Single Prompt Enables ChatGPT to Execute Full Cyber-Attack Chain, Researchers Claim
Cybersecurity researchers tested Open AI GPT 5.5’s offensive cyber capabilities – and the results showed how effective a frontier LLM can be for hackers
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Cybersecurity researchers tested Open AI GPT 5.5’s offensive cyber capabilities – and the results showed how effective a frontier LLM can be for hackers
Strong Data Foundations Give AI Leaders an Edge in Quantum SecurityCompanies leading in AI security are also better prepared for quantum threats. New Thales research shows that data visibility, governance, encryption and crypto agility are helping CIOs build stronger foundations for both AI adoption and post-quantum readiness.
Cybersecurity researchers have disclosed details of a previously unreported Internet-of-Things (IoT) botnet framework dubbed TuxBot v3 Evolution that shows signs of being developed with assistance from a large language model (LLM), albeit with not so successful results
Security Teams Save Time on Tasks but Spend More Time Checking AI's WorkAI is reshaping cybersecurity work but not eliminating the need for human judgment. New ISC2 research finds security teams are spending more time validating AI outputs, facing accountability for AI errors and rethinking skill sets for entry-level talent.
Nii Osae of Mindbeam AI Describes Project to Identify Promising New TreatmentsArtificial intelligence promises to reshape drug discovery, including by helping to identify safer options to common medications in a fraction of the time. Nii Osae, founder and CEO of Mindbeam AI, describes how AI models produced promising insights into pain-relief drug research at his firm.
Any other browser extension that can run a script on claude.ai can still trigger Claude for Chrome tasks aimed at your Gmail, your latest Google Doc and its comments, and your Calendar
Researchers reported the vulnerability to Cursor in December, but it still remains in the popular AI coding platform and can be exploited in poisoned repository attacks.
TrendAI™ Research analyzed over 200 Gemini CLI session logs showing how a Russian-speaking threat actor used AI to run a live botnet, finishing a full C&C migration in six minutes while doing just 11% of the work himself.
Measure Would Create Federal AI Coordinator, Expand Data Interoperability EffortsA bipartisan House bill would create a federal coordinator to accelerate the use of artificial intelligence, standardized health data and interoperable research platforms in an effort to speed pediatric cancer research, improve clinical trial design and expand treatment options for children.
Cybersecurity researchers have flagged an intrusion in which an unknown threat actor leveraged a vibe-coded PowerShell script for Active Directory (AD) enumeration
A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit,' slipped past AI code reviewers CodeRabbit and Bugbot, which never open image files at all, then convinced a coding agent to read a repo's .env and write every secret into the code as a list of numbers. [...]
Old Unix Symlink Trick Lets Malicious Code Bypass User ChecksWiz researchers found that six popular AI coding assistants can be tricked into modifying sensitive files, including SSH keys, while their approval prompts display a harmless filename. The GhostApproval technique exploits a decades-old Unix symlink behavior to mislead users.
Researchers at the AI Now Institute developed a proof-of-concept exploit showing common AI tools used for security could backfire
Also, 23andMe Breach Settlement, GitHub AI Flaw, Ubiquiti Patches Critical BugsThis week, hidden breaches, researchers exposed a GitHub AI agent flaw, an Ubiquiti critical flaw, a ColdFusion flaw, a growing Chinese ORB, U.K. government FortiBleed exposure, 23andMe victims get $46.75 million, 3.8 million affected by Medtronic breach and Cerner's 2025 victim count went up.
Cybersecurity researchers at ESET identify big rise in suspicious and malicious toolsets which put users at risk from cyber-attacks
Researchers at Wiz found that a flaw in six popular AI coding assistants lets a booby-trapped code project quietly take control of a developer's computer. The assistant asks permission to edit one harmless-looking file, but the write lands on a sensitive one instead
One of the project’s top goals is stitching together an international, quick response coalition of governments, businesses and civil experts for AI-related threats. The post French nonprofit starts global intelligence and research hub for AI cyber threats appeared first on CyberScoop.
AI coding assistants have a habit of making things up. Ask one to fetch a popular tool, and it will sometimes hand back a real-sounding name for a project that does not exist
An AI coding assistant that refuses to answer a dangerous request in its chat box can answer it anyway if the same request is broken into small, ordinary-looking steps inside a code editor. That is the finding of a new study of GitHub Copilot by researchers Abhishek Kumar and Carsten Maple
Cybersecurity researchers have disclosed details of a now-patched critical session isolation vulnerability in Writer, an enterprise generative artificial intelligence (AI) platform, that could result in cross-tenant compromise