Cloudflare now blocks all unencrypted traffic to its API endpoints
Cloudflare announced that it closed all HTTP connections and it is now accepting only secure, HTTPS connections for api.cloudflare.com. [...]
Explore the intersection of AI and cybersecurity. Stay informed on AI-driven security trends, tools, and threats in the ever-evolving digital landscape.
Search across headline titles and summaries.
Background for this topic.
Artificial intelligence (AI) describes computer systems that perform tasks such as recognizing patterns, making predictions, understanding language, or generating content. In security reporting, the term commonly includes machine-learning models used for detection and analysis, as well as generative AI applications that produce text, code, images, or other outputs.
AI can help analyze security telemetry, prioritize vulnerabilities, and support investigations, but its outputs can be wrong or manipulated. Important attack surfaces include prompt injection that steers an application into unintended actions, sensitive data being exposed through prompts or model outputs, and excessive permissions granted to AI systems that use external tools. Models can also be degraded by poisoned training data or evaded with carefully crafted inputs. Practitioners should protect training and operational data, limit model access and tool permissions, test for adversarial behavior, and require appropriate human validation before high-impact decisions.
Cloudflare announced that it closed all HTTP connections and it is now accepting only secure, HTTPS connections for api.cloudflare.com. [...]
Dave DeWalt's NightDragon and HSBC to Back New Product Rollouts and Global GrowthDataminr received $85 million in convertible pre-IPO funding from Dave DeWalt’s NightDragon and HSBC. The investment will support the rollout of context agents and pre-generative AI capabilities, and enable the company to scale internationally ahead of its planned initial public offering.
Open Power AI Consortium Members Include Nvidia and MicrosoftTech giants and utility providers on Thursday formed an alliance to harness artificial intelligence for a more resilient power grid. More than two dozen organizations are participating in the Open Power AI Consortium led by the Electric Power Research Institute.
Experts Weigh the Advantages and Risks of Generative Adversarial NetworksWith traditional rule-based fraud detection systems and even conventional machine learning models struggling to identify these highly deceptive fraud patterns, financial institutions are exploring generative adversarial networks to enhance fraud detection.
Norwegian Man Tells OpenAI: I Didn't Kill My ChildrenA Norwegian man is peeved that a chatbot hallucinated a violent backstory for his life after seeing that ChatGPT apparently believes he's a child killer spending decades inside prison. "The fact that someone could read this output and believe it is true is what scares me the most," he said.
The Amazon Nova AI Challenge puts student research to the test and aims to bring a new perspective to challenges arising from the increase in AI-assisted software development.
Attorney Jonathan Armstrong on AI Security, Legal Risks Related to EU AI ActAI regulation is evolving fast, and many businesses may already be violating key provisions without realizing it. Jonathan Armstrong, partner at Punter Southall Law, warns that companies may be using high-risk AI applications without security teams even knowing.
Over 10K Exploit Attempts Recorded in a Week From a Single Malicious IPHackers are exploiting a vulnerability in ChatGPT's infrastructure to redirect users to malicious websites, with security researchers recording more than 10,000 exploit attempts in a week from a single malicious IP address. The financial sector has borne the brunt of the attacks.
Researchers Examined 7 LLMs to Determine How they Dealt with Flawed CodeLarge language models trained on flawed data tend to replicate those mistakes, researchers found. "In bug-prone tasks, the likelihood of LLMs generating correct code is nearly the same as generating buggy code," found researchers from institutions including the Chinese Academy of Sciences.
Microsoft has fixed a bug causing the March 2025 Windows cumulative updates to mistakenly uninstall the AI-powered Copilot digital assistant from some Windows 10 and Windows 11 systems. [...]
Research finds that organizations are granting root access by default and making other big missteps, including a Jenga-like building concept, in deploying and configuring AI services in cloud deployments.
The Federal Trade Commission (FTC) in the U.S. has taken action against Click Profit for allegedly deceiving consumers with false promises of guaranteed passive income through AI-powered online stores. [...]
A Europol report says nation-state actors are increasingly working with organized crime networks to achieve geopolitical goals, including the destabilization of the EU.
Gartner has claimed that AI agents will reduce the time it takes to exploit exposed accounts
Europol’s annual report warns of a growing threat from aligned state and cybercrime groups, enabled by AI technologies
Researchers Detail AI's Fabricated Facts in Healthcare, Discuss SolutionsHallucinations in artificial intelligence foundation models are pushing healthcare professionals and technologists to rethink how practitioners can safely use AI. Hallucinated lab result or an erroneous diagnostic recommendation could lead to harmful interventions or missed treatments.
Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code
Largest Cybersecurity Deal of All-Time Aims to Boost AI-Driven Multicloud SolutionsGoogle Cloud plans to acquire cloud security leader Wiz for $32 billion, integrating its AI-powered security capabilities to better protect companies across multiple cloud environments. The deal reinforces protections across multicloud environments, including AWS, Microsoft Azure, and Google Cloud.
A new critical severity vulnerability found in American Megatrends International's MegaRAC Baseboard Management Controller (BMC) software can let attackers hijack and potentially brick vulnerable servers. [...]