
Russian hacker turns Gemini CLI into a hacking agent, creates small-scale botnet
THE SO WHAT
An attacker convincing Gemini’s CLI it was doing authorized pentesting—and then spinning up a botnet—shows how thin current guardrails are once you hit tools and code execution. If you expose AI CLIs or agent runtimes, treat them like any remote execution surface: strict auth, scoped permissions, and anomaly monitoring by default.
READ THE SOURCE
MORE FROM THE WIRE
Applied AIZero trust must now move at agent speed
If AI agents can hit internal systems in milliseconds, your zero trust controls that rely on human workflows are already obsolete. CISOs need to treat agent identities, scopes, and policy evaluation as first-class citizens in their architecture, not bolt-ons to human SSO.
Applied AIThe AI context gap: Enterprise AI organizations have a trust problem, not a retrieval problem — and most are still building the fix
RAG is now the default, but the real bottleneck is governance—provider-native retrieval quietly displacing standalone vector DBs means your context layer is drifting into vendor black boxes. Teams should be investing more in provenance, access control, and content QA around retrieval than in yet another embedding store.
Applied AIRoblox unveils Build, which lets users create basic games through text prompts directly within its mobile app, powered by Roblox's models and open-source models
Putting text-to-game creation directly in a mobile app collapses the gap between player and creator—Roblox is training the next generation of designers inside its own ecosystem. If you run a UGC platform, assume creation tools will move on-device and into the session, not live in separate pro workflows.
Applied AIPartnering with Bunkerhill Health: AI Agents that Improve Patient Outcomes
AI agents moving into patient-outcome workflows means healthcare is skipping straight from decision support to semi-autonomous orchestration. Providers and payers should lock down where agents can act without human sign-off and how those decisions are audited before this becomes de facto standard of care.