Biz & IT

hundreds-of-e-commerce-sites-hacked-in-supply-chain-attack

Hundreds of e-commerce sites hacked in supply-chain attack

backdoors, Biz & IT, magento, malware, Security, supply chain attack / /

Hundreds of e-commerce sites, at least one owned by a large multinational company, were backdoored by malware that executes malicious code inside the browsers of visitors, where it can steal payment card information and other sensitive data, security researchers said Monday.

The infections are the result of a supply-chain attack that compromised at least three software providers with malware that remained dormant for six years and became active only in the last few weeks. At least 500 e-commerce sites that rely on the backdoored software were infected, and it’s possible that the true number is double that, researchers from security firm Sansec said.

Among the compromised customers was a $40 billion multinational company, which Sansec didn’t name. In an email Monday, a Sansec representative said that “global remediation [on the infected customers] remains limited.”

Code execution on visitors’ machines

The supply chain attack poses a significant risk to the thousands or millions of people visiting the infected sites, because it allows attackers to execute code of their choice on ecommerce site servers. From there, the servers run info-stealing code on visitor machines.

“Since the backdoor allows uploading and executing arbitrary PHP code, the attackers have full remote code execution (RCE) and can do essentially anything they want,” the representative wrote. “In nearly all Adobe Commerce/Magento breaches we observe, the backdoor is then used to inject skimming software that runs in the user’s browser and steals payment information (Magecart).”

The three software suppliers identified by Sansec were Tigren, Magesolution (MGS), and Meetanshi. All three supply software that’s based on Magento, an open source e-commerce platform used by thousands of online stores. A software version sold by a fourth provider named Weltpixel has been infected with similar code on some of its customers’ stores, but Sansec so far has been unable to confirm whether it was the stores or Weltpixel that were hacked. Adobe has owned Megento since 2018.

Hundreds of e-commerce sites hacked in supply-chain attack Read More »

claude’s-ai-research-mode-now-runs-for-up-to-45-minutes-before-delivering-reports

Claude’s AI research mode now runs for up to 45 minutes before delivering reports

AI, AI agents, AI research agents, Anthropic, Anthropic Claude, Biz & IT, chatgpt, chatgtp, Claude, Deep Research, Google, large language models, machine learning, openai / /

Still, the report contained a direct quote statement from William Higinbotham that appears to combine quotes from two sources not cited in the source list. (One must always be careful with confabulated quotes in AI because even outside of this Research mode, Claude 3.7 Sonnet tends to invent plausible ones to fit a narrative.) We recently covered a study that showed AI search services confabulate sources frequently, and in this case, it appears that the sources Claude Research surfaced, while real, did not always match what is stated in the report.

There’s always room for interpretation and variation in detail, of course, but overall, Claude Research did a relatively good job crafting a report on this particular topic. Still, you’d want to dig more deeply into each source and confirm everything if you used it as the basis for serious research. You can read the full Claude-generated result as this text file, saved in markdown format. Sadly, the markdown version does not include the source URLS found in the Claude web interface.

Integrations feature

Anthropic also announced Thursday that it has broadened Claude’s data access capabilities. In addition to web search and Google Workspace integration, Claude can now search any connected application through the company’s new “Integrations” feature. The feature reminds us somewhat of OpenAI’s ChatGPT Plugins feature from March 2023 that aimed for similar connections, although the two features work differently under the hood.

These Integrations allow Claude to work with remote Model Context Protocol (MCP) servers across web and desktop applications. The MCP standard, which Anthropic introduced last November and we covered in April, connects AI applications to external tools and data sources.

At launch, Claude supports Integrations with 10 services, including Atlassian’s Jira and Confluence, Zapier, Cloudflare, Intercom, Asana, Square, Sentry, PayPal, Linear, and Plaid. The company plans to add more partners like Stripe and GitLab in the future.

Each integration aims to expand Claude’s functionality in specific ways. The Zapier integration, for instance, reportedly connects thousands of apps through pre-built automation sequences, allowing Claude to automatically pull sales data from HubSpot or prepare meeting briefs based on calendar entries. With Atlassian’s tools, Anthropic says that Claude can collaborate on product development, manage tasks, and create multiple Confluence pages and Jira work items simultaneously.

Anthropic has made its advanced Research and Integrations features available in beta for users on Max, Team, and Enterprise plans, with Pro plan access coming soon. The company has also expanded its web search feature (introduced in March) to all Claude users on paid plans globally.

Claude’s AI research mode now runs for up to 45 minutes before delivering reports Read More »

time-saved-by-ai-offset-by-new-work-created,-study-suggests

Time saved by AI offset by new work created, study suggests

AI, AI and work, AI assistants, AI study, Biz & IT, generative ai, large language models, machine learning, The Register, University of Chicago, University of Copenhagen / /

A new study analyzing the Danish labor market in 2023 and 2024 suggests that generative AI models like ChatGPT have had almost no significant impact on overall wages or employment yet, despite rapid adoption in some workplaces. The findings, detailed in a working paper by economists from the University of Chicago and the University of Copenhagen, provide an early, large-scale empirical look at AI’s transformative potential.

In “Large Language Models, Small Labor Market Effects,” economists Anders Humlum and Emilie Vestergaard focused specifically on the impact of AI chatbots across 11 occupations often considered vulnerable to automation, including accountants, software developers, and customer support specialists. Their analysis covered data from 25,000 workers and 7,000 workplaces in Denmark.

Despite finding widespread and often employer-encouraged adoption of these tools, the study concluded that “AI chatbots have had no significant impact on earnings or recorded hours in any occupation” during the period studied. The confidence intervals in their statistical analysis ruled out average effects larger than 1 percent.

“The adoption of these chatbots has been remarkably fast,” Humlum told The Register about the study. “Most workers in the exposed occupations have now adopted these chatbots… But then when we look at the economic outcomes, it really has not moved the needle.”

AI creating more work?

During the study, the researchers investigated how company investment in AI affected worker adoption and how chatbots changed workplace processes. While corporate investment boosted AI tool adoption—saving time for 64 to 90 percent of users across studied occupations—the actual benefits were less substantial than expected.

The study revealed that AI chatbots actually created new job tasks for 8.4 percent of workers, including some who did not use the tools themselves, offsetting potential time savings. For example, many teachers now spend time detecting whether students use ChatGPT for homework, while other workers review AI output quality or attempt to craft effective prompts.

Time saved by AI offset by new work created, study suggests Read More »

why-mfa-is-getting-easier-to-bypass-and-what-to-do-about-it

Why MFA is getting easier to bypass and what to do about it

Biz & IT, mfa, multi factor authentication, passwords, phishing, Security, webauthn / /

These sorts of adversary-in-the-middle attacks have grown increasingly common. In 2022, for instance, a single group used it in a series of attacks that stole more than 10,000 credentials from 137 organizations and led to the network compromise of authentication provider Twilio, among others.

One company that was targeted in the attack campaign but wasn’t breached was content delivery network Cloudflare. The reason the attack failed was because it uses MFA based on WebAuthn, the standard that makes passkeys work. Services that use WebAuthn are highly resistant to adversary-in-the-middle attacks, if not absolutely immune. There are two reasons for this.

First, WebAuthn credentials are cryptographically bound to the URL they authenticate. In the above example, the credentials would work only on https://accounts.google.com. If a victim tried to use the credential to log in to https://accounts.google.com.evilproxy[.]com, the login would fail each time.

Additionally, WebAuthn-based authentication must happen on or in proximity to the device the victim is using to log in to the account. This occurs because the credential is also cryptographically bound to a victim device. Because the authentication can only happen on the victim device, it’s impossible for an adversary in the middle to actually use it in a phishing attack on their own device.

Phishing has emerged as one of the most vexing security problems facing organizations, their employees, and their users. MFA in the form of a one-time password, or traditional push notifications, definitely adds friction to the phishing process, but with proxy-in-the-middle attacks becoming easier and more common, the effectiveness of these forms of MFA is growing increasingly easier to defeat.

WebAuthn-based MFA comes in multiple forms; a key, known as a passkey, stored on a phone, computer, Yubikey, or similar dongle is the most common example. Thousands of sites now support WebAuthn, and it’s easy for most end users to enroll. As a side note, MFA based on U2F, the predecessor standard to WebAuthn, also prevents adversary-in-the-middle attacks from succeeding, although the latter provides flexibility and additional security.

Post updated to add details about passkeys.

Why MFA is getting easier to bypass and what to do about it Read More »

windows-rdp-lets-you-log-in-using-revoked-passwords-microsoft-is-ok-with-that.

Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.

Biz & IT, passwords, Remote Desktop Protocol, Security, Windows / /

The ability to use a revoked password to log in through RDP occurs when a Windows machine that’s signed in with a Microsoft or Azure account is configured to enable remote desktop access. In that case, users can log in over RDP with a dedicated password that’s validated against a locally stored credential. Alternatively, users can log in using the credentials for the online account that was used to sign in to the machine.

A screenshot of an RDP configuration window showing a Microsoft account (for Hotmail) has remote access.

Even after users change their account password, however, it remains valid for RDP logins indefinitely. In some cases, Wade reported, multiple older passwords will work while newer ones won’t. The result: persistent RDP access that bypasses cloud verification, multifactor authentication, and Conditional Access policies.

Wade and another expert in Windows security said that the little-known behavior could prove costly in scenarios where a Microsoft or Azure account has been compromised, for instance when the passwords for them have been publicly leaked. In such an event, the first course of action is to change the password to prevent an adversary from using it to access sensitive resources. While the password change prevents the adversary from logging in to the Microsoft or Azure account, the old password will give an adversary access to the user’s machine through RDP indefinitely.

“This creates a silent, remote backdoor into any system where the password was ever cached,” Wade wrote in his report. “Even if the attacker never had access to that system, Windows will still trust the password.”

Will Dormann, a senior vulnerability analyst at security firm Analygence, agreed.

“It doesn’t make sense from a security perspective,” he wrote in an online interview. “If I’m a sysadmin, I’d expect that the moment I change the password of an account, then that account’s old credentials cannot be used anywhere. But this is not the case.”

Credential caching is a problem

The mechanism that makes all of this possible is credential caching on the hard drive of the local machine. The first time a user logs in using Microsoft or Azure account credentials, RDP will confirm the password’s validity online. Windows then stores the credential in a cryptographically secured format on the local machine. From then on, Windows will validate any password entered during an RDP login by comparing it against the locally stored credential, with no online lookup. With that, the revoked password will still give remote access through RDP.

Windows RDP lets you log in using revoked passwords. Microsoft is OK with that. Read More »

millions-of-apple-airplay-enabled-devices-can-be-hacked-via-wi-fi

Millions of Apple Airplay-enabled devices can be hacked via Wi-Fi

AirPlay, Apple, Biz & IT, Security, syndication / /

Oligo also notes that many of the vulnerable devices have microphones and could be turned into listening devices for espionage. The researchers did not go so far as to create proof-of-concept malware for any particular target that would demonstrate that trick.

Oligo says it warned Apple about its AirBorne findings in the late fall and winter of last year, and Apple responded in the months since then by pushing out security updates. The researchers collaborated with Apple to test and validate the fixes for Macs and other Apple products.

Apple tells WIRED that it has also created patches that are available for impacted third-party devices. The company emphasizes, though, that there are limitations to the attacks that would be possible on AirPlay-enabled devices as a result of the bugs, because an attacker must be on the same Wi-Fi network as a target to exploit them. Apple adds that while there is potentially some user data on devices like TVs and speakers, it is typically very limited.

Below is a video of the Oligo researchers demonstrating their AirBorne hacking technique to take over an AirPlay-enabled Bose speaker to show their company’s logo for AirBorne. (The researchers say they didn’t intend to single out Bose, but just happened to have one of the company’s speakers on hand for testing.) Bose did not immediately respond to WIRED’s request for comment.

Speaker Demo. Courtesy of Oligo

The AirBorne vulnerabilities Oligo found also affect CarPlay, the radio protocol used to connect to vehicles’ dashboard interfaces. Oligo warns that this means hackers could hijack a car’s automotive computer, known as its head unit, in any of more than 800 CarPlay-enabled car and truck models. In those car-specific cases, though, the AirBorne vulnerabilities could only be exploited if the hacker is able to pair their own device with the head unit via Bluetooth or a USB connection, which drastically restricts the threat of CarPlay-based vehicle hacking.

The AirPlay SDK flaws in home media devices, by contrast, may present a more practical vulnerability for hackers seeking to hide on a network, whether to install ransomware or carry out stealthy espionage, all while hiding on devices that are often forgotten by both consumers and corporate or government network defenders. “The amount of devices that were vulnerable to these issues, that’s what alarms me,” says Oligo researcher Uri Katz. “When was the last time you updated your speaker?”

Millions of Apple Airplay-enabled devices can be hacked via Wi-Fi Read More »

the-end-of-an-ai-that-shocked-the-world:-openai-retires-gpt-4

The end of an AI that shocked the world: OpenAI retires GPT-4

AI, AI assistants, Biz & IT, chatgpt, chatgtp, GPT-4, large language models, machine learning, openai, sam altman / /

One of the most influential—and by some counts, notorious—AI models yet released will soon fade into history. OpenAI announced on April 10 that GPT-4 will be “fully replaced” by GPT-4o in ChatGPT at the end of April, bringing a public-facing end to the model that accelerated a global AI race when it launched in March 2023.

“Effective April 30, 2025, GPT-4 will be retired from ChatGPT and fully replaced by GPT-4o,” OpenAI wrote in its April 10 changelog for ChatGPT. While ChatGPT users will no longer be able to chat with the older AI model, the company added that “GPT-4 will still be available in the API,” providing some reassurance to developers who might still be using the older model for various tasks.

The retirement marks the end of an era that began on March 14, 2023, when GPT-4 demonstrated capabilities that shocked some observers: reportedly scoring at the 90th percentile on the Uniform Bar Exam, acing AP tests, and solving complex reasoning problems that stumped previous models. Its release created a wave of immense hype—and existential panic—about AI’s ability to imitate human communication and composition.

A screenshot of GPT-4's introduction to ChatGPT Plus customers from March 14, 2023.

A screenshot of GPT-4’s introduction to ChatGPT Plus customers from March 14, 2023. Credit: Benj Edwards / Ars Technica

While ChatGPT launched in November 2022 with GPT-3.5 under the hood, GPT-4 took AI language models to a new level of sophistication, and it was a massive undertaking to create. It combined data scraped from the vast corpus of human knowledge into a set of neural networks rumored to weigh in at a combined total of 1.76 trillion parameters, which are the numerical values that hold the data within the model.

Along the way, the model reportedly cost more than $100 million to train, according to comments by OpenAI CEO Sam Altman, and required vast computational resources to develop. Training the model may have involved over 20,000 high-end GPUs working in concert—an expense few organizations besides OpenAI and its primary backer, Microsoft, could afford.

Industry reactions, safety concerns, and regulatory responses

Curiously, GPT-4’s impact began before OpenAI’s official announcement. In February 2023, Microsoft integrated its own early version of the GPT-4 model into its Bing search engine, creating a chatbot that sparked controversy when it tried to convince Kevin Roose of The New York Times to leave his wife and when it “lost its mind” in response to an Ars Technica article.

The end of an AI that shocked the world: OpenAI retires GPT-4 Read More »

trump-admin-lashes-out-as-amazon-considers-displaying-tariff-costs-on-its-sites

Trump admin lashes out as Amazon considers displaying tariff costs on its sites

Amazon, Biz & IT, china tariffs, tariffs, Tech, temu / /

This morning, Punchbowl News reported that Amazon was considering listing the cost of tariffs as a separate line item on its site, citing “a person familiar with the plan.” Amazon later acknowledged that there had been internal discussions to that effect but only for its import-focused Amazon Haul sub-store and that the company didn’t plan to actually list tariff prices for any items.

“This was never approved and is not going to happen,” reads Amazon’s two-sentence statement.

Amazon issued such a specific and forceful on-the-record denial in part because it had drawn the ire of the Trump administration. In a press briefing early this morning, White House Press Secretary Karoline Leavitt was asked a question about the report, which the administration responded to as though Amazon had made a formal announcement about the policy.

“This is a hostile and political act by Amazon,” Leavitt said, before blaming the Biden administration for high inflation and claiming that Amazon had “partnered with a Chinese propaganda arm.”

The Washington Post also reported that Trump had called Amazon founder Jeff Bezos to complain about the report.

Amazon’s internal discussions reflect the current confusion around the severe and rapidly changing import tariffs imposed by the Trump administration, particularly tariffs of 145 percent on goods imported from China. Other retailers, particularly sites like Temu, AliExpress, and Shein, have all taken their own steps, either adding labels to listings when import taxes have already been included in the price, or adding import taxes as a separate line item in users’ carts at checkout as Amazon had discussed doing.

A Temu cart showing the price of an item’s import tax as a separate line item. Amazon reportedly considered and discarded a similar idea for its Amazon Haul sub-site.

Small purchases are seeing big hits

Most of these items are currently excluded from tariffs because of something called the de minimis exemption, which applies to any shipment valued under $800. The administration currently plans to end the de minimis exemption for packages coming from China or Hong Kong beginning on May 2, though the administration’s plans could change (as they frequently have before).

Trump admin lashes out as Amazon considers displaying tariff costs on its sites Read More »

ai-generated-code-could-be-a-disaster-for-the-software-supply-chain-here’s-why.

AI-generated code could be a disaster for the software supply chain. Here’s why.

AI, Biz & IT, dependency confusion, package confusion. package hallucination, Security, supply chain attac / /

AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages that can steal data, plant backdoors, and carry out other nefarious actions, newly published research shows.

The study, which used 16 of the most widely used large language models to generate 576,000 code samples, found that 440,000 of the package dependencies they contained were “hallucinated,” meaning they were non-existent. Open source models hallucinated the most, with 21 percent of the dependencies linking to non-existent libraries. A dependency is an essential code component that a separate piece of code requires to work properly. Dependencies save developers the hassle of rewriting code and are an essential part of the modern software supply chain.

Package hallucination flashbacks

These non-existent dependencies represent a threat to the software supply chain by exacerbating so-called dependency confusion attacks. These attacks work by causing a software package to access the wrong component dependency, for instance by publishing a malicious package and giving it the same name as the legitimate one but with a later version stamp. Software that depends on the package will, in some cases, choose the malicious version rather than the legitimate one because the former appears to be more recent.

Also known as package confusion, this form of attack was first demonstrated in 2021 in a proof-of-concept exploit that executed counterfeit code on networks belonging to some of the biggest companies on the planet, Apple, Microsoft, and Tesla included. It’s one type of technique used in software supply-chain attacks, which aim to poison software at its very source, in an attempt to infect all users downstream.

“Once the attacker publishes a package under the hallucinated name, containing some malicious code, they rely on the model suggesting that name to unsuspecting users,” Joseph Spracklen, a University of Texas at San Antonio Ph.D. student and lead researcher, told Ars via email. “If a user trusts the LLM’s output and installs the package without carefully verifying it, the attacker’s payload, hidden in the malicious package, would be executed on the user’s system.”

AI-generated code could be a disaster for the software supply chain. Here’s why. Read More »

chatgpt-goes-shopping-with-new-product-browsing-feature

ChatGPT goes shopping with new product-browsing feature

Adam Fry, AI, AI shopping, Biz & IT, chatgpt, coffee, eCommerce, Google, Google Shopping, machine learning, openai, wired / /

On Thursday, OpenAI announced the addition of shopping features to ChatGPT Search. The new feature allows users to search for products and purchase them through merchant websites after being redirected from the ChatGPT interface. Product placement is not sponsored, and the update affects all users, regardless of whether they’ve signed in to an account.

Adam Fry, ChatGPT search product lead at OpenAI, showed Ars Technica’s sister site Wired how the new shopping system works during a demonstration. Users researching products like espresso machines or office chairs receive recommendations based on their stated preferences, stored memories, and product reviews from around the web.

According to Wired, the shopping experience in ChatGPT resembles Google Shopping. When users click on a product image, the interface displays multiple retailers like Amazon and Walmart on the right side of the screen, with buttons to complete purchases. OpenAI is currently experimenting with categories that include electronics, fashion, home goods, and beauty products.

Product reviews shown in ChatGPT come from various online sources, including publishers and user forums like Reddit. Users can instruct ChatGPT to prioritize which review sources to use when creating product recommendations.

An example of the ChatGPT shopping experience provided by OpenAI.

An example of the ChatGPT shopping experience provided by OpenAI. Credit: OpenAI

Unlike Google’s algorithm-based approach to product recommendations, ChatGPT reportedly attempts to understand product reviews and user preferences in a more conversational manner.  If someone mentions they prefer black clothing from specific retailers in a chat, the system incorporates those preferences in future shopping recommendations.

ChatGPT goes shopping with new product-browsing feature Read More »

backblaze-responds-to-claims-of-“sham-accounting,”-customer-backups-at-risk

Backblaze responds to claims of “sham accounting,” customer backups at risk

Backblaze, Biz & IT, Tech / /

Backblaze went public in November 2021 and raised $100 million. Morpheus noted that since then, “Backblaze has reported losses every quarter, its outstanding share count has grown by 80 percent, and its share price has declined by 71 percent.”

Following Morpheus’ report, Investing reported on Thursday that Backblaze shares fell 8.3 percent.

Beyond the financial implications for stockholders, Morpheus’ report has sparked some concern for the primarily small businesses and individuals relying on Backblaze for data backup. Today, for example, How-To Geek reported that “Backblaze backups might be in trouble,” in reference to Morpheus’ report. The publication said that if Morpheus’ reporting was accurate, Backblaze doesn’t appear to be heading toward profitability. In its Q4 2024 earnings report [PDF], Backblaze reported a net loss of $48.5 million. In 2023, it reported a net loss of $59.7 million.

“If Backblaze suddenly shuts down, customers might lose access to existing backups,” How-To Geek said.

Backblaze responds

Ars Technica reached out to Backblaze about its response to concerns about the company’s financials resulting in lost backups. Patrick Thomas, Backblaze’s VP of marketing, called Morpheus’ claims “baseless.” He added:

The report is inaccurate and misleading, based largely on litigation of the same nature, and a clear attempt by short sellers to manipulate our stock price for financial gain.

Thomas also claimed that “independent, third-party reviews” have already found that there have been “no wrongdoing or issues” with Backblaze’s public financial results.

“Our storage cloud continues to deliver reliable, high-performance services that Backblaze customers rely on, and we remain fully focused on driving innovation and creating long-term value for our customers, employees, and investors,” Thomas said.

Backblaze will announce its Q1 2025 results on May 7. Regardless of what lies ahead for the company’s finances and litigation, commitment to the 3-2-1 backup rule remains prudent.

Backblaze responds to claims of “sham accounting,” customer backups at risk Read More »