Tag: openai
-
OpenAI Warns of Mixpanel Data Breach Impacting API Users
The breach may have exposed OpenAI API customers’ data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/openai-warns-mixpanel-data-breach/
-
Datenleck: OpenAI-Dienstleister fällt auf Phishing-SMS rein
Bei dem Webanalyse-Dienstleister Mixpanel sind durch eine Smishing-Attacke Daten abgeflossen. Das betrifft auch Nutzer des ChatGPT-Entwicklers OpenAI. First seen on golem.de Jump to article: www.golem.de/news/datenleck-openai-dienstleister-faellt-auf-phishing-sms-rein-2511-202663.html
-
Von LLM generierte Malware wird immer besser
Forscher tricksen Chatbots aus, stoßen aber auf unzuverlässige Ergebnisse.Cyberkriminelle versuchen bereits seit geraumer Zeit, mit Hilfe von Large Language Models (LLM) ihre dunklen Machenschaften zu automatisieren. Aber können sie schon bösartigen Code generieren, der ‘marktreif” und bereit für den operativen Einsatz ist? Das wollten die Forschenden von Netskope Threat Labs herausfinden, indem sie Chatbots dazu…
-
The Emergence of GPTPowered Ransomware and the Threat to IAM Systems
The cybersecurity landscape is undergoing a profound transformation. Traditional malware, characterized by static code and predictable behaviors, is being eclipsed by a new breed of threats powered by advanced artificial intelligence. A notable example is the emergence of MalTerminal, a malware leveraging OpenAI’s GPT-4 to generate ransomware and reverse shells in real-time. This development marks..…
-
The Emergence of GPTPowered Ransomware and the Threat to IAM Systems
The cybersecurity landscape is undergoing a profound transformation. Traditional malware, characterized by static code and predictable behaviors, is being eclipsed by a new breed of threats powered by advanced artificial intelligence. A notable example is the emergence of MalTerminal, a malware leveraging OpenAI’s GPT-4 to generate ransomware and reverse shells in real-time. This development marks..…
-
SesameOp: Neuartige Backdoor in OpenAI API für CC missbraucht
Sicherheitsforscher von Microsoft sind auf eine neuartige Backdoor in der OpenAI Assistant API gestoßen, und haben diese SesameOp genannt. Diese neuartige Backdoor, die von einem Angreifer verwendet wurde, nutzt die API des OpenAI Assistant, um Befehls- und Kontrollfunktionen für Cyberangriffe … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/22/sesameop-neuartige-backdoor-in-openai-api-fuer-cc-missbraucht/
-
Schatten-IT: Viele Fachkräfte nutzen KI ohne Erlaubnis
Schatten-KI in Unternehmen birgt erhebliche Risiken.Immer mehr Fachkräfte in den sogenannten MINT-Berufen setzen Künstliche Intelligenz (KI) am Arbeitsplatz ohne die Genehmigung des Arbeitgebers ein. MINT steht für Mathematik, Informatik, Naturwissenschaften und Technik. In Deutschland nutzen drei von vier MINT-Fachkräften (77 Prozent) bei der Arbeit KI-Tools wie ChatGPT, Google Gemini oder Perplexity, ohne dass die KI-Anwendungen…
-
Schatten-IT: Viele Fachkräfte nutzen KI ohne Erlaubnis
Schatten-KI in Unternehmen birgt erhebliche Risiken.Immer mehr Fachkräfte in den sogenannten MINT-Berufen setzen Künstliche Intelligenz (KI) am Arbeitsplatz ohne die Genehmigung des Arbeitgebers ein. MINT steht für Mathematik, Informatik, Naturwissenschaften und Technik. In Deutschland nutzen drei von vier MINT-Fachkräften (77 Prozent) bei der Arbeit KI-Tools wie ChatGPT, Google Gemini oder Perplexity, ohne dass die KI-Anwendungen…
-
OpenAI says its latest GPT-5.1 Codex can code independently for hours
Tags: openaiOpenAI has started rolling out GPT 5.1-Codex-Max on Codex with a better performance on coding tasks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/artificial-intelligence/openai-says-its-latest-gpt-51-codex-can-code-independently-for-hours/
-
Is Cloudflare Down? Latest Reports From Cloudflare
Sensorstechforum.com Newsroom November 18, 2025. A major outage at internet infrastructure provider Cloudflare today briefly broke large parts of the web, knocking services such as X (formerly Twitter), OpenAI’s ChatGPT, Canva and multiple other platforms offline or making them… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/is-cloudflare-down-latest-reports-from-cloudflare/
-
Cloudflare Outage Throws a Wrench in Global Internet Access
Major Service Provider’s Temporary Disruption Follows Big AWS Outage Last Month. Websites worldwide faced intermittent outages Tuesday due to an ongoing problem with technology giant Cloudflare’s content delivery network, resulting in users being unable to access an array of big sites, ranging from OpenAI, bet365 and X, to Grindr, Virgin Media and Spotify. First seen…
-
Atlas-Browser, der erste Schritt zum KI-Betriebssystem
Der ChatGPT Atlas-Browser von OpenAI steht als eine Art Prototyp dafür, wie wir alle Computer in Zukunft nutzen sollen. Betriebssysteme werden in Zukunft mit KI laufen. Aber wie steht es mit der Sicherheit dieses ganzen Ansatzes? Innerhalb weniger Jahre werden … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/16/chatgpt-atlas-browser-der-erste-schritt-zum-ki-betriebssystem/
-
OpenAI stemmt sich gegen die Forderung, Millionen von ChatGPT-Konversationen freizugeben
OpenAI ist in eine große Kontroverse verstrickt, weil man möchte, dass die Firma Millionen von ChatGPT-Konversationen herausrückt. Das KI-Unternehmen wehrt sich jedoch bislang dagegen. Thomas Boele, Regional Director Sales Engineering, CER / DACH bei Check Point Software Technologies, gibt seine Einschätzung aus der Sicht eines etablierten Herstellers von Cyber-Sicherheitsprodukten ab. ‘Beim Datenschutz geht es nicht…
-
OpenAI’s viability called into question by reported inference spending with Microsoft
Microsoft internal financials also suggest AI flag bearer is nowhere close to $13 billion in revenues First seen on theregister.com Jump to article: www.theregister.com/2025/11/12/openai_spending_report/
-
OpenAI’s viability called into question by reported inference spending with Microsoft
Microsoft internal financials also suggest AI flag bearer is nowhere close to $13 billion in revenues First seen on theregister.com Jump to article: www.theregister.com/2025/11/12/openai_spending_report/
-
OpenAI Sora 2 Vulnerability Allows Exposure of Hidden System Prompts from Audio Data
Security researchers have successfully extracted the system prompt from OpenAI’s Sora 2 video generation model by exploiting cross-modal vulnerabilities, with audio transcription proving to be the most effective extraction method. Sora 2, OpenAI’s state-of-the-art multimodal model for generating short video content, was thought to keep its system prompt secure. However, researchers discovered that by chaining…
-
Mindgard Finds Sora 2 Vulnerability Leaking Hidden System Prompt via Audio
AI security firm Mindgard discovered a flaw in OpenAI’s Sora 2 model, forcing the video generator to leak… First seen on hackread.com Jump to article: hackread.com/mindgard-sora-2-vulnerability-prompt-via-audio/
-
Advocacy group calls on OpenAI to address Sora 2’s deepfake risks
Public Citizen’s letter urges OpenAI to temporarily take Sora 2 offline and work with outside experts to prevent the spread of harmful deepfakes. First seen on cyberscoop.com Jump to article: cyberscoop.com/sora-2-deepfake-letter-public-citizen-openai/
-
Advocacy group calls on OpenAI to address Sora 2’s deepfake risks
Public Citizen’s letter urges OpenAI to temporarily take Sora 2 offline and work with outside experts to prevent the spread of harmful deepfakes. First seen on cyberscoop.com Jump to article: cyberscoop.com/sora-2-deepfake-letter-public-citizen-openai/
-
Wie ChatGPT sich selbst eine Prompt Injection zufügt
Forscher haben neue Methoden für Angriffe über ChatGPT aufgedeckt.Forscher des Sicherheitsunternehmens Tenable haben sieben neue Möglichkeiten entdeckt, wie Angreifer ChatGPT dazu bringen können, private Informationen aus den Chat-Verläufen der Nutzer preiszugeben. Bei den meisten dieser Angriffe handelt es sich um indirekte Prompt Injections, die die Standard-Tools und -funktionen von ChatGPT ausnutzen. Etwa die Fähigkeit, den…
-
Data Privacy in the World of ChatGPT: Risks, Importance, Best Practices
What is ChatGPT? ChatGPT is a conversational AI that has been created by OpenAI and is based on the ability to understand and generate text that is in many ways similar to how a human being would write it, given an input. It belongs to a line of models called the Generative Pre-trained Transformer orRead…
-
Data Privacy in the World of ChatGPT: Risks, Importance, Best Practices
What is ChatGPT? ChatGPT is a conversational AI that has been created by OpenAI and is based on the ability to understand and generate text that is in many ways similar to how a human being would write it, given an input. It belongs to a line of models called the Generative Pre-trained Transformer orRead…
-
Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations
Tags: ai, api, attack, ciso, cloud, cyberattack, data, finance, healthcare, leak, LLM, microsoft, mitigation, network, openai, service, side-channel, vpnInside Microsoft’s proof-of-concept: Researchers at Microsoft simulated a real-world scenario in which the adversary could observe encrypted traffic but not decrypt it. They chose “legality of money laundering” as the target topic for the proof-of-concept.For positive samples, the team used a”¯language model”¯to generate 100 semantically similar variants of questions about this topic. For negative”¯noise”¯samples,”¯it randomly…
-
Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations
Tags: ai, api, attack, ciso, cloud, cyberattack, data, finance, healthcare, leak, LLM, microsoft, mitigation, network, openai, service, side-channel, vpnInside Microsoft’s proof-of-concept: Researchers at Microsoft simulated a real-world scenario in which the adversary could observe encrypted traffic but not decrypt it. They chose “legality of money laundering” as the target topic for the proof-of-concept.For positive samples, the team used a”¯language model”¯to generate 100 semantically similar variants of questions about this topic. For negative”¯noise”¯samples,”¯it randomly…
-
Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations
Tags: ai, api, attack, ciso, cloud, cyberattack, data, finance, healthcare, leak, LLM, microsoft, mitigation, network, openai, service, side-channel, vpnInside Microsoft’s proof-of-concept: Researchers at Microsoft simulated a real-world scenario in which the adversary could observe encrypted traffic but not decrypt it. They chose “legality of money laundering” as the target topic for the proof-of-concept.For positive samples, the team used a”¯language model”¯to generate 100 semantically similar variants of questions about this topic. For negative”¯noise”¯samples,”¯it randomly…
-
Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations
Tags: ai, api, attack, ciso, cloud, cyberattack, data, finance, healthcare, leak, LLM, microsoft, mitigation, network, openai, service, side-channel, vpnInside Microsoft’s proof-of-concept: Researchers at Microsoft simulated a real-world scenario in which the adversary could observe encrypted traffic but not decrypt it. They chose “legality of money laundering” as the target topic for the proof-of-concept.For positive samples, the team used a”¯language model”¯to generate 100 semantically similar variants of questions about this topic. For negative”¯noise”¯samples,”¯it randomly…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter SesameOp: Novel backdoor uses OpenAI Assistants API for command and control Weaponized Military Documents Deliver Advanced SSH-Tor Backdoor to Defense Sector Gootloader Returns: What Goodies Did They Bring? Ransomvibing appears in VS Code extensions…