Tag: LLM

Researchers Discover Major Security Gaps in LLM Guardrails

Mar 11, 2026 3:47 PM

Tags: ai, attack, LLM, network, tool

Palo Alto Networks’ Unit 42 has developed a successful attack to bypass safety guardrails in popular generative AI tools First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/major-security-gaps-llm-guardrails/
Did cybersecurity recently have its Gatling gun moment?

Mar 11, 2026 12:49 PM

Tags: ai, attack, automation, cyber, cyberattack, cybercrime, cybersecurity, defense, detection, email, endpoint, government, hacker, intelligence, LLM, malicious, malware, phishing, ransomware, siem, social-engineering, spear-phishing, strategy, tactics, threat, tool, update, vulnerability, warfare

inflection point. Both emblematic of an irreversible tipping point, where the nature of conflict was altered by its sudden asymmetry.The Gatling gun is the perfect analogy for the current cyber landscape. Just as it transformed warfare from a manual craft into an industrial process, modern threats have shifted from individual attacks to automated, high-velocity engagements.Here…
Google Cloud Security Threat Horizons Report #13 (H1 2026) Is Out!

Mar 10, 2026 9:48 PM

Tags: access, ai, apt, attack, cloud, credentials, cybersecurity, data, email, exploit, extortion, google, incident response, injection, intelligence, LLM, metric, phishing, ransomware, rce, remote-code-execution, saas, service, social-engineering, software, theft, threat, vulnerability, zero-day

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our next Cloud Threat Horizons Report, #13 (full version, no info to enter!) that we just released (the official blog for #1 report, my unofficial blogs for #2, #3, #4, #5, #6, #7, #8, #9, #10, #11 and #12).…
Inference protection for LLMs: Keeping sensitive data out of AI workflows

Mar 10, 2026 3:48 PM

Tags: ai, data, LLM, privacy

Inference protection is a preventive approach to LLM privacy that stops sensitive data from ever reaching AI models. Learn how de-identification enables secure, compliant AI workflows with unstructured text. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/inference-protection-for-llms-keeping-sensitive-data-out-of-ai-workflows/
SurxRAT Android Malware Uses LLMs for Phishing and Data Theft

Mar 10, 2026 9:48 AM

Tags: access, android, control, credentials, cyber, cybercrime, data, LLM, malware, phishing, ransomware, theft

A new Android Remote Access Trojan (RAT) named SurxRAT, which is being sold as a commercial malware platform through a Telegram-based malware”‘as”‘a”‘service (MaaS) ecosystem. The malware, marketed under the SURXRAT V5 branding, enables cybercriminals to create customized Android malware builds capable of surveillance, credential theft, remote device control, and ransomware-style device locking. The malware appears…
When AI safety constrains defenders more than attackers

Mar 10, 2026 8:47 AM

Tags: access, ai, attack, authentication, awareness, business, chatgpt, ciso, control, defense, detection, email, exploit, framework, LLM, malicious, malware, marketplace, microsoft, offense, open-source, openai, penetration-testing, phishing, RedTeam, service, social-engineering, spear-phishing, strategy, threat, tool, training, usa, vulnerability

The attacker advantage: Threat actors operate under no such constraints. They simply use jailbroken models, locally hosted open-source alternatives, or purpose-built malicious tools that have proliferated across underground markets.WormGPT, originally shut down in 2023, has reappeared largely as a recycled brand name for uncensored AI tools. New variants posted on underground marketplace BreachForums between October…
When AI safety constrains defenders more than attackers

Mar 10, 2026 8:47 AM

Tags: access, ai, attack, authentication, awareness, business, chatgpt, ciso, control, defense, detection, email, exploit, framework, LLM, malicious, malware, marketplace, microsoft, offense, open-source, openai, penetration-testing, phishing, RedTeam, service, social-engineering, spear-phishing, strategy, threat, tool, training, usa, vulnerability

The attacker advantage: Threat actors operate under no such constraints. They simply use jailbroken models, locally hosted open-source alternatives, or purpose-built malicious tools that have proliferated across underground markets.WormGPT, originally shut down in 2023, has reappeared largely as a recycled brand name for uncensored AI tools. New variants posted on underground marketplace BreachForums between October…
Missbrauch von KI – Regierungsdaten mithilfe von LLM Claude gestohlen

Mar 9, 2026 7:47 AM

Tags: ai, LLM

First seen on security-insider.de Jump to article: www.security-insider.de/hacker-nutzte-claude-sicherheitsluecken-mexiko-behoerden-a-850b59caf736dff41e4c0f9dcfbc652c/
What is AI Security? Top Security Risks in LLM Applications

Mar 6, 2026 3:48 PM

Tags: ai, business, infrastructure, intelligence, LLM, risk, service

Artificial Intelligence is turning out to be the non-negotiable in everyday enterprise infrastructure AI chatbots in customer service, copilots assisting developers, and many more. LLMs, the abbreviated form of Large Language Models, are now embedded across business workflows. Organizations are using AI to simplify work by incorporating it in analyzing documents, automating communication, writing… First…
Analyse von Palo Alto Networks – Hacker erstellen Phishing-Seiten mit LLMs in Echtzeit

Mar 6, 2026 8:47 AM

Tags: hacker, LLM, network, phishing

First seen on security-insider.de Jump to article: www.security-insider.de/ki-phishing-llm-javascript-im-browser-palo-alto-networks-a-7f2c070feb5687a9b52f9c3c76177df0/
Analyse von Palo Alto – Hacker erstellen Phishing-Seiten mit LLMs in Echtzeit

Mar 5, 2026 4:46 PM

Tags: hacker, LLM, phishing

First seen on security-insider.de Jump to article: www.security-insider.de/ki-phishing-llm-javascript-im-browser-palo-alto-networks-a-7f2c070feb5687a9b52f9c3c76177df0/
LLMs are getting better at unmasking people online

Mar 4, 2026 10:47 PM

Tags: ai, LLM

The author of a new study told CyberScoop he’s “very worried,” describing deanonymization capabilities of AI as a “large scale invasion of privacy.” First seen on cyberscoop.com Jump to article: cyberscoop.com/ai-deanonymization-risks-online-anonymity-study/
Invisible Threats: Source Code Exfiltration in Google Antigravity FireTail Blog

Mar 4, 2026 3:48 PM

Tags: access, ai, attack, breach, exploit, google, injection, jobs, LLM, malicious, malware, mitre, network, phishing, social-engineering, threat

Mar 04, 2026 – Viktor Markopoulos – Invisible Threats: Source Code Exfiltration in Google Antigravity”TL;DR: We explored a known issue in Google Antigravity where attackers can silently exfiltrate proprietary source codeBy hiding malicious instructions inside seemingly empty C++ comments, threat actors can force the AI assistant to package up the developer’s code and send it to…
Shadow AI vs Managed AI: What’s the Difference? FireTail Blog

Mar 4, 2026 12:48 PM

Tags: access, ai, api, attack, breach, chatgpt, ciso, cloud, computer, control, credentials, credit-card, data, data-breach, framework, google, injection, intelligence, Internet, law, LLM, malicious, mitre, monitoring, network, password, phishing, phone, risk, software, switch, threat, tool, training, vulnerability

Mar 04, 2026 – – Quick Facts: Shadow AI vs. Managed AIShadow AI is a visibility gap: It refers to any AI tool used by employees that the IT department doesn’t know about. Most companies have 10x more AI tools in use than they realize.Managed AI is a “Paved Path”: It uses approved, secure versions…
NDSS 2025 A Comparative Evaluation Of Large Language Models In Vulnerability Detection

Mar 3, 2026 11:48 PM

Tags: conference, detection, Internet, LLM, network, programming, vulnerability

Session 14C: Vulnerability Detection Authors, Creators & Presenters: Jie Lin (University of Central Florida), David Mohaisen (University of Central Florida) PAPER From Large to Mammoth: A Comparative Evaluation of Large Language Models in Vulnerability Detection Large Language Models (LLMs) have demonstrated strong potential in tasks such as code understanding and generation. This study evaluates several…
LLMs can unmask pseudonymous users at scale with surprising accuracy

Mar 3, 2026 2:47 PM

Tags: LLM

Pseudonymity has never been perfect for preserving privacy. Soon it may be pointless. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/03/llms-can-unmask-pseudonymous-users-at-scale-with-surprising-accuracy/
AI Agents: The Next Wave Identity Dark Matter – Powerful, Invisible, and Unmanaged

Mar 3, 2026 1:47 PM

Tags: access, ai, api, business, data, identity, LLM

The Rise of MCPs in the EnterpriseThe Model Context Protocol (MCP) is quickly becoming a practical way to push LLMs from “chat” into real work. By providing structured access to applications, APIs, and data, MCP enables prompt-driven AI agents that can retrieve information, take action, and automate end-to-end business workflows across the enterprise. This is…
Innovation without exposure: A CISO’s secure-by-design framework for business outcomes

Mar 2, 2026 1:47 PM

Tags: ai, authentication, awareness, business, chatgpt, cisa, ciso, cloud, control, cyber, cybersecurity, data, detection, firmware, framework, fraud, governance, identity, injection, iot, law, leak, LLM, metric, mitre, network, nist, offense, radius, RedTeam, resilience, risk, risk-management, service, social-engineering, threat, tool, unauthorized, update

A detection engineer owning “detection as code” patterns and test harnessesA threat hunter owning telemetry quality improvements and query optimizationAn incident responder owning tabletop iterations and runbook hardeningA cloud security lead owning guardrailed landing zone enhancementsThe critical constraint is this: every experiment needs an exit plan. Either it becomes a supported capability, or it is…
LLMs killed the privacy star, we can’t rewind, we’ve gone too far

Feb 27, 2026 6:37 PM

Tags: LLM, privacy

You’ll find these days that there’s no hiding place First seen on theregister.com Jump to article: www.theregister.com/2026/02/26/llms_killed_privacy_star/
How to make LLMs a defensive advantage without creating a new attack surface

Feb 27, 2026 12:37 PM

Tags: access, ai, api, attack, authentication, best-practice, business, control, credentials, cyber, cybersecurity, data, email, exploit, framework, fraud, governance, group, identity, infrastructure, injection, intelligence, international, LLM, login, malware, mitre, nist, phishing, radius, RedTeam, risk, risk-management, scam, spear-phishing, switch, technology, threat, tool, training, unauthorized, update, vulnerability

Alert triage summaries that turn raw telemetry into a short “what happened, why it matters and what I should check next” narrativeInvestigation copilots that generate a timeline from logs, tickets and chat transcripts, then highlight gaps and recommended pivotsDetection engineering assistance for drafting Sigma, YARA or query language snippets that an engineer can review and…
OpenClaw Insights: A CISO’s Guide to Safe Autonomous Agents FireTail Blog

Feb 27, 2026 8:37 AM

Tags: access, ai, api, breach, ciso, compliance, control, data, data-breach, detection, endpoint, finance, firewall, framework, governance, guide, LLM, network, open-source, risk, risk-management, software, strategy, technology, tool, vulnerability

Feb 27, 2026 – Alan Fagan – The “OpenClaw” crisis has board members asking, “Could this happen to us?” The answer isn’t to ban AI agents. It’s to govern them. By now, the dust is settling on the OpenClaw (aka MoltBot) incident. The technical post-mortems (including our own) have been written, the exposed ports have…
LLMs Generate Predictable Passwords

Feb 26, 2026 2:40 PM

Tags: LLM, password

LLMs are bad at generating passwords: There are strong noticeable patterns among these 50 passwords that can be seen easily: All of the passwords start with a letter, usually uppercase G, almost always followed by the digit 7. Character choices are highly uneven for example, L , 9, m, 2, $ and # appeared…
Hacker kompromittieren immer schneller

Feb 26, 2026 2:40 PM

Tags: access, ai, crowdstrike, cyberattack, cybercrime, hacker, LLM, malware, north-korea, threat, tool

Der Einsatz von KI-Tools macht Cyberangriffe nicht nur schneller, sondern erhöht auch die Taktzahl.Crowdstrike hat die aktuelle Ausgabe seines Global Threat Report veröffentlicht mit mehreren bemerkenswerten Erkenntnissen.So benötigte ein Angreifer im Jahr 2025 im Schnitt nur noch 29 Minuten, um sich vollständigen Zugriff auf ein Netzwerk zu verschaffen. Damit läuft die Kompromittierung rund 65 Prozent…
Bcachefs creator insists his custom LLM is female and ‘fully conscious’

Feb 25, 2026 10:37 PM

Tags: LLM

It’s not chatbot psychosis, it’s ‘math and engineering and neuroscience’ First seen on theregister.com Jump to article: www.theregister.com/2026/02/25/bcachefs_creator_ai/
SURXRAT, a Trojan’s LLM-Driven Expansion in Android Malware

Feb 25, 2026 8:37 AM

Tags: access, android, infrastructure, LLM, malware, service

SURXRAT, an Android Remote Access Trojan (RAT), has come out as a commercially structured malware operation. Distributed under the branding “SURXRAT V5,” the malware is sold through a Telegram-based malware-as-a-service (MaaS) network that enables affiliates to generate customized builds while the core operator retains centralized infrastructure and oversight. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/surxrat-arsinkrat-llm-android-rat-analysis/
Anthropic’s Claude Code Security rollout is an industry wakeup call

Feb 24, 2026 8:01 AM

Tags: ai, attack, backdoor, ceo, ciso, cloud, control, cyber, cybersecurity, detection, exploit, group, LLM, open-source, risk, saas, service, soc, tool, update, vulnerability, zero-day, zero-trust

Anchors security posture to the model: However, those assurances didn’t make all concerns evaporate. “The moment those vibe coders plug a foundation model into their CI pipeline, their entire security posture is no longer anchored only to the company’s code,” I-Gentic AI CEO Zahra Timsah pointed out.”It is anchored to the current behavior of that model.…
Zero Trust Infrastructure for Multi-LLM Context Routing

Feb 24, 2026 5:00 AM

Tags: infrastructure, LLM, tool, zero-trust

Learn how to secure multi-LLM context routing with Zero Trust and Post-Quantum cryptography. Protect MCP deployments from tool poisoning and prompt injection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/zero-trust-infrastructure-for-multi-llm-context-routing/
NDSS 2025 Generating API Parameter Security Rules With LLM For API Misuse Detection

Feb 23, 2026 7:01 PM

Tags: api, china, conference, cyber, detection, framework, Internet, LLM, network, programming, risk

Session 13B: API Security Authors, Creators & Presenters: Jinghua Liu (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, China), Yi Yang (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, China), Kai…
AI Let ‘Unsophisticated’ Hacker Breach 600 Fortinet Firewalls, AWS Says, As AI Lowers ‘The Barrier’ For Threat Actors

Feb 23, 2026 6:01 PM

Tags: ai, attack, breach, cyber, cybersecurity, firewall, fortinet, hacker, LLM, threat

Hackers use AI, GenAI and LLMs to breach Fortinet FortiGate firewalls as cybersecurity and threat actors leverage AI for cyber-attacks, AWS report finds. First seen on crn.com Jump to article: www.crn.com/news/security/2026/ai-let-unsophisticated-hacker-breach-600-fortinet-firewalls-aws-says-as-ai-lowers-the-barrier-for-threat-actors
Liminal Expands To MSPs With Secure, Multi-Model AI Platform

Feb 23, 2026 5:02 PM

Tags: ai, LLM, msp, tool

Secure AI platform Liminal is expanding beyond the enterprise in a bid to help MSPs enable secure adoption of LLM-powered tools among SMB customers”, an area that has often proven challenging for MSPs in the past, executives told CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2026/liminal-expands-to-msps-with-secure-multi-model-ai-platform