Tag: api

Google Warns of PROMPTFLUX Malware That Uses Gemini API for Self-Rewriting Attacks

Nov 6, 2025 8:19 AM

Tags: ai, api, attack, cyber, cybersecurity, google, group, intelligence, malware, threat

Cybersecurity researchers at Google Threat Intelligence Group (GTIG) have identified a significant shift in how threat actors are leveraging artificial intelligence in their operations. The discovery of experimental malware called PROMPTFLUX marks a watershed moment in cyber threats, demonstrating that attackers are no longer using AI merely to boost productivity they are now deploying AI-enabled…
SonicWall Confirms State-Sponsored Hackers Behind September Cloud Backup Breach

Nov 6, 2025 7:19 AM

Tags: access, api, backup, breach, cloud, firewall, hacker, malicious, threat, unauthorized

SonicWall has formally implicated state-sponsored threat actors as behind the September security breach that led to the unauthorized exposure of firewall configuration backup files.”The malicious activity carried out by a state-sponsored threat actor – was isolated to the unauthorized access of cloud backup files from a specific cloud environment using an API call,” the company…
Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly

Nov 5, 2025 5:19 PM

Tags: ai, api, google, intelligence, malware, threat

Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script (VB Script) malware dubbed PROMPTFLUX that interacts with its Gemini artificial intelligence (AI) model API to write its own source code for improved obfuscation and evasion.”PROMPTFLUX is written in VBScript and interacts with Gemini’s API to request specific VBScript…
How crooks use IT to enable cargo theft

Nov 5, 2025 5:19 AM

Tags: access, ai, api, attack, authentication, awareness, breach, business, control, crime, cyber, cybersecurity, data, detection, email, endpoint, finance, fraud, government, group, incident response, infosec, infrastructure, insurance, Internet, jobs, law, login, mfa, network, password, phishing, privacy, risk, skills, smishing, social-engineering, supply-chain, technology, theft, threat, tool, training, vulnerability

Value of stolen shipments has doubled: It’s hard to determine the size of this IT-related cargo theft problem. The US National Insurance Crime Bureau estimates cargo theft losses from all sources increased 27% last year compared to 2023, to $35 billion.Versik CargoNet, a company that tracks physical supply chain crime for law enforcement agencies, insurance…
How crooks use IT to enable cargo theft

Nov 5, 2025 5:19 AM

Tags: access, ai, api, attack, authentication, awareness, breach, business, control, crime, cyber, cybersecurity, data, detection, email, endpoint, finance, fraud, government, group, incident response, infosec, infrastructure, insurance, Internet, jobs, law, login, mfa, network, password, phishing, privacy, risk, skills, smishing, social-engineering, supply-chain, technology, theft, threat, tool, training, vulnerability

Value of stolen shipments has doubled: It’s hard to determine the size of this IT-related cargo theft problem. The US National Insurance Crime Bureau estimates cargo theft losses from all sources increased 27% last year compared to 2023, to $35 billion.Versik CargoNet, a company that tracks physical supply chain crime for law enforcement agencies, insurance…
SesameOp Backdoor Abused OpenAI Assistants API for Remote Access

Nov 4, 2025 8:19 PM

Tags: access, api, backdoor, data, microsoft, openai, theft

Microsoft researchers found the SesameOp backdoor using OpenAI’s Assistants API for remote access, data theft, and command communication. First seen on hackread.com Jump to article: hackread.com/sesameop-backdoor-openai-assistants-api-access/
SesameOp: New backdoor exploits OpenAI API for covert C2

Nov 4, 2025 7:19 PM

Tags: api, backdoor, control, detection, exploit, incident response, microsoft, openai

Microsoft found a new backdoor, SesameOp, using the OpenAI Assistants API for stealthy command-and-control in hacked systems. Microsoft uncovered a new backdoor, named SesameOp, that abuses the OpenAI Assistants API for command-and-control, allowing covert communication within compromised systems. Microsoft Incident Response Detection and Response Team (DART) researchers discovered the backdoor in July 2025 while […]…
Hackers Hijack OpenAI API in Stealthy New Backdoor Attack

Nov 4, 2025 5:19 PM

Tags: api, attack, backdoor, control, exploit, hacker, openai

Hackers created a stealthy backdoor that exploits OpenAI’s API for covert command-and-control operations. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/hackers-hijack-openai-api-in-stealthy-new-backdoor-attack/
SesameOp Backdoor Uses OpenAI API for Covert C2

Nov 4, 2025 4:19 PM

Tags: ai, api, attack, backdoor, malware, openai, service

Malware used in a months-long attack demonstrates how bad actors are misusing generative AI services in unique and stealthy ways. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/sesameop-backdoor-openai-api-covert-c2
OpenAI Assistants API Exploited in ‘SesameOp’ Backdoor

Nov 4, 2025 4:19 PM

Tags: api, backdoor, communications, control, exploit, openai

Instead of relying on more traditional methods, the backdoor exploits OpenAI’s Assistants API for command-and-control communications First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/openai-assistants-api-sesameop/
Check Point knackt XLoader-Malware mit Generativer KI

Nov 4, 2025 3:19 PM

Tags: ai, api, encryption, malware, windows

Bei der Untersuchung von XLoader stießen die Forscher unter anderem auf eine mehrschichtige RC4-Verschlüsselung, versteckte Windows-API-Aufrufe und neue Mechanismen zur Umgehung von Sandbox-Umgebungen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-knackt-xloader-malware-mit-generativer-ki/a42609/
Dohop Uses DataDome to Block Millions of Scrapers Protect 75+ Airline Partners

Nov 4, 2025 2:19 PM

Tags: api

Dohop cut bot traffic by 70% with DataDome, blocking millions of scrapers and protecting 75+ airline partners from API overload and downtime. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/dohop-uses-datadome-to-block-millions-of-scrapers-protect-75-airline-partners/
Dohop Uses DataDome to Block Millions of Scrapers Protect 75+ Airline Partners

Nov 4, 2025 2:19 PM

Tags: api

Dohop cut bot traffic by 70% with DataDome, blocking millions of scrapers and protecting 75+ airline partners from API overload and downtime. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/dohop-uses-datadome-to-block-millions-of-scrapers-protect-75-airline-partners/
Dohop Uses DataDome to Block Millions of Scrapers Protect 75+ Airline Partners

Nov 4, 2025 2:19 PM

Tags: api

Dohop cut bot traffic by 70% with DataDome, blocking millions of scrapers and protecting 75+ airline partners from API overload and downtime. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/dohop-uses-datadome-to-block-millions-of-scrapers-protect-75-airline-partners/
OpenAI API moonlights as malware HQ in Microsoft’s latest discovery

Nov 4, 2025 1:19 PM

Tags: api, backdoor, malware, microsoft, openai

Redmond uncovers SesameOp, a backdoor hiding its tracks by using OpenAI’s Assistants API as a command channel First seen on theregister.com Jump to article: www.theregister.com/2025/11/04/openai_api_moonlights_as_malware/
OpenAI API moonlights as malware HQ in Microsoft’s latest discovery

Nov 4, 2025 1:19 PM

Tags: api, backdoor, malware, microsoft, openai

Redmond uncovers SesameOp, a backdoor hiding its tracks by using OpenAI’s Assistants API as a command channel First seen on theregister.com Jump to article: www.theregister.com/2025/11/04/openai_api_moonlights_as_malware/
OpenAI API moonlights as malware HQ in Microsoft’s latest discovery

Nov 4, 2025 1:19 PM

Tags: api, backdoor, malware, microsoft, openai

Redmond uncovers SesameOp, a backdoor hiding its tracks by using OpenAI’s Assistants API as a command channel First seen on theregister.com Jump to article: www.theregister.com/2025/11/04/openai_api_moonlights_as_malware/
Oct Recap: New and Newly Deniable GCP Privileged Permissions

Nov 4, 2025 1:19 PM

Tags: api, backup, cloud, google, update

As October 2025 wraps up, Sonrai’s latest analysis of Google Cloud Platform permissions reveals both newly introduced privileged actions and those that have become newly enforceable through the V2 API, meaning organizations can now explicitly deny their use. This month’s updates span Discovery Engine, Cloud Integrations, and Backup and Disaster Recovery, reflecting how GCP continues……
Oct Recap: New and Newly Deniable GCP Privileged Permissions

Nov 4, 2025 1:19 PM

Tags: api, backup, cloud, google, update

As October 2025 wraps up, Sonrai’s latest analysis of Google Cloud Platform permissions reveals both newly introduced privileged actions and those that have become newly enforceable through the V2 API, meaning organizations can now explicitly deny their use. This month’s updates span Discovery Engine, Cloud Integrations, and Backup and Disaster Recovery, reflecting how GCP continues……
Oct Recap: New and Newly Deniable GCP Privileged Permissions

Nov 4, 2025 1:19 PM

Tags: api, backup, cloud, google, update

As October 2025 wraps up, Sonrai’s latest analysis of Google Cloud Platform permissions reveals both newly introduced privileged actions and those that have become newly enforceable through the V2 API, meaning organizations can now explicitly deny their use. This month’s updates span Discovery Engine, Cloud Integrations, and Backup and Disaster Recovery, reflecting how GCP continues……
New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations

Nov 4, 2025 1:19 PM

Tags: ai, antivirus, api, attack, backdoor, detection, endpoint, injection, malicious, microsoft, monitoring, openai, ransomware, risk, threat

Lessons for defenders and platform providers: Microsoft clarified that OpenAI’s platform itself wasn’t breached or exploited; rather, its legitimate API functions were misused as a relay channel, highlighting a growing risk as generative AI becomes part of enterprise and development workflows. Attackers can now co-opt public AI endpoints to mask malicious intent, making detection significantly…
New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations

Nov 4, 2025 1:19 PM

Tags: ai, antivirus, api, attack, backdoor, detection, endpoint, injection, malicious, microsoft, monitoring, openai, ransomware, risk, threat

Lessons for defenders and platform providers: Microsoft clarified that OpenAI’s platform itself wasn’t breached or exploited; rather, its legitimate API functions were misused as a relay channel, highlighting a growing risk as generative AI becomes part of enterprise and development workflows. Attackers can now co-opt public AI endpoints to mask malicious intent, making detection significantly…
New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations

Nov 4, 2025 1:19 PM

Tags: ai, antivirus, api, attack, backdoor, detection, endpoint, injection, malicious, microsoft, monitoring, openai, ransomware, risk, threat

Lessons for defenders and platform providers: Microsoft clarified that OpenAI’s platform itself wasn’t breached or exploited; rather, its legitimate API functions were misused as a relay channel, highlighting a growing risk as generative AI becomes part of enterprise and development workflows. Attackers can now co-opt public AI endpoints to mask malicious intent, making detection significantly…
Oct Recap: New and Newly Deniable GCP Privileged Permissions

Nov 4, 2025 1:19 PM

Tags: api, backup, cloud, google, update

As October 2025 wraps up, Sonrai’s latest analysis of Google Cloud Platform permissions reveals both newly introduced privileged actions and those that have become newly enforceable through the V2 API, meaning organizations can now explicitly deny their use. This month’s updates span Discovery Engine, Cloud Integrations, and Backup and Disaster Recovery, reflecting how GCP continues……
SesameOp: Using the OpenAI Assistants API for Covert C2 Communication

Nov 4, 2025 8:19 AM

Tags: api, backdoor, cloud, control, cyber, data-breach, detection, exploit, malicious, malware, microsoft, openai, service, tactics, threat

Microsoft’s Detection and Response Team has exposed a sophisticated backdoor malware that exploits the OpenAI Assistants API as an unconventional command-and-control communication channel. Named SesameOp, this threat demonstrates how adversaries are rapidly adapting to leverage legitimate cloud services for malicious purposes, making detection significantly more challenging for security teams. The discovery highlights the evolving tactics…
Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API as a Stealth Command Channel

Nov 4, 2025 8:19 AM

Tags: api, backdoor, control, malicious, microsoft, openai, programming, threat

Microsoft has disclosed details of a novel backdoor dubbed SesameOp that uses OpenAI Assistants Application Programming Interface (API) for command-and-control (C2) communications.”Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way to stealthily communicate and orchestrate malicious activities within the compromised First seen…
Hackers Can Manipulate Claude AI APIs with Indirect Prompts to Steal User Data

Nov 4, 2025 7:19 AM

Tags: ai, api, attack, cyber, data, exploit, hacker

A new security issue discovered by researchers reveals that Anthropic’s Claude AI system can be exploited through indirect prompts, allowing attackers to exfiltrate user data via its built”‘in File API. The attack, documented in a detailed technical post on October 28, 2025, demonstrates how Claude’s Code Interpreter and API features could be manipulated to send…
Hackers Can Manipulate Claude AI APIs with Indirect Prompts to Steal User Data

Nov 4, 2025 7:19 AM

Tags: ai, api, attack, cyber, data, exploit, hacker

A new security issue discovered by researchers reveals that Anthropic’s Claude AI system can be exploited through indirect prompts, allowing attackers to exfiltrate user data via its built”‘in File API. The attack, documented in a detailed technical post on October 28, 2025, demonstrates how Claude’s Code Interpreter and API features could be manipulated to send…
SesameOp malware abuses OpenAI Assistants API in attacks

Nov 3, 2025 8:20 PM

Tags: api, attack, backdoor, control, malware, microsoft, openai

Microsoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert command-and-control channel. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-sesameop-malware-abuses-openai-assistants-api-in-attacks/
SesameOp malware abuses OpenAI Assistants API in attacks

Nov 3, 2025 8:20 PM

Tags: api, attack, backdoor, control, malware, microsoft, openai

Microsoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert command-and-control channel. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-sesameop-malware-abuses-openai-assistants-api-in-attacks/