click

ChatGPT enables pay per click ads. And with them the problem that destroyed the credibility of SEO is repeated.

by

ChatGPT already charges advertisers for each click their responses generate. OpenAI has activated a cost-per-click (CPC) model of between $3 and $5 within its advertising platform, as it progresses DigiDayuntil now limited to large advertisers who paid for impressions. Why is it important. This marks the moment when ChatGPT stops being a neutral tool and becomes a system with direct economic interests in which answer appears first. And that leap has consequences for anyone who uses AI as a source of information. The context. OpenAI launched its advertising business a few months ago with a CPM model (pay per impressions) and with a minimum investment of $250,000. In that time, the price has dropped from $60 per 1,000 impressions to $25, and the minimum has been reduced to $50,000. The direction of the movement says a lot: OpenAI needs more advertisers and it needs them faster. Between the lines. A CPC of 3-5 dollars is equivalent, in effective CPM, to figures much higher than the market average. OpenAI is not looking for cheap volume: it wants to position itself as premium inventory, at the level of Google Search, where clicks are worth more because the user arrives with a clear intention, especially in certain types of searches: health insurance, urgent loans, lawyers specializing in traffic accidents, etc. The problem is that this intention premium still needs to be demonstrated. The inevitable conflict. The CPC model introduces a conflict that any content platform knows well: the best answer for the user and the answer for the payer are not always the same. It is not a problem exclusive to OpenAI or search engines. It is the fundamental contradiction of any business that combines information and advertising revenue, including the media, and that each actor manages with greater or lesser success depending on their size, reputation and incentives. Google has been navigating this conflict for 25 years with increasingly debated results. Let’s think about what a Google results page looked like in 2005 and what it is like today. It’s not even your only conflict of interest. OpenAI inherits that same conflict from day one, without the reputation cushion that gave Google margin for two decades, and at a time when the demand for transparency about how AI systems work is increasing. Yes, but. There are those who argue that the LLMs They are different because contextual conversation generates a more qualified intent than traditional search, which would justify the premium price and make the advertising presence more tolerable. It is possible. But the same thing was said about branded contentof the native advertising and SEO in its beginnings. If history tells us anything, it is that economic incentives end up winning over product design, not the other way around. In Xataka | AI already knew how to create images. OpenAI says it has found the missing piece with the new ChatGPT Images 2.0 Featured image | Xataka

“Left click, right click”, this is how the AI ​​decides an attack in war. China, Russia and the US need fewer and fewer humans

by

A group of Google engineers signed an internal letter to protest against a project in which your own software was being used by the Pentagon, sparking an unprecedented debate within the company about how far the technology they had created should go. Since then, almost 10 years have passed, an “eternity” with the implementation of AI. The war accelerates… without humans. They counted last week in The New York Times that modern warfare is entering a phase in which human intervention is no longer the center of decision-making, but rather an almost symbolic step within processes dominated by algorithmswhere artificial intelligence systems identify targets, recommend attacks and generate complete plans in a matter of seconds. Programs like Project Maventoday developed by Palantir and integrated with models like Anthropic’sshow the extent to which the decision chain has been compressed: satellite images, drone data and intercepted signals are automatically processed to generate target lists and attack solutions, reducing human intervention to something as simple as selecting options on the screen, in the words of Pentagon officialsit is as simple as clicking “Left click, right click”. Powers in the same race. Because at the center of this transformation are the United States, China and Russia, competing to lead a new arms race based on autonomous systems capable of operating without direct intervention. In China, for example, the development of coordinated drone swarms by artificial intelligence and capable platforms to operate alongside fighters manned reflects a commitment to scale and automation. Meanwhile, in Russia they are betting on systems like the Lancet droneswhich evolve towards capabilitiesand autonomous selection of objectives. For its part, the United States is trying to close the gap by encouraging companies like Anduril to speed up production of autonomous drones, in a race where the speed of development is almost as important as the technology itself. The Chinese WZ-8 drone Ukraine as a turning point. How have we been countingthe war in Ukraine has been the turning point that has turned these technologies on real tools combat, demonstrating that relatively simple systems can evolve rapidly towards semi-autonomous capabilities and changing the balance on the battlefield. Adapted commercial drones, unmanned vessels and data analysis systems have allowed resist a superior adversary, while Russia has responded incorporating automation progressive in their own systems. As pointed out analyst Michael Horowitz, “the battlefield in Ukraine has served as a laboratory for the world,” accelerating a transition that is no longer experimental, but operational. Silicon Valley at war. Unlike previous arms races, the Times I remembered that the role does not fall solely on the States, but also in technology companies and start-ups that are redefining military development. Here are companies like Google that initially participated in projects like Maven before withdrawing due to internal pressures, while others like Palantir or Anduril have occupied that space with a more vision aligned with the defense. In China, the “civil-military fusion” model directly integrates to private companies in the development of military systems, while in the West attempts are made to replicate that dynamism with million-dollar investments and growing collaboration between Silicon Valley and the Pentagon. Algorithms against algorithms. The result is a form of war in which the confrontation is no longer only between armies, but between automated systems that operate at speeds impossible for humans, a scenario that we have counted where drones launch drones to take on other drones and sensor networks connect globally to execute real time attacks. Projects like the Chinese attempt to replicate networks similar to the Joint Fires Network American forces reflect this trend toward an interconnected war, one where a sensor at one point on the planet can trigger an attack on another without direct intervention. At this point, superiority no longer depends solely on the quality of weapons, but on the ability to integrate data, process it and act faster than the adversary. Uncontrolled speed. There is no doubt, this acceleration carries risks that worry even those who pushed these systems, as automation can trigger military responses before humans can intervene or fully understand the situation. Studies such as that of RAND Corporationworks that have shown scenarios in which autonomous systems inadvertently escalate conflicts, while experts warn of a possible “escalation spiral” driven by the decision speed of machines. As recognized General Jack Shanahan, promoter of Maven, the reality is that there is a danger of deploying “untested, insecure and poorly understood” systems in a context of competition where each actor fears being left behind. Less humans, more automation. Thus, the panorama that is drawn is that of a war every time more automatedwhere human intervention is progressively reduced and critical decisions are delegated in artificial intelligence systems capable of analyzing, deciding and acting in seconds, something very different which is do it “well”. From autonomous drones to target analysis platforms, through global combat networks, the trend seems clear, that of a war of the immediate future that will be decided less in offices and more in algorithmsin an unstable and certainly chilling balance, because we are talking about technological speed being on track to surpass the human capacity to control it in the middle of a war. Image | StockVault, Infinity 0 In Xataka | Russia is no longer surrendering to Ukrainian soldiers, but to machines: the rules of war are being redefined In Xataka | China was the power that launched drones. Now he has realized his danger with a decision: close the sky to them

A single click and goodbye to our passwords. This is the vulnerability that affects the extensions of several managers

by

We trust our Password managers as if they were digital safes. But, According to expert Marek Tóthjust visit the wrong website and click where it does not correspond to put that armor at risk. The technique presented in Def with 33 does not point to applications, but to extensions we use daily In the browser. In his tests, he ensures that this gesture can activate an information theft system without the user perceiving it. The research, made public in one of the main international conferences of computer security, documents how eleven extensions of password managers could be manipulated to filter data. Toth states that he notified the finding of manufacturers in April 2025 and that in mid -August several still still had corrections. The study includes practical tests, websites designed to demonstrate the failure and an estimate of the scope: about 40 million potentially exposed active facilities. How the attack works and why it affects you The technique described by Tóth is based on hiding the elements that the extensions insert on the page so that the user interacts with them without seeing it. With minimal changes in opacity or overlapthe attacker gets that The self -fulfilling is activated in the background. And there are several ways to achieve it, from manipulating the root element of the extension to altering the entire body of the site, in addition to variants by overlap. The most delicate scenario appears when a trap website is not necessary, but it is enough to take advantage of a legitimate page with a security failure. In those cases, he explains, the attacker can capture login credentials. The risk increases because many managers fill data not only in the original domain, but also in subdomains, which expands the attack surface without the user noticing it. According to data published by Tóth and collected by Socketon August 19, 1Password, Bitwarden, ENPASS, were continued as vulnerable Icloud PasswordsLastpass and Logmeonce. On August 20, Socket updated that Bitwarden had sent version 2025.8.0 with a patch, pending distribution in extensions. Among the managers who did apply corrective measures are NordPass, Dashlane, Keeper, Protonass and Roboform. Of course, this list can vary at any time if other companies publish arrangements after the dissemination. Extension of password manager for the browser The manufacturers reaction was disparate. Socket points out that 1Password and Lastpass classified the ruling as “informative”, a category that usually implies absence of immediate changes. Bitwarden, ENPASS and Apple (Icloud Passwords) confirmed that They work in updateswhile Logmeonce did not respond to contact attempts. Some companies admitted the existence of risk, but related to external vulnerabilities at the sites visited. While some developers decide how to act, Toth and Socket team agree that there are practical measures to reduce exposure. One of the most effective is to deactivate the manual self -fulfilling and resort to copying and paste. It is also recommended to configure the automatic filling only for exact URL coincidences, preventing it from working in subdomains. In chromium -based browsers, the use of the extension can be limited with the access option “When clicking”, so that the user explicitly authorizes each use. The researcher shows how it is possible to overlap invisible elements on the page to deceive the user and press the password manager without realizing it Not everything is as immediate as clicking and losing everything. For the attack to succeed, the extension must be unlocked, the browser has not restarted and the user interact at the right time. In addition, the analysis focused only on eleven extensions. There is no evidence that All solutions The market is vulnerable, although the expert warns that the pattern can be repeated in other types of extensions. The weak point is in the SUNthe internal structure used by websites to organize buttons, forms or menus. Password managers insert their elements there, and if a malicious page manages to move them, hide or force them, the user can end up clicking without realizing it. That same risk extends to other extensions such as cryptocurrency wallets or notes applications. Images | Xataka with Gemini 2.5 In Xataka | How to change all our passwords according to three cybersecurity experts

This company was 158 years old and 700 employees. A weak password and click were enough to take it to bankruptcy

by

Imagine that you are working in a logistics company, of those that are responsible for managing the entire process so that a product arrives from one point to another, such as those that Amazon’s orders bring to us when we make a purchase, and that from one moment to another all the necessary systems to make the business stop working Due to a cyber attack. What would happen? If the systems do not return to normal, it would probably be a matter of time for the company to pay the consequences. Of course, such a scenario should be avoided with cybersecurity measures, protocols, backups and others. But, let’s be sincere, not everyone is prepared as they should face security threats, even when they have the ability to severely damage or destroy your business. This is what has apparently happened to a British business group called KNPwhich operated 500 trucks under several companies, including a call Knights of Old. When cybersecurity fails, the business can sink The KNP CEO, Paul Abbott, He said in an interview with the BBC That it is believed that a group of cybercriminals managed to infiltrate the systems by guessing the password of one of its employees. What the group of malicious actors did, apparently called Akira, was Straw the data With a ransomware. “If you are reading this, it means that your company’s internal infrastructure is totally or partially dead …”, he said part of the rescue note that, curiously, did not include a specific rescue figure. While the latter may seem unusual, it is also somewhat understandable. Some groups of cybercriminals They have even their own support mechanismswhere they can talk and negotiate with their victims. Recall that the final objective is usually to earn money, so we would rarely see a rescue figure high enough so that the attacked does not meet, but strong enough for the movement to mean some gain. It did not transcend how much money the cybercriminals requested, but it is known that, according to the company, They did not have the money To make the rescue payment. The aforementioned British media collects the analysis of specialists that points to 5 million pounds (about 5.7 million euros). The amount of money, they point out, was unassumable for the company. It is not clear if from the firm they continued to negotiate with the group, but explain that by the end of 2023 the data “were lost” and the company soon declared themselves in bankruptcy. Most employees were dismissed (about 730) and only 170, from one of the companies, called Nelson Distribution, based in Derby, retained their job, but this company was sold. This was the sad outcome for a firm with more than 150 years old. It is likely that after reading this, many questions will come to mind, for example, about the preventive and mitigation measures of which we talked to the beginning. According to those responsible, KNP complied with industry standards and had insurance against cyber attacks. Apparently none of this was enough. Nor do we know if the company already dragged some kind of previous problem and the cyber attack what it did was complicate everything. It is not a unique case. QUALYSEC warns that 60% of small businesses that suffer a cyber attack end up closing in the following six months for not having sufficient resources to recover. A report from Verizon in 2020 already underlined That same figure, highlighting the financial damage, the loss of reputation, the distrust of the clients and the operating chaos that leaves an attack. Images | Man Truck & Bus UK | Freepik In Xataka | Spain gave Huawei the storage of judicial telephone listeners. Now the United States and the EU have questions

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.