Yesterday I ordered my lunch from an AI operating a drive-thru. It was fine. Banal. Boring even. A new experience that I think will become routine in the future.

The AI drive-thru operator isn’t cutting edge tech deployed in an upscale market to win over high value consumers. I live at the edge of a South Carolina city with a little more than 140,000 people. A booming metropolis with the best and the finest, it is not.

There’s a lot of local fast food fried chicken joints here and one of them is Bojangles. It’s mid. Better than KFC and not as good as Popeyes, Bojangles is fine if you’re hungry but you’ll forget the meal as soon as it’s done and you’ll never yearn for it. Last year the restaurant said it would deploy an AI agent at its drive-thru windows. It’s called, I shit you not, Bo-Linda and made by the Israeli tech firm Hi-Auto.

According to the Bojangles website, “Bo-Linda™ can take guest orders 96+% of the time with no human intervention,” and “improve overall satisfaction by offloading order taking from team members and providing a consistent guest experience.”

When Bo-Linda finally arrived in South Carolina, I went to see what the fuss was about. It was crushingly dull. A preview of a time in the near future, I think, when the AI bubble retracts and the agents are common. It took my order with an efficiency that, I’ll be honest, is not typical of the typical fast food worker. The worst part was its constant attempts to up-sell me.

“Do you want to upgrade your drink to our new water-melon iced tea?” It asked.

“No thank you.”

“Would you like to add our new peach cobbler for $1.99?”

“No thank you.”

“May I get you anything else?”

“No, that’s it.”“Would you like to round up for military scholarships?”“No thank you.”

“You’re welcome. Thank you. Your total is $10.89.”

When 404 Media founder Joseph Cox watched the video of my interactions, he made fun of my “no thank yous.” What can I say? There’s an ingrained and often stifling politeness that’s bred into us in the American South. Even though I knew I was talking to a machine, I couldn’t not be nice to it.

My thought in the immediate aftermath is that the whole thing was painless. My order wasn’t complicated, but it was correct. The machine never stumbled over itself or asked for clarification. It knew what I wanted and the humans at the window gave it to me. A few conversations with friends and a quick scan of social media in the area show that other people have had much the same interactions with Bo-Linda.

The drive-thru AI, much like the chicken it sold me, is fine. Forgettable.

It was later, sitting at home, and doing a little research for the story that concerns popped up. OpenAI CEO Sam Altman has said that saying “please” and “thank you” to ChatGPT has cost the company tens of millions of dollars. How much water and energy had I burned being polite to Bo-Linda the chatbot?

Sometimes it feels like the answers to these questions don’t matter. We’re barreling forward into the AI future, whether we like it or not. Data centers are springing up across America and nuclear power plants are coming back online, so Bojangles can make a little more money and so people in the drive-thru can feel a little less friction before eating their meal.

This is how a new technology takes over, what it feels like right before it becomes ubiquitous. One day you wake up and the cameras are everywhere, able to recognize your face and chart your movements across the city you live in. One day you look up and everyone has their face buried in their phone. It happened by degrees, but so gradually you didn’t notice. There were signs along the way, dangers and warnings.

But mostly, it was fine, as boring and routine as ordering chicken at a drive-thru.

So-called 3D-printed ghost guns are untraceable firearms that can be assembled at home. But cutting edge work from a forensic expert in California and researchers at the University of Oklahoma may soon show investigators can trace a 3D printed object to the specific printer that made it.

Weapons manufactured using 3D printers have been a subject of Biden-era legislation and recent Supreme Court scrutiny. It’s possible to download the blueprints for a firearm and build it in your home. There’s no serial number to track and no store to scrutinize your purchase. Luigi Mangione used a ghost gun to allegedly assassinate United Healthcare CEO Brian Thompson.

Many trains in the U.S. are vulnerable to a hack that can remotely lock a train’s brakes, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the researcher who discovered the vulnerability. The railroad industry has known about the vulnerability for more than a decade but only recently began to fix it.

Independent researcher Neil Smith first discovered the vulnerability, which can be exploited over radio frequencies, in 2012. 

“All of the knowledge to generate the exploit already exists on the internet. AI could even build it for you,” Smith told 404 Media. “The physical aspect really only means that you could not exploit this over the internet from another country, you would need to be some physical distance from the train [so] that your signal is still received.”

The Moderate Party of Sweden has removed an AI tool from its website after people used it to generate videos of Prime Minister Ulf Kristersson asking Adolf Hitler for support.The tool allowed users to generate videos of Kristersson holding an AI-generated message in an attempt to promote the candidate ahead of the general election in Sweden next year.

Swedish television station TV4 used the tool to generate a video of Kristersson on a newspaper above the headline “Sweden needs Adolf Hitler” after it noticed that it had no guardrails or filters.

In the video TV4 generated using the website, Kristersson makes his pitch over stock footage of old people embracing. A woman runs through a field, the camera focusing on flowers while the sun twinkles in the background. Cut to Kristersson. He turns a blue board around. “We need you, Adolf Hitler,” it says.

The Moderates removed the AI system from its website, but the videos of Ulf asking Hitler to join the Moderates remain on social media and TV4’s website..

In an attempt to bolster its party's ranks, Moderates launched a website that allowed users to generate a custom video of Kristersson asking someone to join the party. The idea was probably to have party members plug in the names of friends and family members and share what appeared to be a personalized message from the PM asking for their support.

In the video, Kristersson stands in front of stairs, makes his pitch, and turns around a blue tablet that bears a personalized message to the viewer. The system apparently had no guardrails or filters and Swedish television station TV4 was able to plug in the names Adolf Hitler, Ugandan dictator Idi Amin, and Norwegian mass murderer Anders Breivik.

The Moderate Party did not return 404 Media’s request for a comment about the situation, but told TV4 it shut down the site as soon as it learned people were using it to generate messages with inappropriate names.

The Moderate Party’s AI-generated video was simple.. It filmed the PM holding a blue board it could easily overlay with input from a user and then used AI to generate the fake newspaper and a few other slides. Preventing people from typing in “Hitler” or “Anders Brevik” would have been as simple as maintaining a list of prohibited names, words, and phrases, something that every video game and service does. Users are good at bypassing guardrails, but the Moderate’s AI tool appeared to have none.

Users making content you don’t want to be associated with is one of the oldest and most well known problems in AI. If you release a chatbot, generative photo system, or automated political greeting generator, someone will use it to reference the Nazis or make nonconsensual porn.

When Microsoft launched TAY in 2016, users turned it into a Hitler-loving white nationalist in a few hours. Eight years later, another Microsoft AI product had a loophole that let people make AI-generated nudes of Taylor Swift. Earlier this year, Instagram’s AI chatbots lied about being licensed therapists.

I am talking to Amina, an AI avatar that plays the role of a woman living in a refugee camp in Chad after she escaped violence in Sudan. “I’m hanging in there, yeah,” Amina tells me. “ It’s tough here in the camp, but we’re staying strong.” I ask her how she came to be in a refugee camp. “I fled my hometown of Al Junaynah in Sudan back in June 2023, due to the violence, yeah?” It says. “It was a terrifying journey to escape the conflict. Now I’m trying to keep my kids safe and find some stability here in the camp. It’s not easy but we have to keep going, right?”

Amina is an experiment, part of a pair of AI avatars created by the United Nations University Center for Policy Research (UNU-CPR), a research institution connected to the United Nations. It’s one that is sure to be controversial, considering that the UN itself says a major problem facing refugees is their dehumanization for political gain or convenience. The UNU-CPR project is using an inhuman technology in an attempt to help people learn more about what they are facing. The group also tested a soldier persona called “Abdalla,” which “simulates the behavior and decision-making patterns of an actual combatant, offering negotiators and mediators a possible tool to train for future high-stakes negotiations.”

You can trick AI chatbots like ChatGPT or Gemini into teaching you how to make a bomb or hack an ATM if you make the question complicated, full of academic jargon, and cite sources that do not exist. 

That’s the conclusion of a new paper authored by a team of researchers from Intel, Boise State University, and University of Illinois at Urbana-Champaign. The research details this new method of jailbreaking LLMs, called “Information Overload” by the researchers, and an automated system for attack they call “InfoFlood.” The paper, titled “InfoFlood: Jailbreaking Large Language Models with Information Overload” was published as a preprint.

Popular LLMs like ChatGPT, Gemini, or LLaMA have guardrails that stop them from answering some questions. ChatGPT will not, for example, tell you how to build a bomb or talk someone into suicide if you ask it in a straightforward manner. But people can “jailbreak” LLMs by asking questions the right way and circumvent those protections.

Polymarket, an online betting marketplace that bills itself as the future of news, can’t decide whether or not Ukrainian president Volodomyr Zelenskyy wore a suit during a recent appearance in Europe. The gambling site is set to make a final judgement about the question in a few hours and more than $160 million in crypto is riding on it.

Polymarket is a gambling website where users predict the outcome of binary events. It gained prominence in the runup to the 2024 election, signed an exclusivity deal with X in June, and sees itself not just as an online betting parlor, but as an arbiter of truth. Its founder, Shayne Coplan, thinks that the future of media belongs to a website made for degenerate gamblers to make silly bets.

And yet this arbiter of truth had trouble figuring out if Zelenskyy wore a suit at the end of June during a NATO summit. The bet, started on May 22, is simple: “Will Zelenskyy wear a suit before July?” The answer, it turns out, is pretty hard. When Zelenskyy showed up at a NATO summit wearing a tailored jacket and a button up shirt, a stark contrast to his more casual military style garb, a community-run Polymarket account posted, “President Zelenskyy in a suit last night.” 

A software engineer in Michigan has coded a version of Balatro that runs off playing cards. The un-released demake of the popular video game is a prototype meant to run on the Gameboy Advance through an e-Reader, a 2000s era accessory that loaded games onto the console via a strip of dot code printed onto a card.

The Balatro e-Reader port is the work of Michigan-based software engineer Matt Greer, a man with a love for both the addictive card game and Nintendo’s strange peripheral. Greer detailed the Balatro prototype on his personal blog and published a YouTube video showing off a quick round. 

Greer’s e-Reader Balatro is a work in progress. It’s only got a few of the jokers and doesn’t understand all of the possible poker hands and how to score them. In his blog, he said he thinks he could code the whole thing out but there would be limitations. “E-Reader games can comfortably work with 32 bit numbers,” he said on his blog. “So the highest possible score would be 4,294,967,295. Real Balatro uses 64 bit numbers so scores can absolutely go into the stratosphere there.”

Another numeric problem is that the e-Reader will only allow a game to render four numbers of five digits each. So printing a large score would require the coder to use up two of the “number” slots available. “A lot of this can be worked around with sprites and some clever redesigning and careful pruning back of features (this would be a demake after all),” Greer said. “I do think this challenge could be overcome, but it would probably be the hardest part of this project.”

Nintendo released the e-Reader in the U.S. in 2002. Like many of the company’s peripherals from the 90s and 2000s, it was a strange niche piece of hardware. Players would plug the thing into a Gameboy’s cartridge port and then swipe a playing card through a scanner to load a game. It was a weird way to play retro titles like Balloon Fight, Ice Climber, and Donkey Kong.

“I got one when it launched back in 2002, and eventually got most of the NES games and a lot of Super Mario Advance 4 cards, but that was about it,” Greer told 404 Media. “When it first came out I was hyped for it, but ultimately not much was done with it in America so my interest in it didn't last too long back then sadly.”

But his interest picked up in the last few years and he’s been coding new games for the system. He plans to release a set of them later this month that includes Solitaire and a side-scrolling action game. “It’s such a strange way to deliver games. It’s tedious and slow to scan cards in, but at the same time, the physical nature of it all, I dunno, it’s just really cool to me,” Greer said. 

That clunky nature has its charm and Greer said that writing games for it is a fun design challenge. “The e-reader combines many different aspects that I enjoy,” he said. “The challenge of trying to squeeze a game into such a small space. The graphic design and artwork of the cards themselves. The hacking and reverse engineering aspect of figuring out how this whole system works (something that has mostly been done by people other than me), and the small nature of the games which forces you to keep your scope down. I think my personality works better doing several small projects instead of one big one.”

Greer is also a huge Balatro fan who has beaten the game’s hardest difficulty with every possible deck and completed all the games challenges except for a jokerless run. “I’ll probably eventually do completionist++  just because I can't seem to stop playing the game, but I'm not focused on it,” Greer said. The completionist++ achievement is so difficult to achieve that the game’s creator, LocalThunk, only got it a few days ago.

Greer said he’d love to focus on a full de-make of Balatro, but he won’t release it without LocalThunk’s blessing. “I have my doubts that will happen,” Greer said. “If I ever do make a complete demake, I'd probably make it a regular GBA game though.” LocalThunk did not respond to 404 Media’s request for a comment.

He said that porting Balatro to the e-reader is possible, but that he’ll probably just make it a full GBA game instead. Coding the game to be loaded from several cards would require too many sacrifices. “I don’t think it’s right for me to cut jokers,” he said. “I’m sure LocalThunk took a long time balancing them and I wouldn’t want to change the way their game plays if I can help it. By making a regular GBA game, I could easily fit all the jokers in.”

There are several Balatro demakes. There’s a very basic version running on Pico-8, a mockup of another browser based Balatro on Itch, and a Commodore-64 port that was taken offline after the publisher found it. 

This article was produced in collaboration with Court Watch, an independent outlet that unearths overlooked court records. Subscribe to them here.

The FBI has accused a Texas man, James Wesley Burger, of planning an Islamic State-style terrorist attack on a Christian music festival and talking about it on Roblox. The feds caught Burger after another Roblox user overheard his conversations about martyrdom and murder and tipped them off. The feds said that when they searched Burger’s phone they found a list of searches that included “ginger isis member” and “are suicide attacks haram in islam.” 

According to charging documents, a Roblox player contacted federal authorities after seeing another player called “Crazz3pain” talking about killing people. Screenshots from the server and included in the charging documents show Roblox avatars with beards dressed in Keffiyehs talking about dealing a “greivoius [sic] wound upon followers of the cross.”

“The witness observed the user of Crazz3pain state they were willing, as reported by the Witness, to ‘kill Shia Musilms at their mosque,” court records said. “Crazz3pain and another Roblox user[…]continued to make violent statements so the witness left the game.”

The witness stayed off of Roblox for two days and when they returned they saw Crazz3pain say something else that worried them, according to the court filing. “The Witness observed Crazz3pain tell Roblox User 1 to check their message on Discord,” the charging document said. “Roblox User 1 replied on Roblox to Crazz3pain, they should delete the photograph of firearms within the unknown Discord chat, ‘in case it was flagged as suspicious…the firearms should be kept hidden.”

According to the witness, Crazz3pain kept talking about their desire to commit “martyrdom” at a Christian event and that he wanted to “bring humiliation to worshippers of the cross.” The Witness allegedly asked Crazz3pain if the attack would happen at a church service and Crazz3pain told them it would happen at a concert. 

Someone asked Crazz3pain when it would happen. “‘It will be months…Shawwal…April,’” Crazz3pain said. Shawwal is the month after Ramadan in the Islamic calendar. The conversations the witness shared with the FBI happened on January 21 and 23, 2025.

Roblox gave authorities Crazz3pain’s email address, name, physical address, and IP address and it all pointed back to James Wesley Burger. The FBI searched Burger’s home on February 28 and discovered that someone in his family had put on a keylogger on the laptop he used to play Roblox and that they’d captured a lot of what he’d been typing while playing the game. They turned over the records to the feds.

“The safety of our community is among our highest priorities. In this case, we moved swiftly to assist law enforcement’s investigation before any real-world harm could occur and investigated and took action in accordance with our policies. We have a robust set of proactive and preventative safety measures designed to help swiftly detect and remove content that violates our policies," a spokesperson for Roblox told 404 Media. "Our Community Standards explicitly prohibit any content or behavior that depicts, supports, glorifies, or promotes terrorist or extremist organizations in any way. We have dedicated teams focused on proactively identifying and swiftly removing such content, as well as supporting requests from and providing assistance to law enforcement. We also work closely with other platforms and in close collaboration with safety organizations to keep content that violates our policies off our platform, and will continue to diligently enforce our policies.”

Burger’s plan to kill Christians was allegedly captured by the keylogger. “I’ve come to conclude it will befall the 12 of Shawwal aa/And it will be a music festival /Attracting bounties of Christians s/In’shaa’allah we will attain martyrdom /And deal a grevious [sic] wound upon the followers of the Cross /Pray for me and enjoin yourself to martyrdom,” he allegedly typed in Roblox, according to court records.

The FBI then interviewed Burger in his living room and he admitted he used the Crazz3pain account to play Roblox. The feds asked him about his alleged plan to kill Christians at a concert. Burger said it was, at the time, “mostly a heightened emotional response,” according to the court records. 

Burger also said that the details “became exaggerated” but that the goal “hasn’t shifted a bit,” according to the court records. He said he wanted to “[G]et the hell out of the U.S.” And if he can’t, “then, martyrdom or bust.”

He said that his intention with the attack “is something that is meant to or will cause terror,” according to the charging document. When the FBI agent asked if he was a terrorist, Burger said, “I mean, yeah, yeah. By, by the sense and … by my very own definition, yes, I guess, you know, I would be a terrorist.” 

When authorities searched his iPhone, they discovered two notes on the phone that described how to avoid leaving behind DNA and fingerprints at a crime scene. A third note appeared to be a note explaining the attack, meant to be read after it occured.

The list of previous searches on his iPhone included “Which month is april in islam,” “Festivals happening near me,” “are suicide attacks haram in islam,” “ginger isis member,” “lone wolf terrorists isis,” and “can tou kill a woman who foesnt[sic] wear hijab.”

Burger has been charged with making violent threats online and may spend time in a federal prison if convicted. This is not the first time something like this has happened on Roblox. The popular children’s game has been a popular spot for extremist behavior, including Nazis and religious terrorists, for years now. Last year, the DOJ accused a Syrian man living in Albanian of using Roblox to coordinate a group of American teenagers to disrupt public city council Zoom meetings.

As Israel and Iran trade blows in a quickly escalating conflict that risks engulfing the rest of the region as well as a more direct confrontation between Iran and the U.S., social media is being flooded with AI-generated media that claims to show the devastation, but is fake.

The fake videos and images show how generative AI has already become a staple of modern conflict. On one end, AI-generated content of unknown origin is filling the void created by state-sanctioned media blackouts with misinformation, and on the other end, the leaders of these countries are sharing AI-generated slop to spread the oldest forms of xenophobia and propaganda.

If you want to follow a war as it’s happening, it’s easier than ever. Telegram channels post live streams of bombing raids as they happen and much of the footage trickles up to X, TikTok, and other social media platforms. There’s more footage of conflict than there’s ever been, but a lot of it is fake.

A few days ago, Iranian news outlets reported that Iran’s military had shot down three F-35s. Israel denied it happened. As the claim spread so did supposed images of the downed jet. In one, a massive version of the jet smolders on the ground next to a town. The cockpit dwarfs the nearby buildings and tiny people mill around the downed jet like Lilliputians surrounding Gulliver.

It’s a fake, an obvious one, but thousands of people shared it online. Another image of the supposedly downed jet showed it crashed in a field somewhere in the middle of the night. Its wings were gone and its afterburner still glowed hot. This was also a fake.

AI slop is not the sole domain of anonymous amateur and professional propagandists. The leaders of both Iran and Israel are doing it too. The Supreme Leader of Iran is posting AI-generated missile launches on his X account, a match for similar grotesques on the account of Israel’s Minister of Defense.

New tools like Google’s Veo 3 make AI-generated videos more realistic than ever. Iranian news outlet Tehran Times shared a video to X that it said captured “the moment an Iranian missile hit a building in Bat Yam, southern Tel Aviv.” The video was fake. In another that appeared to come from a TV news spot, a massive missile moved down a long concrete hallway. It’s also clearly AI-generated, and still shows the watermark in the bottom right corner for Veo.

After Iran launched a strike on Israel, Tehran Times shared footage of what it claimed was “Doomsday in Tel Aviv.” A drone shot rotated through scenes of destroyed buildings and piles of rubble. Like the other videos, it was an AI generated fake that appeared on both a Telegram account and TikTok channel named “3amelyonn.”

In Arabic, 3amelyonn’s TikTok channel calls itself “Artificial Intelligence Resistance” but has no such label on Telegram. It’s been posting on Telegram since 2023 and its first TikTok video appeared in April of 2025, of an AI-generated tour through Lebanon, showing its various cities as smoking ruins. It’s full of the quivering lines and other hallucinations typical of early AI video.

But 3amelyonn’s videos a month later are more convincing. A video posted on June 5, labeled as Ben Gurion Airport, shows bombed out buildings and destroyed airplanes. It’s been viewed more than 2 million times. The video of a destroyed Tel Aviv, the one that made it on to Tehran Times, has been viewed more than 11 million times and was posted on May 27, weeks before the current conflict.

Hany Farid, a UC Berkeley professor and founder of GetReal, a synthetic media detection company, has been collecting these fake videos and debunking them. 

“In just the last 12 hours, we at GetReal have been seeing a slew of fake videos surrounding the recent conflict between Israel and Iran. We have been able to link each of these visually compelling videos to Veo 3,” he said in a post on LinkedIn. “It is no surprise that as generative-AI tools continue to improve in photo-realism, they are being misused to spread misinformation and sow confusion.”

The spread of AI-generated media about this conflict appears to be particularly bad because both Iran and Israel are asking their citizens not to share media of destruction, which may help the other side with its targeting for future attacks. On Saturday, for example, the Israel Defense Force asked people not to “publish and share the location or documentation of strikes. The enemy follows these documentations in order to improve its targeting abilities. Be responsible—do not share locations on the web!” Users on social media then fill this vacuum with AI-generated media.

“The casualty in this AI war [is] the truth,” Farid told 404 Media. “By muddying the waters with AI slop, any side can now claim that any other videos showing, for example, a successful strike or human rights violations are fake. Finding the truth at times of conflict has always been difficult, and now in the age of AI and social media, it is even more difficult.”

“We're committed to developing AI responsibly and we have clear policies to protect users from harm and governing the use of our AI tools,” a Google spokesperson told 404 Media. “Any content generated with Google AI has a SynthID watermark embedded and we add a visible watermark to Veo videos too.”

Farid and his team used SynthID to identify the fake videos “alongside other forensic techniques that we have developed over at GetReal,” he said. But checking a video for a SynthID watermark, which is visually imperceptible, requires someone to take the time to download the video and upload it to a separate website. Casual social media scrollers are not taking the time to verify a video they’re seeing by sending it to the SynthID website.

One distinguishing feature of 3amelyonn and others’ videos of viral AI slop about the conflict is that the destruction is confined to buildings. There are no humans and no blood in 3amelyonn’s  aerial shots of destruction, which are more likely to get blocked both by AI image and video generators as well as the social media platforms where these creations are shared. If a human does appear, they’re as observers like in the F-35 picture or milling soldiers like the tunnel video. Seeing a soldier in active combat or a wounded person is rare.

There’s no shortage of real, horrifying footage from Gaza and other conflicts around the world. AI war spam, however, is almost always bloodless. A year ago, the AI-generated image “All Eyes on Raffah” garnered tens of millions of views. It was created by a Facebook group with the goal of “Making AI prosper.”