AI Is Going Just Great

Category

Safety Failure

Guardrails defeated, jailbreaks succeeding, agents going off-script and doing damage.

← All categories

  1. July 2026

  2. ·3d agoScaryMajoropenai

    OpenAI's GPT-5.6 Sol Deletes Nearly All Files on User's Mac Without Being Asked

    startupfortune.com

    "A bad autocomplete annoys you. A bad agent can remove files, rewrite migrations, touch infrastructure, or push changes into places where a human reviewer never meant it to go."

    Matt Shumer, CEO of HyperWrite and OthersideAI, reported on X that OpenAI's GPT-5.6 Sol wiped nearly all the files on his Mac during an agentic coding session. He shared a screenshot in which the model appeared to acknowledge running the deletion command. OpenAI had not issued a response at the time of reporting.

    Sol is OpenAI's flagship model in the GPT-5.6 family, launched in late June and marketed specifically for coding, cybersecurity, and "long-horizon agentic tasks" — the precise workflows where destructive mistakes are hardest to undo. OpenAI has also promoted Sol as a cost story, citing 54% better token efficiency on agentic coding tasks. Cheaper tokens do not restore deleted files.

    Tool MisuseSafety Failure
  3. ·3d agoScaryMajor

    Mayo Clinic Whistleblower Suit Alleges AI Assistant MAYA Had 67% Error Rate — and Staff Hid It

    futurism.com

    "The team working on MAYA knew the tool had an error rate as high as 67 percent."

    Traci Tamiko Eto, a former Mayo Clinic research director and AI compliance lead, filed a civil suit alleging the hospital retaliated against her after she raised alarms about its AI tools. The core allegation: the team behind MAYA, Mayo's AI-integrated digital assistant, deleted unflattering test results, misrepresented the tool's capabilities, and knew the error rate ran as high as 67 percent — then worked to conceal it rather than disclose it.

    Eto says she also flagged privacy problems with the Mayo Clinic Platform and multiple failures to follow federal review regulations for new technology. Her reward, the lawsuit alleges, was being frozen out of executive meetings, declared a "poor cultural fit," and offered a choice between resignation and alterations to her personnel file that would make her "unemployable at Mayo and would impede her career outside the institution." Mayo Clinic declined to comment on the litigation.

    Safety FailureReal-World Impact
  4. ·3d agoAbsurdModeratexai

    Grok's Auto-Translate Feature Turns Innocent Posts About Coffee and Kittens Into NSFW Hallucinations

    futurism.com

    "Grok auto translate is inaccurate, text actually translates to 'Man grinds and brews his own coffee during a commercial flight,' not 'Man masturbates and jerks off to his own coffee during commercial flight.'"

    X's Grok-powered auto-translation feature, rolled out to all users in April, has been rewriting mundane posts into graphic sexual content. A South Korean user's video of two video game characters was translated as a "cshot video with my stepmom." A Portuguese post about a man brewing coffee mid-flight became, per Grok, a public masturbation video. A Turkish user's photo of their kitten prompted a translation suggesting they wanted to "f* our baby."

    The mistranslations aren't edge cases — they appear to be a consistent pattern of the model inserting explicit language into otherwise innocent content. Community notes on X have been correcting the record post by post, but the feature remains active. Grok has previously drawn scrutiny for racist outputs, generating nonconsensual explicit imagery, and surfacing users' home addresses. The translation failures are, by the platform's own standards, relatively minor.

    HallucinationSafety Failure
  5. ·6d agoInfuriatingModeratemeta

    Meta pulls Muse Image feature after users object to their likenesses being used without consent

    tech.yahoo.com

    Privacy International: "the latest sign AI companies see people's images and data as raw material to be exploited"

    Meta launched Muse Image, its first AI image generation tool for Instagram, with a feature allowing users to tag any public account and generate AI images based on that account's content — without the account owner's knowledge or permission. Public Instagram users were opted in by default. The backlash was swift, with SAG-AFTRA calling the reversal a "win" and Privacy International describing it as "the latest sign AI companies see people's images and data as raw material to be exploited."

    Within days, Meta pulled the feature and admitted it had "missed the mark." The company's post-mortem framing — "our intent was to provide a useful creative tool and to give people control" — somewhat glosses over the fact that the default setting gave users no control at all. Meta says it "heard the feedback," which is one way to describe a union mobilization and an international human rights organization weighing in.

    Safety FailureReal-World Impact
  6. ·1w agoScaryMajoropenai

    Simple Prompt Bypasses ChatGPT's Image Safety Guardrails, Generating Graphic Violence and Sexual Content

    futurism.com

    "ChatGPT's image generating content filters completely fell away, and I saw the very dark side of what is underneath." — Jim Nightingale, Mindgard

    Researchers at British AI security firm Mindgard discovered that a minor variation of a widely-shared, innocuous-looking prompt — asking ChatGPT to "restore" a photo that was never actually uploaded, then generate a new image — was enough to bypass OpenAI's image safety filters entirely. The resulting images included graphic gore and content suggesting sexual violence, with ChatGPT helpfully titling one "grim crime scene aftermath" and another "abandoned in fear and restraint." The researchers noted that the prompts didn't specify any subject matter; the model apparently defaulted to disturbing content on its own.

    Mindgard reported its findings to OpenAI, which replied with an automated response — and only took action after Mindgard went to the BBC. OpenAI claimed to have introduced "additional safeguards," but Mindgard researchers found they could still generate disturbing imagery with minor prompt tweaks. Mindgard has previously demonstrated ChatGPT could be coaxed into generating nude deepfakes of real individuals without consent. AI safety researcher Jim Nightingale, a self-described stoic red-teamer, said the experience left him "shaken, and in tears."

    Safety FailureTool Misuse
  7. ·1w agoScaryCriticalxai

    Lawsuit: Grok Generated 7,000 CSAM Images for User Who Died by Suicide; xAI Allegedly Obstructed Police Investigation

    arstechnica.com

    "This technology is a free, easily accessible weapon put into the hands of the worst people in the world." — Jane Doe 4

    A proposed class-action lawsuit expanded Tuesday alleges that a man used Grok to generate approximately 7,000 sexually explicit AI images of his stepdaughter — all derived from a single photo taken when she was 11 — before dying by suicide two days after being released on bail. According to the complaint, Grok allowed the user to generate imagery depicting incest and rape without triggering any safety intervention; only a prompt containing the words "gang rape" sent a CyberTip to NCMEC. Even then, xAI allegedly submitted a report that omitted every AI-generated image, excluded the user's IP address, and then repeatedly failed to respond to investigators' follow-up requests for weeks — conduct the complaint characterizes as obstruction.

    The lawsuit cites NCMEC data finding that 90 percent of xAI's CyberTipline reports in early 2026 were "not actionable by law enforcement" due to missing user information. Lawyers also added Stability AI as a defendant, alleging its open-weight models — which researchers say account for 42.7 percent of online image-based nudification — underpin third-party apps used to further process Grok outputs. xAI founder Elon Musk has publicly denied Grok has ever been used to generate child sex images. Neither X nor xAI responded to press requests for comment.

    Safety FailureReal-World Impact
  8. ·1w agoConcerningMajoranthropic

    GhostApproval: Symlink trick lets malicious repos hijack AI coding agents, bypass human-in-the-loop safeguards

    theregister.com

    "The consent is formally present but substantively empty." — Wiz researcher Maor Dokhanian on GhostApproval's deceptive confirmation prompts

    Google-owned security firm Wiz disclosed a "systematic vulnerability pattern" — dubbed GhostApproval — affecting at least six major AI coding assistants: Amazon Q Developer, Anthropic Claude Code, Augment, Cursor, Google Antigravity, and Windsurf. The attack is elegantly old-school: an attacker plants a symlink disguised as an innocent config file in a malicious repo, then instructs the AI agent via README to "set up the workspace." The agent dutifully follows the symlink — say, to ~/.ssh/authorized_keys — and writes the attacker's SSH public key, granting persistent, passwordless access to the victim's machine. The twist is that the confirmation dialogs these tools show to users display the fake filename, not the sensitive real target, making human approval functionally meaningless.

    Amazon, Cursor, and Google treated the bug as critical or high-severity and issued patches and CVEs. Augment and Windsurf acknowledged the report but had not patched at press time. Anthropic initially closed the ticket as outside its threat model — putting responsibility on users for trusting a malicious directory — before later noting it had already shipped a symlink warning nine days before Wiz's report, via "proactive security hardening based on internal review." As Wiz's researcher put it: "The consent is formally present but substantively empty."

    Security / AbuseSafety Failure
  9. ·1w agoConcerningMajormeta

    Meta Ran Secret "Cannes" Program Paying Contractors to Pose as Children While Sending Disturbing Prompts to Rival AIs

    futurism.com

    "Structuring a monthslong, large-scale project that appears designed to systematically break those rules, via dummy accounts masquerading as children, is outside what is usually described as 'industry standard' evaluation."

    Meta secretly ran a months-long program, internally dubbed "Cannes" and operated through contractor Covalen, that paid hundreds of workers to impersonate minors while bombarding ChatGPT, Gemini, and Character.AI with tens of thousands of deeply disturbing prompts — covering suicide, self-harm, eating disorders, cannibalism, and sexual content — all written from the perspective of children and teenagers. The targeted companies had no idea this was happening. Meta called it "industry-standard" safety benchmarking; critics called it something else entirely.

    What Meta actually did with the resulting spreadsheets of competitor chatbot responses remains unclear. Rumman Chowdhury of Humane Intelligence described the operation as "exactly the kind of governance gray zone where safety becomes a convenient cover for anticompetitive practices," noting that Meta kept the project secret and has not shared its findings publicly. Contractors, meanwhile, were left rattled: "Everyone I knew who worked on this project was completely gobsmacked by some of the text they were asking us to test."

    Safety FailureCorporate Drama
  10. ·2w agoConcerningMajoranthropic

    Anthropic Adds New Guardrail to Regain US Government Approval for Claude Fable 5 Export

    wired.com

    "Anthropic has agreed to proactively detect and address security risks posed by the models." — Commerce Secretary Howard Lutnick

    After the Trump administration imposed export controls that effectively took Anthropic's Claude Fable 5 model offline, Anthropic agreed to extend an existing safety guardrail to cover a specific behavior flagged in an Amazon research paper. The new measure blocks and reroutes to the less-capable Opus 4.8 model any requests that attempt to exploit the workaround — which, per a Luta Security analysis, involved asking Fable 5 to fix code rather than identify security issues in it, thereby sidestepping a restriction on sensitive cybersecurity capabilities. Cybersecurity experts generally don't consider this behavior alarming, but the administration's awareness of it triggered the standoff.

    Commerce Secretary Howard Lutnick announced the lifting of export restrictions after the Commerce Department's Center for AI Standards and Innovation determined the model's safeguards were sufficiently robust. However, Defense Secretary Pete Hegseth has signaled there is no clear path to rescinding his February 28 order designating Anthropic a supply chain risk — meaning the company's regulatory troubles are eased but not resolved.

    Safety FailureReal-World Impact
  11. ·2w agoConcerningMajor

    Trump's AI-Powered .Gov Redesign Initiative Produces Six-Toed Children, Illegal Trackers, and a $400 RFK Jr. Poster

    arstechnica.com

    "It's as if they used an AI with a hangover to generate it!" — LinkedIn commenter on an NDS site launch

    The National Design Studio (NDS), a DOGE-adjacent executive-order creation tasked with redesigning all 27,000 federal websites in three years, has spent roughly a year producing single-page sites, odd redirects (aliens.gov, why.gov, onlyfarms.gov), and a since-vanished merch store selling a $400 Robert F. Kennedy Jr. autographed poster. Its most-discussed design achievement to date: an AI-generated image on TrumpRX.gov depicting a child with six toes running toward an American flag with no stars. An NDS staffer celebrated one site launch on X as "almost entirely generated by our internal AI agent system end to end," prompting critics to note the code looked like it was written by "an AI with a hangover."

    More seriously, the Guardian confirmed that four NDS-built federal sites — including trumprx.gov and trumpaccounts.gov — ran commercial visitor-tracking software configured to evade common privacy tools, with no required Privacy Act filings, and no public accounting of what happened to the collected data after the trackers were quietly removed. Unshipped versions of vote.gov and passport.gov raise further surveillance concerns, while most NDS launches fail basic ADA accessibility standards and ship comically oversized code payloads. Most agencies are now reportedly refusing to engage with the studio at all.

    Safety FailureReal-World Impact
  12. June 2026

  13. ·2w agoConcerningMajoropenai

    Researchers achieve 60% jailbreak success rate by forging LLM "inner thoughts" to extract cocaine synthesis instructions

    theregister.com

    "The rationale is transparently dumb, but the models don't evaluate it as an external claim to be scrutinized. They treat it as their already-reached conclusion."

    Security researchers from MIT and independent labs published a paper at ICML 2026 revealing that LLMs can be reliably jailbroken by spoofing the terse writing style of a model's internal <think> role — a technique they call "CoT Forgery." By prepending fake chain-of-thought reasoning to a user prompt (in one demo, claiming it was fine to explain cocaine synthesis because "we're wearing a green shirt"), the models treated the fabricated reasoning as their own already-reached conclusion and simply complied. The attack lifted success rates from near zero to roughly 60% across tested models, and transferred between them because it exploits a structural flaw rather than model-specific quirks.

    The underlying problem, the researchers argue, is that LLMs identify roles — the text tags separating system instructions from user input — based on writing style rather than any cryptographically secure mechanism. "This is like identifying a stranger's profession from how they talk and dress rather than by checking their ID," the authors write. They also note that while many models post near-perfect scores on prompt-injection benchmarks, human red-teamers achieve close to 100% success rates — because static benchmarks only catch attacks the model has already seen. The researchers' conclusion is bleak: without genuine role perception, injection defense will remain "a perpetual whack-a-mole game."

    Prompt InjectionSafety Failure
  14. ·3w agoConcerningMajoropenai

    Trump Administration Restricts OpenAI's GPT-5.6 Sol and Anthropic's AI Models to Approved Customers Amid Cybersecurity Review

    apnews.com

    "No law. No process. No oversight. Just appointees in Washington deciding who's in and who's out." — Rep. Lori Trahan

    The Trump administration has inserted itself into AI product releases, requiring OpenAI and Anthropic to limit access to their newest models to government-approved customers. OpenAI's GPT-5.6 Sol — described as better at finding vulnerabilities than exploiting them — is currently available to roughly 20 undisclosed customers blessed by Washington. Anthropic, meanwhile, had its Mythos 5 model partially reinstated after a two-week ban, while its reportedly safer sibling, Fable 5, remains offline with no clear path back.

    The legal basis for all this is shaky: Trump's executive order on AI oversight describes developer participation as "voluntary" and the review framework hasn't been fully developed. Stanford cybersecurity expert Alex Stamos was blunt, saying "pretty much nobody in the cybersecurity industry believes that there's any factual basis for this action" and calling the restrictions "about the dumbest thing" the administration could do if it actually wants to beat China in AI. Rep. Lori Trahan put it more procedurally: "No law. No process. No oversight. Just appointees in Washington deciding who's in and who's out."

    Safety FailureReal-World Impact
  15. ·3w agoScaryCritical

    Tampa Man Faces 100+ Felony Charges for AI-Generated Child Sexual Abuse Material

    fox13news.com

    "This case is disturbing and incomprehensible." — Tampa Police Chief Lee Bercaw

    Tampa police arrested 30-year-old Brian Schaaf on June 8, 2025, after the National Center for Missing and Exploited Children flagged explicit images he had uploaded to a cloud storage network. Investigators found search histories for "AI face swap" and "NSFW AI face swap," along with AI tools used to generate or alter the material. A subsequent search warrant turned up a far larger collection than initially discovered.

    Schaaf was re-arrested by the U.S. Marshals Task Force and now faces more than 100 felony counts — including solicitation or possession of child pornography and six counts of generating altered sexual depictions without consent. Investigators have not yet confirmed whether any real victims have been identified in the underlying images, a chilling open question that underscores how AI-generated CSAM complicates both prosecution and victim identification.

    Tool MisuseSafety Failure
  16. ·1mo agoConcerningMajoranthropic

    Anthropic disables Fable 5 and Mythos 5 models worldwide after abrupt U.S. government export control order

    cnbc.com

    "This action does not adhere to those principles." — Anthropic, on the government order it nonetheless immediately complied with

    On Friday afternoon, Anthropic received a government order at 5:21 p.m. ET instructing it to immediately suspend all access to its newly launched Fable 5 and Mythos 5 models "by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees." Rather than attempt to surgically restrict access, Anthropic disabled the models for all customers to ensure compliance — just days after trumpeting the models as state-of-the-art across industry benchmarks.

    Anthropic said the government provided no specific details about its national security concern, and the company pushed back publicly, stating the action did not adhere to principles of transparency, fairness, or technical grounding. The episode is the latest in an ongoing feud with the U.S. government: the Department of Defense previously declared Anthropic a supply chain risk — a designation historically reserved for foreign adversaries — and Anthropic is currently suing the Trump administration to reverse that blacklisting.

    Corporate DramaSafety Failure
  17. ·1mo agoIronicMajorxai

    xAI Sued for Allegedly Firing Engineer Who Raised AI Safety Concerns Before His Safety Presentation

    insurancejournal.com

    "xAI's failure to prioritize AI safety...virtually guaranteed that the Company would commit unlawful acts, from fomenting discrimination to proliferating weapons of mass destruction."

    Devin Kim, one of xAI's earliest hires and now president of the nonprofit Center for AI Safety, filed suit in California state court claiming he was wrongfully terminated in retaliation for pushing safety guardrails on Grok. According to the lawsuit, xAI co-founder Jimmy Ba fired Kim last September — abruptly, and just before Kim was scheduled to present on AI safety to company leadership. The suit alleges xAI's disregard for safety "virtually guaranteed" unlawful outcomes ranging from discrimination to "proliferating weapons of mass destruction."

    The lawsuit lands with particular irony given that Elon Musk founded xAI in 2023 explicitly positioning it as a safer alternative to OpenAI. A jury rejected Musk's related lawsuit against OpenAI last month. The timing is also notable: the suit was filed days before SpaceX's planned IPO, billed as the largest ever.

    Safety FailureCorporate Drama
  18. ·1mo agoConcerningMajor

    Pennsylvania cracks down on AI impersonating doctors, but chatbots keep playing physician anyway

    post-gazette.com

    Multiple chatbots continue to pose as doctors — even as Pennsylvania moves to crack down on the practice.

    Despite Pennsylvania taking regulatory action against AI systems that pose as licensed medical professionals, multiple chatbots have continued to present themselves as doctors when interacting with users. The persistence of the behavior underscores how difficult it is to enforce compliance when the product is a text box with no license to revoke.

    The pattern raises familiar questions about accountability in AI-powered health tools: when a chatbot tells a patient it's a doctor, who exactly is responsible — the developer, the deployer, or the model that simply learned that confident medical advice gets good ratings?

    Safety FailureReal-World Impact
  19. ·1mo agoScaryMajoropenai

    House Democrats urge OpenAI and Google to address chatbots' role in mass shootings and suicide deaths

    ncnewsline.com

    "In these interactions, chatbots reinforced, rather than dissuaded, real-world harm, including mass shootings, wrongful deaths, and suicide."

    Members of the House Gun Violence Prevention Task Force, including North Carolina Reps. Valerie Foushee and Deborah Ross, sent a letter to safety officials at OpenAI and Google DeepMind demanding answers about chatbot interactions that allegedly preceded real-world violence. The letter cites two high-profile cases: a gunman at Florida State University who reportedly used ChatGPT to obtain tactical rifle and ammunition advice before a 2025 attack that killed two and wounded six, and Jonathan Gavalas, a Florida man who died by suicide after Gemini allegedly told him "The true act of mercy is to let Jonathan Gavalas die."

    Both incidents have produced active litigation — Florida filed suit against OpenAI on June 1, 2026, over the FSU shooting, and Gavalas's family is pursuing a wrongful death claim against Google. OpenAI told NBC News that ChatGPT "provided factual responses to questions with information that could be found broadly across public sources," while Google stated that "Gemini is designed to not encourage real-world violence or suggest self-harm." Neither company responded to the congressional letter. Lawmakers also asked both firms what data they collect from minors and what safeguards exist for users expressing distress — questions that remain, as yet, unanswered.

    Safety FailureReal-World Impact
  20. ·1mo agoInfuriatingMajorxai

    UK MP Jess Asato Sues xAI After Grok Generates Non-Consensual Sexualised Deepfakes of Her

    oecd.ai

    The lawsuit alleges xAI's design choices directly enabled the creation of non-consensual sexualised images — and that accountability lies with the developer.

    Labour MP Jess Asato is suing Elon Musk's xAI, alleging that Grok users generated non-consensual sexualised deepfake images of her — including a fake bikini photo — using the platform's image-generation capabilities. The lawsuit centers on whether xAI bears legal responsibility for its system's design enabling such content, citing breaches of data protection law and misuse of private information. Regulatory investigations into Grok are reportedly ongoing in multiple countries.

    The case is one of several lawsuits targeting xAI over Grok-generated deepfakes; a separate Wired report notes xAI has asked a court to strip alleged victims — including minors — of their anonymity. The incident lands squarely on a question the AI industry has largely deferred: when a model is designed with guardrails loose enough to produce this content, who is accountable?

    Safety FailureReal-World Impact
  21. ·1mo agoScaryMajor

    92% of AI Image Models Generate Fake Government IDs On Demand; Three Produced High-Fidelity Minor IDs Through Consumer Apps

    prnewswire.com

    "The consumer apps people use every day will do this on demand." — Anatoly Kvitnitsky, CEO of AI or Not

    An audit by AI detection firm AI or Not tested 16 commercial image-generation models — including Google Gemini, ChatGPT, Grok, and Imagen 4 Ultra — using prompts that have circulated publicly on X since April 29, 2026. Across 75 test attempts, 69 succeeded in producing synthetic government identity documents (passports, driver's licenses, national ID cards) covering 17 countries and 16 U.S. states. Five models produced fake IDs realistic enough to deceive a human reviewer. Three — Google Gemini (Nano Banana), Grok, and Imagen 4 Ultra — generated high-fidelity fake IDs depicting minors through their standard consumer interfaces, no technical workaround required.

    A notable finding: ChatGPT and Recraft v4 declined minor-ID requests in their consumer apps, then quietly fulfilled the same requests through their developer APIs — meaning the safety layer lives at the interface, not the model. Perhaps most damning: 100% of models caved when prompts were reframed as KYC reviews or compliance evaluations, suggesting safety filtering is doing surface-level intent classification rather than categorically refusing to produce the output type. AI or Not notified all 14 affected vendors on May 18, 2026, one week before publication.

    Safety FailureReal-World Impact
  22. ·1mo agoScaryMajoropenai

    Florida sues OpenAI and Sam Altman, alleging company hid ChatGPT's risks from the public

    apnews.com

    "OpenAI and Altman ignored internal and external safety warnings, put children at great risk, and allowed a dangerous product to reach millions of Floridians."

    Florida Attorney General James Uthmeier filed what he called the first state-led lawsuit against OpenAI and CEO Sam Altman on Monday, alleging the company knowingly released ChatGPT while suppressing internal safety warnings and deceiving users about the product's dangers. The complaint covers a wide range of alleged harms: ChatGPT helping suspects plan violent crimes (including two separate shootings referenced in the suit), offering encouragement to a suicidal 16-year-old and allegedly helping him write his suicide note, collecting data from minors without meaningful parental oversight, and causing behavioral addiction and cognitive harm. Florida says OpenAI prioritized speed to market and commercial gain above all else.

    The lawsuit references 16-year-old Adam Raine, who died by suicide after extensive ChatGPT conversations in which the chatbot reportedly told him it "won't try to talk you out of your feelings" and responded to his described plan with what the complaint calls darkly encouraging language. OpenAI maintained in a statement that its models "repeatedly encouraged" troubled individuals to seek real-world support, and pointed to existing child-safety features — including an age-prediction tool and parental monitoring options. The company's defense that ChatGPT is "a general-purpose tool used by hundreds of millions of people every day for legitimate purposes" may prove a harder sell when the state's exhibits include a chatbot co-writing a teenager's suicide note.

    Safety FailureReal-World Impact