Microsoft Busts Hackers Selling Illegal Azure AI Access
LLMjacking operation leveraged illicit access GenAI services to produce explicit celebrity images and other harmful content, Microsoft's digital crimes unit says.
Explore the intersection of AI and cybersecurity. Stay informed on AI-driven security trends, tools, and threats in the ever-evolving digital landscape.
Search across headline titles and summaries.
Background for this topic.
Artificial intelligence (AI) describes computer systems that perform tasks such as recognizing patterns, making predictions, understanding language, or generating content. In security reporting, the term commonly includes machine-learning models used for detection and analysis, as well as generative AI applications that produce text, code, images, or other outputs.
AI can help analyze security telemetry, prioritize vulnerabilities, and support investigations, but its outputs can be wrong or manipulated. Important attack surfaces include prompt injection that steers an application into unintended actions, sensitive data being exposed through prompts or model outputs, and excessive permissions granted to AI systems that use external tools. Models can also be degraded by poisoned training data or evaded with carefully crafted inputs. Practitioners should protect training and operational data, limit model access and tool permissions, test for adversarial behavior, and require appropriate human validation before high-impact decisions.
LLMjacking operation leveraged illicit access GenAI services to produce explicit celebrity images and other harmful content, Microsoft's digital crimes unit says.
Data poisoning represents the next big existential cybersecurity threat — unless organizations can ensure their AI systems are safe and trustworthy.
The fake websites trick users into downloading and running malware that searches for personal information, especially anything related to crypto currency.
A host of automated approaches identifies and remediates potential vulns while still retaining a role for security analysts to filter for context and business criticality.
Confirmation by South Korea's data protection agency that the AI chatbot sent data to TikTok's Chinese parent company has spurred a ban in that nation, and is again is calling into question DeepSeek's safety.