Lessons From AI Hacking: Every Model, Every Layer Is Risky
After two years of finding flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt injection and more about vulnerabilities.
Stay informed on the latest hacking trends, threats, and prevention strategies in cyber security with insightful articles and updates.
Search across headline titles and summaries.
Background for this topic.
Hacking is the use of technical methods to access, alter, disrupt, or examine computer systems and data, either with authorization or without it. In security reporting, the term usually covers unauthorized exploitation of software flaws, exposed services, weak credentials, misconfigurations, and sometimes human trust through phishing or other social engineering.
Its security significance depends on the attacker’s access and objective: a compromised internet-facing system may enable data theft, unauthorized changes, or movement into other systems, while a benign penetration test can reveal the same weaknesses before they are abused. Defenders reduce exposure through timely vulnerability management, secure configuration, strong authentication, network and endpoint monitoring, and tested incident-response procedures. Useful reporting distinguishes confirmed compromise from attempted or suspected activity and identifies the exploited entry point, affected assets, and whether access was contained.
After two years of finding flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt injection and more about vulnerabilities.
Also: Coinbase's Agentic AI Wallets, $1M Fraud IndictmentThis week, Paxful's $4M AML penalty, Coinbase's agentic AI wallets, a $1M fraud indictment, a 20-year $200M Ponzi sentence, laundering from the $200M Mixin hack, a Binance France home invasion attempt, insider betting charges in Israel and lost seized bitcoin in South Korea.
A Nigerian national was sentenced to eight years in prison for hacking multiple tax preparation firms in Massachusetts and filing fraudulent tax returns seeking over $8.1 million in refunds. [...]
Texas sued networking giant TP-Link Systems, accusing the company of deceptively marketing its routers as secure while allowing Chinese state-backed hackers to exploit firmware vulnerabilities and access users' devices. [...]
Incident Responders Detail Top Ransomware and Business Email Compromise TacticsThere's no need to invest into sophisticated hacking operations when moving fast and exploiting well-trod techniques gives threat actors all the access they want. Threat actors are prioritizing "low-complexity entry points, rather than investing in sophisticated exploits," say incident responders.
A suspected Chinese state-backed hacking group has been quietly exploiting a critical Dell security flaw in zero-day attacks that started in mid-2024. [...]
Bungled link handed over sensitive docs, and when recipient didn't cooperate, police opted for cuffs Dutch police have arrested a man for "computer hacking" after accidentally handing him their own sensitive files and then getting annoyed when he didn't hand them back.…