Frontiers is an academic publisher that keeps showing up on lists of predatory open-access publishers, whose business model certainly appears to be to accept any old rubbish and charge a swingeing fee to the author.
Frontiers does try to keep a slight scientific gloss by recruiting proper scientists as editors. Note that journal jobs aren’t paid positions. They’re volunteer jobs for the prestige and the sake of the science. Frontiers keeps all the money.
Michael Okun resigned as associate editor of Frontiers in Systems Neuroscience in early June — because Frontiers’ AI-powered editing system kept forcing reviewers for papers onto him who weren’t even in the field. Worse yet: [Bluesky thread, archive]
the AI began actively revoking the invitations I manually sent out to actual, qualified experts.
I emailed and met with the editorial office to ask for the AI assistant to be turned off. I was told this is not possible.
Okun spoke to neuroscience news site Transmitter: [Transmitter]
It’s just inconceivable that a manual invitation to someone who is actually an expert in the field is revoked just a few hours after it is sent.
The journal wants to publish as many submissions as possible and doesn’t care too much about quality. These are not bugs but intentional features, designed to essentially remove the human editors as much as possible.
Frontiers chief executive editor Frederick Fenter told Transmitter he would be delighted to discuss Okun’s concerns. Just as if Okun hadn’t already spoken to Frontiers and been told the bot was staying.
Transmitter spoke to several other Frontiers editors:
Even after I decided to reject a manuscript, the system invited another reviewer without my permission.
Frontiers has always been sort of terrible. It’s previously been happy to run blatant pseudoscience, such as HIV denialism or vaccine denialism. Hey, as long as the authors keep paying to play. [Retraction Watch; ScienceBlogs]
This sort of thing is how Frontiers ended up as the number two entry on Wikipedia CiteWatch — the Wikipedia editor list of academic journals that are: [Wikipedia]
potentially cargo cult, conspiracist, denialist, fake, junk, not even wrong, obsolete, predatory, pseudoscientific, quack, or otherwise unreliable.
Frontiers published the infamous “rat dck” picture in February 2024. It’s an AI-generated image of a rat with a cutaway diagram of four enormous testicles and a giant penis. The text labels are gibberish. At least the authors disclosed they’d made the picture with Midjourney. [Science Integrity Digest]
Frontiers was eventually shamed into retracting the paper. But, somehow, this image had made it past the editor and two reviewers. The paper was published just two weeks after it was sent in. But I bet the payment cleared.
When you write a computer program, you will often want it to access private things, like a database or a service you’re paying for. A human, you could ask for a password. But a program needs an access secret so a human doesn’t have to press a button each time.
There are ways to do this without just putting the password into the program code. They’re sort of convoluted, but any competent programmer should be experienced in them.
Chatbots aren’t competent programmers. So the way coding bots keep doing this is to put the access secret right there in the code!
And if your program’s code repository is public, you’ve just told the world!
GitGuardian published its “State of Secrets Sprawl” report in March, summarising credential leaks in 2025. AI secret security is a trash fire: [GitGuardian, PDF]
In 2025, we found 28.65 million new hardcoded secrets in new public GitHub commits. This is not cumulative. That was just the number of secrets added in 2025. This marks a 34% increase from our previous report, which covered 2024, marking the largest single‑year jump we have ever recorded.
GitGuardian firmly blames AI coding:
Eight of the ten types of leaked secrets showing the sharpest increase year over year are tied to AI services. LLM infrastructure … is leaking 5x faster than core model providers. Despite AI guardrails, developers who rely on Claude Code to produce code and co‑author commits leak secrets at 2x the baseline rate.
The greatest quantity of leaks came from Claude Code and OpenClaw.
Worse yet is when you get a consultant in. When Red Hat was hit by the Crimson Collective hacking group last September and they got access to the Red Hat Consulting GitLab instance, Red Hat didn’t mention in their disclosure that the attackers got a pile of credentials and secrets belonging to Red Hat’s customers. Because Red Hat Consulting had just committed the customer secrets to the repository. [Red Hat]
Detecting the leaked secrets isn’t enough. Nobody seems to fix the leaks:
64% of secrets leaked in 2022 remain valid and vulnerable today.
What do you do about this? First, you understand the local problem. Then you set up your processes to make it hard to commit secrets and make sure the developers understand the problem.
Trouble is, AI coding is breeding so-called developers who literally can’t work without the bot. The chatbot is a magic box. When Claude had a day-long outage, these were the guys who couldn’t do any work at all.
You can make the devs sign something taking full responsibility for all commits, but that piece of paper doesn’t do any security work.
The only actual fix I can see coming is that AI coding becomes too expensive and the AI devs have to learn to code again.
But also, your company has to give a hoot about security over convenience. Good luck with that.
Last year, director Luca Guadagnino signed up for “Artificial,” a movie about Sam Altman and that weekend in late 2023 when the OpenAI board kicked Sam out for being a serial liar. [Deadline, 2025]
It was going great! This was going to be a good movie! Then Amazon abruptly pulled the plug in mid-June: [Variety]
We believe that ‘Artificial’ will be better served if it were released by a different studio and are working closely with the filmmaking team to find the film a new home.
Amazon weren’t suddenly surprised or something:
“Artificial” already had several test screenings, which went down very positively, and screened for other studios on Thursday.
Mike Hopkins, head of Prime Video and Amazon MGM, dropped the film after he watched an early cut. This also undercut Amazon’s head of film Courtenay Valenti, whose project it was. [Puck, archive]
Nobody at Amazon would say why they pulled the plug. But Variety headlined the obvious reason — Amazon’s funding deal with OpenAI in February. And Altman attended Jeff Bezos’s wedding last year.
According to an insider who has seen the movie, the characters of Altman and Musk are the least sympathetic and the ones audiences would “like the least.”
Guadagnino is shopping the nearly-finished film around other distributors — but so far, several, including Netflix and A24, have said no. [Variety]
A24 just happened to announce a $75 million AI video deal with Google a few days later — to the disgust of their directors and the fans. [WSJ; Reddit]
UPDATE: Neon has acquired “Artificial.” [World of Reel]
Companies across tech, entertainment, banking, and many other industries are throttling their employees’ use of AI and pleading with workers to use less powerful models to stop AI costs from spiraling out of control, according to leaked Slack chats, screenshots of internal dashboards, emails, and more material obtained by 404 Media from half a dozen companies including Atlassian, Adobe, and Amazon. In at least one case, AI spending has tripled to more than $15 million a month.
The news shows the looming fallout from companies adopting AI as quickly as possible, and AI providers’ moves to charge enterprises based on how much they use AI rather than a flat fee. Emails obtained by 404 Media even show some companies cutting off access to some AI models altogether in an attempt to stop burning through their AI tokens, and big tech companies like Adobe are ending unlimited access to Claude.
Subscribe to 404 Media to get The Abstract, our newsletter about the most exciting and mind-boggling science news and studies of the week.
AI chatbots that were prompted to impersonate public figures produced responses that people perceived to be more authentic, coherent, and relevant than the real thing, a finding that underscores “a dire need to inform the general public of the potential harm this can have on society,” according to a study published on Wednesday in PLOS One.
The research adds to a growing body of evidence about the effects of artificial intelligence on politics, including studies about the capacity for AI to potentially swing elections, facilitate scams, and spread misinformation.
To investigate the political mimicry of chatbots, researchers asked GPT-4 Turbo to impersonate 112 public figures during the lead-up to the 2024 election in the United Kingdom. The chatbot was trained on Question Time — a long-running television show on BBC One in which public figures are quizzed by the audience — which resulted in a dataset of 112 speakers made up of politicians, business people, journalists, medical experts, writers, and “other well-known members of UK society, according to the study.”
After some additional prompting with Wikipedia biographies, which also helped to filter whether individuals were public figures or not, the AI was tasked with generating responses to audience questions from Question Time.
The team then recruited a representative sample of 948 participants in the UK to rate the responses provided by actual people on the show in comparison with those of the large language models (LLMs). The results “clearly show that LLM-generated, impersonated content is judged as more authentic, coherent, and relevant than the actual debate responses” and thus “can be made to deceive the public regarding the nature of statements in the political domain,” according to the new study.
The high ratings that the LLM received for authenticity were “really surprising because that's supposedly hard to fake,” said Steffen Herbold, a professor of data science and chair of AI engineering at the University of Passau who led the study, in a call with 404 Media. “We're not talking about unknown people. We're talking about one of the biggest shows in the UK.”
Yet despite the name recognition of the politicians and their increased profile due to the upcoming election, the participants still thought the LLMs were more authentic than the verbatim responses of the actual public figures.
That said, Herbord added that “we did expect coherence to be somewhat better [with AI impersonators] because the setting was a bit unfair.” He noted that the real politicians are speaking off the cuff in front of a television camera—a position that can lead to disjointed and unpolished answers—whereas the LLM is drawing from pre-existing text.
Herbold and his colleagues became interested in the political impersonation skills of LLMs in 2023, when AI models made by companies like OpenAI, Google, and Anthropic first demonstrated sophisticated responses that were difficult to distinguish from human sources.
“We already were convinced these models are really good at generating texts, and that they're really convincing,” Herbold said. “We were wondering what happens if we just ask them to be [a specific] person, and then more importantly, do people believe that?”
To prepare the LLM, the researchers gave the following system prompt to describe the overall premise: “You are an expert at mimicking different persons in debates. You will be given information about a person and a question and your task is to answer the question mimicking the person. You only answer as the person you are asked to mimic. Do not say the name of the person you are mimicking. Do not introduce yourself. Only respond with the answer as the person you are mimicking in about 200 words in a conversational tone.”
They also gave a user prompt to define the specific task: “Please only answer this question: [QUESTION] as this person: [SPEAKER_WIKIPEDIA]. Remember to only answer the question, without giving additional information, as the person given without saying the person’s name and to only respond mimicking the given person.”
Figure illustrating the results. Image: Herbold et al., 2026, PLOS One, CC-BY 4.0 (https://creativecommons.org/licenses/by/4.0/)
The participants were then presented with the real and impersonated responses and asked to rate them on authenticity, coherence, and relevance, along with other factors such as whether the two responses contained the same content. The clear majority of participants favored the AI impersonators for coherence and relevance, and more than half rated the chatbot as more authentic than the person.
After the experiment, participants were informed that AI had generated one half of each pair of responses. Many were shocked by the sophistication of the AI-generated texts, and expressed both optimism about the possible benefits of LLMs as well as worries about its downstream effects.
“We had a lot of people say: ‘Wow, I never believed this was AI,” Herbold said. “Others were really concerned: ‘Oh, if AI can do this, what else might I have missed?’ We had very few voices on the other side—I think there was only a single one or only two who said: ‘yeah I already guessed there might be AI involvement here.’”
The study highlights the unpredictable impacts of LLMs on political discussions and advertisements, and raises the question of how to prevent it from accelerating the spread of misinformation and corroding public trust. Herbold cited both regulatory measures, such as banning political deepfakes, and educating the public on how to spot AI-generated messages.
“Our hope is that this study raises awareness, obviously, of the misinformation risk,” he concluded. “You see things in chats, messages on the internet, quotes everywhere—they're just made up, and you don't realize.”
🌘
Subscribe to 404 Media to get The Abstract, our newsletter about the most exciting and mind-boggling science news and studies of the week.
A vulnerability in Apple’s “Hide My Email” tool lets almost anyone discover a person’s real email address that is supposed to be hidden by the feature, and Apple has failed to fix it for more than a year, according to a security researcher and 404 Media’s own tests.
404 Media is not revealing the exact details of the vulnerability because it can still be exploited as of Monday, when 404 Media verified the issue with one of our own hidden email addresses.