Tag: LLM

Attackers Used AI to Breach an AWS Environment in 8 Minutes

Feb 6, 2026 7:14 PM

Tags: access, ai, attack, breach, cloud, cybercrime, LLM, threat

Threat actors using LLMs needed only eight minutes to move from initial access to full admin privileges in an attack on a company’s AWS cloud environment in the latest example of cybercriminals expanding their use of AI in their operations, Sysdig researchers said. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/attackers-used-ai-to-breach-an-aws-environment-in-8-minutes/
KI als AWS-Angriffsturbo

Feb 6, 2026 10:13 AM

Tags: access, ai, ceo, ciso, cloud, cyberattack, detection, framework, hacker, iam, least-privilege, LLM, risk, threat, training

Kriminelle Hacker haben ihre Angriffe auf AWS-Umgebungen mit KI beschleunigt.Forscher des Sicherheitsanbieters Sysdig haben einen Angriff aufgedeckt, bei dem kriminelle Angreifer eine AWS-Umgebung in weniger als acht Minuten vollständig kompromittieren konnten. Laut den Threat-Spezialisten nutzten die Bedrohungsakteure dabei eine Cloud-Fehlkonfiguration mit der Hilfe von Large Language Models (LLMs) aus, um den gesamten Angriffs-Lebenszyklus zu komprimieren…
Varonis Acquires AllTrue to Strengthen AI Security Capabilities

Feb 5, 2026 1:24 PM

Tags: ai, LLM, risk

The deal underscores a broader industry shift as security vendors race to address the risks introduced by LLMs, copilots, and autonomous AI agents. The post Varonis Acquires AllTrue to Strengthen AI Security Capabilities appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-varonis-buys-alltrue/
Microsoft develops a new scanner to detect hidden backdoors in LLMs

Feb 5, 2026 12:14 PM

Tags: ai, backdoor, ceo, computing, detection, edr, hacker, LLM, microsoft, open-source, software, supply-chain, virus

Effectiveness of the scanner: Microsoft said the scanner does not require retraining models or prior knowledge of backdoor behavior and operates using forward passes only, avoiding gradient calculations or backpropagation to keep computing costs low.The company also said it works with most causal, GPT-style language models and can be used across a wide range of…
Software supply chain risks join the OWASP top 10 list, access control still on top

Feb 5, 2026 9:13 AM

Tags: access, ai, attack, authentication, backdoor, backup, breach, cloud, computer, control, credentials, cybersecurity, data, data-breach, defense, encryption, flaw, governance, identity, injection, LLM, login, malicious, mfa, open-source, password, risk, software, sql, supply-chain, threat, unauthorized, update, vulnerability

1 Broken access control When applications fail to properly enforce restrictions on what authenticated users are allowed to do, allowing attackers to access unauthorized functionality or data. For example, an attacker might manipulate an URL parameter to access another user’s account information or escalate their privileges from a regular user to an administrator. This item…
Three clues that your LLM may be poisoned with a sleeper-agent back door

Feb 5, 2026 9:13 AM

Tags: LLM, threat

It’s a threat straight out of sci-fi, and fiendishly hard to detect First seen on theregister.com Jump to article: www.theregister.com/2026/02/05/llm_poisoned_how_to_tell/
AWS intruder achieved admin access in under 10 minutes thanks to AI assist, researchers say

Feb 4, 2026 11:14 PM

Tags: access, ai, attack, Intruder, LLM

LLMs automated most phases of the attack First seen on theregister.com Jump to article: www.theregister.com/2026/02/04/aws_cloud_breakin_ai_assist/
Full Spectrum AI Security: FireTail’s Platform Update for the AI-Enabled Workforce FireTail Blog

Feb 4, 2026 1:13 AM

Tags: access, ai, api, browser, chatgpt, chrome, ciso, cloud, control, corporate, data, email, governance, grc, group, jobs, LLM, monitoring, risk, service, skills, technology, tool, unauthorized, update, vulnerability

Feb 03, 2026 – Jeremy Snyder – The rise of generative AI has changed how businesses operate. In almost every company, leaders are looking for ways to use AI to work faster and smarter. However, this shift has created a major challenge for security teams. Most of the AI activity inside an organization is currently…
NDSS 2025 Beyond Classification

Feb 3, 2026 11:14 PM

Tags: conference, data, framework, Internet, LLM, malware, network, vulnerability

Session 11B: Binary Analysis Authors, Creators & Presenters: Linxi Jiang (The Ohio State University), Xin Jin (The Ohio State University), Zhiqiang Lin (The Ohio State University) PAPER Beyond Classification: Inferring Function Names in Stripped Binaries via Domain Adapted LLMs Function name inference in stripped binaries is an important yet challenging task for many security applications,…
From credentials to cloud admin in 8 minutes: AI supercharges AWS attack chain

Feb 3, 2026 5:14 PM

Tags: access, ai, attack, ciso, cloud, credentials, detection, framework, group, iam, least-privilege, LLM, monitoring, training

Lateral movement, LLMjacking, and GPU abuse: Once administrative access was obtained, the attacker moved laterally across 19 distinct AWS principals, assuming multiple roles and creating new users to spread activity across identities. This approach enabled persistence and complicated detection, the researchers noted.The attackers then shifted focus to Amazon Bedrock, enumerating available models and confirming that…
Analysis of the Attack Surface in the Agent SKILL Architecture: Case Studies and Ecosystem Research

Feb 3, 2026 1:13 PM

Tags: attack, cyber, LLM, network, tool

Background As LLMs and intelligent agents expand from dialogue to task execution, the encapsulation, reuse and orchestration of LLM capabilities have become key issues. As a capability abstraction mechanism, SKILL encapsulates reasoning logic, tool calls and execution processes into reusable skill units, enabling the model to achieve stable, consistent and manageable operations when performing complex…The…
NDSS 2025 PropertyGPT

Jan 31, 2026 9:15 PM

Tags: blockchain, bug-bounty, conference, crypto, guide, Internet, LLM, network, oracle, strategy, tool, vulnerability, zero-day

Session 11A: Blockchain Security 2 Authors, Creators & Presenters: Ye Liu (Singapore Management University), Yue Xue (MetaTrust Labs), Daoyuan Wu (The Hong Kong University of Science and Technology), Yuqiang Sun (Nanyang Technological University), Yi Li (Nanyang Technological University), Miaolei Shi (MetaTrust Labs), Yang Liu (Nanyang Technological University) PAPER PropertyGPT: LLM-driven Formal Verification of Smart Contracts…
AI Compliance Tools: What to Look For FireTail Blog

Jan 30, 2026 8:42 PM

Tags: ai, antivirus, api, attack, automation, backdoor, business, cloud, compliance, control, credit-card, data, defense, email, finance, framework, GDPR, governance, grc, guide, identity, injection, intelligence, jobs, LLM, login, malicious, mitre, network, nist, okta, remote-code-execution, risk, risk-management, siem, software, threat, tool, training, unauthorized, vulnerability

Jan 30, 2026 – Alan Fagan – Quick Facts: AI Compliance ToolsManual tracking often falls short: Spreadsheets cannot track the millions of API calls and prompts generated by modern AI systems.Real-time is required: The best AI compliance tools monitor live traffic, not just static policy documents.Framework mapping matters: Firetail automatically maps activity to the OWASP…
MCP security: How to prevent prompt injection and tool poisoning attacks

Jan 30, 2026 4:22 PM

Tags: access, ai, api, attack, authentication, automation, best-practice, business, ceo, communications, control, credentials, data, defense, detection, email, endpoint, exploit, framework, github, governance, guide, incident response, infrastructure, injection, least-privilege, LLM, malicious, monitoring, network, radius, risk, service, siem, software, sql, supply-chain, threat, tool, unauthorized, vulnerability

The Model Context Protocol (MCP) has quickly become the open protocol that enables AI agents to connect securely to external tools, databases, and business systems. But this convenience comes with security risks. MCP servers store sensitive credentials, handle business logic, and connect to APIs. This makes them prime targets for attackers who have learned to…
Roughly half of employees are using unsanctioned AI tools, and enterprise leaders are major culprits

Jan 30, 2026 5:21 AM

Tags: access, ai, breach, business, ceo, ciso, control, corporate, data, finance, framework, governance, Internet, LLM, network, risk, technology, threat, tool, training

51% have connected AI tools to work systems or apps without the approval or knowledge of IT;63% believe it’s acceptable to use AI when there is no corporate-approved option or IT oversight;60% say speed is worth the security risk;21% think employers will simply “turn a blind eye” as long as they’re getting their work done.And…
NSFOCUS Unveils Enhanced AI LLM Risk Threat Matrix for Holistic AI Security Governance

Jan 29, 2026 9:23 AM

Tags: ai, cyber, data, governance, LLM, network, risk, threat

SANTA CLARA, Calif., Jan 29, 2026 Security is a prerequisite for the application and development of LLM technology. Only by addressing security risks when integrating LLMs can businesses ensure healthy and sustainable growth. NSFOCUS first proposed the AI LLM Risk Threat Matrix in 2024. The Matrix addresses security from multiple perspectives: foundational security, data security,…The…
Crooks are hijacking and reselling AI infrastructure: Report

Jan 29, 2026 5:21 AM

Tags: access, ai, api, attack, authentication, business, cloud, communications, control, credentials, cybersecurity, data, data-breach, endpoint, exploit, firewall, group, infosec, infrastructure, intelligence, Internet, LLM, malicious, marketplace, risk, service, skills, technology, theft, threat, training, vulnerability

exposed endpoints on default ports of common LLM inference services;unauthenticated API access without proper access controls;development/staging environments with public IP addresses;MCP servers connecting LLMs to file systems, databases and internal APIs.Common misconfigurations leveraged by these threat actors include:Ollama running on port 11434 without authentication;OpenAI-compatible APIs on port 8000 exposed to the internet;MCP servers accessible without…
Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation

Jan 28, 2026 3:21 PM

Tags: access, data-breach, endpoint, hacker, LLM, malicious, service, unauthorized

A malicious campaign is actively targeting exposed LLM (Large Language Model) service endpoints to commercialize unauthorized access to AI infrastructure. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-hijack-exposed-llm-endpoints-in-bizarre-bazaar-operation/
Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation

Jan 28, 2026 3:21 PM

Tags: access, data-breach, endpoint, hacker, LLM, malicious, service, unauthorized

A malicious campaign is actively targeting exposed LLM (Large Language Model) service endpoints to commercialize unauthorized access to AI infrastructure. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-hijack-exposed-llm-endpoints-in-bizarre-bazaar-operation/
Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation

Jan 28, 2026 3:21 PM

Tags: access, data-breach, endpoint, hacker, LLM, malicious, service, unauthorized

A malicious campaign is actively targeting exposed LLM (Large Language Model) service endpoints to commercialize unauthorized access to AI infrastructure. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-hijack-exposed-llm-endpoints-in-bizarre-bazaar-operation/
Multi-Agent-Systeme werden zum neuen Betriebsmodell für Unternehmen

Jan 28, 2026 3:21 PM

Tags: ai, LLM, strategy

Der Databricks-Bericht ‘State of AI Agents” zeigt: Model-Flexibility (oder Flexible Modellauswahl) ist die neue KI-Strategie, wobei 78 Prozent der Unternehmen zwei oder mehr LLM-Modellfamilien verwenden. Der Mehrwert von KI-Agenten wird sich 2026 unter Beweis stellen. Beobachtungen in der gesamten Branche zeigen, dass KI sich bereits zu einem festen Bestandteil kritischer Arbeitsabläufe entwickelt hat. Einer der…
AI & the Death of Accuracy: What It Means for Zero-Trust

Jan 28, 2026 12:21 AM

Tags: ai, data, LLM, malicious, zero-trust

AI model collapse, where LLMs over time train on more and more AI-generated data and become degraded as a result, can introduce inaccuracies, promulgate malicious activity, and impact PII protections. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/ai-death-accuracy-zero-trust
Browser Wars, Continued: Why Everyone Is Building Their Own AI Browser

Jan 23, 2026 11:30 PM

Tags: access, ai, api, attack, awareness, browser, chatgpt, chrome, cloud, data, detection, github, google, identity, infrastructure, Internet, LLM, malicious, malware, network, openai, saas, technology, threat, unauthorized

Written by Vivek Ramachandran, SquareX Founder, for Forbes Technology Council. This article originally appeared here. Source: Getty If you lived through the 1990s, you’ll remember the first of the ” browser wars,” where Netscape and Internet Explorer fiercely competed for market dominance. Then Google launched Chromium in 2008, and this battle effectively ended. The past 17…
Anthropic writes 23,000-word ‘constitution’ for Claude, suggests it may have feelings

Jan 23, 2026 5:36 PM

Tags: LLM

Describes its LLMs as an ‘entity’ that probably has something like emotions First seen on theregister.com Jump to article: www.theregister.com/2026/01/22/anthropic_claude_constitution/
Overrun with AI slop, cURL scraps bug bounties to ensure intact mental health

Jan 23, 2026 12:30 AM

Tags: ai, LLM, vulnerability

The onslaught includes LLMs finding bogus vulnerabilities and code that won’t compile. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/01/overrun-with-ai-slop-curl-scraps-bug-bounties-to-ensure-intact-mental-health/
Securing Generative AI: A Technical Guide to Protecting Your LLM Infrastructure

Jan 22, 2026 6:46 PM

Tags: ai, automation, guide, infrastructure, LLM, network

The GenAI Gold Rush: Why Network infrastructure Security Is Paramount Generative AI (GenAI) and Large Language Models (LLMs) are rapidly reshaping enterprise IT, powering everything from developer copilots and customer support automation to advanced analytics and decision-making. As adoption accelerates, GenAI is quickly becoming embedded in business”‘critical workflows. However, this rapid innovation creates a double”‘edged……
Three vulnerabilities in Anthropic Git MCP Server could let attackers tamper with LLMs

Jan 21, 2026 6:16 AM

Tags: access, ai, api, attack, ciso, control, data, defense, infosec, injection, least-privilege, LLM, malicious, sans, service, threat, tool, vulnerability

mcp-server-git versions prior to 2025-12.18.The three vulnerabilities are·CVE-2025-68143, an unrestricted git_init.·CVE-2025-68145, a path validation bypass.·CVE-2025-68144, an argument injection in git_diff.Unlike other vulnerabilities in MCP servers that required specific configurations, these work on any configuration of Anthropic’s official server, out of the box, Cyata says.Model Context Protocol (MCP) is an open standard introduced by Anthropic in 2024 to…
Flaws in Chainlit AI dev framework expose servers to compromise

Jan 21, 2026 5:13 AM

Tags: access, ai, api, attack, authentication, cloud, credentials, data, detection, endpoint, exploit, firewall, flaw, framework, iam, LLM, network, service, vulnerability, waf

/proc/self/environ file is used to store environment variables, and these can contain API keys, credentials, internal file paths, database paths, tokens for AWS and other cloud services, and even CHAINLIT_AUTH_SECRET, a secret that’s used to sign authentication tokens when authentication is enabled.On top of that, if LangChain is used as the orchestration layer behind Chainlit…
The LimaCharlie Manifesto: Security for an Autonomous Future

Jan 20, 2026 3:13 PM

Tags: access, advisory, ai, api, automation, cloud, control, cybersecurity, data, infrastructure, LLM, technology, threat, tool

Cybersecurity is standing at an inflection point. The proliferation of agentic AI and LLMs does not signal a gradual shift, but a radical transformation. The security tools, assumptions, and architectures of the last twenty years can no longer keep pace with the challenges and threats of today. AI changed the rules. Attackers have quickly adapted. …
When Language Becomes the Attack Surface: Inside the Google Gemini Calendar Exploit

Jan 20, 2026 3:13 PM

Tags: ai, attack, cybersecurity, data-breach, exploit, flaw, google, LLM, malicious, software, vulnerability

Security teams have spent decades hardening software against malicious input, yet a recent vulnerability involving Google Gemini demonstrates how those assumptions begin to fracture when language itself becomes executable. The issue, disclosed by cybersecurity researchers at Miggo Security, exposed a subtle but powerful flaw in how natural language interfaces like AI LLMs interact with privileged…