All news with #ai security tag

AI-powered phishing uses fake CAPTCHA pages to evade

🤖 AI-driven phishing campaigns are increasingly using convincing fake CAPTCHA pages to bypass security filters and trick users into revealing credentials. Trend Micro found these AI-generated pages hosted on developer platforms such as Lovable, Netlify, and Vercel, with activity observed since January and a renewed spike in August. Attackers exploit low-friction hosting, platform credibility, and AI coding assistants to rapidly clone brand-like pages that first present a CAPTCHA, then redirect victims to credential-harvesting forms. Organizations should combine behavioural detection, hosting-provider safeguards, and phishing-resistant authentication to reduce risk.

Weekly Recap: Chrome 0-day, AI Threats, and Supply Chain Risk

🔒 This week's recap highlights rapid attacker innovation and urgent remediation: Google patched an actively exploited Chrome zero-day (CVE-2025-10585), while researchers demonstrated a DDR5 RowHammer variant that undermines TRR protections. Dual-use AI tooling and model namespace reuse risks surfaced alongside widespread supply-chain and phishing disruptions. Defenders should prioritize patching, harden model dependencies, and monitor for stealthy loaders.

Regaining Control of AI Agents and Non-Human Identities

🔐 Enterprises are struggling to secure thousands of non-human identities—service accounts, API tokens, and increasingly autonomous AI agents—that proliferate across cloud and CI/CD environments without clear ownership. These NHIs often use long-lived credentials, lack contextual signals for adaptive controls, and become over-permissioned or orphaned, creating major lateral-movement and compliance risks. The article recommends an identity security fabric—including discovery, risk-based privilege management, automated lifecycle policies, and integrations such as Okta with AWS—to regain visibility and enforce least-privilege at scale.

Oversized SVG Files Deliver AsyncRAT Across Latin America

🛡️ A recent campaign in Latin America leverages oversized SVG image attachments to deliver AsyncRAT by embedding the entire malicious payload inside the XML. Victims receive convincing, urgent emails impersonating judicial services, and interacting with the >10MB SVG loads a fake portal that triggers a password-protected ZIP download containing an executable and a DLL-sideloaded payload. ESET telemetry highlights a spike in activity, notably affecting Colombia, while attackers appear to use AI to generate unique, randomized SVGs to evade detection.

CSO Awards: Security Innovation and Transformative Work

🔒 CSO highlights seven award-winning security initiatives that showcase practical innovation across vulnerability management, third-party risk, multicloud security, secure coding, threat detection, and AI-driven hunting. Profiles include BMHCC’s risk-based remediation delivering a 70% risk reduction, FSU’s tighter vendor assessments, Marvell’s unified cloud vulnerability platform, and Mastercard’s developer-focused security conference. The pieces emphasize automation, AI, and cross-team collaboration as key drivers of measurable security impact.

Protect AI Development Using Falcon Cloud Security

🔒 Falcon Cloud Security provides end-to-end protection for AI development pipelines by embedding AI detection into CI/CD workflows, scanning container images, and surfacing AI-related packages and CVEs in real time. It extends visibility to cloud model services — including AWS SageMaker and Bedrock, Azure AI, and Google Vertex AI — revealing model provenance, dependencies, and API usage. Runtime inventory ties build-time detections to live containers so teams can prioritize fixes, govern models, and maintain delivery velocity without compromising security.

Agentic AI Risks and Governance: A Major CISO Challenge

⚠️ Agentic AI is proliferating inside enterprises, embedding autonomous agents into development, customer support, process automation, and employee workflows. Security experts warn these systems create substantial visibility and governance gaps: organizations often do not know where agents run, what data they access, or how independent their actions are. Key risks include risky autonomy, uncontrolled data sharing among agents, third-party integration vulnerabilities, and the potential for agents to enable or mimic multi-stage attacks. CISOs should prioritize real-time observability, strict governance, secure-by-design development, and cross-functional coordination to mitigate these threats.

DPRK Hackers Use ClickFix to Deliver BeaverTail Malware

🛡️ GitLab Threat Intelligence observed DPRK-linked operators using ClickFix-style hiring lures to deliver the JavaScript stealer BeaverTail and its Python backdoor InvisibleFerret. The late-May 2025 wave targeted marketing and cryptocurrency trader roles via a fake Vercel-hosted hiring site that tricks victims into running OS-specific commands. Attackers deployed compiled BeaverTail binaries (pkg/PyInstaller) and used a password-protected archive to stage Python dependencies, suggesting tactical refinement and expanded targeting.

Researchers Find GPT-4-Powered MalTerminal Malware

🛡️ SentinelOne researchers disclosed MalTerminal, a Windows binary that integrates OpenAI GPT-4 via a deprecated chat completions API to dynamically generate either ransomware or a reverse shell. The sample, presented at LABScon 2025 and accompanied by Python scripts and a defensive utility called FalconShield, appears to be an early — possibly pre-November 2023 — example of LLM-embedded malware. There is no evidence it was deployed in the wild, suggesting a proof-of-concept or red-team tool. The finding highlights operational risks as LLMs are embedded into offensive tooling and phishing chains.

Google Cloud launches advanced AI training suite for roles

🚀 Google Cloud announced a new suite of AI training courses for intermediate and advanced learners across technical and non-technical roles. The curriculum covers designing and managing AI infrastructure using GCE and GKE, fine-tuning models like Gemini, serverless inference with Cloud Run, and securing generative AI deployments. Hands-on labs teach building AI agents that securely connect to enterprise databases and rapid prototyping in Google AI Studio. Courses are available on Google Cloud Skills Boost to help learners future-proof their AI skills.

FortiCNAPP Named Leader in Three KuppingerCole Categories

🚀 FortiCNAPP has been named a Leader in three categories in the 2025 KuppingerCole Compass for CNAPP: Overall Leadership, Market Leadership, and Innovation Leadership. The recognition emphasizes FortiCNAPP’s ability to reduce tool sprawl, improve visibility into cloud risk, and accelerate remediation. Customers cite rapid, intuitive deployment, agentless scanning, AI-driven analytics, and tight integration with the Fortinet Security Fabric as key benefits.

ShadowLeak zero-click exfiltrates Gmail via ChatGPT Agent

🔒 Radware disclosed a zero-click vulnerability dubbed ShadowLeak in OpenAI's Deep Research agent that can exfiltrate Gmail inbox data to an attacker-controlled server via a single crafted email. The flaw enables service-side leakage by causing the agent's autonomous browser to visit attacker URLs and inject harvested PII without rendering content or user interaction. Radware reported the issue in June; OpenAI fixed it silently in August and acknowledged resolution in September.

Automating Alert Triage and SOP Execution with AI Platform

🤖 Tines published a prebuilt workflow that automates security alert triage by using AI agents to identify alert types, find relevant SOPs in Confluence, and execute remediation steps across integrated tools. The two-agent design creates structured case records, documents every action, and notifies on-call staff via Slack. The workflow supports integrations such as CrowdStrike, Okta, VirusTotal and others, and is available in Tines' Community Edition for testing.

Attackers Use AI Platforms to Generate Fake CAPTCHAs

🔐 Trend Micro researchers report cybercriminals are using AI-powered site builders like Lovable, Vercel and Netlify to rapidly create convincing fake CAPTCHA pages. Seen since January 2025 with a sharp escalation from February to April, these pages make phishing links appear legitimate and can help evade automated scanners by presenting a CAPTCHA before redirecting users to credential-stealing sites. Recommended mitigations include employee education, redirect-chain analysis and monitoring trusted domains for abuse.

Russia and China Target Germany's Economy: Survey Findings

🔍 A representative Bitkom survey of 1,002 German companies finds nearly three in four report rising attacks, estimating combined damage at €289 billion. 87% of executives said their organization experienced at least one attack in the past 12 months; 28% now suspect foreign intelligence involvement. Respondents most often pointed to China and Russia (46% each). Insurers report AI-generated false claims, prompting firms and authorities to adopt more holistic, AI-assisted defenses.

OpenAI's $4 GPT Go Plan Poised to Expand Regions Soon

🚀 OpenAI has started expanding its $4 GPT Go plan beyond India, rolling out nudges to free-account users in Indonesia and India and signaling broader regional availability in the coming weeks. Product pages already list pricing in USD, EUR and GBP, suggesting a possible U.S. launch. GPT Go grants access to GPT-5, expanded messaging and uploads, faster image creation, longer memory and limited deep research; GPT Plus ($20) and Pro ($200) tiers provide increasingly advanced capabilities and higher limits.

Source-of-Truth Authorization for RAG Knowledge Bases

🔒 This post presents an architecture to enforce strong, source-of-truth authorization for Retrieval-Augmented Generation (RAG) knowledge bases using Amazon S3 Access Grants with Amazon Bedrock. It explains why vector DB metadata filtering is insufficient—permission changes can be delayed and complex identity memberships are hard to represent—and recommends validating permissions at the data source before returning chunks to an LLM. The blog includes a practical Python walkthrough for exchanging identity tokens, retrieving caller grant scopes, filtering returned chunks, and logging withheld items to reduce the risk of sensitive data leaking into LLM prompts.

ShadowLeak: AI agents can exfiltrate data undetected

⚠️Researchers at Radware disclosed a vulnerability called ShadowLeak in the Deep Research module of ChatGPT that lets hidden, attacker-crafted instructions embedded in emails coerce an AI agent to exfiltrate sensitive data. The indirect prompt-injection technique hides commands using tiny fonts, white-on-white text or metadata and instructs the agent to encode and transmit results (for example, Base64-encoded lists of names and credit cards) to an attacker-controlled URL. Radware says the key risk is that exfiltration can occur from the model’s cloud backend, making detection by the affected organization very difficult; OpenAI was notified and implemented a fix, and Radware found the patch effective in subsequent tests.

Gemini in Chrome: Secure AI for Enterprise Productivity

🤖 Gemini in Chrome brings AI assistance directly into the browser to help employees summarize reports, extract video insights, recall and navigate tabs, and take actions via integrations with Google Calendar, Docs, and Drive. Rolling out in the U.S. on Mac and Windows with Android availability and iOS coming soon, these features are configurable through Chrome Enterprise Core policies so IT retains control. AI Mode in the omnibox and enhanced Safe Browsing add context-aware responses and proactive protection against AI-driven scams.

Achieve Agentic Productivity with Vertex AI Agent Builder

🛠️ Vertex AI Agent Builder is a unified platform for building, grounding, and deploying production-grade AI agents, designed to move organizations from prototype to scalable, secure services. It centers development on five pillars: Agent frameworks, Model choice, Tools for taking actions, Scalability and performance, and Built-in trust and security, and supports the Agent Development Kit (ADK) and third-party models including Gemini 2.5 Flash Pro. The platform offers managed runtime features such as sandboxed code execution, Agent-to-Agent collaboration, Bidirectional Streaming, and a streamlined one-line path from ADK prototype to Agent Engine deployment, while enterprise controls like VPC-SC and CMEK address compliance and data protection.