Tag: malicious
-
Polymorphic AI malware exists, but it’s not what you think
Tags: access, ai, api, attack, authentication, automation, business, ciso, credentials, cryptography, cyber, cybercrime, detection, edr, email, espionage, government, group, identity, infrastructure, malicious, malware, marketplace, mfa, monitoring, phishing, radius, ransomware, risk, soc, technology, theft, threat, toolwhat the code block should do, or how it’s going to evade an antivirus. It’s just working under the assumption that Gemini just instinctively knows how to evade antiviruses (it doesn’t). There’s also no entropy to ensure the ‘self-modifying’ code differs from previous versions, or any guardrails to ensure it actually works. The function was…
-
Polymorphic AI malware exists, but it’s not what you think
Tags: access, ai, api, attack, authentication, automation, business, ciso, credentials, cryptography, cyber, cybercrime, detection, edr, email, espionage, government, group, identity, infrastructure, malicious, malware, marketplace, mfa, monitoring, phishing, radius, ransomware, risk, soc, technology, theft, threat, toolwhat the code block should do, or how it’s going to evade an antivirus. It’s just working under the assumption that Gemini just instinctively knows how to evade antiviruses (it doesn’t). There’s also no entropy to ensure the ‘self-modifying’ code differs from previous versions, or any guardrails to ensure it actually works. The function was…
-
Polymorphic AI malware exists, but it’s not what you think
Tags: access, ai, api, attack, authentication, automation, business, ciso, credentials, cryptography, cyber, cybercrime, detection, edr, email, espionage, government, group, identity, infrastructure, malicious, malware, marketplace, mfa, monitoring, phishing, radius, ransomware, risk, soc, technology, theft, threat, toolwhat the code block should do, or how it’s going to evade an antivirus. It’s just working under the assumption that Gemini just instinctively knows how to evade antiviruses (it doesn’t). There’s also no entropy to ensure the ‘self-modifying’ code differs from previous versions, or any guardrails to ensure it actually works. The function was…
-
GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments
Tags: access, api, authentication, awareness, cloud, credentials, data-breach, detection, exploit, github, infrastructure, malicious, mfa, monitoring, security-incident, strategy, threat, trainingEasily evading detection: Wiz found that a threat actor with basic read permissions via a PAT can use GitHub’s API code search to discover secret names embedded directly in a workflow’s yaml code, accessed via “${{ secrets.SECRET_NAME }}.”The danger is that this secret discovery method is difficult to monitor because search API calls are not…
-
GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments
Tags: access, api, authentication, awareness, cloud, credentials, data-breach, detection, exploit, github, infrastructure, malicious, mfa, monitoring, security-incident, strategy, threat, trainingEasily evading detection: Wiz found that a threat actor with basic read permissions via a PAT can use GitHub’s API code search to discover secret names embedded directly in a workflow’s yaml code, accessed via “${{ secrets.SECRET_NAME }}.”The danger is that this secret discovery method is difficult to monitor because search API calls are not…
-
GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments
Tags: access, api, authentication, awareness, cloud, credentials, data-breach, detection, exploit, github, infrastructure, malicious, mfa, monitoring, security-incident, strategy, threat, trainingEasily evading detection: Wiz found that a threat actor with basic read permissions via a PAT can use GitHub’s API code search to discover secret names embedded directly in a workflow’s yaml code, accessed via “${{ secrets.SECRET_NAME }}.”The danger is that this secret discovery method is difficult to monitor because search API calls are not…
-
Indirect Malicious Prompt Technique Targets Google Gemini Enterprise
Noma Security today revealed it has discovered a vulnerability in the enterprise edition of Google Gemini that can be used to inject a malicious prompt that instructs an artificial intelligence (AI) application or agent to exfiltrate data. Dubbed GeminiJack, cybercriminals can use this vulnerability to embed a malicious prompt in, for example, a Google Doc..…
-
Indirect Malicious Prompt Technique Targets Google Gemini Enterprise
Noma Security today revealed it has discovered a vulnerability in the enterprise edition of Google Gemini that can be used to inject a malicious prompt that instructs an artificial intelligence (AI) application or agent to exfiltrate data. Dubbed GeminiJack, cybercriminals can use this vulnerability to embed a malicious prompt in, for example, a Google Doc..…
-
Gemini for Chrome gets a second AI agent to watch over it
Google’s two-model defense: To address these risks, Google’s solution splits the work between two AI models. The main Gemini model reads web content and decides what actions to take. The user alignment critic sees only metadata about proposed actions, not the web content that might contain malicious instructions.”This component is architected to see only metadata…
-
React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics
Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean hackers’ involvement First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/react2shell-exploit-campaigns/
-
Malicious VS Code Extensions Deploy Advanced Infostealer
Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malicious-vs-code-extensions/
-
Gemini Enterprise No-Click Flaw Exposes Sensitive Data
Google has fixed a critical vulnerability that enabled attackers to add malicious instructions to common documents to exfiltrate sensitive corporate information. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/gemini-enterprise-exposes-sensitive-data
-
Malicious VS Code on Microsoft Registry Steals WiFi Passwords and Captures Screens
Security researchers at Koi Security have uncovered a sophisticated malware campaign targeting developers through the Visual Studio Code Marketplace. The attack uses two seemingly innocent extensions a dark theme and an AI assistant to unleash a potent infostealer capable of capturing screenshots, hijacking browser sessions, and stealing Wi-Fi passwords. The malicious extensions, identified as >>Bitcoin BlackCodo…
-
Malicious VS Code on Microsoft Registry Steals WiFi Passwords and Captures Screens
Security researchers at Koi Security have uncovered a sophisticated malware campaign targeting developers through the Visual Studio Code Marketplace. The attack uses two seemingly innocent extensions a dark theme and an AI assistant to unleash a potent infostealer capable of capturing screenshots, hijacking browser sessions, and stealing Wi-Fi passwords. The malicious extensions, identified as >>Bitcoin BlackCodo…
-
Malicious MCP Servers Enable Stealthy Prompt Injection to Drain System Resources
Security researchers have uncovered critical vulnerabilities in the Model Context Protocol (MCP) sampling feature that enable malicious servers to execute stealthy prompt injection attacks, drain computational resources, and compromise large language model applications without user detection. The findings reveal three primary attack vectors that exploit the protocol’s inherent trust model and lack of robust security…
-
Malicious MCP Servers Enable Stealthy Prompt Injection to Drain System Resources
Security researchers have uncovered critical vulnerabilities in the Model Context Protocol (MCP) sampling feature that enable malicious servers to execute stealthy prompt injection attacks, drain computational resources, and compromise large language model applications without user detection. The findings reveal three primary attack vectors that exploit the protocol’s inherent trust model and lack of robust security…
-
Malicious Models im Untergrund – Unit-42 zeigt wachsenden Schwarzmarkt für Dark-LLMs
First seen on security-insider.de Jump to article: www.security-insider.de/unit-42-zeigt-wachsenden-schwarzmarkt-fuer-dark-llms-a-d2a5e7bd2dadf1936b14944af8c3670b/
-
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware.The VS Code extensions masquerade as a premium dark theme and an artificial intelligence (AI)-powered coding assistant, but, in actuality, harbor covert functionality to download additional payloads, take First seen on…
-
NCSC warns of confusion over true nature of AI prompt injection
Malicious prompt injections to manipulate GenAI large language models are being wrongly compared to classical SQL injection attacks. In reality, prompt injection may be a far worse problem, says the UK’s NCSC. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366636155/NCSC-warns-of-confusion-over-true-nature-of-AI-prompt-injection
-
Malicious VSCode extensions on Microsoft’s registry drop infostealers
Two malicious extensions on Microsoft’s Visual Studio Code Marketplace infect developers’ machines with information-stealing malware that can take screenshots, steal credentials, and hijack browser sessions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-vscode-extensions-on-microsofts-registry-drop-infostealers/
-
Hacking as a Prompt: Malicious LLMs Find Users
WormGPT 4 Sells for $50 Monthly, While KawaiiGPT Goes Open Source. The cybercrime-as-a-service model has a new product line, with malicious large language models built without ethical guardrails selling on Telegram for $50 monthly or distributed free on GitHub. Others groups are taking the open-source route. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hacking-as-prompt-malicious-llms-find-users-a-30224
-
When it comes to security resilience, cheaper isn’t always better
Tags: access, attack, authentication, breach, business, cctv, cio, ciso, cloud, control, cyber, cybersecurity, data, data-breach, defense, encryption, exploit, government, hacker, healthcare, incident, incident response, jobs, leak, malicious, metric, mfa, monitoring, ransomware, RedTeam, resilience, risk, risk-management, saas, service, soc, software, threat, tool, update, vpn, vulnerability, vulnerability-management, zero-trustThe hidden trade-offs with resilience: Savings don’t erase risk. They shift it. What looks efficient today becomes exposed tomorrow. Cyber resilience is often the first casualty.Supply chain fragility: Cyber threats thrive on concentration. When procurement consolidates digital services into a single provider to save money, a single breach can have a ripple effect across your…
-
When it comes to security resilience, cheaper isn’t always better
Tags: access, attack, authentication, breach, business, cctv, cio, ciso, cloud, control, cyber, cybersecurity, data, data-breach, defense, encryption, exploit, government, hacker, healthcare, incident, incident response, jobs, leak, malicious, metric, mfa, monitoring, ransomware, RedTeam, resilience, risk, risk-management, saas, service, soc, software, threat, tool, update, vpn, vulnerability, vulnerability-management, zero-trustThe hidden trade-offs with resilience: Savings don’t erase risk. They shift it. What looks efficient today becomes exposed tomorrow. Cyber resilience is often the first casualty.Supply chain fragility: Cyber threats thrive on concentration. When procurement consolidates digital services into a single provider to save money, a single breach can have a ripple effect across your…
-
Hackers Target Developers Using Malicious VS Code and Cursor AI Extensions
Visual Studio Code and AI-powered IDEs such as Cursor AI and Windsurf are emerging as one of the most critical and overlooked attack surfaces in the modern software supply chain. Installed on millions of developer machines worldwide, these tools often run with access to source code, secrets, and production credentials. New research shows that compromising…
-
Hackers Target Developers Using Malicious VS Code and Cursor AI Extensions
Visual Studio Code and AI-powered IDEs such as Cursor AI and Windsurf are emerging as one of the most critical and overlooked attack surfaces in the modern software supply chain. Installed on millions of developer machines worldwide, these tools often run with access to source code, secrets, and production credentials. New research shows that compromising…
-
WatchGuard Firebox Vulnerabilities Let Hackers Skip Integrity Validation and Plant Malicious Code
WatchGuard Technologies has disclosed critical security vulnerabilities affecting its Firebox firewall products that could allow attackers to bypass system integrity checks and execute malicious code. The company released patches on December 4, 2025, addressing six distinct vulnerabilities that pose significant risks to enterprise network security. Multiple WatchGuard Firebox Vulnerabilities One of the most concerning flaws…
-
Hackers Target Developers Using Malicious VS Code and Cursor AI Extensions
Visual Studio Code and AI-powered IDEs such as Cursor AI and Windsurf are emerging as one of the most critical and overlooked attack surfaces in the modern software supply chain. Installed on millions of developer machines worldwide, these tools often run with access to source code, secrets, and production credentials. New research shows that compromising…
-
WatchGuard Firebox Vulnerabilities Let Hackers Skip Integrity Validation and Plant Malicious Code
WatchGuard Technologies has disclosed critical security vulnerabilities affecting its Firebox firewall products that could allow attackers to bypass system integrity checks and execute malicious code. The company released patches on December 4, 2025, addressing six distinct vulnerabilities that pose significant risks to enterprise network security. Multiple WatchGuard Firebox Vulnerabilities One of the most concerning flaws…