Copilot is an AI-based chatbot used by enterprises to streamline tasks, but it can also be manipulated by attackers to steal data and conduct phishing scams without leaving a trace.

Researchers have not identified any AI-engineered cyberattack campaigns, yet, but they say it’s only a matter of time before an AI system is dominant enough in the market to draw attention.

The increased deployment of AI systems poses significant security and privacy challenges, including adversarial manipulation of training data and the potential exfiltration of sensitive information.

Google has warned about a new threat called Google Calendar RAT (GCR) that uses the Calendar service as command-and-control infrastructure. It creates a covert channel by exploiting event descriptions in Google Calendar, making detection difficult.

The security of implantable technologies lies in the devices themselves, not the human body, and it is crucial to prioritize the security of these technologies before implanting them.

An audio clip of UK opposition leader Keir Starmer verbally abusing his staff, which gained significant traction on social media, has been debunked as AI-generated by private-sector and government analysis.

This incident highlights a new type of vulnerability, similar to prompt injection, where users can bypass the constraints of the AI model. Microsoft is likely to address this issue in future versions of Bing Chat.

A strong argument for a connection has been established between the NoEscape ransomware and the obsolete Avaddon group. The encryption algorithms used by NoEscape and Avaddon ransomware are nearly identical, except that NoEscape switched to using the Salsa20 algorithm. Furthermore, sources have con ... Read More

Cado Security spotted the Romanian threat actor Diicot using Cayosin, a variant of Mirai, to launch DDoS and cryptojacking attacks in its latest campaign. The campaign is ongoing and targets OpenWrt routers.  It is claimed that the hacking group is evolving tactics to expand its attack scope.

A newly discovered multi-stage AitM phishing and BEC attack campaign has been targeting banking and financial organizations. The phishing kit enabled the attackers to send out more than 16,000 emails to a target’s contacts as part of the second-stage phishing campaign. To remediate the issue, it is ... Read More