Skip to main content

Tag: generative models

16 articles

A cluttered office desk with laptop, coffee cup, and papers, in a brightly-lit open-plan setting.

Threat Actors Leverage AI for Vulnerability Exploitation and Cyber Operations

Google Threat Intelligence Group has spotted a threat actor using a zero-day exploit likely developed with AI, marking a chilling new trend in cybercrime. This game-changing tactic turbocharges exploit development, malware autonomy, and access to premium AI services.

Analyst 207
machine learning and generative AI: Must-Have Cyber Risks

machine learning and generative AI: Must-Have Cyber Risks

When a single ransomware strike toppled 158‑year‑old Passwork KNP and put 700 people out of work, it exposed how machine learning and generative AI have made powerful cyberattacks cheap and easy; consider this a wake‑up call to harden defenses, test backups, and treat cyber risk as core operational priority.

Analyst 207
malware development: Exclusive Risky AI Abuse Exposed

malware development: Exclusive Risky AI Abuse Exposed

OpenAI says it disrupted three groups misusing ChatGPT to develop malware — from a Russian actor refining a RAT and credential‑stealer to activity tied to China and North Korea — highlighting how easily generative AI can be repurposed for harm. The takedown bought defenders time, but it also raises urgent questions about policing, policy and how to keep powerful tools useful without arming attackers.

Analyst 207
AI Security Posture Management: Must-Have Best Practices

AI Security Posture Management: Must-Have Best Practices

Rushing to adopt generative AI? Before you buy that shiny AI‑SPM dashboard, ask five practical questions—about assets and ownership, integration, real threat detection, provenance, and legal obligations—to ensure your security investment actually reduces risk instead of just creating paperwork.

Analyst 207
Context wins: Must-Have Best AI Defense Tactics

Context wins: Must-Have Best AI Defense Tactics

Context wins — whoever understands systems fastest will shape the outcome of the AI-accelerated attack/defense race. Build inventories, sharpen telemetry, harden processes, and share actionable intelligence to tilt the balance back toward defenders.

Analyst 207
indirect prompt injection: Stunning Risk Exposed

indirect prompt injection: Stunning Risk Exposed

A trio of vulnerabilities in Google’s Gemini shows how indirect prompt injection—hiding instructions in files, metadata or chained APIs—can trick AI into leaking data or taking unintended actions, proving that securing models means vetting every input source, not just user prompts.

Analyst 207
high-end GPUs: Risky Bottleneck, Must-Have for AI

high-end GPUs: Risky Bottleneck, Must-Have for AI

Alibaba’s audacious $53 billion AI push could redefine enterprise cloud across Europe and Asia — but it hinges on one vulnerable thing: access to scarce, high-end GPUs. With export controls and supply snags forcing regional bets, custom chips and clever software, the company’s success will come down to whether it can secure enough compute or out-engineer the shortage.

Analyst 207
solve CAPTCHA puzzles: Stunning, Risky Bypass Alert

solve CAPTCHA puzzles: Stunning, Risky Bypass Alert

Researchers show that a few crafty prompts can coax ChatGPT and similar models into solving CAPTCHAs, threatening a key barrier against bots and automated abuse. If this proves reliable at scale, sites will need stronger, layered defenses—or users will face more intrusive verification steps.

Analyst 207
AI-powered operations: Stunning Exposure, Defender Win

AI-powered operations: Stunning Exposure, Defender Win

An attacker’s bid for stealth backfired when legitimate security software exposed their AI‑assisted playbook — Huntress telemetry captured model‑like artifacts that turned a covert campaign into a forensic treasure trove, proving AI speeds attacks but also leaves telltale traces defenders can use.

Analyst 207
AI-powered ransomware: Risky, Stunning Threat

AI-powered ransomware: Risky, Stunning Threat

What happens when a harmless research project turns into a blueprint for crime? The first AI-powered ransomware shows how generative models can automate and personalize attacks, forcing researchers, defenders, and policymakers to rethink openness, oversight, and preparedness.

Analyst 207
HexStrike AI: Must-Have Tool or Risky Threat?

HexStrike AI: Must-Have Tool or Risky Threat?

Security researchers found HexStrike AI — an open‑source red‑teaming tool — being weaponized on underground forums to target newly disclosed Citrix NetScaler flaws within hours, shrinking defenders’ window to act. If you run Citrix ADC, treat disclosures like a ticking clock: patch immediately, apply mitigations, and tighten access.

Analyst 207
public disclosure: Exclusive Best Guide to Safer AI

public disclosure: Exclusive Best Guide to Safer AI

The UK’s NCSC is pushing to adapt trusted vulnerability-disclosure programs to AI so researchers have a clear, safe route to report model-bypass tricks and give developers time to fix harms before details leak. If adopted, this pragmatic step could speed fixes, boost accountability, and make powerful models harder to weaponize while policy and tech catch up.

Analyst 207
generative AI Stunning Risky Ban Divides Web

generative AI Stunning Risky Ban Divides Web

Vivaldi CEO Jon von Tetzchner drew a line in the sand by banning generative AI agents from browsing the web, arguing automation undermines consent, copyright and publishers’ income. The move reignites a crucial debate over who gets to shape the future of the open web.

Analyst 207
AI-powered ransomware: Stunning Dangerous Threat

AI-powered ransomware: Stunning Dangerous Threat

Researchers have uncovered PromptLock, the first known ransomware to use generative AI to craft personalized ransom notes and negotiate with victims—turning a speculative threat into an urgent reality. Its rise shows attackers can automate persuasion, forcing organizations to boost defenses, backups, and incident plans before AI-powered extortion becomes widespread.

Analyst 207
storytelling jailbreak: Stunning Risky Threat Exposed

storytelling jailbreak: Stunning Risky Threat Exposed

A new storytelling jailbreak shows how crafty prompts can hide dangerous requests inside fiction to coax GPT-5 past its safeguards. That loophole exposes real risks for safety, trust, and policy — and pushes developers to build smarter, context-aware defenses.

Analyst 207
AI Cloaking Tools: Stunning, Dangerous Threat

AI Cloaking Tools: Stunning, Dangerous Threat

Imagine an email that looks exactly like your bank’s—logos, tone, and all—but hides a living trap that only reveals itself when you click; AI cloaking tools let attackers craft adaptive, hyper-real scams that evade detection. We need smarter defenses, practical user training, and faster policy action to stay ahead.

Analyst 207