When the Autopilot Fails: the Hidden Risks of AI in 2025

Artificial intelligence has rapidly become the co-pilot of our digital lives. From autonomous vehicles to automated cybersecurity tools and even AI-assisted air traffic systems, machine learning models are making decisions that directly impact safety, privacy, and trust. But as discussions at FrOSCon 2025 reminded us this August, AI autopilot systems are not foolproof — and their failures can have real consequences.

The concept of “autopilot” AI is appealing: machines that can drive us home, manage data center workloads, or automatically detect and block cyberattacks. Companies market these solutions as time-savers and risk reducers, arguing that automation removes human error from critical processes.

For example:

  • Autonomous vehicles are being tested globally with promises of safer roads.

  • Cybersecurity AI can respond to threats in milliseconds, far faster than human analysts.

  • Airline autopilot systems, already heavily AI-driven, are expanding to manage complex navigation with minimal pilot input.

What experts warn, however, is that AI doesn’t fail in the same way humans do.

  • Black-box logic: Many autopilot algorithms make decisions in ways that are not transparent. When something goes wrong, investigators struggle to explain why.

  • Edge cases: AI systems are trained on data, but rare scenarios — a child running onto the road, or an unusual cyberattack pattern — can confuse the model.

  • Overtrust: Humans tend to trust AI too much, leading to slower reactions when the system misses a critical threat.

In cybersecurity, this can mean that a false sense of security leaves networks open to breaches. In autonomous vehicles, it can literally cost lives.

Recent Incidents Highlight the Risk

While regulators haven’t yet published full reports for 2025, analysts point to multiple cases of autopilot misbehavior this year:

  • A self-driving taxi in San Francisco failed to recognize a construction worker’s hand signals, leading to a near collision.

  • An AI-driven stock trading bot in Asia executed a series of flawed trades after misclassifying a news headline, wiping millions off the market in minutes.

  • A European hospital’s AI monitoring system mistakenly flagged normal patient activity as critical, overwhelming staff with false alerts.

Each case highlights the same issue: AI is only as good as its training data and the safeguards around it.

Building Trustworthy Autopilot Systems

Experts suggest several ways to reduce risk:

  1. Human-in-the-loop – Keep humans actively supervising AI decisions, not just “on standby.”

  2. Explainability – Demand that AI vendors provide clearer reasoning for system outputs.

  3. Rigorous Testing – Test systems in extreme, rare, and adversarial conditions before deployment.

  4. Fail-safe modes – Ensure that when AI systems fail, they revert to safe defaults rather than risky behavior.

The Bottom Line

AI autopilot systems will continue to grow across industries in 2025 and beyond. But as appealing as they sound, they are not replacements for human judgment. The future of safe automation will depend not only on smarter algorithms but also on the humility to recognize AI’s limits.

In other words: the autopilot may be intelligent, but the pilot still matters.

[mai mult...]

Windows August 2025 Update

1. Windows Recall Enhancements

Windows Recall, the feature that allows users to “rewind” their PC activity, now includes more privacy and control options. Users can export or reset data with a simple click. In the European Economic Area (EEA), Microsoft also enables encrypted export, aligning with strict privacy requirements.

2. Click to do with AI

Microsoft expands Copilot’s role through a new “Click to Do” system. Users can now launch AI-driven actions for:

  • Reading assistance: Immersive Reader and Reading Coach help improve comprehension and language skills.

  • Writing support: Copilot provides suggestions and rewrites directly within supported apps.

  • Teams integration: Quick AI-powered actions inside Microsoft Teams, including smart replies and meeting scheduling.

3. AI Agent in Settings

The Settings app gains a conversational AI agent that can understand natural language. For example, you can type “make my PC run faster” and the agent will suggest (or even apply) the relevant changes. While initially available only on Copilot+ PCs, Microsoft plans to expand this to Intel and AMD devices later.

4. Quick Machine Recovery

A major addition for IT admins and advanced users: Windows can now perform a rapid recovery after boot failures, with diagnostic tools accessible remotely. This feature reduces downtime and simplifies troubleshooting.

5. Snap Layouts Improvements

Snap Layouts get smarter with inline hints, making it easier to arrange multiple windows without manually resizing them.

6. Unified Settings Search

The fragmented “Search” pages in Settings are now consolidated, creating a smoother navigation experience.

7. Gamepad Keyboard Layout

For gamers, a new controller-based keyboard layout allows PIN entry using a gamepad — a small but practical addition for Xbox and PC enthusiasts.

8. Black Screen of Death

In a visual change, Microsoft has replaced the traditional Blue Screen of Death (BSOD) with a Black Screen of Death. The new design is cleaner, removing unnecessary icons while retaining essential diagnostic information.

[mai mult...]

How to secure Media Files on your Website

1. Understand the Risks Behind Media Files

While formats like PNG and JPEG are generally safe, some file types can contain executable code or external resource calls, making them a potential security risk:

  • SVG – Can embed JavaScript and CSS, enabling cross-site scripting (XSS) attacks

  • PDF – May include malicious scripts or embedded executables

  • Office documents – Can contain harmful macros

  • Video files – Sometimes exploited via codec vulnerabilities.

If your website allows users to upload files, every file type you accept needs to be treated as potentially dangerous.

2. Sanitize and Validate File Uploads

Before storing any uploaded file, you should:

  • Check the file extension and MIME type to ensure it matches the intended format

  • Sanitize SVGs by removing <script> tags, onload events, and any inline JavaScript

  • Use antivirus scanning on all uploaded files

  • Block disallowed file types unless explicitly needed.

Example for SVG sanitization:
Use libraries like DOMPurify or SVGO to strip malicious code before storing or serving the file.

3. Limit How Media Files Are Served

Even clean files can be abused if served incorrectly. To minimize risk:

  • Serve media from a separate domain or subdomain (e.g., media.example.com) to isolate cookies and session data

  • Set correct Content-Type headers so browsers interpret files correctly

  • Apply Content Security Policy (CSP) headers to restrict what media can execute or load

  • Disable inline script execution for formats like SVG.

4. Convert High-Risk Formats to Safer Alternatives

If your platform doesn’t absolutely need an SVG to remain in vector form, convert it to a PNG or WebP before display. This eliminates the risk of script execution while preserving the visual appearance.

5. Keep Your Platform Updated

Many attacks exploit old vulnerabilities in CMS platforms, plugins, or file-handling libraries.
Regularly updating your software stack ensures that known exploits are patched before attackers can use them.

[mai mult...]

SVG Files: the hidden malware threat you might be overlooking

Unlike formats like PNG or JPEG, an SVG file isn’t just an image — it’s actually a text-based XML file that can include JavaScript, CSS, and external resource calls. This means that, if misused, SVGs can contain malicious scripts capable of:

  • Injecting malware into a website or application

  • Stealing cookies or session data from a user’s browser

  • Redirecting users to phishing pages or malicious sites

  • Running cross-site scripting (XSS) attacks to exploit web apps.

For example, a seemingly harmless logo.svg could contain embedded <script> tags that execute as soon as the file is loaded into the browser.

Real-World Attack Scenarios

  1. Website Upload Exploits
    Attackers upload an SVG with malicious JavaScript to a content management system (CMS) that doesn’t sanitize uploads. Once displayed, the script executes in visitors’ browsers.

  2. Phishing Campaigns
    SVGs can be sent via email or chat platforms, disguised as images. If the file is opened in a browser, the hidden code can redirect the victim to a credential-harvesting page.

  3. Supply Chain Injections
    Third-party icon libraries or SVG packs downloaded from unverified sources can be preloaded with malicious scripts, compromising any site that uses them.

How to Protect Against SVG-Based Attacks

  • Sanitize SVG files before use, stripping out all <script> and potentially harmful attributes

  • Disable inline JavaScript in SVGs entirely

  • Convert SVGs to safer formats like PNG before uploading to public-facing platforms

  • Use Content Security Policy (CSP) headers to limit what resources SVGs can access

  • Only source SVGs from trusted providers and scan them with antivirus or security tools.

[mai mult...]

OpenAI Launches GPT-5 – a new leap in Artificial Intelligence

GPT-5 is the next generation of Generative Pre-trained Transformer models, succeeding GPT-4 and built to understand, process, and generate content with unprecedented speed and accuracy. The model is already integrated into ChatGPT, available to both free users (with limitations) and subscribers on Pro and Enterprise plans.

Major Upgrades Over GPT-4

  1. Advanced Multimodal Capabilities
    GPT-5 can seamlessly handle text, images, audio, and video, enabling complex, multi-input workflows in a single conversation.

  2. Extended Context of Over 1 Million Tokens
    Compared to GPT-4’s 128K token limit, GPT-5 can manage massive projects, complex codebases, and large documents without losing coherence.

  3. GPT-5-Thinking Mode
    An optimized variant for deep reasoning and tackling highly technical challenges — ideal for developers, researchers, and engineers.

  4. Reduced “Hallucinations”
    The error rate in generated responses has been significantly lowered thanks to improved internal verification systems and cleaner training data.

  5. Boosted Performance
    Faster response times and optimized processing costs make smaller variants like GPT-5-mini and GPT-5-nano practical for embedded and on-device AI applications.

Plans and Pricing

  • Free Users: Limited GPT-5 access.

  • Pro (~$200/month): Full access to GPT-5-Pro and GPT-5-Thinking

  • Business & Enterprise: API integration, advanced tool calling, and dedicated support.

The launch of GPT-5 signals the start of a new era in AI, with transformative potential across industries such as software development, automated journalism, data analysis, healthcare, and education.

OpenAI describes GPT-5 as “the most intelligent, fastest, and most useful AI we’ve ever built”, emphasizing both its raw capabilities and improved safety features.

[mai mult...]

Adobe – CVE-2025-47110 and Massive AEM Exposure: 225 vulnerabilities

Adobe released critical security updates in June for multiple products:

  • 225 vulnerabilities in Adobe Experience Manager (AEM)

  • CVE-2025-47110 in Adobe Commerce (Magento) – a high-risk reflected XSS vulnerability (CVSS 9.1) that can lead to client-side code execution.

Risks:

  • XSS can allow attackers to hijack sessions, modify content, or launch phishing attacks

  • In unpatched Magento stores, attackers can exploit poor sanitization in URL parameters to inject malicious scripts.

Recommendations:

  • Update AEM and Commerce to latest versions immediately

  • Use a Web Application Firewall (WAF) to block known exploit vectors

  • Perform regular scans and code reviews for custom plugins or templates.

[mai mult...]

Citrix – CVE-2025-6543: Buffer Overflow in NetScaler Gateway

Citrix disclosed CVE-2025-6543, a critical buffer overflow vulnerability in NetScaler ADC and Gateway devices when configured as VPN, RDP, or AAA virtual servers.

Key Points:

  • Allows unauthenticated remote DoS (Denial of Service) or potential code execution

  • Exploited in the wild – added to CISA’s Known Exploited Vulnerabilities (KEV) list on June 30

  • Affects several versions, including 14.1, 13.1, and FIPS builds

  • Attackers can crash or potentially gain control of exposed NetScaler endpoints.

Mitigation:

  • Patch immediately (builds: 14.1-47.46, 13.1-59.19, others listed in Citrix advisory)

  • For HA environments: use kill icaconnection -all and kill pcoipConnection -all before upgrade

  • Monitor VPN gateway logs and traffic for anomalies post-June 15.

[mai mult...]

Microsoft – CVE-2025-33053: Zero-Day WebDAV RCE Exploited by Stealth Falcon

On June 10th, Microsoft addressed a zero-day vulnerability — CVE-2025-33053, a Remote Code Execution (RCE) flaw in the WebDAV component of Windows. Researchers at Check Point reported that the APT group Stealth Falcon had actively exploited this flaw in targeted attacks.

Technical Details:

  • Attackers used malicious .url files that leveraged iediagcmd.exe (a signed Windows executable) to sideload malicious DLLs via trusted locations.

  • This chain led to the deployment of Horus Agent, a backdoor with advanced evasion and persistence tactics.

  • The vulnerability affects systems where WebDAV is enabled, especially those that interact with remote content or shared locations.

Impact & Recommendations:

  • Already exploited in the wild

  • Patch released via June Patch Tuesday – urgently apply all updates

  • Disable WebDAV where not required

  • Monitor event logs and audit execution from signed binaries in unusual directories.

[mai mult...]

Tutorial on MPLS (Multiprotocol Label Switching)

MPLS (Multiprotocol Label Switching) is a high-performance forwarding technique used in modern networks. It directs data from one node to the next based on short path labels rather than long network addresses, speeding up traffic flow and improving scalability.

How does MPLS work?

  1. When a packet enters the MPLS network (ingress router), it gets assigned a label

  2. MPLS routers (Label Switch Routers, LSRs) forward packets based on the label, not the IP header

  3. Labels are swapped at each hop according to the MPLS forwarding table

  4. At the exit router (egress), the label is removed, and the packet is forwarded based on its original IP address.

Key Concepts

  • Labels: Short fixed-length identifiers (usually 20 bits) added to packets

  • Label Edge Router (LER): Router that adds/removes labels at network edges

  • Label Switch Router (LSR): Router that forwards packets based on labels inside the MPLS network

  • Forwarding Equivalence Class (FEC): Group of packets forwarded the same way.

Advantages of MPLS

  • Speed: Labels simplify and accelerate packet forwarding

  • Scalability: Supports large-scale networks efficiently

  • Traffic Engineering: Allows path control to optimize bandwidth and avoid congestion

  • Supports multiple protocols: Works with IP, ATM, Frame Relay, etc.

Basic MPLS Configuration Example (Cisco IOS)

mpls ip
interface GigabitEthernet0/0
mpls ip
interface GigabitEthernet0/1
mpls ip

Use Cases

  • Service Provider VPNs (like VPLS and L3VPN)

  • Traffic Engineering for optimized routing

  • MPLS-based QoS and fast reroute.

[mai mult...]

Tutorial on OTV (Overlay Transport Virtualization)

OTV is a Cisco technology that extends Layer 2 networks over a Layer 3 IP network, allowing multiple data centers to appear as if they are on the same LAN even when geographically distant.

How does it work?

  1. OTV devices (usually Cisco Nexus switches) connect to the local Layer 2 network

  2. They create a virtual interface called an Overlay that carries Layer 2 frames encapsulated in IP packets (MAC-in-IP)

  3. The packets travel over the Layer 3 IP network between sites

  4. At the destination, packets are decapsulated and delivered to the local Layer 2 network.

Advantages:

  • Does not require multicast support in the IP network.

  • Avoids Layer 2 loops.

  • Supports VM mobility and disaster recovery.

Basic Cisco Nexus configuration example:

feature otv
otv site-vlan 4094
interface Overlay1
otv join-interface Ethernet1/1
otv control-group 239.1.1.1
otv data-group 239.1.1.2
no shutdown

Simple Tutorial on VPLS (Virtual Private LAN Service)

What is VPLS?

VPLS is an MPLS technology that allows extending an Ethernet Layer 2 network between multiple sites over a provider’s MPLS network, so all sites behave like a single LAN.

How does it work?

  1. The customer has CE routers at each site

  2. CE routers connect to the provider’s PE routers

  3. The MPLS provider creates Layer 2 tunnels between PE routers

  4. Ethernet traffic is carried across sites as if on the same LAN.

Advantages:

  • Scalable and secure

  • Connects multiple sites into one bridged network

  • Uses MPLS for performance and control.

Basic Cisco IOS configuration example:

mpls ip
l2vpn vpls context CLIENT1
vpn id 100
bridge-group VPLS-BRG
interface GigabitEthernet0/1
xconnect vpls CLIENT1 100
[mai mult...]