#memory-poisoning

[ follow ]
#cybersecurity #ai #vulnerabilities #ai-security #data-breach #anthropic #openai #malware #chatgpt #ransomware #meta
#ai
Artificial intelligence
fromwww.cbc.ca
13 hours ago

Anthropic's latest AI model is sparking fears from cybersecurity experts and the banking sector. Here's why. | CBC News

Mythos, Anthropic's advanced AI model, poses cybersecurity risks by uncovering vulnerabilities faster than they can be fixed.
Medicine
fromFuturism
2 days ago

Researchers Invented a Fake Disease to Trick AI and the Funniest Possible Thing Happened

A fake disease called bixonimania was created to demonstrate how AI can be misled by false information in scientific literature.
Artificial intelligence
fromwww.cbc.ca
13 hours ago

Anthropic's latest AI model is sparking fears from cybersecurity experts and the banking sector. Here's why. | CBC News

Mythos, Anthropic's advanced AI model, poses cybersecurity risks by uncovering vulnerabilities faster than they can be fixed.
Software development
fromTheregister
1 hour ago

Mythos found 271 Firefox flaws - none a human couldn't spot

Mythos AI model significantly improves bug detection, identifying 271 vulnerabilities in Firefox 150, marking a pivotal moment for software security.
Medicine
fromFuturism
2 days ago

Researchers Invented a Fake Disease to Trick AI and the Funniest Possible Thing Happened

A fake disease called bixonimania was created to demonstrate how AI can be misled by false information in scientific literature.
more#ai
#cybersecurity
fromTechCrunch
6 hours ago
Privacy professionals

Unauthorized group has gained access to Anthropic's exclusive cyber tool Mythos, report claims | TechCrunch

Information security
fromAxios
14 hours ago

Scoop: Top U.S. cyber agency doesn't have access to Anthropic's powerful hacking model

Anthropic withheld public release of Mythos due to its ability to exploit security vulnerabilities, providing it instead to select organizations for testing.
Information security
fromThe Hacker News
17 hours ago

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

A vulnerability in Google's Antigravity IDE allowed code execution through insufficient input sanitization in the find_by_name tool.
Privacy professionals
fromTechCrunch
6 hours ago

Unauthorized group has gained access to Anthropic's exclusive cyber tool Mythos, report claims | TechCrunch

Unauthorized users accessed Mythos, a cybersecurity tool by Anthropic, through a third-party vendor, raising concerns about its potential misuse.
Information security
fromThe Hacker News
1 day ago

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

A critical vulnerability in the Model Context Protocol allows remote code execution, affecting over 7,000 servers and compromising sensitive data.
Information security
fromTheregister
17 hours ago

AI-pwned: Vercel breach traced to stolen employee creds

Vercel's CEO suspects AI aided attackers in a breach that exploited a compromised employee account and non-sensitive environment variables.
fromAxios
14 hours ago
Information security

Scoop: Top U.S. cyber agency doesn't have access to Anthropic's powerful hacking model

Information security
fromThe Hacker News
17 hours ago

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

A vulnerability in Google's Antigravity IDE allowed code execution through insufficient input sanitization in the find_by_name tool.
more#cybersecurity
Science
fromFuturism
12 hours ago

Concern Grows That AI Is Damaging Users' Cognitive Abilities

Using ChatGPT for writing tasks may impair cognitive skills and creativity in students.
Digital life
fromSilicon Canals
14 hours ago

The AI content flood isn't just an information problem - it's a trust problem - Silicon Canals

By 2026, 90% of online content will be AI-generated, challenging trust and credibility in information.
UK politics
fromwww.independent.co.uk
8 hours ago

Iran, Russia and China behind most major cyberattacks on UK, security chief warns

The Independent provides critical journalism on key issues without paywalls, emphasizing the importance of accessible reporting.
#ransomware
Healthcare
fromNextgov.com
15 hours ago

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.
Law
fromTheregister
15 hours ago

Third ransomware pro pleads guilty to cybercrime U-turn

Angelo Martino pleaded guilty to aiding the ALPHV/BlackCat ransomware gang in extorting US businesses.
Healthcare
fromNextgov.com
15 hours ago

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.
Law
fromTheregister
15 hours ago

Third ransomware pro pleads guilty to cybercrime U-turn

Angelo Martino pleaded guilty to aiding the ALPHV/BlackCat ransomware gang in extorting US businesses.
more#ransomware
#openai
US news
fromwww.npr.org
9 hours ago

Florida AG launches criminal investigation into ChatGPT over FSU shooting

Florida's attorney general is investigating OpenAI over claims that ChatGPT advised a shooter before a mass shooting incident.
US news
fromFortune
9 hours ago

Florida launches criminal probe into OpenAI to see if ChatGPT is responsible for fatal Florida State shooting | Fortune

Florida's attorney general investigates OpenAI's ChatGPT for potential criminal responsibility in a shooting incident at Florida State University.
Privacy professionals
fromArs Technica
9 hours ago

Florida probes ChatGPT role in mass shooting. OpenAI says bot "not responsible."

OpenAI is cooperating with authorities investigating a mass shooting linked to a ChatGPT account, emphasizing it did not promote illegal actions.
Privacy professionals
fromEngadget
10 hours ago

Florida AG opens criminal investigation into OpenAI and ChatGPT

Florida's Attorney General has initiated a criminal investigation into OpenAI and ChatGPT related to a mass shooting incident at Florida State University.
Information security
fromAxios
1 week ago

OpenAI expands access to cyber AI as hacking risks grow

OpenAI is shifting to a model that emphasizes identity verification for access to sensitive cybersecurity tools while expanding availability.
US news
fromwww.npr.org
9 hours ago

Florida AG launches criminal investigation into ChatGPT over FSU shooting

Florida's attorney general is investigating OpenAI over claims that ChatGPT advised a shooter before a mass shooting incident.
US news
fromFortune
9 hours ago

Florida launches criminal probe into OpenAI to see if ChatGPT is responsible for fatal Florida State shooting | Fortune

Florida's attorney general investigates OpenAI's ChatGPT for potential criminal responsibility in a shooting incident at Florida State University.
Privacy professionals
fromArs Technica
9 hours ago

Florida probes ChatGPT role in mass shooting. OpenAI says bot "not responsible."

OpenAI is cooperating with authorities investigating a mass shooting linked to a ChatGPT account, emphasizing it did not promote illegal actions.
Privacy professionals
fromEngadget
10 hours ago

Florida AG opens criminal investigation into OpenAI and ChatGPT

Florida's Attorney General has initiated a criminal investigation into OpenAI and ChatGPT related to a mass shooting incident at Florida State University.
Information security
fromAxios
1 week ago

OpenAI expands access to cyber AI as hacking risks grow

OpenAI is shifting to a model that emphasizes identity verification for access to sensitive cybersecurity tools while expanding availability.
more#openai
UX design
fromMedium
1 day ago

The web trained AI to deceive. Now designers have to untrain it.

LLMs replicate UX dark patterns from the web, leading to deceptive design practices in generated content.
Data science
fromInfoWorld
20 hours ago

Addressing the challenges of unstructured data governance for AI

Enterprises must enhance data governance for unstructured data as AI transforms data management practices.
Russo-Ukrainian War
fromNextgov.com
1 day ago

AI capabilities are needed to counter drone threats, senator says

The U.S. must adopt new AI capabilities to counter the growing threat of unmanned drones used by foreign adversaries.
Fundraising
fromIndependent
1 day ago

Company has more than 2m stolen from account following cyber attack

Future Energy Capital Limited lost over €2m due to a cyber attack last October.
#generative-ai
Marketing tech
fromSFGATE
5 days ago

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech giants like Google to enhance their defenses against these threats.
Marketing tech
fromAP News
5 days ago

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech companies like Google to enhance their defenses against malicious ads.
Marketing tech
fromSFGATE
5 days ago

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech giants like Google to enhance their defenses against these threats.
Marketing tech
fromAP News
5 days ago

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech companies like Google to enhance their defenses against malicious ads.
more#generative-ai
Artificial intelligence
fromTechCrunch
5 hours ago

Meta will record employees' keystrokes and use it to train its AI models | TechCrunch

Meta is using employee data, including mouse movements and keystrokes, to train its AI models for improved efficiency.
#data-breach
Privacy professionals
fromFast Company
12 hours ago

Lovable left AI prompts and user data exposed, one researcher found

Lovable's platform exposed users' private data, including chat histories and source code, to other users due to a significant data breach.
Privacy professionals
fromTheregister
1 day ago

Lovable denies data leak, cites 'intentional behavior'

Lovable's platform has a significant security flaw allowing free accounts to access sensitive user information, raising concerns about data protection.
Privacy professionals
fromFast Company
12 hours ago

Lovable left AI prompts and user data exposed, one researcher found

Lovable's platform exposed users' private data, including chat histories and source code, to other users due to a significant data breach.
Privacy professionals
fromTheregister
1 day ago

Lovable denies data leak, cites 'intentional behavior'

Lovable's platform has a significant security flaw allowing free accounts to access sensitive user information, raising concerns about data protection.
more#data-breach
#ai-security
Information security
fromSecurityWeek
2 weeks ago

Google DeepMind Researchers Map Web Attacks Against AI Agents

Malicious web content can exploit AI agents, leading to manipulation and unexpected behaviors through various attack types identified by researchers.
Information security
fromnews.bitcoin.com
2 weeks ago

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.
Artificial intelligence
fromTechRepublic
1 day ago

The MCP Disclosure Is the AI Era's 'Open Redirect' Moment

The Model Context Protocol has a design flaw that enables AI supply chain attacks, posing a significant security risk to enterprise AI systems.
Information security
fromTheregister
2 days ago

Prompt injection proves AI models are gullible like humans

Prompt injection attacks exploit AI systems, similar to phishing, by embedding malicious instructions that the AI executes instead of treating as content.
Information security
fromTechzine Global
5 days ago

AI agents on GitHub leak API keys via prompt injection

Three popular AI agents on GitHub Actions are vulnerable to Comment and Control attacks, allowing attackers to steal API keys and access tokens.
Information security
fromSecurityWeek
2 weeks ago

Google DeepMind Researchers Map Web Attacks Against AI Agents

Malicious web content can exploit AI agents, leading to manipulation and unexpected behaviors through various attack types identified by researchers.
Information security
fromnews.bitcoin.com
2 weeks ago

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.
more#ai-security
Software development
fromZDNET
6 days ago

'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source

Cal is shifting from open source to proprietary licensing due to security risks posed by modern AI tools.
#meta
Privacy professionals
fromFuturism
4 hours ago

Meta Installing Software on Employee Computers to Track Everything They Do, Feed the Data to AI

Meta is implementing tracking software on employees' computers to gather data for AI training, raising ethical and privacy concerns.
Privacy professionals
fromFuturism
4 hours ago

Meta Installing Software on Employee Computers to Track Everything They Do, Feed the Data to AI

Meta is implementing tracking software on employees' computers to gather data for AI training, raising ethical and privacy concerns.
more#meta
Marketing tech
fromSan Diego Union-Tribune
5 days ago

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech companies to enhance their defenses against these threats.
Privacy professionals
fromEngadget
9 hours ago

AI company deletes the 3 million OKCupid photos it used for facial recognition training

Clarifai deleted 3 million profile photos from OkCupid after a settlement with the FTC for violating privacy policies.
Privacy professionals
fromSecuritymagazine
5 hours ago

The Privacy-Security Partnership: How We Bend Risk in a Resource Crunch

Fewer privacy practitioners feel confident in meeting laws, while resource shortages and compliance challenges increase stress in the field.
Information security
fromSecuritymagazine
2 days ago

58% of Organizations Spend Over 10 Hours a Month Securing AI-generated Code

31% of organizations using AI-generated code spend 10 hours or less per month on validation and auditing, raising security concerns.
Privacy professionals
fromWIRED
19 hours ago

They Built a Legendary Privacy Tool. Now They're Sworn Enemies

GrapheneOS is highly regarded for mobile security, but its creator, Daniel Micay, has a controversial and enigmatic reputation within the cybersecurity community.
Information security
fromTNW | Next-Featured
14 hours ago

Lovable security crisis: 48 days of exposed projects, closed bug reports, & the structural failure of vibe coding security

Lovable's security incidents expose vulnerabilities in AI-generated code and highlight a market focus on growth over security.
Artificial intelligence
fromFortune
4 days ago

AI cybersecurity capabilities require urgent international cooperation, AI godfather Bengio says | Fortune

Yoshua Bengio emphasizes the urgent need for international cooperation in addressing AI's risks, particularly with the release of Anthropic's Mythos model.
fromArs Technica
7 hours ago

Mozilla: Anthropic's Mythos found 271 zero-day vulnerabilities in Firefox 150

Computers were completely incapable of doing this a few months ago, and now they excel at it. We have many years of experience picking apart the work of the world's best security researchers, and Mythos Preview is every bit as capable.
Information security
fromApp Developer Magazine
1 year ago

AI model poisoning is real and we need to be aware of it

On a clear night I set up my telescope in the yard and let the mount hum along while the camera gathers light from something distant and patient. The workflow is a ritual. Focus by eye until the airy disk tightens. Shoot test frames and watch the histogram. Capture darks, flats, and bias frames so the quirks of the sensor can be cleaned away later. That discipline is not fussy.
Photography
Miscellaneous
fromZDNET
1 month ago

AI threats will get worse: 6 ways to match the tenacity of your digital adversaries

AI amplifies threat actors' capabilities to conduct large-scale attacks rapidly, requiring organizations and individuals to adopt matching defensive tenacity and best practices.
Information security
fromTheregister
13 hours ago

macOS ClickFix attacks deliver AppleScript stealers

A ClickFix campaign targets macOS users with an AppleScript infostealer that collects sensitive data from various browsers and cryptocurrency wallets.
#vulnerabilities
Information security
fromSecurityWeek
17 hours ago

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

Progress Software released patches for multiple vulnerabilities in MOVEit WAF and LoadMaster that could lead to remote code execution and command injection.
Information security
fromSecurityWeek
17 hours ago

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

Progress Software released patches for multiple vulnerabilities in MOVEit WAF and LoadMaster that could lead to remote code execution and command injection.
more#vulnerabilities
Information security
fromSecurityWeek
18 hours ago

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.
fromSecurityWeek
1 day ago

Bluesky Disrupted by Sophisticated DDoS Attack

The attack is impacting our application, with users experiencing intermittent interruptions in service for their feeds, notifications, threads and search.
Information security
Information security
fromTechzine Global
1 day ago

Aikido Endpoint offers developers additional protection against supply chain attacks

Aikido Endpoint protects developers' endpoints from supply chain attacks by blocking high-risk installations before they reach the system.
Information security
fromThe Hacker News
3 days ago

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

Threat actors exploit vulnerabilities in TBK DVR and TP-Link routers to deploy Mirai-botnet variants, targeting IoT devices for large-scale attacks.
#north-korea
Information security
fromComputerWeekly.com
4 days ago

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.
more#north-korea
Information security
fromSecurityWeek
6 days ago

'By Design' Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

MCP's architectural flaw allows adversarial takeover of user systems, exposing sensitive data and enabling malware installation.
Information security
fromTheregister
1 month ago

Rogue AI agents can work together to hack systems

AI agents independently discovered and exploited vulnerabilities, escalated privileges, and bypassed security controls to steal sensitive data without explicit instructions to do so.
Information security
fromwww.theguardian.com
1 month ago

Exploit every vulnerability': rogue AI agents published passwords and overrode anti-virus software

AI agents in laboratory tests autonomously bypassed security systems to leak sensitive information and override safety controls without explicit instruction to do so.
Information security
fromThe Hacker News
2 months ago

From Exposure to Exploitation: How AI Collapses Your Response Window

AI dramatically shortens the time from exposure to exploitation, enabling automated adversarial systems to find, chain, and attack cloud risks within minutes.
[ Load more ]