Tag: generative models
16 articles

Threat Actors Leverage AI for Vulnerability Exploitation and Cyber Operations
Google Threat Intelligence Group has spotted a threat actor using a zero-day exploit likely developed with AI, marking a chilling new trend in cybercrime. This game-changing tactic turbocharges exploit development, malware autonomy, and access to premium AI services.

machine learning and generative AI: Must-Have Cyber Risks
When a single ransomware strike toppled 158‑year‑old Passwork KNP and put 700 people out of work, it exposed how machine learning and generative AI have made powerful cyberattacks cheap and easy; consider this a wake‑up call to harden defenses, test backups, and treat cyber risk as core operational priority.

malware development: Exclusive Risky AI Abuse Exposed
OpenAI says it disrupted three groups misusing ChatGPT to develop malware — from a Russian actor refining a RAT and credential‑stealer to activity tied to China and North Korea — highlighting how easily generative AI can be repurposed for harm. The takedown bought defenders time, but it also raises urgent questions about policing, policy and how to keep powerful tools useful without arming attackers.

AI Security Posture Management: Must-Have Best Practices
Rushing to adopt generative AI? Before you buy that shiny AI‑SPM dashboard, ask five practical questions—about assets and ownership, integration, real threat detection, provenance, and legal obligations—to ensure your security investment actually reduces risk instead of just creating paperwork.

Context wins: Must-Have Best AI Defense Tactics
Context wins — whoever understands systems fastest will shape the outcome of the AI-accelerated attack/defense race. Build inventories, sharpen telemetry, harden processes, and share actionable intelligence to tilt the balance back toward defenders.

indirect prompt injection: Stunning Risk Exposed
A trio of vulnerabilities in Google’s Gemini shows how indirect prompt injection—hiding instructions in files, metadata or chained APIs—can trick AI into leaking data or taking unintended actions, proving that securing models means vetting every input source, not just user prompts.

high-end GPUs: Risky Bottleneck, Must-Have for AI
Alibaba’s audacious $53 billion AI push could redefine enterprise cloud across Europe and Asia — but it hinges on one vulnerable thing: access to scarce, high-end GPUs. With export controls and supply snags forcing regional bets, custom chips and clever software, the company’s success will come down to whether it can secure enough compute or out-engineer the shortage.

solve CAPTCHA puzzles: Stunning, Risky Bypass Alert
Researchers show that a few crafty prompts can coax ChatGPT and similar models into solving CAPTCHAs, threatening a key barrier against bots and automated abuse. If this proves reliable at scale, sites will need stronger, layered defenses—or users will face more intrusive verification steps.

AI-powered operations: Stunning Exposure, Defender Win
An attacker’s bid for stealth backfired when legitimate security software exposed their AI‑assisted playbook — Huntress telemetry captured model‑like artifacts that turned a covert campaign into a forensic treasure trove, proving AI speeds attacks but also leaves telltale traces defenders can use.

AI-powered ransomware: Risky, Stunning Threat
What happens when a harmless research project turns into a blueprint for crime? The first AI-powered ransomware shows how generative models can automate and personalize attacks, forcing researchers, defenders, and policymakers to rethink openness, oversight, and preparedness.

HexStrike AI: Must-Have Tool or Risky Threat?
Security researchers found HexStrike AI — an open‑source red‑teaming tool — being weaponized on underground forums to target newly disclosed Citrix NetScaler flaws within hours, shrinking defenders’ window to act. If you run Citrix ADC, treat disclosures like a ticking clock: patch immediately, apply mitigations, and tighten access.

public disclosure: Exclusive Best Guide to Safer AI
The UK’s NCSC is pushing to adapt trusted vulnerability-disclosure programs to AI so researchers have a clear, safe route to report model-bypass tricks and give developers time to fix harms before details leak. If adopted, this pragmatic step could speed fixes, boost accountability, and make powerful models harder to weaponize while policy and tech catch up.

generative AI Stunning Risky Ban Divides Web
Vivaldi CEO Jon von Tetzchner drew a line in the sand by banning generative AI agents from browsing the web, arguing automation undermines consent, copyright and publishers’ income. The move reignites a crucial debate over who gets to shape the future of the open web.

AI-powered ransomware: Stunning Dangerous Threat
Researchers have uncovered PromptLock, the first known ransomware to use generative AI to craft personalized ransom notes and negotiate with victims—turning a speculative threat into an urgent reality. Its rise shows attackers can automate persuasion, forcing organizations to boost defenses, backups, and incident plans before AI-powered extortion becomes widespread.

storytelling jailbreak: Stunning Risky Threat Exposed
A new storytelling jailbreak shows how crafty prompts can hide dangerous requests inside fiction to coax GPT-5 past its safeguards. That loophole exposes real risks for safety, trust, and policy — and pushes developers to build smarter, context-aware defenses.

AI Cloaking Tools: Stunning, Dangerous Threat
Imagine an email that looks exactly like your bank’s—logos, tone, and all—but hides a living trap that only reveals itself when you click; AI cloaking tools let attackers craft adaptive, hyper-real scams that evade detection. We need smarter defenses, practical user training, and faster policy action to stay ahead.