Collecting Cyber-News from over 60 sources

Tag: LLM

China-Aligned UTA0388 Uses AI Tools in Global Phishing Campaigns

Nov 10, 2025 5:20 PM

Tags: ai, china, LLM, phishing, spear-phishing, tactics, tool

Volexity has linked spear phishing operations to China-aligned UTA0388 in new campaigns using advanced tactics and LLMs First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/china-aligned-uta0388-ai-tools/
Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations

Nov 10, 2025 2:19 PM

Tags: ai, api, attack, ciso, cloud, cyberattack, data, finance, healthcare, leak, LLM, microsoft, mitigation, network, openai, service, side-channel, vpn

Inside Microsoft’s proof-of-concept: Researchers at Microsoft simulated a real-world scenario in which the adversary could observe encrypted traffic but not decrypt it. They chose “legality of money laundering” as the target topic for the proof-of-concept.For positive samples, the team used a”¯language model”¯to generate 100 semantically similar variants of questions about this topic. For negative”¯noise”¯samples,”¯it randomly…
Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations

Nov 10, 2025 2:19 PM

Tags: ai, api, attack, ciso, cloud, cyberattack, data, finance, healthcare, leak, LLM, microsoft, mitigation, network, openai, service, side-channel, vpn

Inside Microsoft’s proof-of-concept: Researchers at Microsoft simulated a real-world scenario in which the adversary could observe encrypted traffic but not decrypt it. They chose “legality of money laundering” as the target topic for the proof-of-concept.For positive samples, the team used a”¯language model”¯to generate 100 semantically similar variants of questions about this topic. For negative”¯noise”¯samples,”¯it randomly…
Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations

Nov 10, 2025 2:19 PM

Tags: ai, api, attack, ciso, cloud, cyberattack, data, finance, healthcare, leak, LLM, microsoft, mitigation, network, openai, service, side-channel, vpn

Inside Microsoft’s proof-of-concept: Researchers at Microsoft simulated a real-world scenario in which the adversary could observe encrypted traffic but not decrypt it. They chose “legality of money laundering” as the target topic for the proof-of-concept.For positive samples, the team used a”¯language model”¯to generate 100 semantically similar variants of questions about this topic. For negative”¯noise”¯samples,”¯it randomly…
Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations

Nov 10, 2025 2:19 PM

Tags: ai, api, attack, ciso, cloud, cyberattack, data, finance, healthcare, leak, LLM, microsoft, mitigation, network, openai, service, side-channel, vpn

Inside Microsoft’s proof-of-concept: Researchers at Microsoft simulated a real-world scenario in which the adversary could observe encrypted traffic but not decrypt it. They chose “legality of money laundering” as the target topic for the proof-of-concept.For positive samples, the team used a”¯language model”¯to generate 100 semantically similar variants of questions about this topic. For negative”¯noise”¯samples,”¯it randomly…
Researchers trick ChatGPT into prompt injecting itself

Nov 10, 2025 11:22 AM

Tags: attack, chatgpt, data, endpoint, injection, leak, LLM, malicious, monitoring, openai, phishing, unauthorized, vulnerability

Conversation injection and stealthy data exfiltration: Because ChatGPT receives output from SearchGPT after the search model processes content, Tenable’s researchers wondered what would happen if SearchGPT’s response itself contained a prompt injection. In other words, could they use a website to inject a prompt that instructs SearchGPT to inject a different prompt into ChatGPT, effectively…
Microsoft findet Seitenkanalangriff Whisper-Leak in LLMs

Nov 9, 2025 2:19 PM

Tags: ai, leak, LLM, microsoft

Sicherheitsforscher haben eine neue Whisper-Leaks genannte Methode entdeckt, um einen Seitenkanalangriff auf die Kommunikation mit Sprachmodellen im Streaming-Modus durchzuführen. Durch geschicktes Ausnutzung von Netzwerkpaketgrößen und -timings könnten Informationen abgezogen werden. Mit der KI-Welle werden immer häufiger große Sprachmodelle (LLMs), KI-gestützte … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/09/microsoft-findet-seitenkanalangriff-whisper-leak-in-llms/
AI benchmarks are a bad joke and LLM makers are the ones laughing

Nov 8, 2025 9:19 PM

Tags: ai, LLM

Study finds many tests don’t measure the right things First seen on theregister.com Jump to article: www.theregister.com/2025/11/07/measuring_ai_models_hampered_by/
LLM08: Vector Embedding Weaknesses FireTail Blog

Nov 8, 2025 5:20 AM

Tags: access, ai, attack, authentication, control, cyber, data, governance, injection, leak, LLM, risk, unauthorized, vulnerability

Nov 07, 2025 – – In 2025, with the rise of AI, we’ve seen a parallel rise in cyber risks. The OWASP Top 10 for LLM helps us categorize and understand the biggest risks we are seeing in today’s landscape. In previous blogs, we’ve gone over risks 1-7. Today, we’re covering #8: Vector and Embedding…
NDSS 2025 YuraScanner: Leveraging LLMs For Task-driven Web App Scanning4+

Nov 7, 2025 7:20 PM

Tags: attack, conference, detection, LLM, network, tool, vulnerability, xss, zero-day

SESSION Session 2B: Web Security Authors, Creators & Presenters: Aleksei Stafeev (CISPA Helmholtz Center for Information Security), Tim Recktenwald (CISPA Helmholtz Center for Information Security), Gianluca De Stefano (CISPA Helmholtz Center for Information Security), Soheil Khodayari (CISPA Helmholtz Center for Information Security), Glancarlo Pellegrino (CISPA Helmholtz Center for Information Security) PAPER YuraScanner: Leveraging LLMs for…
NDSS 2025 YuraScanner: Leveraging LLMs For Task-driven Web App Scanning4+

Nov 7, 2025 7:20 PM

Tags: attack, conference, detection, LLM, network, tool, vulnerability, xss, zero-day

SESSION Session 2B: Web Security Authors, Creators & Presenters: Aleksei Stafeev (CISPA Helmholtz Center for Information Security), Tim Recktenwald (CISPA Helmholtz Center for Information Security), Gianluca De Stefano (CISPA Helmholtz Center for Information Security), Soheil Khodayari (CISPA Helmholtz Center for Information Security), Glancarlo Pellegrino (CISPA Helmholtz Center for Information Security) PAPER YuraScanner: Leveraging LLMs for…
NDSS 2025 YuraScanner: Leveraging LLMs For Task-driven Web App Scanning4+

Nov 7, 2025 7:20 PM

Tags: attack, conference, detection, LLM, network, tool, vulnerability, xss, zero-day

SESSION Session 2B: Web Security Authors, Creators & Presenters: Aleksei Stafeev (CISPA Helmholtz Center for Information Security), Tim Recktenwald (CISPA Helmholtz Center for Information Security), Gianluca De Stefano (CISPA Helmholtz Center for Information Security), Soheil Khodayari (CISPA Helmholtz Center for Information Security), Glancarlo Pellegrino (CISPA Helmholtz Center for Information Security) PAPER YuraScanner: Leveraging LLMs for…
Popular LLMs dangerously vulnerable to iterative attacks, says Cisco

Nov 7, 2025 5:19 PM

Tags: ai, attack, cisco, cyber, LLM, vulnerability

Cisco researchers probed some of the most widely used public GenAI LLMs and found many of them were dangerously susceptible to so-called multi-turn cyber attacks producing undesirable outputs First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634292/Popular-LLMs-dangerously-vulnerable-to-iterative-attacks-says-Cisco
Popular LLMs dangerously vulnerable to iterative attacks, says Cisco

Nov 7, 2025 5:19 PM

Tags: ai, attack, cisco, cyber, LLM, vulnerability

Cisco researchers probed some of the most widely used public GenAI LLMs and found many of them were dangerously susceptible to so-called multi-turn cyber attacks producing undesirable outputs First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634292/Popular-LLMs-dangerously-vulnerable-to-iterative-attacks-says-Cisco
KI-Malware ist keine Theorie mehr

Nov 7, 2025 2:20 PM

Tags: access, ai, antivirus, api, control, cyberattack, cybercrime, cybersecurity, data, exploit, github, google, group, hacker, intelligence, LLM, malware, ransomware, RedTeam, service, skills, social-engineering, software, threat, tool, vulnerability

KI boomt auch unter Cyberkriminellen. Die ersten operativen Ergebnisse dieses Trends beleuchten Google-Sicherheitsforscher in einem aktuellen Report.Was lange befürchtet und vermutet wurde, will die Google Threat Intelligence Group (GTIG) nun im Rahmen einer aktuellen Untersuchung belegen: Cyberkriminelle nutzen KI im Rahmen ihrer Malware-Angriffskampagnen. Aber längst nicht mehr nur für Vibe-Coding-Zwecke oder zur technischen Unterstützung. Wie…
KI-Malware ist keine Theorie mehr

Nov 7, 2025 2:20 PM

Tags: access, ai, antivirus, api, control, cyberattack, cybercrime, cybersecurity, data, exploit, github, google, group, hacker, intelligence, LLM, malware, ransomware, RedTeam, service, skills, social-engineering, software, threat, tool, vulnerability

KI boomt auch unter Cyberkriminellen. Die ersten operativen Ergebnisse dieses Trends beleuchten Google-Sicherheitsforscher in einem aktuellen Report.Was lange befürchtet und vermutet wurde, will die Google Threat Intelligence Group (GTIG) nun im Rahmen einer aktuellen Untersuchung belegen: Cyberkriminelle nutzen KI im Rahmen ihrer Malware-Angriffskampagnen. Aber längst nicht mehr nur für Vibe-Coding-Zwecke oder zur technischen Unterstützung. Wie…
KI-Malware ist keine Theorie mehr

Nov 7, 2025 2:20 PM

Tags: access, ai, antivirus, api, control, cyberattack, cybercrime, cybersecurity, data, exploit, github, google, group, hacker, intelligence, LLM, malware, ransomware, RedTeam, service, skills, social-engineering, software, threat, tool, vulnerability

KI boomt auch unter Cyberkriminellen. Die ersten operativen Ergebnisse dieses Trends beleuchten Google-Sicherheitsforscher in einem aktuellen Report.Was lange befürchtet und vermutet wurde, will die Google Threat Intelligence Group (GTIG) nun im Rahmen einer aktuellen Untersuchung belegen: Cyberkriminelle nutzen KI im Rahmen ihrer Malware-Angriffskampagnen. Aber längst nicht mehr nur für Vibe-Coding-Zwecke oder zur technischen Unterstützung. Wie…
Google researchers detect first operational use of LLMs in active malware campaigns

Nov 7, 2025 2:20 PM

Tags: ai, api, attack, cybercrime, cybersecurity, encryption, exploit, finance, google, group, iran, LLM, malware, marketplace, phishing, RedTeam, service, skills, social-engineering, threat, tool, vulnerability

Using social engineering against LLMs: Additionally, GTIG found that attackers are increasingly using “social engineering-like pretexts” in their prompts to get around LLM safeguards. Notably, they have posed as participants in a “capture-the-flag” (CTF) gamified cybersecurity competition, persuading Gemini to give up information it would otherwise refuse to reveal. In one interaction, for instance, an attacker…
Google researchers detect first operational use of LLMs in active malware campaigns

Nov 7, 2025 2:20 PM

Tags: ai, api, attack, cybercrime, cybersecurity, encryption, exploit, finance, google, group, iran, LLM, malware, marketplace, phishing, RedTeam, service, skills, social-engineering, threat, tool, vulnerability

Using social engineering against LLMs: Additionally, GTIG found that attackers are increasingly using “social engineering-like pretexts” in their prompts to get around LLM safeguards. Notably, they have posed as participants in a “capture-the-flag” (CTF) gamified cybersecurity competition, persuading Gemini to give up information it would otherwise refuse to reveal. In one interaction, for instance, an attacker…
Multi-Turn Attacks Expose Weaknesses in Open-Weight LLM Models

Nov 6, 2025 4:19 PM

Tags: attack, cisco, data-breach, LLM

A new Cisco report exposed large language models to multi-turn adversarial attacks with 90% success rates First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/multi-turn-attacks-llm-models/
Multi-Turn Attacks Expose Weaknesses in Open-Weight LLM Models

Nov 6, 2025 4:19 PM

Tags: attack, cisco, data-breach, LLM

A new Cisco report exposed large language models to multi-turn adversarial attacks with 90% success rates First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/multi-turn-attacks-llm-models/
AI-Enabled Malware Now Actively Deployed, Says Google

Nov 6, 2025 11:19 AM

Tags: ai, detection, google, LLM, malicious, malware

Google warns of “just-in-time AI” malware using LLMs to evade detection and generate malicious code on-demand First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/aienabled-malware-actively/
Why API Security Will Drive AppSec in 2026 and Beyond

Nov 6, 2025 8:19 AM

Tags: ai, api, application-security, governance, LLM, software

As LLMs, agents and Model Context Protocols (MCPs) reshape software architecture, API sprawl is creating major security blind spots. The 2025 GenAI Application Security Report reveals why continuous API discovery, testing and governance are now critical to protecting AI-driven applications from emerging semantic and prompt-based attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/why-api-security-will-drive-appsec-in-2026-and-beyond/
Why API Security Will Drive AppSec in 2026 and Beyond

Nov 6, 2025 8:19 AM

Tags: ai, api, application-security, governance, LLM, software

As LLMs, agents and Model Context Protocols (MCPs) reshape software architecture, API sprawl is creating major security blind spots. The 2025 GenAI Application Security Report reveals why continuous API discovery, testing and governance are now critical to protecting AI-driven applications from emerging semantic and prompt-based attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/why-api-security-will-drive-appsec-in-2026-and-beyond/
Why API Security Will Drive AppSec in 2026 and Beyond

Nov 6, 2025 8:19 AM

Tags: ai, api, application-security, governance, LLM, software

As LLMs, agents and Model Context Protocols (MCPs) reshape software architecture, API sprawl is creating major security blind spots. The 2025 GenAI Application Security Report reveals why continuous API discovery, testing and governance are now critical to protecting AI-driven applications from emerging semantic and prompt-based attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/why-api-security-will-drive-appsec-in-2026-and-beyond/
NDSS 2025 Understanding And Detecting Harmful Memes With Multimodal Large Language Models

Nov 6, 2025 5:19 AM

Tags: conference, detection, framework, LLM, network, risk, tool

SESSION Session 2A: LLM Security Authors, Creators & Presenters: Yong Zhuang (Wuhan University), Keyan Guo (University at Buffalo), Juan Wang (Wuhan University), Yiheng Jing (Wuhan University), Xiaoyang Xu (Wuhan University), Wenzhe Yi (Wuhan University), Mengda Yang (Wuhan University), Bo Zhao (Wuhan University), Hongxin Hu (University at Buffalo) PAPER I know what you MEME! Understanding and…
NDSS 2025 Understanding And Detecting Harmful Memes With Multimodal Large Language Models

Nov 6, 2025 5:19 AM

Tags: conference, detection, framework, LLM, network, risk, tool

SESSION Session 2A: LLM Security Authors, Creators & Presenters: Yong Zhuang (Wuhan University), Keyan Guo (University at Buffalo), Juan Wang (Wuhan University), Yiheng Jing (Wuhan University), Xiaoyang Xu (Wuhan University), Wenzhe Yi (Wuhan University), Mengda Yang (Wuhan University), Bo Zhao (Wuhan University), Hongxin Hu (University at Buffalo) PAPER I know what you MEME! Understanding and…
Google uncovers malware using LLMs to operate and evade detection

Nov 5, 2025 8:23 PM

Tags: ai, detection, google, LLM, malware, ransomware, threat

PromptLock, the AI-powered proof-of-concept ransomware developed by researchers at NYU Tandon and initially mistaken for an active threat by ESET, is no longer an isolated … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/05/malware-using-llms/
NDSS 2025 Safety Misalignment Against Large Language Models

Nov 5, 2025 6:19 PM

Tags: attack, conference, data, defense, framework, LLM, malicious, network, strategy, technology

SESSION Session 2A: LLM Security Authors, Creators & Presenters: Yichen Gong (Tsinghua University), Delong Ran (Tsinghua University), Xinlei He (Hong Kong University of Science and Technology (Guangzhou)), Tianshuo Cong (Tsinghua University), Anyu Wang (Tsinghua University), Xiaoyun Wang (Tsinghua University) PAPER Safety Misalignment Against Large Language Models The safety alignment of Large Language Models (LLMs) is…
Malware Developers Test AI for Adaptive Code Generation

Nov 5, 2025 4:19 PM

Tags: ai, attack, google, hacker, intelligence, LLM, malware

Google Details How Attackers Could Use LLMs to Mutate Scripts. Malware authors are experimenting with a new breed of artificial intelligence-driven attacks, with code that could potentially rewrite itself as it runs. Large language models are allowing hackers to generate, modify and execute commands on demand, instead of relying on static payloads First seen on…