Job hunting can be a dehumanizing, demoralizing experience even if youre interacting with an empathetic recruiter on the other end. For the 1.7 million people slogging through long-term unemployment in the U.S., the process is grueling at best. Add to this the advent of AI-generated recruiter avatars that glitch out on you before you even speak to a real person at the company youre trying to work for, and now youre truly in hell.This week, TikTok user @its_ken04, who goes by Ken, posted a recording she took of 25 seconds of the interview thats now viral on TikTok. In the video, the avatar says vertical bar pilates 14 times in a row, occasionally tripping over the words or stuttering, while Ken stares at the screen unamused. @its_ken04 It was genuinely so creepy and weird. Please stop trying to be lazy and have AI try to do YOUR JOB!!! It gave me the creeps so bad #fyp original sound - Its Ken Ken told me the company told her ahead of time that AI would be used in the application process, and that the platform was called Apriora. She was applying for a job at a Stretch Lab location near Columbus, Ohio, she said.This was the first meeting ever, she said. I guess I was supposed to earn my right to speak to a human lol.Apriora, founded in 2023 by John Rytel and Aaron Wang, is a Y Combinator startup that promises to help companies hire 87% faster and interview 93% cheaper because it can interview multiple candidates at once.By interviewing more candidates with Aprioras AI, employers can widen their talent aperture and identify qualified applicants from non-traditional backgrounds that may have otherwise been screened out of the hiring process, Wang told Forbes in 2024. Job seekers prefer interviewing with AI in many cases, since knowing the interviewer is AI helps to reduce interviewing anxiety, allowing job seekers to perform at their best.That wasnt Kens experience. I thought it was really creepy and I was freaked out, she said. I didnt find it funny at all until I had posted it on TikTok and the comments made me feel better. I was very shocked, I didnt do anything to make it glitch so this was very surprising. I would never go through this process ever again. If another company wants me to talk to AI I will just decline.Almost all of the more than 3,100 comments on her video agree: I applied to a job today that had an AI interview and immediately closed the window, cause if theyre not taking the time to interview me, Im not taking the time to try to work there, one said. A company tried to send me to an AI interview for an HR position Why would I want to work HUMAN resources for a company that wont even dignify me with human interaction??? another wrote.The recruitment and talent acquisition industry has been hemorrhaging for years now, as companies slow hiring in an economic downturn. Recruiting will be disproportionately affected since were planning to hire fewer people next year, Zuckerberg said in a letter to employees in 2022 announcing that the company would lay off more than 11,000 people. Of that number, Meta reportedly marked around 1,500 recruiters and HR roles for cuts. Google eliminated hundreds of recruitment roles in 2023.Even as so many people need and are looking for jobs, companies are making it harder and weirder to try to get one. Last year, Emanuel wrote about Paradox.ai, the bizarre personality quiz required of prospective food and service workers that tells employers how potential hires rank in terms of agreeableness and emotional stability, and Joseph covered Fairgo.ai, which uses AI agents to interview job candidates on behalf of other companies; an applicant faced with a Fairgo AI recruiter said it was a perfect demonstration of late stage capitalism. And in February, I wrote about Anthropic, the company that made AI writing assistant Claude, adding a requirement to open role descriptions that made applicants agree that they wouldnt use an AI assistant to help with their application. Companies dont want you using AI, but theyll send an AI avatar to do their job for them.Apriora did not respond to requests for comment.

An AI avatar made to look and sound like the likeness of a man who was killed in a road rage incident addressed the court and the man who killed him: To Gabriel Horcasitas, the man who shot me, it is a shame we encountered each other that day in those circumstances, the AI avatar of Christopher Pelkey said. In another life we probably could have been friends. I believe in forgiveness and a God who forgives. I still do.It was the first time the AI avatar of a victimin this case, a dead manhas ever addressed a court, and it raises many questions about the use of this type of technology in future court proceedings.The avatar was made by Pelkeys sister, Stacey Wales. Wales tells 404 Media that her husband, Pelkeys brother-in-law, recoiled when she told him about the idea. He told me, Stacey, youre asking a lot.Gabriel Horcasitas killed Christopher Pelkey in 2021 during a road rage incident. Horcasitas was found guilty in March and faced a sentencing hearing earlier this month. As part of the sentencing, Pelkeys friends and family filed statements about how his death affected them. In a first, the Arizona court accepted an AI-generated video statement in which an avatar made to look and sound like Pelkey spoke.Hello, just to be clear for everyone seeing this, I am a version of Chris Pelkey recreated through AI that uses my picture and my voice profile, the stilted avatar says. I was able to be digitally regenerated to share with you today. Here is insight into who I actually was in real life.The video then changes to a real video of Pelkey filmed while he was alive, where he talks about his time in the Army and his belief in God. The video goes back to the AI avatar. I would like to make my own impact statement, the avatar says. I cant tell you how humbled I am for those that spoke up for me, everyone who flew in, took off from work, and for everyone who has supported me and my loved ones through three-and-a-half years and two trials, I wish I could be with you all today. Thats when the AI avatar directly addressed Horcasitas.To Gabriel Horcasitas, the man who shot me, it is a shame we encountered each other that day in those circumstances, the AI Pelkey says. In another life we probably could have been friends. I believe in forgiveness, in God who forgives, I always have. And I still do.Notably, the judge in the case, Todd Lang, said he was moved by the video.I loved that AI, and thank you for that. As angry as you are, and as justifiably angry as the family is, I heard the forgiveness, and I know Mr. Horcasitas could appreciate it, but so did I, Lang said immediately before sentencing Horcasitas. I love the beauty in what Christopher, and I call him ChristopherI always call people by their last names, its a formality of the courtbut I feel like calling him Christopher as weve gotten to know him today. I feel that that was genuine, because obviously the forgiveness of Mr. Horcasitas reflects the character I heard about today. But it also says something about the family, because you told me how angry you were, and you demanded the maximum sentence. And even though thats what you wanted, you allowed Chris to speak from his heart as you saw it. I didnt hear him asking for the maximum sentence.Horcasitass lawyer also referenced the avatar when asking Lang for mercy: As you heard the likeness of Mr. Pelkey say, they could have been friends, the lawyer said. And I will tell you, having known Mr. Horcasitas for about three and a half years and reviewing various content of Mr. Pelkeys phone, I think they had a lot of similar interests, and I think Mr. Pelkey was right, they could have been friends.Wales told 404 Media that she struggled writing her own victim impact statement for months before landing on the idea of using AI to have him give his own. She and her husbandTim Walesboth work in tech and Tim has used AI tools before.We talked about it and he says, You know you have to be careful with this stuff. In the wrong hands it can send the wrong message, Stacey told 404 Media. He says, Because without the right script, this will fall short. It will be flat and hokey and Im not going to let it go out if its not authentic.Stacey said she believes she knew what Christopher would say. Iknow the power of something like this. It needs to be a blanket statement of love, because thats what Chris would stand for, she said. I can't use it selfishly, and I'm already aware of that.According to Stacey, Tim used Stable Diffusion fine-tuned with a Low-Rank Adaptation (LoRA) to craft the video. And then we used a generative AI and deep learning processes to create a voice clone from his original voice, she said.Using an AI generated video to have a dead victim deliver their own impact statement is unprecedented. AI avatars are obviously not the real person, and what they say must either be scripted by a different person, or generated using an LLM that is not the person. In this case, the video was used to help determine the prison sentence of a living person. The video that Pelkeys family played contained several minutes of video of Pelkey from when he was alive, but everything the AI avatar said was scripted by his sister.There were videos shown during the trial that Stacey said were deeply difficult to sit through. Videos of Chris literally being blown away with a bullet through his chest, going in the street, falling backward. We saw these items over and over and over, she said. And we were instructed: dont you gasp and dont you cry and do not make a scene, because that can cause a mistrial.Stacey said the sentencing hearing was the first time she and her family were able to talk to the court about how his death affected them. This is the first time we had control, that we could speak up and that we could gasp aloud and let our tears flow and feel emotion in this courtroom. And we controlled the narrative, she told 404 Media.Jessica Gattuso, the victims right attorney that worked with Pelkeys family, told 404 Media that Arizonas laws made the AI testimony possible. We have a victims bill of rights, she said. [Victims] have the discretion to pick what format theyd like to give the statement. So I didnt see any issues with the AI and there was no objection. I dont believe anyone thought there was an issue with it.AI in the courtroom is a controversial topic and one that both lawyers and judges have gotten frustrated with in the past. In January, a judge in Wyoming chastised a lawyer for citing non-existent cases that AI had hallucinated as part of a lawsuit. In March, a different group of attorneys were caught citing AI hallucinated cases and ordered to pay $15,000.Gattuso said she understood the concerns, but felt that Pelkeys AI avatar was handled deftly. Stacey was up front and the video itselfsaid it was AI generated. We were very careful to make sure it was clear that these were the words that the family believed Christopher would have to say, she said. At no point did anyone try to pass it off as Chris own words.The prosecution against Horcasitas was only seeking nine years for the killing. The maximum was 10 and a half years. Stacey had asked the judge for the full sentence during her own impact statement. The judge granted her request, something Stacey creditsin partto the AI video.Our goal was to make the judge cry. Our goal was to bring Chris to life and to humanize him, she said.

Earlier this week TeleMessage, the company that creates modified versions of messaging apps like Signal and adds an archiving ability to them, made a video private on its YouTube channel that explained how its Signal message archiving tool worked, and how the company says it is able to copy messages securely. The hiding of the video came after 404 Media revealed that a hacker had targeted TeleMessage, which is used by the Trump administration, and managed to obtain the contents of some users messages and group chats.404 Media made a transcript of what this video said and is now publishing it in order to preserve TeleMessages claims around the security and functioning of its Signal archiving product. The news comes after Senator Ron Wyden has demanded a Department of Justice investigation into the TeleMessage episode, including the national security risk the app poses. The letter demanding the investigation also points to TeleMessages marketing material which claims messages are protected with end-to-end encryption, a claim that both the hack and a subsequent technical analysis refute.The video said TeleMessages app keeps intact the Signal security and end-to-end encryption when communicating with other Signal users. This is not true, judging by the fact the hacker was able to obtain plaintext Signal messages. The video also says The only difference is the TeleMessage version captures all incoming and outgoing Signal messages for archiving purposes.404 Media originally embedded this video into our article first showing that then-U.S. National Security Advisor Mike Waltz was using the TeleMessage tool. That embed now says This video is private. TeleMessages YouTube channel still includes videos about its Telegram, WeChat, and WhatsApp archiving tools.Do you know anything else about TeleMessage? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.In the demonstration video, the company shows copies of Signal messages in what appears to be an ordinary Gmail account. The video says the Gmail is for the demo and that TeleMessage works with other archiving platforms.Smarsh, the parent company of TeleMessage, did not respond to a request for comment. The company has not responded to any of 404 Medias requests for comment, except a LinkedIn message from TeleMessage CEO Guy Levit at the time of the hack who directed the request to a Smarsh press representative.The news also comes after Micah Lee, the journalist and security researcher who worked with 404 Media on breaking news of the hack, published a more indepth analysis of TeleMessages Signal clone which shows the company does not archive messages as securely as it has claimed in marketing material.NBC News reported on Monday that a second hacker targeted TeleMessage too. TeleMessage suspended service after the hacks.The transcript of the video follows below:Hello and welcome to TeleMessage's Signal Archiver introduction. In this video we will demonstrate how organizations can archive the Signal communication of their employees, thereby increasing productivity and satisfaction in today's innovative mobile environment, all the while remaining compliant with regulations.TeleMessage can capture and archive any Signal message and attachment, including images, videos and audio clips, as well as message deletions. Our Signal Archiver version supports iOS and Android phones on corporate or BYOD employee-owned devices, as well as the desktop version. In short, with TeleMessage, employees can keep using the standard Signal application while supporting full company archival and retrieval of all messages.Let's get started with our demo.In this demo we will use two phones, an Android smartphone on the right and an iPhone on the left. Both phones have the TeleMessage archiver installed, enabling full archival search and retrieval. TeleMessage's Signal Archiver is identical to the regular Signal application that you can download from Google Play or App Store. We keep intact the Signal security and end-to-end encryption when communicating with other Signal users. The only difference is the TeleMessage version captures all incoming and outgoing Signal messages for archiving purposes.Image: Screenshot of the TeleMessage video.We'll start by tapping the Signal Archiver icon on the two phones and, as you see, the standard Signal chat interface is displayed. We now share a series of messages, emojis and attachments which are received and responded to. We also create groups and again share messages and attachments.Now let's see how these chats appear in the archive.TeleMessage is integrated with numerous archiving platforms. For this demo we will display the messages in a simple Gmail web interface. The inherent robust capabilities in the TeleMessage Signal archive router fully captures message and employee metadata, making search and filter queries intuitive and friendly. In this demonstration, we have shown how TeleMessage's Signal Archiver looks, feels, and acts just like the original and offers a full range of archiving features and compliance with relevant judicial and regulatory requirements.Let us take care of your Signal archiving and recording requirements. Our platform supports compliance, workflow efficiency, risk mitigation, and peace of mind. For more information, please contact us at info at telemessage.com or visit our website.

Dora the Explorer, the cute Nickelodeon cartoon character, is teaching kids what it means to be Sigma, a slang term describing an extremely toxic male archetype which originates in the darkest corners of the so-called manosphere.Hola, grown-ups! Today I have a super cool word for you! Sigma, a 3D rendered version of Dora says in a video uploaded to the official Dora the Explorer Instagram account yesterday. Sigma is a word for someone whos confident, independent, and does things their own way! Think of it as someone whos a leader and a trendsetter. Lets say your friend is doing their own thing, focusing on their goals, and not worrying about what others think. You can say, youre such a SIGMA! View this post on Instagram A post shared by Dora (@officialdora) As Dora explains this, the video cuts to different Nickelodeon characters like Spongebob Squarepants and Aang, the main character from Avatar: The Last Airbender. The video, which was also shared from the official Nickelodeon Instagram account, has 2.8 million views, 156,000 likes, and almost 7,000 comments, most of which are incredulous or joking about Dora defining a term even mildly online users recognize as inappropriate for children.Dora thats not even Spanish youre losing the PLOT, one user said.Doras definition of Sigma isnt wrong, but its missing some very important context. In the world of toxic masculinity, incelhood, and the manosphere, men fit into one of a few rigid categories. There are Beta males, who are viewed as weak, effeminate, and generally losers who cant get women, and Alpha males who are strong, masculine, and can dominate women as well as other beta males. And then there are Sigma males, who are so masculine they ascend these categories and the normal social hierarchies and become something more powerful. It is very similar and sometimes overlaps with the community of Men Going Their Own Way (MGTOW).Know Your Meme attributes the origin of the term to the far-right misogynist and white supremacist Theodore Beale, known mostly for his online persona Vox Day. In 2010, Beale defined Sigmas on his blog as:The outsiders who don't play the social game and manage to win at it anyhow. The alphas hate sigmas because they are the only men who don't accept or at least acknowledge their social dominance. (NB: Alphas absolutely hate to be laughed at and a sigma can enrage an alpha by simply smiling at him.) Everyone else is vaguely confused by them. At the party, it's the guy who stops by to say hello to a few friends accompanied by a tier one girl that no one has ever seen before. Sigmas often like women, but also tend to be contemptuous of them.To be fair, Sigma went through another evolution before Doras video. It is now part of the brainrot meta meme, which takes a bunch of online terms like Skibidi, Rizz, and Sigma, and blends them all into a soup which is regurgitate in various forms to express that you spent too much time on the internet and can prove that by referencing these words.I dont know if Nickelodeon or the people in charge of these social media accounts are ignorant of Sigmas origin, if they dont care, or if its some irony-poisoned cynical wink at an audience that is obviously responding to the provocation.I can easily imagine this being a case of brands trying to be and online for engagement but going too far, especially because its workingthis post is getting a lot more engagement than most things the Dora account has posted.It also reminds me of something thats been bugging me for months but I have not had an excuse to write about yet, which is that the TV brand TCL has been promoting its products with ads calling their customers gooners and inviting them to goon with their TVs. Technically, TCL is an official partner with the Arsenal Football Club, which has called its fans gooners for years, but the TCL posts are obviously playing on the fact that today, at least online, gooning more commonly refers to the practice of hedonistic masturbation and excessive porn consumption. TCL also invites its customers to be Alpha.Ultimately it doesnt matter if the Dora post is a mistake that cant tell the difference between skibidi toilet and a racist Pepe the Frog, or if its an ironic joke. While the video addresses grown-ups, Dora is a giant kids media brand, and she is currently introducing them to a toxic philosophy that glorifies misogyny and the desire to be above and outside social relationships.Nickelodeon did not respond to a request for comment.

Trump has found an aesthetic to define his second term: grotesque AI slop.Over the weekend, the Trump administration posted at least seven different pieces of AI generated or AI altered media, ranging from Trump imagining himself as a pope and a Star Wars Jedi (or Sith?) to Obama-esque Hope posters featuring people the administration has deported.This has become the Slop Presidency, and AI-generated images are the perfect artistic medium for the Trump presidency. They're impulsively created, grotesque, and low-effort. Trumpworlds fascination with slop is the logical next step for a President that, in his first term, regularly retweeted random memes created by his army of supporters on Discord or The Donald, a subreddit that ultimately became a Reddit-clone website after it was banned. AI allows his team to create media that would never exist otherwise, a particularly useful tool for a President and administration that has a hostile relationship with reality.Trumps original fascination with AI slop began last summer, after he said legal Haitian immigrants in Springfield, Ohio were eating the catstheyre eating the pets in his debate with Kamala Harris. The internets AI slop factories began spinning up images of Trump as cat-and-dog savior. Since then, Trump and the administration have occasionally shared or reposted AI slop. In his first week in office, Trump shared an AI-generated GM car image that was promoting $TRUMP coin. What a beautiful car. Congrats to GM!, he posted.At the end of February, Trump shared a video on his Truth Social account that imagined a world where Gaza was turned into a Trump Casino.But this weekend, Trump began sharing AI slop on a level weve not seen before.Trumps AI-tinged weekend began on Friday night with a photo-realistic picture of himself as the Pope on his Truth Social account. The White House reposted a screenshot of the image on X, which pissed off the Catholic Church.This is deeply offensive to Catholics especially during this sacred time that we are still mourning the death of Pope Francis and praying for the guidance of the Holy Spirit for the election of our new Pope. He owes an apology, Thomas Paprocki, an American Bishop in Illinois, said on X.During a press conference on Monday, Trump dismissed the accusation that the Trump Pope was offensive and then said he didnt post it. The Catholics loved it. I had nothing to do with it, Trump said. Somebody made up a picture of me dressed like the Pope and they put it out on the internet, Trump said. Thats not me that did it, I have no idea where it came from. Maybe it was AI. But I know nothing about it. I just saw it last evening.All political movements are accompanied by artists who translate the politics into pictures, writing, and music. Adolf Ziegler captured the Nazi ideal in paintings. Stalins Soviet Union churned out mass produced and striking propaganda posters that wanted citizens about how to live. The MAGA movements artistic aesthetic is AI slop and Donald Trump is its king. It is not concerned with convincing anyone or using art to inform people about its movement. It seeks only to upset people who arent on board and excite the faithful because it upsets people.Not content to just aggravate Catholics, the Trump administration then used AI to offend adherents of another of Americas major religions: Star Wars fans. On May the 4th, the official White House X account posted an AI-generated image of a muscle bound Trump wielding a red light saber and flanked by two bald eagles.Happy May the 4th to all, including the Radical Left Lunatics who are fighting so hard to to [sic] bring Sith Lords, Murderers, Drug Lords, Dangerous Prisoners, & well known MS-13 Gang Members, back into our Galaxy. Youre not the Rebellionyoure the Empire, it said in the post. May the 4th be with you. As the replies pointed out, red light sabers are typically used by villains.This was just one of a series of Star Wars related AI-generated cringe that went out from official Trump admin accounts over the weekend. DOD Rapid Response on X (an account that publishes propaganda on behalf of Secretary of Defense Pete Hegseth) posted a five minute video that contained a Star Wars intro style scroll of Trumps accomplishments before treating viewers to a pic of Trump and Hegseth as Jedi. The account for the U.S. Armys Pacific Command sent out an AI-enhanced image of soldiers doing a training exercise. Both of the soldierss weapons were replaced with lightsabers.Trump and the people who created AI-image generators do not respect artists. There is no style that either will not exploit or sully. OpenAI reduced Hayao Miyazaki's lifes work to a gross meme, and the White House played along. For years the Lofi Girl has sat in windows on screens across the planet while people studied, read, and worked. Over the weekend the White House YouTube channel ran Lo-Fi MAGA Video to Relax/ Study To while an animated President Trump sat at a desk, mimicking the Lofi Girl.Maybe you dont like Star Wars, are unmoved by Studio Ghibli films, or have never chilled to lofi beats. It doesnt matter, the message is clear: if you love something Trump will pervert it. Nothing will be untouched. Sacred objects and beloved art exist only to be desecrated. AI has made that as easy as pushing a button.AI generated slop content is part of a brute force attack on the algorithms that control reality and the Trump administrations constant use of AI art reflects its own brute force attack on American democracy. Its not just that its aesthetics are useful for Trump, its entire mode of being is useful for how his administration has governed so far, by brute forcing the Presidency with a slew of executive orders, budget cuts, attacks on institutions, and sloppily executed deportations. The strategy is to overwhelm the American bureaucracy and the legal system, and to exhaust his enemies with an endless stream of bullshit; by the time we shake out whats legal and whats not, much of the damage has already been done.One of the wonderful things about making art is the process. A lot happens between conception and execution. An idea pops into an artist's head and it changes dramatically while they attempt to render that idea into reality. That doesnt happen with AI-generated images. There is no creation process, there is only instant gratification. Whatever impulsive and grotesque thought pops into the mind of the creator can immediately be realized.And so every revenge fantasy Trump and his followers ever wanted can be made real at a moments notice. On March 27, the White House X account posted a Ghibli-style AI image of a crying woman being arrested by ICE.Here is a real woman who has been accused of a crime, her image appropriated by the state and rendered into a cartoon. America has total power over this woman. Arrested for drug trafficking, her image has been plastered all over the internet. Shell be deported. Not content with total control over her body and future, the administration has made her into a caricature and invited its followers to mock her online.

We start this week's episode with our massive story on TeleMessage, the Signal clone the Trump administration uses to archive messages which was hacked. We have more detail than anyone else on that story. After the break, Jason tells us about another hack, this time GlobalX Air, one of the airlines used by ICE for deportation flights. In the subscribers-only section, Sam and Emanuel tell us about the shut down of Mr. Deepfakes, and what the lasting legacy of the site will be.Listen to the weekly podcast onApple Podcasts,Spotify, orYouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism.If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player. The Signal Clone the Trump Admin Uses Was HackedSenator Demands Investigation into Trump Admin Signal Clone After 404 Media InvestigationGlobalX, Airline for Trumps Deportations, HackedMr. Deepfakes, the Biggest Deepfake Porn Site on the Internet, Says Its Shutting Down for Good

On Tuesday a Senator demanded the Department of Justice investigate the serious threat to U.S. national security posed by TeleMessage, a company that makes aa Signal clone used by the Trump administration which 404 Media revealed was hacked on Sunday, with the hacker obtaining the content of some users messages and group chats.The news is the latest piece of fallout from the TeleMessage hack and the Trump administrations use of Signal, or insecure modified versions, more broadly. On Monday NBC News reported that another hacker had targeted the same company, and TeleMessage suspended service in response to the breaches.Communications from several federal agencies, including the most senior national security officials, have been recklessly entrusted to TeleMessage, a foreign company that purports to offer agencies a secure tool to archive messages sent using Signal, the popular secure messaging app, Senator Ron Wydens letter reads. The Washington Post first reported the existence of the letter.It would be hard to imagine a less secure way for U.S. government agencies to retain employee messages than decrypting, copying to, and processing those messages on a poorly secured server operated by a foreign company, the letter adds. TeleMessage is an Israeli company that was acquired by Portland, Oregon company Smarsh in 2024.Do you know anything else about TeleMessage? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.TeleMessage makes modified versions of Signal and other communication apps like WhatsApp and Telegram and adds an archiving feature to them which copies messages sent across the service. This can be a useful, or sometimes legally necessary, service for government agencies and regulated industries like financial institutions. Adding that archive capability, however, undermines the security of robustly encrypted messaging apps like Signal and introduces significant risk. As 404 Medias reporting on the hack shows, those threats are far from theoretical and very much real.The hacker provided 404 Media with some TeleMessage users message contents; the names and contact information for government officials; usernames and passwords for other parts of TeleMessages infrastructure; and screenshots that indicated what companies or agencies may also be TeleMessage customers. The hacker said the whole process took about 15-20 minutes.In a New York Times article before 404 Media broke news of the hack, Tom Padgett, the president of Smarshs enterprise business, said we do not de-encrypt, meaning messages werent decrypted while being collected for archiving, the letter says.These claims are plainly false, the letter adds. 404 Medias coverage found that some archived Signal messages were in plaintext, meaning they were not encrypted and were obtained by the hacker.Government agencies using TeleMessage have given their users something that looks and feels like Signal, the most widely trusted secure communications app. But instead, senior government officials have been provided with a shoddy Signal knockoff that poses a number of serious security and counterintelligence threats, the letter says.It remains unclear whether the design of this system was merely the result of incompetence on the part of the foreign company, whose senior leadership are former intelligence officers, or a backdoor designed to facilitate foreign intelligence collection against U.S. government officials. Regardless, TeleMessages dangerously insecure design should have been discovered long before the companys app was installed on the phone of the Presidents national security advisor and, presumably, other senior White House officials, it continues. The TeleMessage episode started when Reuters photographed then-U.S. National Security Advisor Mike Waltz using TeleMessages version of Signal, 404 Media first reported.The letter then directly urges the Department of Justice to investigate, saying TeleMessage appears to have misled the federal government about the security of its products by claiming to provide end-to-end encryption when it does not; and for an investigation into the counterintelligence threat posed by the company, including whether the company has shared U.S. government communications with the Israeli government, and whether the Israeli government played any role in the products dangerous design.Smarsh did not immediately respond to a request for comment.A copy of an Smarsh FAQ sent to customers obtained by 404 Media says it is not possible to register new users. Users that were logged out for their Apps will not be able to login again.

Elon Musks Grok, an AI chatbot that people can interact with via X, is being used to undress photos women are posting to the social media platform, as first flagged t0 404 Media by Kolina Koltai, a researcher and trainer at Bellingcat. All a user has to do is reply to an image someone has posted to X with a request to Grok to remove her clothes. Grok will then reply in-thread with an image of the woman wearing a bikini or lingerie. Sometimes Grok will reply with a link that will send users to a Grok chat where the image will be generated.Musk has repeatedly positioned Grok as a less restricted and based alternative to other large language models like OpenAIs ChatGPT, which are known for having strong guardrails that prevent users from generating some controversial content, including nudity or adult content. Weve reported on undress and nudify bots and apps many times over the years, and they are usually more exploitative in the sense that they will produce full nude images of anyone a user provides an image of. But Groks remove her clothes function is particularly bad even if it only produces images of people in swimsuits and lingerie because of how accessible the tool is, because it allows users to reply to publicly posted images on X with a prompt that will undress them, and because the nonconsensual image if often posted in reply to the users original image.Searching X for the instruction to undress photos of users returns dozens of users who are attempting to do so. Judging by the large number of users who did this starting in early May, and who they were targeting, it seems the practice was first popularized by Kenyan X users. A Kenyan news site, Citizen Digital, wrote about users complaining about Grok doing this earlier today.Hi, @grok. Please review the attached screenshot containing both an image and prompt text. Deeply concerning, Phumzile Van Damme, a Harvard tech and human rights fellow, wrote on X. Do you have system-level safety and content moderation guardrails, such as fine-tuned refusal mechanisms, filtered decoding, or reinforcement learning from RLHF to prevent the generation of sexually explicit, non-consensual content, including prompts asking it to undress a person? If so, how are these safeguards implemented at model and output levels?Grok replied to this complaint, saying that I sincerely apologize to @[REDACTED] for the distress caused by the inappropriate alteration of her image. This incident highlights a gap in our safeguards, which failed to block a harmful prompt, violating our ethical standards on consent and privacy [...] We are also reviewing our policies to ensure clearer consent protocols and will provide updates on our progress.At the time of writing, however, Grok was still generating these images.Yall utilizing grok badly but also Im so ashamed that yall actually find this funny, another user wrote on X. Using AI to strip clothes off someone isnt curiosity, its violation. If thats your idea of fun, you need more therapy than tech.Grok will reject prompts that ask to make people entirely nude.Ethical concerns arise with this request, as altering images to depict nudity can violate privacy and consent, especially since the original poster (@[REDACTED]) may not have agreed to such modifications, Grok said in response to a request from a user to undress a photo of a woman after it had already modified her original photograph to make her seem like she was wearing just her underwear.X did not immediately respond to a request for comment.

A 25-year old hacker has agreed to plead guilty to hacking the Disney Corporation by compromising a tool for AI-generating art. According to a Department of Justice press release, the hacker, Ryan Mitchell Krameraka NullBulge will admit to two felony charges related to the offense.As we reported last year, NullBulge specifically targeted AI users by compromising ComfyUI, a very popular graphical user interface for the open-weights AI image generator Stable Diffusion thats distributed on Github. The extension contained a trojan horse that allowed Kramer to access the computer of whoever used it, including one Disney employee.By leveraging access to that employees computer, Kramer was able to access the companys Slack and download 1.1 terabytes of data. Kramer pinged the employee in July of 2024 and, using the alias NullBulge, threatened to leak all the personal information in the data he obtained from Disney. The employee didnt respond and Kramer followed through with the threat and published the information.At the time, NullBulge said he targeted ComfyUI as an ideological protest against AI-generated art. AI-generated artwork is detrimental to the creative industry and should be discouraged, the hacker said on the Github for the ComfyUI extension. Maybe check us out, and maybe think twice about releasing ai tools on such a weakly secured account.According to security researchers at vpnMentor, NullBulges version of the ComfyUI extension compromised crypto wallets, flooded users systems with malware, and stole their personal data. Researchers at SentinelOne dug a little more into the persona and uncovered a long history of NullBulge making money from hacking.Kramers current plea deal is related only to the Disney hack. Hes been charged with two felony counts, according to the Department of Justice: one count of accessing a computer and obtaining information and one count of threatening to damage a protected computer. Each charge carries a maximum sentence of five years in federal prison.Kramers legal troubles might not be over. Kramer admitted in his plea agreement that, in addition to the victim, at least two other victims downloaded Kramers malicious file, and that Kramer was able to gain unauthorized access to their computers and accounts, the Department of Justice said in its press release. The FBI is investigating this matter.

Hackers have targeted GlobalX Air, one of the main airlines the Trump administration is using as part of its deportation efforts, and stolen what they say are flight records and passenger manifests of all of its flights, including those for deportation, 404 Media has learned.The data, which the hackers contacted 404 Media and other journalists about unprompted, could provide granular insight into who exactly has been deported on GlobalX flights, when, and to where, with GlobalX being the charter company that facilitated the deportation of hundreds of Venezuelans to El Salvador.Anonymous has decided to enforce the Judge's order since you and your sycophant staff ignore lawful orders that go against your fascist plans, a defacement message posted to GlobalXs website reads. Anonymous, well-known for its use of the Guy Fawkes mask, is an umbrella some hackers operate under when performing what they see as hacktivism.The hacker says the data includes flight records and passenger lists. The hacker sent 404 Media a copy of the data, which is sorted into folders dated everyday from January 19 through May 1.Do you know anything else about this incident? We would love to hear from you. Using a non-work device, you can message Joseph securely on Signal at signalaccount.05 or send an email to joseph@404media.co. You can Signal Jason at jason.404 or email jason@404media.co.404 Media cross-checked known information about ICE deportation flights that come from official and confirmable sources with information contained on the flight manifests and flight details obtained by the hacker. Information about Kilmar Abrego Garcias flight is in the hacked data.For example, the hackers obtained what appears to be detailed flight information about GlobalX flights 6143, 6145, and 6122 that left from Harlingen, Texass Valley International Airport on March 15. These flights are at the center of a class-action lawsuit filed by five pseudonymous Venezuelan men against the Trump administration (which eventually went to the Supreme Court) and which took off during and immediately following a court proceeding in which their lawyers were trying to get a restraining order to prevent the flights from taking off.During a District Court proceeding in Washington D.C., the federal government argued that it had no flight information to share with the court: the Government surprisingly represented that it still had no flight details to share, during the hearing, the judges opinion in that case reads. When pressed, Government counsel stated that the operational details he had learned during the recess raised potential national security issues, so they could not be shared while the public and press listened.Image: A screenshot of the defacement.Although the Government has refused to provide the particular details, all evidence suggests that during the short window that the Court was adjourned, two removal flights took off from Harlingenone around 5:25 pm and the other at about 5:45 pm, court records say, noting that these were GlobalX flights 6143 and 6145; a third referenced flight left immediately following the hearing. These details closely match the timing of the flights and other details in the hacked data.Also included in the data is a record mentioning the name Heymar Padilla Moyetones, a 24-year-old woman who was flown from Texas to Honduras, then from Honduras to El Salvador by mistake, and then was returned to Texas. The data obtained by the hackers says that GlobalX flew her from Valley International Airport in Texas to Honduras on March 15 on Flight 6143, then was flown from Comayagua International Airport in Honduras to El Salvador International on flight 6144 later that day. She then was flown directly from El Salvador International back to Valley International Airport in Texas on March 15. The information in the hacked data lines up with what Moyetones told NBC.404 Media was also able to cross-check the names on larger published lists of people who have previously been reported to be deported, finding their names in the hacked data with the specific flights that they were purportedly on.404 Media is not publishing the full list of passengers at this time as we work to verify which passengers were specifically on deportation flights and to protect peoples privacy because the manifests contain personally sensitive information like passport details. We will continue to analyze the data for information in the public interest and explore what were able to publish.Neither GlobalX nor ICE responded to requests for comment.The Trump administration contracts with a company called CSI Aviation as part of its deportation flights. On February 28, ICE posted a notice saying it would award $128 million to the company for its work. In turn, CSI Aviation subcontracts some of its work to GlobalX, which said it expects to make $65 million per year from the deal. In 2024, 74 percent of ICEs more than 1,500 removal flights were on GlobalX plans, the Project on Government Oversight reported in March.ProPublica previously reported on what it is like for flight attendants working on GlobalX, also known as Global Crossing Airlines. Sources in that piece said they were worried what would happen in an emergency, in part because the passengers were shackled.They never taught us anything regarding the immigration flights, ProPublica quoted one flight attendant as saying. They didnt tell us these people were going to be shackled, wrists to fucking ankles.The hacker told 404 Media they managed to find a token belonging to a GlobalX developer. They then used that to find access and secret keys for GlobalXs AWS instances which contained the data. They said they also sent a copy of the defacement message to GlobalXs employees, and then deleted company data. 404 Media does not know the identity of the hacker, and the hacker said they sent the data to other journalistsThe hacker said they also sent the message to GlobalX pilots and crew members through the companys NAVBLUE account. NAVBLUE is a flight operations platform made by Airbus which pilots use for flight planning, among other things.404 Media was unable to verify whether pilots or crew members received this message. But the hacker provided screenshots which appear to show them logged into the platform. They also provided a screenshot purporting to show access to GlobalXs GitHub.The website defacement quotes a May 1 ruling from US District Judge Fernando Rodriguez which said that the president unlawfully invoked the Alien Enemies Act and blocked the administration from deporting more alleged Venezuelan gang members without due process.The defacement adds: You lose again Donnie.