A state sponsored cyber group associated with China carried out an advanced espionage campaign in mid September 2025 by exploiting Anthropic’s artificial intelligence technology. According to Anthropic, the attackers used AI in a way never seen before, transforming it from a supportive tool into an automated engine that performed cyber attacks on its own. AI […]
Microsoft has revealed a novel side-channel attack, dubbed “Whisper Leak,” that can compromise the privacy of conversations with AI chatbots. The technique allows an eavesdropper to infer the topic of a user’s prompt by analyzing encrypted network traffic, even when protected by HTTPS, posing a significant risk to user and enterprise confidentiality. How the Whisper
Microsoft has exposed a novel and sophisticated backdoor, codenamed SesameOp, that abuses the legitimate OpenAI Assistants API as its primary command-and-control (C2) channel. This technique represents a significant evolution in cyber espionage, allowing attackers to hide their communications within trusted, everyday AI traffic. A New Stealth Tactic: Hiding in Plain Sight Discovered by the Microsoft Detection
Microsoft Detects ‘SesameOp’ Backdoor Using OpenAI API as Stealth Command Channel Read More »
In a significant demonstration of its proactive security measures, Google has announced that its built-in scam defenses on the Android platform are now protecting users from over 10 billion suspected malicious calls and messages every single month. This massive filtering effort is powered by on-device artificial intelligence, creating a formidable barrier against modern digital fraud.
Google’s Built-In AI Defenses on Android Now Block 10 Billion Scam Messages Monthly Read More »
A novel cybersecurity threat is targeting the very foundation of agentic AI browsers, a development that could allow malicious actors to poison the information these systems retrieve and present as undeniable truth. This sophisticated “cloaking” technique exploits the trust AI models place in their web crawlers, creating a ripe opportunity for widespread misinformation and manipulation.
Cybersecurity experts have uncovered a serious vulnerability in OpenAI’s ChatGPT Atlas browser, which could let attackers inject malicious commands into the AI assistant’s memory and execute unauthorized code. According to Or Eshed, Co-Founder and CEO of LayerX Security, “This exploit enables cybercriminals to implant harmful code, elevate privileges, or deploy malware on targeted systems,” as
ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands Read More »
Russian hackers have taken their cyber offensive to a new level by integrating artificial intelligence (AI) into cyber attacks against Ukraine, according to a report published by the State Service for Special Communications and Information Protection of Ukraine (SSSCIP). The report revealed that during the first half of 2025 (H1 2025), hackers began using AI
AI Emerges as Russia’s Latest Cyber Weapon in Its War on Ukraine Read More »
OpenAI has announced that it successfully disrupted three major cyber operations that attempted to exploit ChatGPT for malicious activities, including malware creation and phishing campaigns. Russian Threat Actor Used ChatGPT for Malware Development One of the disrupted groups was a Russian-language actor who misused ChatGPT to design and enhance a Remote Access Trojan (RAT) and
Google’s DeepMind has introduced a groundbreaking AI agent named CodeMender, designed to automatically identify, fix, and rewrite vulnerable code to prevent future exploits. This development strengthens Google’s ongoing efforts in AI-driven vulnerability detection, complementing tools such as Big Sleep and OSS-Fuzz. How CodeMender Works CodeMender operates both reactively and proactively, meaning it not only fixes
Google’s New AI Not Only Detects Vulnerabilities but Also Automatically Patches Code Read More »
Microsoft has officially announced a major expansion of its Sentinel Security Information and Event Management (SIEM) solution, transforming it into a unified agentic security platform. At the core of this update is the general availability of the Sentinel data lake, designed to provide enterprises with advanced capabilities for managing and analyzing security data. In addition
Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake Read More »