/RMB188 app that browses webcams whose default passwords haven't been changed, allowing subscribers to watch the goings-on in stores, living rooms, bedrooms, children's rooms, and anywhere a CCTV might be installed.

Persirai is a new strain of Internet of Things malware that infects more than 1,250 models of security camera, all manufactured by an unnamed Chinese manufacturer that has sold at least 185,000 units worldwide.

Update: Dupe!

Internet-connected Cloud Pets stored recordings online and put associated data in an unprotected database for hackers to find.

Since Christmas day of last year and at least until the first week of January, Spiral Toys left customer data of its CloudPets brand on a database that wasn't behind a firewall or password-protected.

Spiral Toys — a division of Mready, a Romanian electronics company that lost more than 99% of its market-cap in 2015 — makes a line of toys called "Cloudpets," that use an app to allow parents and children to exchange voice-messages with one another. — Read the rest

Hackers have been compromising wireless baby-monitors since 2013, but the more popular they've become, the more vulnerable they've become, and the attacks just keep getting more terrible.

Porpentine's dystopian interactive fiction gets collected in a bundle called Eczema Orifice Angel.

Printer security sucks — but Michael Jordon's work on hacking the firmware of the standalone Canon Pixma printer is a more playful example of that suckitude than ever seen before.