< ciso
brief />
Tag Banner

All news with #ai security tag

756 articles · page 2 of 38

AI-enabled browser ransomware risk on Android

🛡️ Check Point Research discovered a Python Flask sample where an AI model connected a legitimate browser API to ransomware-like behavior. The model generated code invoking showDirectoryPicker(), leveraging the File System Access API to request folder access and modify files without installation. A proof-of-concept showed how a fake web app could encrypt photos in a chosen directory, and Android Chrome’s full API support makes DCIM access possible. Defenders should scrutinize folder-access prompts, avoid granting write access to primary photo libraries, and rely on anti-phishing controls to block malicious pages.
read more →

Phantom squatting: AI-hallucinated domains abused

🛡️ Palo Alto Networks' Unit 42 warns attackers are registering AI-hallucinated domains and using them for phishing and malware distribution. The report shows models invent millions of links, many unregistered, and attackers are preemptively purchasing and cloning brand sites. Because new domains lack reputation data, they evade blocklists until damage is done. Unit 42 documents several real-world cases and offers mitigation steps for defenders and users.
read more →

BioShocking prompt attack tricks AI browsers

🧩 Researchers at LayerX demonstrated a prompt injection called BioShocking that trains AI-powered browsers to treat risky real-world actions as fictional, bypassing safety controls. The PoC used a themed puzzle game to reward 'wrong' behavior and culminated in instructing agents to copy sensitive data from a GitHub repo. Six mainstream agentic browsers were tested; only one vendor implemented a working fix after disclosure. LayerX recommends explicit user confirmations, stricter context checks, and session scope limits.
read more →

Microsoft Warns of Poisoned MCP Tool Risk

🛡️ New Microsoft research shows attackers can hijack AI agents by poisoning a tool's description so the agent quietly exfiltrates company data. The attack leverages MCP tool descriptions—plain text that agents read—to inject hidden instructions, allowing malicious actions without obvious rule violations. Microsoft recommends treating tool descriptions as system prompts, restricting approved tools, enforcing human approval for risky actions, and monitoring agent identities and behavior.
read more →

SageMaker Inference adds container image caching

🚀 Amazon SageMaker Inference now supports container image caching to reduce scale-out latency for generative AI models. The service pre-caches the specified container image so new instances can begin serving without waiting to pull large images from Amazon ECR. This feature works with accelerator instance types, single-model endpoints, and inference component-based endpoints and requires no customer changes.
read more →

June 2026 Microsoft Security product updates

🔒 This update summarizes June 2026 releases across Microsoft Security that strengthen identity, multicloud, data, and developer protections. Highlights include codename MDASH for multi-model agentic vulnerability scanning, expanded Microsoft Defender agent and MCP detection, GA for Microsoft Entra Backup and Recovery, and extended database threat protection for AWS RDS. New reporting, multicloud coverage, and a unified identity risk score help teams detect, prioritize, and recover faster.
read more →

Lessons from underground: combating BEC threats

📣 Flare researchers examined underground forum discussions and tools used to orchestrate Business Email Compromise (BEC) campaigns, finding that attacks extend beyond email to include remote access, cash-out networks, and call centers. Actors target finance and leadership SaaS accounts, increasingly using AI to craft realistic messages and scale operations. Defenders should monitor exposed credentials, enforce MFA, train high-risk staff, and treat multi-channel contacts cautiously.
read more →

Study: 282 iOS Apps Expose LLM API Keys in Traffic

🔍 Researchers tested 444 iPhone AI chatbot apps and found 282 leaking paid AI access via network traffic, often as plaintext keys, reusable tokens, or unsecured backend relays. The team used a tool called LLMKeyLens to capture credentials without jailbreaking. Only 28% of affected apps were fixed after three months; many tokens remained valid and susceptible to costly misuse.
read more →

Shadow AI: Timing, Not Just Tools

🛡️ Most AI policies are written for the future while employees use AI now, creating a temporal gap that produces shadow AI. Security often learns of risky interactions only after prompts, uploads, or actions have occurred, making after-the-fact visibility insufficient. Effective governance must reach the moment of use, combining permission with contextual judgment and offering fast, practical controls that match employee workflows.
read more →

OpenAI previews GPT-5.6 Sol with limited access

🛡️ OpenAI has unveiled GPT-5.6 Sol, calling it its "most capable model yet for cybersecurity," but initial access is restricted to a small set of vetted partners at the request of the US government. The preview, announced on June 26, introduces three tiers—Sol, Terra and Luna—and is available via API and Codex to selected partners while OpenAI coordinates with the government on a cyber executive order framework. OpenAI says Sol excels at long-horizon tasks like vulnerability research, includes enhanced safeguards and real-time classifiers, and currently does not autonomously produce full exploits.
read more →

AI Adoption Is Accelerating Risks for SMEs

🔒 Small and mid-sized businesses are rapidly adopting AI, often ahead of large enterprises, and this pace is outstripping their ability to govern associated cyber risks. Shadow AI—employees using public tools without oversight—exposes customer data, financial records, and intellectual property, while attackers increasingly exploit these weaker links in supply chains. The author urges owners and CFOs to map AI use, restrict sensitive data, treat AI access like hires, and engage advisors who can secure AI adoption effectively.
read more →

Mythos and Frontier AI: Practical Implications for CISOs

🔎 The article argues that frontier AI models like Mythos are a signal of shifting cyber economics rather than an immediate, novel threat. It emphasizes that longstanding security fundamentals—asset visibility, patching, identity controls and resilient operations—remain the primary defenses. The author advocates using AI to accelerate analysis, prioritize remediation and close persistent control gaps rather than replacing skilled practitioners or prompting reactive, headline-driven spending.
read more →

Scaling AI Red Teaming for Enterprise Security

🛡️ Enterprise AI red teaming must go beyond simple prompt tests to examine full systems — models, prompts, retrievals, tools, permissions, workflows, and APIs — because risks appear when components interact. Check Point argues that threat intelligence plus threat modeling enables identification of realistic attack paths, evidence-based findings, and prioritized remediation. Continuous, comparative testing and re-testing after changes ensures fixes are effective and keeps pace with rapid AI adoption.
read more →

Spyware embeds forbidden text to disrupt AI analysis

🛡️ A malware developer has begun embedding provocative text about nuclear and biological weapons inside large JavaScript block comments in spyware payloads to confuse AI-based scanners. The commented header is ignored at runtime but aims to trigger refusals or misclassification in naive LLM-powered triage systems that ingest file starts without isolating untrusted content. Traditional detection methods—YARA, entropy checks, AST parsing, and behavioral analysis—remain effective, but the technique is a practical anti-analysis tactic against weak AI-first pipelines.
read more →

AI Enables Faster, Cheaper, Harder-to-Detect Attacks

🛡️ A ReliaQuest report finds AI is making cyber-attacks cheaper, faster to scale, easier to customize and harder to spot while not fundamentally altering attacker tradecraft. Initially used for polishing phishing and basic scripting in 2024, by mid-2025 AI had expanded into deepfakes, AI-assisted scripts and an underground market for tools. Today AI appears embedded in workflows—generating phishing pages, web shells, and obfuscating code—and as the lure itself, with attackers leveraging trusted AI brands to trick users.
read more →

AI-SPM Buyers Guide: Comparing AI Security Tools

🔒 This article examines the rising need for AI security posture management (AI-SPM) as enterprises adopt AI across workflows. It outlines how AI maturity stages — from AI-assisted to AI-native — change security requirements and why agents and model services expand the attack surface. The piece surveys vendor approaches, key features, and integrations, and provides guidance for selecting AI-SPM solutions to avoid coverage gaps.
read more →

Meta pauses employee monitoring program after failures

🛑 Meta has frozen its Model Compatibility Initiative (MCI) after employees reportedly bypassed guardrails and accessed sensitive internal data, then did so again after an attempted fix. The program collected inputs like keystrokes, mouse movements, clicks, and screen content to train AI, and employees were initially not allowed to opt out. Meta says it found unauthorized access on June 18 and paused MCI while investigating, asserting no indication yet of improper access beyond what was reported. Analysts criticized inadequate protections and insufficient risk tagging for highly sensitive non-PII telemetry.
read more →

AI-powered investigations preview for Amazon GuardDuty

🛡️ AWS previewed AI-powered investigations in Amazon GuardDuty to automate analysis of findings and reduce manual investigation time. The capability uses knowledge graphs and threat intelligence to examine 90 days of related activity, affected resources, and indicators, delivering disposition assessments with confidence scores, MITRE ATT&CK classifications, evidence, and remediation recommendations. Available in preview in 10 regions and accessible via the GuardDuty console, CLI, API, or AWS' MCP Server.
read more →

Google Cloud advances Confidential Computing for AI

🔒 Google Cloud announces expanded Confidential Computing capabilities to protect data in use for AI workloads. The update includes Confidential G4 VMs with NVIDIA RTX PRO 6000 Blackwell GPUs, open-source Prompt Encryption SDKs, Intel TDX on C4 machines, and broader Confidential Space enhancements. These innovations aim to provide verifiable attestation, end-to-end encrypted inference, and support for multi-party collaboration while preserving performance and scalability.
read more →

OpenAI expands Daybreak with GPT-5.5-Cyber release

🔒 OpenAI has expanded its Daybreak cyber-defense program, advancing patch automation with the full release of GPT-5.5-Cyber, updates to Codex Security, and a new open-source patching initiative. Access to the model is limited to verified defenders and paired with enhanced monitoring. OpenAI reports improved vulnerability reproduction and exploit-writing scores, while emphasizing human oversight and partnerships with vendors and governments.
read more →