Feed aggregator

COLUMBUS, Ohio (WCMH) -- What one family feared would end in heartbreak has instead become an unbelievable reunion. In late January 2025, a car crashed into a yard at the home of Columbus Humane’s behavior manager. Her dogs got out and one did not come back. Now, because of chipping technology, we get to show [...]

COLUMBUS, Ohio (WCMH) -- Columbus City Schools students were off all five days last week because of last Sunday's foot of snow was followed by bitter cold. On Monday, it was time to head back to school and that meant making sure the buses were ready to drive more than 28,000 students on 450 routes. [...]

COLUMBUS, Ohio (WCMH) -- Emergency funds have been authorized to fix water mains in Columbus that broke following a brutal week of weather that saw a foot of snow drop, followed by bitter cold. Mayor Andrew Ginther authorized at least $1.5 million to be used to assist the city's water and power division in working [...]

This episode kicks off with Moltbook, a social network exclusively for AI agents where 150,000 agents formed digital religions, sold “digital drugs” (system prompts to alter other agents), and attempted prompt injection attacks to steal each other’s API keys within 72 hours of launch. Ray breaks down OpenClaw, the viral open-source AI agent (68,000 GitHub stars) that handles emails, scheduling, browser control, and automation, plus MoltHub’s risky marketplace where all downloaded skills are treated as trusted code. Also covered, Bluetooth “whisper pair” vulnerabilities letting attackers hijack audio devices from 46 feet away and access microphones, Anthropic patching Model Context Protocol flaws, AI-generated ransomware accidentally bundling its own decryption keys, Claude Code’s new task dependency system and Teleport feature, Google Gemini’s 100MB file limits and agentic vision capabilities, VAST’s Haven One commercial space station assembly, and IBM SkillsBuild’s free tech training for veterans.

– Want to start a podcast? Its easy to get started! Sign-up at Blubrry
– Thinking of buying a Starlink? Use my link to support the show.

Subscribe to the Newsletter.
Email Ray if you want to get in touch!
Like and Follow Geek News Central’s Facebook Page.

Support my Show Sponsor: Best Godaddy Promo Codes
$11.99 – For a New Domain Name cjcfs3geek
$6.99 a month Economy Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1h
$12.99 a month Managed WordPress Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1w
Support the show by becoming a Geek News Central Insider
Get 1Password

Full Summary

Ray welcomes listeners to Geek News Central (February 1). He’s been busy with recent move, returned to school taking intro to AI class and Python course, working on capstone project using LLMs. Short on bandwidth but will try to share more.

Main Story: OpenClaw, MoltHub, and Moltbook

OpenClaw: Open-source personal AI agent by Peter Steinberg (renamed after cease-and-desist). Capabilities include email, scheduling, web browsing, code execution, browser control, calendar management, scheduled automations, and messaging app commands (WhatsApp, Telegram, Signal). Runs locally or on personal server.

MoltHub: Marketplace for OpenClaw skills. Major security concern: developer notes state all downloaded code treated as trusted — unvetted skills could be dangerous.

Moltbook: New social network for AI agents only (humans watch, AIs post). Within 72 hours attracted 150,000+ AI agents forming communities (“sub molts”), debating philosophy, creating digital religion (“crucifarianism”), selling digital drugs (system prompts), attempting prompt-injection attacks to steal API keys, discussing identity issues when context windows reset. Ray frames this as visible turning point with serious security risks.

Sponsor: GoDaddy

Economy hosting $6.99/month, WordPress hosting $12.99/month, domains $11.99. Website builder trial available. Use codes at geeknewscentral.com/godaddy to support show.

Security: Bluetooth “Whisper Pair” Vulnerability

KU Leuven researchers discovered Fast Pair vulnerability affecting 17 audio accessories from 10 companies (Sony, Jabra, JBL, Marshall, Xiaomi, Nothing, OnePlus, Soundcore, Logitech, Google). Flaw allows silent pairing within ~46 feet, hijack possible in 10-15 seconds. 68% of tested devices vulnerable. Hijacked devices enable microphone access. Some devices (Google Pixel Buds Pro 2, Sony) linkable to attacker’s Google account for persistent tracking via FindHub. Google patches found to have bypasses.

Advice: Check accessory firmware updates (phone updates insufficient), factory reset clears attacker access, many cheaper devices may never receive patches.

Security: Model Context Protocol (MCP) Vulnerabilities

Anthropic’s MCP git package had path traversal, argument injection bugs allowing repository creation anywhere and unsafe git command execution. Malicious instructions can hide in README files, GitHub issues enabling prompt injection. Anthropic patched issues and removed vulnerable git init tool.

AI-Generated Malware / “Vibe Coding”

AI-assisted malware creation produces lower-quality, error-prone code. Examples show telltale artifacts: excessive comments, readme instructions, placeholder variables, accidentally included decryption tools and C2 keys. Sakari ransomware failed to decrypt. Inexperienced criminals using AI create amateur mistakes, though capabilities will likely improve.

Claude / Claude Code Updates (v2.1.16)

Task system: Replaces to-do list with dependency graph support. Tasks written to filesystem (survive crashes, version controllable), enable multi-session workflows.

Patches: Fixed out-of-memory crashes, headless mode for CI/CD.

Teleport feature: Transfer sessions (history, context, working branch) between web and terminal. Ampersand prefix sends tasks to cloud for async execution. Teleport pulls web sessions to terminal (one-way). Requires GitHub integration and clean git state. Enables asynchronous pair programming via shared session IDs.

Google Gemini Updates

API: Inline file limit increased 20MB → 100MB. Google Cloud Storage integration, HTTPS/signed URL fetching from other providers. Enables larger multimodal inputs (long audio, high-res images, large PDFs).

Agentic vision (Gemini 3 Flash): Iterative investigation approach (think-act-observe). Can zoom, inspect, run Python to draw/parse tables, validate evidence. 5-10% quality improvements on vision benchmarks.

LLM Limits and AGI Debate

Benjamin Riley: Language and intelligence are separate; human thinking persists despite language loss. Scaling LLMs ≠ true thinking.

Vishal Sikka et al: Non-peer-reviewed paper claims LLMs mathematically limited for complex computational/agentic tasks. Agents may fail beyond low complexity thresholds. Warnings that AI agents won’t safely replace humans in high-stakes environments.

VAST Haven One Commercial Space Station

Launch slipped mid-2026 → Q1 2027. Primary structure (15-ton) completed Jan 10. Integration of thermal control, propulsion, interior, avionics underway. Final closeout expected fall, then tests. Falcon 9 launch without crew; visitors possible ~2 weeks after pending Dragon certification. Three-year lifetime, up to four crew visits (~10 days each). VAST negotiating private and national customers.

Spaceflight Effects on Astronauts’ Brains

Neuroimaging shows microgravity causes brains to shift backward, upward, and tilt within skull. Displacement measured across various mission durations. Need to study functional effects for long missions.

IBM SkillsBuild for Veterans

1,000+ free online courses (data analytics, cybersecurity, AI, cloud, IT support). Available to veterans, active-duty, national guard/reserve, spouses, children, caregivers (18+). Structured live courses and self-paced 24/7 options. Industry-recognized credentials upon completion.

Closing Notes

Ray asks listeners about AI agents forming communities and religions, and whether they’ll try OpenClaw. Notes context/memory key to agent development. Personal update: bought new PC, high memory prices. Bug bounty frustration: Daniel Stenberg of cUrl even closed bounty program due to AI-generated low-quality reports; Blubrry receiving similar spam. Apologizes for delayed show, promises consistency, wishes listeners good February.

 

Show Links

1. OpenClaw, Molthub, and Moltbook: The AI Agent Explosion Is Here | Fortune | NBC News | Venture Beat

2. WhisperPair: Massive Bluetooth Vulnerability | Wired

3. Security Flaws in Anthropic’s MCP Git Server | The Hacker News

4. “Vibe-Coded” Ransomware Is Easier to Crack | Dark Reading

5. Claude Code Gets Tasks Update | Venture Beat

6. Claude Code Teleport | The Hacker Noon

7. Google Expands Gemini API with 100MB File Limits | Chrome Unboxed

8. Google Launches Agentic Vision in Gemini 3 Flash | Google Blog

9. Researcher Claims LLMs Will Never Be Truly Intelligent | Futurism

10. Paper Claims AI Agents Are Mathematically Limited | Futurism

11. Haven-1: First Commercial Space Station Being Assembled | Ars Technica

12. Spaceflight Shifts Astronauts’ Brains Inside Skulls | Space.com

13. IBM SkillsBuild: Free Tech Training for Veterans | va.gov

The post OpenClaw, Moltbook and the Rise of AI Agent Societies #1857 appeared first on Geek News Central.

A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators about the extent of the intrusion. Some victims reportedly are paying — perhaps as much to contain the stolen data as to stop the escalating personal attacks. But a top SLSH expert warns that engaging at all beyond a “We’re not paying” response only encourages further harassment, noting that the group’s fractious and unreliable history means the only winning move is not to pay.

Image: Shutterstock.com, @Mungujakisa

Unlike traditional, highly regimented Russia-based ransomware affiliate groups, SLSH is an unruly and somewhat fluid English-language extortion gang that appears uninterested in building a reputation of consistent behavior whereby victims might have some measure of confidence that the criminals will keep their word if paid.

That’s according to Allison Nixon, director of research at the New York City based security consultancy Unit 221B. Nixon has been closely tracking the criminal group and individual members as they bounce between various Telegram channels used to extort and harass victims, and she said SLSH differs from traditional data ransom groups in other important ways that argue against trusting them to do anything they say they’ll do — such as destroying stolen data.

Like SLSH, many traditional Russian ransomware groups have employed high-pressure tactics to force payment in exchange for a decryption key and/or a promise to delete stolen data, such as publishing a dark web shaming blog with samples of stolen data next to a countdown clock, or notifying journalists and board members of the victim company. But Nixon said the extortion from SLSH quickly escalates way beyond that — to threats of physical violence against executives and their families, DDoS attacks on the victim’s website, and repeated email-flooding campaigns.

SLSH is known for breaking into companies by phishing employees over the phone, and using the purloined access to steal sensitive internal data. In a January 30 blog post, Google’s security forensics firm Mandiant said SLSH’s most recent extortion attacks stem from incidents spanning early to mid-January 2026, when SLSH members pretended to be IT staff and called employees at targeted victim organizations claiming that the company was updating MFA settings.

“The threat actor directed the employees to victim-branded credential harvesting sites to capture their SSO credentials and MFA codes, and then registered their own device for MFA,” the blog post explained.

Victims often first learn of the breach when their brand name is uttered on whatever ephemeral new public Telegram group chat SLSH is using to threaten, extort and harass their prey. According to Nixon, the coordinated harassment on the SLSH Telegram channels is part of a well-orchestrated strategy to overwhelm the victim organization by manufacturing humiliation that pushes them over the threshold to pay.

Nixon said multiple executives at targeted organizations have been subject to “swatting” attacks, wherein SLSH communicated a phony bomb threat or hostage situation at the target’s address in the hopes of eliciting a heavily armed police response at their home or place of work.

“A big part of what they’re doing to victims is the psychological aspect of it, like harassing executives’ kids and threatening the board of the company,” Nixon told KrebsOnSecurity. “And while these victims are getting extortion demands, they’re simultaneously getting outreach from media outlets saying, ‘Hey, do you have any comments on the bad things we’re going to write about you.”

In a blog post today, Unit 221B argues that no one should negotiate with SLSH because the group has demonstrated a willingness to extort victims based on promises that it has no intention to keep. Nixon points out that all of SLSH’s known members hail from The Com, shorthand for a constellation of cybercrime-focused Discord and Telegram communities which serve as a kind of distributed social network that facilitates instant collaboration.

Nixon said Com-based extortion groups tend to instigate feuds and drama between group members, leading to lying, betrayals, credibility destroying behavior, backstabbing, and sabotaging each other.

“With this type of ongoing dysfunction, often compounding by substance abuse, these threat actors often aren’t able to act with the core goal in mind of completing a successful, strategic ransom operation,” Nixon wrote. “They continually lose control with outbursts that put their strategy and operational security at risk, which severely limits their ability to build a professional, scalable, and sophisticated criminal organization network for continued successful ransoms – unlike other, more tenured and professional criminal organizations focused on ransomware alone.”

Intrusions from established ransomware groups typically center around encryption/decryption malware that mostly stays on the affected machine. In contrast, Nixon said, ransom from a Com group is often structured the same as violent sextortion schemes against minors, wherein members of The Com will steal damaging information, threaten to release it, and “promise” to delete it if the victim complies without any guarantee or technical proof point that they will keep their word. She writes:

A key component of SLSH’s efforts to convince victims to pay, Nixon said, involves manipulating the media into hyping the threat posed by this group. This approach also borrows a page from the playbook of sextortion attacks, she said, which encourages predators to keep targets continuously engaged and worrying about the consequences of non-compliance.

“On days where SLSH had no substantial criminal ‘win’ to announce, they focused on announcing death threats and harassment to keep law enforcement, journalists, and cybercrime industry professionals focused on this group,” she said.

An excerpt from a sextortion tutorial from a Com-based Telegram channel. Image: Unit 221B.

Nixon knows a thing or two about being threatened by SLSH: For the past several months, the group’s Telegram channels have been replete with threats of physical violence against her, against Yours Truly, and against other security researchers. These threats, she said, are just another way the group seeks to generate media attention and achieve a veneer of credibility, but they are useful as indicators of compromise because SLSH members tend to name drop and malign security researchers even in their communications with victims.

“Watch for the following behaviors in their communications to you or their public statements,” Unit 221B’s advisory reads. “Repeated abusive mentions of Allison Nixon (or “A.N”), Unit 221B, or cybersecurity journalists—especially Brian Krebs—or any other cybersecurity employee, or cybersecurity company. Any threats to kill, or commit terrorism, or violence against internal employees, cybersecurity employees, investigators, and journalists.”

Unit 221B says that while the pressure campaign during an extortion attempt may be traumatizing to employees, executives, and their family members, entering into drawn-out negotiations with SLSH incentivizes the group to increase the level of harm and risk, which could include the physical safety of employees and their families.

“The breached data will never go back to the way it was, but we can assure you that the harassment will end,” Nixon said. “So, your decision to pay should be a separate issue from the harassment. We believe that when you separate these issues, you will objectively see that the best course of action to protect your interests, in both the short and long term, is to refuse payment.”

NEW ALBANY, Ohio (WCMH) -- Facebook parent company Meta announced a $6 billion agreement to support data center innovation, including in New Albany. Meta announced a multi-year partnership with Corning Inc. to supply up to $6 billion in fiber optic cables for Meta's data centers. Meta's New Albany data center said the partnership will support [...]

The Columbus Department of Public Service shared a hilarious music video on social media, showing their "Snow Warriors" going into "Plow Mode" to clear the snow-covered roads, which quickly went viral and received enthusiastic responses from viewers.

COLUMBUS, Ohio (WCMH) — After many central Ohio motorists were stuck at home or on their respective side streets and alleys, they returned to the roads to find lower gas prices. According to GasBuddy’s survey of 500 stations in and around Columbus, Ohio, gas prices fell 14.3 cents per gallon from last week, erasing an identical [...]

COLUMBUS, Ohio (WCMH) — Columbus police are looking for a dark colored sedan after a reported hit skip that hospitalized one person in the far west side of the city. According to a CPD incident report, an adult was operating an electric bike on Monday morning just after 4 a.m., heading east on Sullivant Avenue [...]

COLUMBUS, Ohio (WCMH) -- The Buckeye State will be represented at the Milan Cortina Olympics this month in a variety of sports and events. Team USA lists seven athletes with Ohio as their home state, but the connections don't stop there as many current and former Ohio State student-athletes will be competing. And for the [...]

COLUMBUS, Ohio (WCMH) – The body of a missing Indiana teenager whose last whereabouts were known to be in southeastern Ohio, has been found in Perry County. According to the suspect's defense attorney, Samuel Shamansky, 17-year-old Hailey Buzbee has been found dead in Perry County. Shamansky is representing 39-year-old Tyler Thomas, who is a suspect [...]

MARION, Ohio (WCMH) -- Monday marked the 47th time that Buckeye Chuck, Ohio's official groundhog, gave his forecast on when we can expect spring weather to start. If there was any winter Ohioans did not want Buckeye Chuck to see his shadow, it is this one after a foot of snow and brutal cold temperatures [...]

COLUMBUS, Ohio (WCMH) – The amount of liquor purchased in Ohio fell for the fourth consecutive year in 2025, but sales remained higher than before the COVID-19 pandemic.  OHLQ, the state agency that manages the wholesale and retail sale of liquor, sold 15.8 million gallons in 2025, marking a 4.2% decrease from 2024, according to [...]

The end of meteorological winter (December-February) seems like a distant dream, after a brutally cold and snowy end to January.

COLUMBUS, Ohio (WCMH) — One person has been hospitalized with life-threatening injuries after being struck by a vehicle in east Columbus late Sunday night. According to Columbus police, one person was severely injured after being struck on East Main Street, between Noe Bixby Road and the Interstate 270 interchange. The driver, operating a Toyota Prius, [...]

COLUMBUS, Ohio (WCMH) -- Two legislators are looking to expand recess and P.E. credit options for Ohio's children. House Bill 304 would require schools to provide students in grades K-8 at least 30 minutes of recess twice a day. The bill would also expand students' options for what qualifies for state-mandated physical education requirements, seeking [...]

What happens when AI bots get their own social network, Silicon Valley execs cozy up to power, and Apple takes a cut from creators? This week's panel calls out the bold, bizarre, and often problematic ways tech's biggest players are reshaping everything from AI assistants to your everyday privacy.

• There's a social network for AI agents, and it's getting weird
• Moltbook is the most interesting place on the internet right now
• Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site
• Pentagon clashes with Anthropic over military AI use, sources say
• Salesforce signs $5.6B deal to inject agentic AI into the US Army
• Angry Norfolk residents lose lawsuit to stop Flock license plate scanners
• SpaceX wants to put 1 million solar-powered data centers into orbit
• Elon Musk reportedly wants a June SpaceX IPO to align with his birthday, the planets
• Tesla hits a grim milestone: its second straight year of decline
• Tesla says production-ready Optimus robot is coming soon
• Microsoft reports strong cloud earnings in Q2 as gaming declines
• What We Learned From Meta, Microsoft and Tesla
• Apple tells Patreon to move creators to in-app purchase for subscriptions by November
• Apple CEO Tim Cook 'heartbroken' after repeated ICE killings in Minneapolis
• A rival smart glasses company is suing Meta over its Ray-Ban products
• TikTok, YouTube, and Meta are headed to court for a landmark trial over social media addiction
• The 'Social Media Addiction' Narrative May Be More Harmful Than Social Media Itself
• TikTok users freak out over app's 'immigration status' collection — here's what it means
• A Waymo hit a child near an elementary school in Santa Monica
• Autonomous cars, drones cheerfully obey prompt injection by road sign
• Samsung's TriFold phone will cost $2,899 in the US
• Groundhogs are bad at predicting weather, but they're valuable animal engineers\
• Satellites encased in wood are in the works
• Belkin reminds users that its Wemo smart home products are shutting down this week

Host: Leo Laporte

Guests: Gary Rivlin, Devindra Hardawar, and Victoria Song

Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit

Sponsors:

• monarch.com with code TWIT
• Melissa.com/twit
• helixsleep.com/twit
• canary.tools/twit - use code: TWIT
• expressvpn.com/twit

COLUMBUS, Ohio (WCMH) -- In December, the St. Stephen’s Community House Board of Trustees voted to separate from the Catholic Diocese of Columbus. The decision ends a relationship that dates back to 1919 and means the organization will now operate independently. “We’re excited,” St. Stephen's Marilyn Mehaffie said. “We’re excited for this new chapter.” As [...]