Tag: ai
-
Cyberkriminelle nutzen die Phishing-Plattform Kali365, um legitime Microsoft-365-Verfahren für einen Zugriff ohne Passwörter
Das FBI warnt aktuell vor Kali365, einer seit April 2026 aktiven Phishing-as-a-Service-Plattform, die gezielt Microsoft-365-Umgebungen ins Visier nimmt. Hierbei werden keine Zugangsdaten gestohlen, sondern OAuth-Tokens gekapert, wodurch selbst eine Multifaktor-Authentifizierung (MFA) umgangen wird. Die Plattform bietet zudem KI-generierte Phishing-Vorlagen, automatisierte Kampagnen-Tools und Echtzeit-Tracking-Dashboards und wird über Telegram als Abonnementmodell vertrieben. Der Angriff läuft dabei in…
-
Mehr KI, mehr Probleme? Hacker George Hotz hält Agenten für einen teuren Fehler
First seen on t3n.de Jump to article: t3n.de/news/george-hotz-ki-probleme-1744019/
-
Election threats are focused on campaign systems, not voting machines
Check Point said actors are shifting toward campaign systems and AI-generated content, outpacing the public’s ability to understand and respond to the risks. First seen on cyberscoop.com Jump to article: cyberscoop.com/2026-election-cyber-threats-campaign-systems/
-
CIFSwitch, a Linux Root Bug Hidden in Plain Sight for 19 Years
CIFSwitch is a 19-year-old Linux logic bug turning forged CIFS auth keys into root. Affects Mint, CentOS, Rocky, Kali, SLES. CIFSwitch stands apart from typical privilege escalation vulnerabilities because of how it was discovered. Asim Manizada, a security engineer at SpaceX, didn’t find it by auditing source code the old-fashioned way. He built an AI-powered…
-
Top 4 data security best practices for the AI-enabled enterprise
To maximize AI’s value without increasing security risk, organizations must enforce best”‘practice data protections across their environment. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/spons/top-4-data-security-best-practices-for-the-ai-enabled-enterprise/820564/
-
NVIDIA goes open source with a big batch of physical AI agent tools
NVIDIA just dropped a big batch of open-source >>physical AI<< skills and tools, and they're designed to make a roboticist's life a whole lot easier. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/01/nvidia-open-source-physical-ai-skills/
-
DNS-AID lets AI agents find and verify each other through DNS
AI agents run across many platforms, and each one needs a way to locate and confirm the identity of the others it works with. The Linux Foundation’s DNS-AID project … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/01/dns-aid-ai-agent-discovery-dns/
-
Infosecurity Europe: OWASP Forms New Agentic Research Council
Tags: aiOWASP’s new Agentic Research Council will aim to connect academic work to operational realities on agentic AI security First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/owasp-new-agentic-research-council/
-
Microsoft KB5089573 Fixes Windows 11 Patch Tuesday Install Failures
Microsoft has released cumulative update KB5089573 for Windows 11 versions 24H2 and 25H2, aimed at improving stability and resolving installation issues reported during recent Patch Tuesday deployments. The update is part of Microsoft’s ongoing effort to streamline update reliability while introducing refinements to AI-driven system components. KB5089573 primarily addresses problems users encountered while installing earlier…
-
KI-Sicherheit beginnt bei der Identität, nicht beim Netzwerk – KI-Lieferketten haben keinen Perimeter
Tags: aiFirst seen on security-insider.de Jump to article: www.security-insider.de/ki-lieferketten-identitaet-zero-trust-perimeter-a-b20ae4005cf34dfac4eac39081b9e94a/
-
EU organizations buckle under rising compliance pressure
Cybersecurity governance in the EU is shifting under expanding frameworks such as NIS2 and DORA, while AI raises new questions for security teams. What the future brings is … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/01/antonija-vojnovic-span-cybersecurity-governance-challenges/
-
OWASP Agent Memory Guard: Stop AI agents from being weaponized through their own memory
Tags: aiAI agents keep memory across sessions. Conversation history, vector stores, scratchpads, and RAG indexes persist between runs, and anything written into that store becomes a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/01/owasp-agent-memory-guard/
-
Governing shadow AI without killing innovation
In this Help Net Security video, Alan Snyder, CEO at NowSecure, talks about governing shadow AI without stopping innovation. He frames the problem as two opposing forces. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/01/governing-shadow-ai-video/
-
145 AI laws passed in 2025 and privacy teams aren’t catching a break
145 AI-related laws were enacted by state legislatures in 2025, and more than 1,000 additional bills were introduced or revised, according to DataGrail’s Privacy and AI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/01/datagrail-ai-privacy-risks-report/
-
KI-Chatbots bleiben nützliche Werkzeuge kundiger Anwender ersetzen aber keine reale Bezugsperson
Tags: aiFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/ki-chatbots-nuetzlich-werkzeuge-kein-ersatz-bezugsperson
-
KnowBe4 vereint E und Chat-Sicherheit durch die Ausweitung der Bedrohungserkennung auf Microsoft-Teams
Der führende Anbieter Digitaler-Workforce-Security, der sich umfassend mit dem Schutz von Menschen und KI-Agenten befasst, KnowBe4, führt ‘KnowBe4 Messaging Security” ein, mit der Microsoft-Teams abgesichert werden kann. Die KnowBe4-Plattform bietet nun einen einheitlichen Schutz für die beiden wichtigsten Kommunikationskanäle von Unternehmen: Chat und E-Mail. Dieses neue Angebot schließt die Sicherheitslücke zwischen E-Mail-Schutz und Tools für…
-
AI gegen AI Warum die Zukunft der Cybersicherheit von künstlicher Intelligenz geprägt wird
Künstliche Intelligenz verändert die Cybersicherheitslandschaft in einem Tempo, das viele Unternehmen kaum noch kontrollieren können. Während Organisationen generative KI für Produktivität, Automatisierung und Innovation einsetzen, nutzen Cyberkriminelle dieselbe Technologie bereits, um Angriffe schneller, präziser und kostengünstiger durchzuführen. Die Folge: Die Cybersicherheit entwickelt sich zu einem Wettlauf zwischen angreifender und verteidigender KI. Zu diesem Ergebnis kommt…
-
AI Powered Nmap using ShellGPT
Overview This article examines how pairing ShellGPT, an AI-powered command-line assistant driven by the OpenAI API, with Nmap fundamentally changes the pace and First seen on hackingarticles.in Jump to article: www.hackingarticles.in/ai-powered-nmap-using-shellgpt/
-
KI gegen KI: Check Point lässt Cyber-Agenten Schwachstellen finden, bevor Angreifer zuschlagen
Moderne KI-Modelle und sogenannte Frontier-AI-Systeme sind zunehmend in der Lage, große Mengen potenziell verwundbarer Systeme autonom zu analysieren. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ki-gegen-ki-check-point-laesst-cyber-agenten-schwachstellen-finden-bevor-angreifer-zuschlagen/a45336/
-
Week in review: Infostealer dropped via FortiClient EMS flaw, exploited Trend Micro Apex One flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Coinflow CISO on crypto payments security under AI pressure Crypto payment … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/31/week-in-review-infostealer-dropped-via-forticlient-ems-flaw-exploited-trend-micro-apex-one-flaw/
-
DFKI: Browser-Erweiterung anonymisiert KI-Prompts direkt in Chrome
Schluss mit Datenlecks im KI-Chat: Das DFKI bringt eine Chrome-Erweiterung, die sensible Inhalte unkenntlich macht, bevor sie in Chatbots landen. First seen on golem.de Jump to article: www.golem.de/news/dfki-browser-erweiterung-anonymisiert-ki-prompts-direkt-in-chrome-2605-209222.html
-
TeamPCP Compromised LiteLLM in AI Supply Chain Attack
TeamPCP used malicious LiteLLM packages to steal AI and cloud credentials in a software supply chain attack. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/teampcp-compromised-litellm-in-ai-supply-chain-attack/
-
Socket Raises $60M for Wider Software Supply-Chain Defense
Funding at $1B Valuation Will Expand Controls Across Developer and AI Ecosystems. Socket raised $60 million in a Thrive Capital-led Series C at a $1 billion valuation to expand its supply-chain security platform beyond package managers as AI coding tools increase enterprise exposure to malicious dependencies, browser extensions and developer tooling. First seen on govinfosecurity.com…
-
Millions of AI agents imperiled by critical vulnerability in open source package
“BadHost” was found in Starlette, a package with 325 million weekly downloads. First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2026/05/millions-of-ai-agents-imperiled-by-critical-vulnerability-in-open-source-package/
-
Why Annual Penetration Tests Are No Longer Enough
AI-driven offensive security is pushing organizations beyond annual penetration tests toward continuous validation models. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/why-annual-penetration-tests-are-no-longer-enough/
-
Anthropic Expands Public Access to Claude Mythos AI Model
Expect to See Widespread Availability of Mythos-Level Models Within 6-12 Months. Anthropic is expanding public access to its frontier artificial intelligence model Claude Mythos to qualifying customers’ security teams on request for such purposes as vulnerability research and red-teaming, and predicts that Mythos-class models will be publicly available within 12 months. First seen on govinfosecurity.com…
-
The AI Era Is Creating a Bug-Hunting Arms Race
As attackers ramp up their AI exploit development, the search for software vulnerabilities is changing rapidly. First seen on wired.com Jump to article: www.wired.com/story/the-ai-era-is-creating-a-bug-hunting-arms-race/
-
Microsoft Code Editor Flaw Lets Attackers Hijack Developer PCs
Hidden Install Settings Let Malicious MCP Links Execute Code. Microsoft patched a high-severity flaw in Visual Studio Code after researchers found attackers could hide malicious settings inside MCP server install links, giving them persistent access to developer machines through what appeared to be routine artificial intelligence tool installations. First seen on govinfosecurity.com Jump to article:…
-
Claude Mythos AI Identified 10,000+ Software Vulnerabilities in One Month
Anthropic says its Claude Mythos AI identified more than 10,000 software vulnerabilities in one month, including critical flaws in open-source code. First seen on hackread.com Jump to article: hackread.com/claude-mythos-ai-vulnerabilities-one-month/