< ciso
brief />
Tag Banner

All news with #openai tag

190 articles · page 3 of 10

Fake Hugging Face Model Impersonating OpenAI Hits 244K

⚠️ A malicious Hugging Face repository posing as an OpenAI release delivered an infostealer to Windows hosts and accumulated about 244,000 downloads before removal. Researchers at HiddenLayer found the repo copied OpenAI’s model card and included a loader.py that fetched and executed credential-stealing payloads. The loader disabled SSL verification, used jsonkeeper.com as a C2, and employed scheduled tasks and a Rust-based infostealer to exfiltrate browser data, wallets, Discord storage, and FileZilla credentials.
read more →

Fake OpenAI Model on Hugging Face Delivered Info Stealer

🚨 A malicious Hugging Face repository impersonating OpenAI's Privacy Filter model reached #1 trending before being disabled after delivering a Rust-based information stealer to Windows users. The attacker typosquatted the legitimate release and copied its model card, instructing victims to run a loader.py or Windows start.bat to fetch payloads via a JSON Keeper dead drop. The multi-stage chain used PowerShell to download secondary loaders, set Defender exclusions, and install a one-shot scheduled task that launched a stealer collecting browser, wallet and app data for exfiltration.
read more →

Commercial LLMs Used in Attack on Mexican Water Utility

⚠ OpenAI and Anthropic models were used by attackers in a cyber-attack that targeted a municipal water and drainage utility in the Monterrey metropolitan area, Dragos reports. The incident, which unfolded between December 2025 and February 2026, involved roughly 350 artifacts, many of them AI-generated malicious scripts used as offensive tooling. According to the report, Anthropic's Claude served as the primary technical executor—handling prompt-and-response interactions, intrusion planning and deployment—while OpenAI's GPT models were used for analytical tasks and generating Spanish-language outputs. Although the OT breach was ultimately unsuccessful, Dragos warns the campaign demonstrates how commercial LLMs can accelerate and refine attacks against operational environments and recommends tighter remote access policies and stronger authentication controls.
read more →

US Agency to Safety-Test Frontier AI Models Pre-Release

🔒 The Center for AI Standards and Innovation (CAISI), part of the Department of Commerce’s NIST, has secured agreements with Google DeepMind, Microsoft, and xAI to conduct pre-deployment evaluations and targeted research on frontier AI models. These accords expand an existing program that already includes Anthropic and OpenAI and are intended to provide vendors with safety feedback before public release. Microsoft described the partnerships as essential to building trust in advanced systems, while CAISI emphasized continuous evaluation to advance AI security and standards.
read more →

OpenAI Broadens TAC Program to Government Cyber Defenders

🔐 OpenAI has published a roadmap titled 'Cybersecurity in the Intelligence Age' pledging to democratize AI-powered cyber defense and to extend its Trusted Access for Cyber (TAC) program. The April 30 paper, released shortly after the debut of GPT5.4-Cyber, outlines new TAC tiers for authenticated cyber defenders and wider inclusion of governments, major platforms, cloud hyperscalers and critical infrastructure operators. OpenAI also commits to strengthen internal red-teaming, misuse detection and safety mechanisms while collaborating with governments on threat models and intelligence sharing.
read more →

Amazon Bedrock Adds OpenAI GPT OSS and NVIDIA Nemotron

🚀 Amazon Bedrock now includes OpenAI GPT OSS (120B and 20B) and NVIDIA Nemotron models (Nano 9B v2, Nano 12B v2, Nano 30B, Super 120B), enabling developers to access open-weight foundation models through a single API. The integration is powered by Mantle, a distributed inference engine that provides serverless, high-performance inference, unified capacity pools, automated quota management, and OpenAI API compatibility. These models are available on AWS GovCloud (US) for compliant, enterprise-grade deployments.
read more →

Amazon Bedrock Offers OpenAI Models, Codex, Managed Agents

🚀 Amazon announced that Amazon Bedrock now provides access to the latest OpenAI models, Codex, and a Managed Agents offering in limited preview. OpenAI models and Codex integrate with Bedrock controls such as IAM, AWS PrivateLink, encryption, and CloudTrail, and usage can be applied toward existing AWS cloud commitments. Managed Agents run on Bedrock AgentCore, log actions per agent, and keep inference within the customer's AWS environment.
read more →

OpenAI GPT-5.5 in Microsoft Foundry for Enterprise Use

🚀 GPT-5.5 is being made generally available in Microsoft Foundry, enabling enterprises to run OpenAI's latest frontier model for production agentic workflows. The model brings deeper long-context reasoning, improved agentic execution, higher computer-use accuracy, and better token efficiency. Foundry supplies governance, identity isolation, persistent sandboxes, and integrations to evaluate and scale agents securely.
read more →

Defender's Guide: Frontier AI's Impact on Cybersecurity

🛡️ Palo Alto Networks' early testing of frontier AI models—including Anthropic's Mythos (via Project Glasswing) and OpenAI models evaluated through Trusted Access for Cyber—shows these models can rapidly find vulnerabilities and generate exploits at scale. The company found a roughly 50% improvement in coding efficiency driving quantum leaps in scanning, vulnerability chaining, and full-stack logic analysis. This creates urgent risks: a deluge of discovered vulnerabilities, supply-chain "inside-out" attacks targeting AI infrastructure, and AI-driven autonomous attack agents that compress attack cycles to minutes. Organizations must accelerate automated patching, adopt zero trust, deploy XDR and agentic endpoint protections, and operationalize AI-driven SOCs like Cortex XSIAM to achieve near-real-time detection and response.
read more →

CrowdStrike Joins OpenAI TAC; Introduces GPT-5.4-Cyber

🔐 CrowdStrike has been selected for OpenAI's Trusted Access for Cyber (TAC) program and will integrate the frontier model GPT-5.4-Cyber into its platform. Its multi-model AgentWorks framework enables defenders to choose the best model for each task while applying enterprise-grade governance and real-world threat intelligence. Falcon sensors provide runtime visibility across endpoints, governing AI agents where they execute and helping organizations meet emerging regulatory requirements such as the EU AI Act.
read more →

OpenAI Launches GPT-5.4-Cyber to Boost Cyber Defense

🔒 OpenAI has released GPT-5.4-Cyber, a variant of GPT-5.4 fine-tuned to assist cybersecurity tasks and defensive workflows. The company expanded its Trusted Access for Cyber (TAC) program with tiered verification so vetted defenders can access models with lowered refusal boundaries for legitimate security work. Access is currently limited to vetted vendors, organisations and researchers while OpenAI carefully studies benefits and risks. The release is positioned to embed advanced coding and agentic capabilities into secure development practices.
read more →

AI Firms Urged into Larger Role in CVE Disclosures Now

🔒 At VulnCon26 in April, Lindsey Cerkovnik of CISA urged that AI firms like OpenAI and Anthropic be more directly represented in the CVE program to help manage a surge in reported vulnerabilities. She warned that new AI tools both accelerate discovery of valid flaws and generate lower-value noise, putting pressure on disclosure workflows. Recent vendor developments — Anthropic’s Mythos Preview and OpenAI’s GPT-5.4-Cyber — illustrate how automated research is already changing the threat landscape. Cerkovnik said CVE funding is secure and the program remains a CISA priority.
read more →

OpenAI Releases GPT-5.4-Cyber for Defensive Teams Now

🛡️ OpenAI has unveiled GPT-5.4-Cyber, a variant of its flagship GPT‑5.4 tuned for defensive cybersecurity use cases, and expanded its Trusted Access for Cyber (TAC) program to include thousands of authenticated individual defenders and hundreds of security teams. The company says the model is intended to help teams find, validate, and fix vulnerabilities faster while it iteratively strengthens safeguards to reduce dual‑use risks and resist jailbreaks and adversarial prompt injection. OpenAI highlighted its Codex Security agent, which it credits with contributing to the remediation of over 3,000 critical and high vulnerabilities, and framed the release as part of a broader shift toward continuous, developer‑integrated security feedback.
read more →

OpenAI Rotates macOS Code-Signing Certificate After Attack

🔒 OpenAI is rotating macOS code-signing certificates after a GitHub Actions workflow executed a compromised Axios package (v1.14.1) on March 31, 2026. The workflow had access to certificates used to sign macOS apps including ChatGPT Desktop, Codex, Codex CLI, and Atlas. OpenAI says it found no evidence the certificate was misused but is revoking and rotating it as a precaution; macOS users must update apps by May 8, 2026.
read more →

OpenAI Revokes macOS Certificate After Axios Compromise

🔒 OpenAI disclosed that a GitHub Actions workflow used to sign its macOS apps downloaded a malicious version of Axios on March 31, though the company says it found no evidence of user-data access or broader system compromise. The workflow had access to a signing certificate and notarization materials for ChatGPT Desktop, Codex, Codex CLI, and Atlas. OpenAI is treating the certificate as compromised, revoking and rotating it, and warns older macOS app builds will be blocked by default starting May 8, 2026 to protect users.
read more →

OpenAI Adds $100 ChatGPT Pro Tier to Target Coders

🚀 OpenAI has introduced a new ChatGPT Pro subscription at $100 per month to match Anthropic's Claude pricing and to appeal to coders and enterprise users. The revised lineup now lists Plus $20 for lighter usage, Pro $100 for real projects with 5× higher limits and temporarily 10× Codex usage, and Pro $200 for heavy continuous workflows with 20× limits. All Pro tiers include access to Pro models, Codex, Deep Research, image creation, memory, and file uploads, and OpenAI notes “unlimited” GPT‑5 access remains subject to standard Terms of Use.
read more →

ChatGPT vulnerability enabled covert data exfiltration

⚠️A security flaw in ChatGPT could be triggered by a single malicious prompt to create a covert exfiltration channel, researchers at Check Point reported. The issue allowed data to be leaked via a DNS side channel from the model’s isolated runtime and was patched by OpenAI on 20 February after disclosure. Check Point demonstrated extraction of uploaded files and private prompts and warned that users copying prompts from public sources could be exposed.
read more →

OpenAI patches Codex and ChatGPT leaks, fixes two bugs

🔒 Researchers disclosed two vulnerabilities in OpenAI’s AI stack affecting Codex and ChatGPT. BeyondTrust found a command injection flaw in Codex that let a malicious GitHub branch name execute code inside task containers and expose short-lived GitHub tokens. Check Point Research discovered a hidden outbound channel in ChatGPT’s code execution runtime that could silently transmit chats, uploads, or outputs to an external server. OpenAI patched both issues before public disclosure and researchers warn that autonomous code execution increases long-term risk.
read more →

OpenAI Patches ChatGPT Data, Codex Token Vulnerability

🔒 OpenAI patched two vulnerabilities affecting ChatGPT and Codex that could have allowed covert exfiltration of user data and theft of GitHub tokens. Check Point disclosed a DNS-based side-channel in ChatGPT's Linux execution environment that encoded conversation content into outbound DNS requests, potentially enabling remote shell access. BeyondTrust found a command-injection bug in Codex that allowed branch-name payloads to retrieve GitHub tokens. Both flaws were responsibly disclosed and fixed in February 2026; vendors report no evidence of active exploitation.
read more →

When AI Trust Breaks: ChatGPT Data Leakage Flaw and Trust

🔒 New research exposed a previously unknown vulnerability that allowed silent data leakage from ChatGPT conversations, challenging assumptions about AI assistants as secure containers. OpenAI has since fully resolved the flaw, but the incident underscores that enterprises must not assume AI vendors or platforms are secure by default. Security teams should validate vendor claims and apply controls before entrusting sensitive data.
read more →