Tag: openai
-
More evidence your AI agents can be turned against you
Aikido found that AI coding tools from Google, Anthropic, OpenAI and others regularly embed untrusted prompts into software development workflows. First seen on cyberscoop.com Jump to article: cyberscoop.com/ai-coding-tools-can-be-turned-against-you-aikido-github-prompt-injection/
-
RCE flaw in OpenAI’s Codex CLI highlights new risks to dev environments
Tags: access, ai, api, attack, automation, backdoor, cloud, exploit, flaw, google, malicious, open-source, openai, rce, remote-code-execution, risk, service, tool, vulnerabilityMultiple attack vectors: For this flaw to be exploited, the victim needs to clone the repository and run Codex on it and an attacker needs to have commit access to the repo or have their malicious pull request accepted.”Compromised templates, starter repos, or popular open-source projects can weaponize many downstream consumers with a single commit,”…
-
OpenAI Codex CLI Flaw Allows Attackers to Run Arbitrary Commands
OpenAI’s Codex CLI, a command-line tool designed to bring AI-powered reasoning into developer workflows, contains a critical vulnerability that allows attackers to execute arbitrary commands on developer machines without any user interaction or approval. Security researchers Isabel Mill and Oded Vanunu discovered the flaw, tracked as CVE-2025-61260, on December 1, 2025. Attribute Details CVE ID CVE-2025-61260…
-
OpenAI Codex CLI Flaw Allows Attackers to Run Arbitrary Commands
OpenAI’s Codex CLI, a command-line tool designed to bring AI-powered reasoning into developer workflows, contains a critical vulnerability that allows attackers to execute arbitrary commands on developer machines without any user interaction or approval. Security researchers Isabel Mill and Oded Vanunu discovered the flaw, tracked as CVE-2025-61260, on December 1, 2025. Attribute Details CVE ID CVE-2025-61260…
-
Leak confirms OpenAI is preparing ads on ChatGPT for public roll out
OpenAI is now internally testing ‘ads’ inside ChatGPT that could redefine the web economy. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/artificial-intelligence/leak-confirms-openai-is-preparing-ads-on-chatgpt-for-public-roll-out/
-
OpenAI Suspends Mixpanel Use After Analytics Data Breach
ChatGPT Maker Probes Third-Party Data Breach; OpenAI API Users’ Information Exposed. OpenAI has temporarily ceased use of Mixpanel after the analytics firm disclosed a breach affecting profile data of the artificial intelligence giant’s API platform users. The company is notifying impacted organizations and watching for signs of data misuse. First seen on govinfosecurity.com Jump to…
-
OpenAI admits data breach after analytics partner hit by phishing attack
Tags: access, ai, api, attack, authentication, backdoor, breach, chatgpt, credentials, data, data-breach, email, governance, government, mfa, openai, password, phishing, riskName provided to OpenAI on the API account Email address associated with the API accountApproximate location based on API user browser (city, state, country)Operating system and browser used to access the API accountReferring websitesOrganization or User IDs associated with the API account”We proactively communicated with all impacted customers. If you have not heard from us directly,…
-
OpenAI data may have been exposed after a cyberattack on analytics firm Mixpanel
OpenAI warns some users that a cyberattack on analytics firm Mixpanel may have exposed their data. Mixpanel is a product analytics platform that companies use to understand how people interact with their apps or websites. Many tech companies use Mixpanel to make data-driven decisions about features, performance, and customer journeys. OpenAI is alerting some users about…
-
OpenAI Reveals Mixpanel Data Breach Exposing User Details
OpenAI has publicly disclosed a security incident involving a data breach at Mixpanel, a third-party analytics provider previously used by the company for monitoring usage on its API platform. The breach exposed limited but sensitive user information, including names, email addresses, operating system details, and browser metadata. According to OpenAI, the incident originated within Mixpanel’s…
-
OpenAI Reveals Mixpanel Data Breach Exposing User Details
OpenAI has publicly disclosed a security incident involving a data breach at Mixpanel, a third-party analytics provider previously used by the company for monitoring usage on its API platform. The breach exposed limited but sensitive user information, including names, email addresses, operating system details, and browser metadata. According to OpenAI, the incident originated within Mixpanel’s…
-
OpenAI-Server über Dienstleister gehackt, API-Daten abgeflossen
Der AI-Platzhirsch OpenAI wurde am 9. November 2025 über den Dienstleister Mixpanel gehackt. Wer die API-Dienste von OpenAI genutzt hat, sollte davon ausgehen, dass die Angreifer Name, den Standort, die Benutzer-ID und andere Informationen abgegriffen hat. Das ist gerade von … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/27/openai-server-ueber-dienstleister-gehackt-api-daten-abgeflossen/
-
OpenAI API User Data Exposed in Mixpanel Breach, ChatGPT Unaffected
OpenAI confirmed a third-party data breach via Mixpanel, exposing limited API user metadata like names, emails and browser… First seen on hackread.com Jump to article: hackread.com/openai-api-mixpanel-data-breach-chatgpt/
-
Nutzerdaten abgeflossen: Dienstleister von OpenAI fällt auf Phishing-SMS rein
Bei dem Webanalyse-Dienstleister Mixpanel sind durch eine Smishing-Attacke Daten abgeflossen. Das betrifft auch Nutzer des ChatGPT-Entwicklers OpenAI. First seen on golem.de Jump to article: www.golem.de/news/datenleck-openai-dienstleister-faellt-auf-phishing-sms-rein-2511-202663.html
-
OpenAI discloses API customer data breach via Mixpanel vendor hack
OpenAI is notifying some ChatGPT API customers that limited identifying information was exposed following a breach at its third-party analytics provider Mixpanel. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/openai-discloses-api-customer-data-breach-via-mixpanel-vendor-hack/
-
OpenAI Warns of Mixpanel Data Breach Impacting API Users
The breach may have exposed OpenAI API customers’ data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/openai-warns-mixpanel-data-breach/
-
Datenleck: OpenAI-Dienstleister fällt auf Phishing-SMS rein
Bei dem Webanalyse-Dienstleister Mixpanel sind durch eine Smishing-Attacke Daten abgeflossen. Das betrifft auch Nutzer des ChatGPT-Entwicklers OpenAI. First seen on golem.de Jump to article: www.golem.de/news/datenleck-openai-dienstleister-faellt-auf-phishing-sms-rein-2511-202663.html
-
Von LLM generierte Malware wird immer besser
Forscher tricksen Chatbots aus, stoßen aber auf unzuverlässige Ergebnisse.Cyberkriminelle versuchen bereits seit geraumer Zeit, mit Hilfe von Large Language Models (LLM) ihre dunklen Machenschaften zu automatisieren. Aber können sie schon bösartigen Code generieren, der ‘marktreif” und bereit für den operativen Einsatz ist? Das wollten die Forschenden von Netskope Threat Labs herausfinden, indem sie Chatbots dazu…
-
The Emergence of GPTPowered Ransomware and the Threat to IAM Systems
The cybersecurity landscape is undergoing a profound transformation. Traditional malware, characterized by static code and predictable behaviors, is being eclipsed by a new breed of threats powered by advanced artificial intelligence. A notable example is the emergence of MalTerminal, a malware leveraging OpenAI’s GPT-4 to generate ransomware and reverse shells in real-time. This development marks..…
-
The Emergence of GPTPowered Ransomware and the Threat to IAM Systems
The cybersecurity landscape is undergoing a profound transformation. Traditional malware, characterized by static code and predictable behaviors, is being eclipsed by a new breed of threats powered by advanced artificial intelligence. A notable example is the emergence of MalTerminal, a malware leveraging OpenAI’s GPT-4 to generate ransomware and reverse shells in real-time. This development marks..…
-
SesameOp: Neuartige Backdoor in OpenAI API für CC missbraucht
Sicherheitsforscher von Microsoft sind auf eine neuartige Backdoor in der OpenAI Assistant API gestoßen, und haben diese SesameOp genannt. Diese neuartige Backdoor, die von einem Angreifer verwendet wurde, nutzt die API des OpenAI Assistant, um Befehls- und Kontrollfunktionen für Cyberangriffe … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/22/sesameop-neuartige-backdoor-in-openai-api-fuer-cc-missbraucht/
-
Schatten-IT: Viele Fachkräfte nutzen KI ohne Erlaubnis
Schatten-KI in Unternehmen birgt erhebliche Risiken.Immer mehr Fachkräfte in den sogenannten MINT-Berufen setzen Künstliche Intelligenz (KI) am Arbeitsplatz ohne die Genehmigung des Arbeitgebers ein. MINT steht für Mathematik, Informatik, Naturwissenschaften und Technik. In Deutschland nutzen drei von vier MINT-Fachkräften (77 Prozent) bei der Arbeit KI-Tools wie ChatGPT, Google Gemini oder Perplexity, ohne dass die KI-Anwendungen…
-
Schatten-IT: Viele Fachkräfte nutzen KI ohne Erlaubnis
Schatten-KI in Unternehmen birgt erhebliche Risiken.Immer mehr Fachkräfte in den sogenannten MINT-Berufen setzen Künstliche Intelligenz (KI) am Arbeitsplatz ohne die Genehmigung des Arbeitgebers ein. MINT steht für Mathematik, Informatik, Naturwissenschaften und Technik. In Deutschland nutzen drei von vier MINT-Fachkräften (77 Prozent) bei der Arbeit KI-Tools wie ChatGPT, Google Gemini oder Perplexity, ohne dass die KI-Anwendungen…
-
OpenAI says its latest GPT-5.1 Codex can code independently for hours
Tags: openaiOpenAI has started rolling out GPT 5.1-Codex-Max on Codex with a better performance on coding tasks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/artificial-intelligence/openai-says-its-latest-gpt-51-codex-can-code-independently-for-hours/
-
Is Cloudflare Down? Latest Reports From Cloudflare
Sensorstechforum.com Newsroom November 18, 2025. A major outage at internet infrastructure provider Cloudflare today briefly broke large parts of the web, knocking services such as X (formerly Twitter), OpenAI’s ChatGPT, Canva and multiple other platforms offline or making them… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/is-cloudflare-down-latest-reports-from-cloudflare/
-
Cloudflare Outage Throws a Wrench in Global Internet Access
Major Service Provider’s Temporary Disruption Follows Big AWS Outage Last Month. Websites worldwide faced intermittent outages Tuesday due to an ongoing problem with technology giant Cloudflare’s content delivery network, resulting in users being unable to access an array of big sites, ranging from OpenAI, bet365 and X, to Grindr, Virgin Media and Spotify. First seen…
-
Atlas-Browser, der erste Schritt zum KI-Betriebssystem
Der ChatGPT Atlas-Browser von OpenAI steht als eine Art Prototyp dafür, wie wir alle Computer in Zukunft nutzen sollen. Betriebssysteme werden in Zukunft mit KI laufen. Aber wie steht es mit der Sicherheit dieses ganzen Ansatzes? Innerhalb weniger Jahre werden … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/16/chatgpt-atlas-browser-der-erste-schritt-zum-ki-betriebssystem/