Security news aggregator

Latest coverage for Artificial Intelligence

Explore the intersection of AI and cybersecurity. Stay informed on AI-driven security trends, tools, and threats in the ever-evolving digital landscape.

34 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Artificial intelligence (AI) describes computer systems that perform tasks such as recognizing patterns, making predictions, understanding language, or generating content. In security reporting, the term commonly includes machine-learning models used for detection and analysis, as well as generative AI applications that produce text, code, images, or other outputs.

AI can help analyze security telemetry, prioritize vulnerabilities, and support investigations, but its outputs can be wrong or manipulated. Important attack surfaces include prompt injection that steers an application into unintended actions, sensitive data being exposed through prompts or model outputs, and excessive permissions granted to AI systems that use external tools. Models can also be degraded by poisoned training data or evaded with carefully crafted inputs. Practitioners should protect training and operational data, limit model access and tool permissions, test for adversarial behavior, and require appropriate human validation before high-impact decisions.

Showing 20 most recent headlines of 34 Filtered view

A high-severity security flaw has been disclosed in Meta's Llama large language model (LLM) framework that, if successfully exploited, could allow an attacker to execute arbitrary code on the llama-stack inference server.  The vulnerability, tracked as CVE-2024-50050, has been assigned a CVSS score of 6.3 out of 10.0. Supply chain security firm Snyk, on the other hand, has assigned it a

GameOn? It's looking more like game over for that biz The co-founder and former CEO of AI startup GameOn is in a pickle. After exiting the top job last year under a cloud, he's now in court – along with his wife – for allegedly bilking his company and its investors out of more than $60 million.…

Bank Info Security 1 year, 5 months ago

Maybe AI Hallucinations Aren't So Bad After All

Scientists Say Fabricated AI Responses Could Lead to New Discoveries and InnovationHallucinations are considered one of the most worrisome flaws of emerging artificial intelligence technology. But some scientists see the tendency of AI and large language models to fabricate responses is tool for discovery in fields such as chemistry and pharmaceuticals.

While AI platforms and tools promise to offer encouraging potential in healthcare, many are unprepared to deal with the risks these emerging technologies pose - similar to the early days of social media, said Keith Fricke, co-managing partner and principal consultant at tw-Security.

While artificial intelligence platforms and tools promise to offer encouraging potential in healthcare, many are unprepared to deal with the risks these emerging technologies pose - similar to the early days of social media, said Keith Fricke, partner and principal of tw-Security.

Bank Info Security 1 year, 5 months ago

OpenAI Launches AI Agent 'Operator'

Operator Cannot Yet Reliably Perform Complex, Customized TasksOpenAI introduced an AI agent capable of independent action with the launch of Operator, an general-purpose AI tool that interacts with websites to perform tasks. The agent can navigate menus and complete forms to do tasks such as travel booking, ordering takeout, buying stuff or scheduling tasks.

SYSTEM-level command injection via API parameter *chef's kiss* A now-fixed command-injection bug in Kubernetes can be exploited by a remote attacker to gain code execution with SYSTEM privileges on all Windows endpoints in a cluster, and thus fully take over those systems, according to Akamai researcher Tomer Peled.…

Bank Info Security 1 year, 5 months ago

Lawsuit Claims LinkedIn Used Private Messages to Train AI

California User's Class Action Suit Says LinkedIn Violated Contract, Privacy RegsA LinkedIn user has sued the company for flouting privacy requirements by allowing third-party companies to access user data - including Premium users' private messages - to train their artificial intelligence models. A LinkedIn spokesperson called the lawsuit "false claims with no merit."

Also: US Prosecutors Charge Suspected North Korean IT Worker CollaboratorsThis week, researchers spied Palo Alto firewall flaws, a North Korean IT worker conspiracy, ChatGPT as DDoS vector. Chinese hackers targeted a VPN maker, a fake PyPi package and a Russian threat actor shifted tactics. BreachForums admin faces prison and scammers used the release of Ross Ulbricht.

APIs are the backbone of modern applications, enabling connectivity and functionality across diverse systems. However, the growing complexity of API ecosystems introduces vulnerabilities that attackers exploit to disrupt operations, steal data, or launch other malicious activities. Without real-time visibility and robust threat detection, businesses face significant risks.

Inadequate Cyber Resilience and More Findings From WEF's Global Risks Report 2025Polarization within societies, escalating geopolitical tensions and the proliferation of generative AI tools have cemented misinformation and disinformation as the top global risk in a two-year outlook, according to the World Economic Forum's Global Risks Report 2025.

And the government thinks that AI and taking shackles off big tech will help? God help Britain For the first time since the start of the pandemic, the number of tech firms incorporated in the UK has declined, with a shrinking economy, as well as high inflation and interest rates causing a slump in business confidence.…

Loading more headlines...