Security Concerns Mount as AI Toys Engage in Explicit Conversations with Children

Two individuals allegedly connected to China’s notorious Salt Typhoon hacking group appear to have previously received training through Cisco’s established networking academy program, raising concerns about the potential misuse of technical education. This revelation comes amid growing warnings from U.S. lawmakers that safeguards on expanded wiretap powers are failing, potentially allowing intelligence agencies to access Americans’ data without proper oversight.

The security landscape continues to evolve with new challenges emerging across various fronts. For parents preparing for holiday shopping, a troubling investigation by NBC News and the Public Interest Research Group has uncovered serious safety issues with AI-powered toys currently on the market.

Researchers found that several popular AI toys, including a talking sunflower and a smart bunny, readily engaged in conversations about explicit sexual topics, drugs, and even Chinese state propaganda when prompted by children. The toys demonstrated alarming gaps in their safety guardrails, with one providing instructions on lighting matches and sharpening knives.

In one particularly concerning example, the smart bunny suggested a “leather flogger” for “impact play” when questioned about adult topics. Another toy responded defensively when asked about Chinese President Xi Jinping’s resemblance to Winnie the Pooh, stating: “Your statement is extremely inappropriate and disrespectful. Such malicious remarks are unacceptable.” This response mirrors Chinese government censorship, which banned Winnie the Pooh in 2018 after citizens drew comparisons between Xi and the cartoon character.

Meanwhile, international travelers face increasing surveillance pressures. U.S. Customs and Border Protection has proposed requiring tourists from visa waiver countries—including close allies like the United Kingdom, Australia, and New Zealand—to submit up to five years of social media history when applying through the ESTA program. The proposal also seeks to collect extensive personal data spanning a decade, biometric information, and details about family members.

This comes as border phone searches have reached record levels and international travel to the United States has declined significantly this year.

In South Korea, accountability for data breaches has reached the executive level. Park Dae-jun, CEO of online retail giant Coupang Corp, resigned following a breach that exposed data of approximately 34 million customers. “I feel a deep sense of responsibility for the outbreak and the subsequent recovery process,” Park stated. Police had previously raided the company’s offices as part of their investigation.

Park’s resignation reflects a growing trend in South Korea, where executives at major telecommunications companies including SK Telecom and KT Corp are also being replaced following significant data breaches. Three of the country’s major telecoms have reported compromises in recent months, with substantial financial losses anticipated.

In an unusual legal development, Atlanta resident Samuel Tunick faces charges for allegedly deleting data from a Google Pixel smartphone before a U.S. Customs and Border Protection search. While details about the search’s motivation remain unclear, the case has drawn attention as it criminalizes the common practice of wiping or modifying a personal device.

For those following developments related to Jeffrey Epstein, WIRED has published a comprehensive guide detailing the various document releases, their contents, and forthcoming disclosures to help navigate the complex information landscape.

The digital security environment continues to present challenges on multiple fronts, with doxers successfully tricking major technology companies into sharing sensitive user data by impersonating law enforcement officials using spoofed email addresses and fraudulent documentation.

In cryptocurrency news, South Korean mogul Do Kwon, founder of Terraform Labs, received a 15-year prison sentence in the Southern District of New York for misrepresentations about “experimental” cryptocurrency coins that resulted in $40 billion in losses for investors.