Security news aggregator

Latest coverage for Artificial Intelligence

Explore the intersection of AI and cybersecurity. Stay informed on AI-driven security trends, tools, and threats in the ever-evolving digital landscape.

33 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Artificial intelligence (AI) describes computer systems that perform tasks such as recognizing patterns, making predictions, understanding language, or generating content. In security reporting, the term commonly includes machine-learning models used for detection and analysis, as well as generative AI applications that produce text, code, images, or other outputs.

AI can help analyze security telemetry, prioritize vulnerabilities, and support investigations, but its outputs can be wrong or manipulated. Important attack surfaces include prompt injection that steers an application into unintended actions, sensitive data being exposed through prompts or model outputs, and excessive permissions granted to AI systems that use external tools. Models can also be degraded by poisoned training data or evaded with carefully crafted inputs. Practitioners should protect training and operational data, limit model access and tool permissions, test for adversarial behavior, and require appropriate human validation before high-impact decisions.

Showing 20 most recent headlines of 33 Filtered view

Also: CISA's Leadership Crisis; Why AI's Confident Errors Demand Urgent OversightIn this week's update, four editors with ISMG discussed Anubis ransomware's puzzling shift to data wiping malware, the leadership vacuum and budget uncertainty at CISA and growing concerns about how artificial intelligence tools are making confident mistakes that demand human oversight.

High-Severity Flaw in LangChain's AI Tooling Hub Now PatchedA flaw in the LangSmith platform, an open-source framework that helps developers build LLM-powered applications, can enable hackers to siphon sensitive data, said Noma Security. Dubbed AgentSmith, the flaw can allow attackers to embed malicious proxy configurations into public AI agents.

MIT's Vinod Vaikuntanathan on Post-Quantum Shift, Cryptography's Role in AI TrustAs the race to build quantum computers intensifies, a parallel transformation is taking place in the field of cryptography. Vinod Vaikuntanathan, professor of computer science at Massachusetts Institute of Technology, believes now is the time to act.

Research Shows Attackers Jailbreaking LLMs such as Grok, MixtralThe phrase "WormGPT," once an actual evil twin of OpenAI's GPT AI model designed for malicious activities, has now become a catch-all phrase for jailbroken large language models used in cybercrime. "WormGPT now serves as a recognizable brand for a new class of uncensored LLMs."

Shanghai Firm Bets on Open-Source Strategy, Efficiency ClaimsShanghai artificial intelligence startup MiniMax released a new open-source large language model, positioning it as a direct competitor to American and other Chinese models. MiniMax says its model performs competitively on benchmark tests against leading proprietary and open models.

Meanwhile, next-gen script kiddies are levelling up faster thanks to agentic AI Interview Iran's state-sponsored cyber operatives and hacktivists have all increased their activities since the military conflict with Israel erupted last week – but not necessarily in the way that Amazon chief information security officer CJ Moses expected.…

Bank Info Security 1 year, 1 month ago

$5.48M Lawsuit Settlement Reached in Software Vendor Hack

Several Affected HealthEC Healthcare Clients Are Chipping in to Fund SettlementA provider of artificial intelligence-enabled hospital cost-cutting software and several of its healthcare clients agreed to $5.48 million to settle proposed class action litigation involving a 2023 hacking incident affecting 4.6 million individuals.

Bank Info Security 1 year, 1 month ago

Malicious PyPI Package Targets Developer Credentials

JFrog uncovers multi-stage malware harvesting cloud secretsMulti-stage malware embedded in a Python package is stealing sensitive cloud infrastructure data, JFrog researchers said Monday. The package steals credentials, configuration files, API tokens and other data from corporate cloud environments. It targets developers using the Chimera sandbox platform.

Loading more headlines...