AI-powered cyberattacks, AI system vulnerabilities, and threat research — 459 articles
Wccftech · May 9
US authorities indicted Supermicro executives in a $2.5B smuggling operation that allegedly channeled NVIDIA AI chips to China's Alibaba through Thailand, circumventing US export controls on advanced
Tomshardware · May 9
Supermicro executives allegedly used a Thailand government entity as a front to ship Nvidia AI GPUs to Alibaba in China, circumventing U.S. export restrictions on advanced computing hardware bound for
Tom's Hardware · May 9
Chinese grey-market services are reselling Claude API access at 90% discounts through stolen credentials and proxy networks that harvest user prompts and outputs for training data resale. The scheme u
Towards Data Science · May 8
Prompt injection is just the tip of the iceberg. This framework maps the full attack surface of AI agents—focusing on how tools and memory systems create new backend vulnerabilities that go far beyond
Cyberpress · May 8
Security researchers discovered hackers using Morse code encoding to bypass prompt injection defenses in Grok and Bankrbot AI agents, successfully stealing $200K. The attack exploits a gap between how
The Conversation · May 8
Conspiracy theorists are building AI interfaces to the 3+ million released Epstein documents, marketing their platforms as neutral data analysis tools while using AI to surface false connections and l
Co · May 8
A Chrome extension vulnerability (ClaudeBleed) allows malicious extensions to intercept and hijack Claude conversations, exposing user prompts and responses. This affects anyone using Claude through t
Microsoft · May 7
Microsoft discovered RCE vulnerabilities in AI agent frameworks where malicious prompts can execute arbitrary code, treating user inputs as shell commands. This exposes a fundamental architectural ris
Simon Willison · May 7
Mozilla used early access to Claude Mythos to systematically hunt for security bugs in Firefox, discovering 423 vulnerabilities in April alone—a 14x jump from their typical 20-30/month rate. The break
The Register · May 7
Security firm Adversa AI disclosed a one-click remote code execution attack in Claude Code, Gemini CLI, Cursor CLI, and Copilot CLI that exploits inconsistent MCP server permission restrictions. Clone
DZone AI · May 7
Traditional IAM systems assume users are humans with single login/logout sessions and traceable actions. Agentic AI agents operate continuously with independent decision-making, breaking audit trails
Wired AI · May 7
Thousands of apps built with AI-powered no-code platforms (Lovable, Replit, Netlify, Base44) are leaking sensitive corporate and personal data publicly because developers unknowingly expose credential
Eurasiareview · May 8
AI is enabling more sophisticated cyberattacks against financial institutions, creating new systemic risk vectors that regulators and institutions must address.
Dark Reading · May 7
Researchers demonstrated at TrustFall how malicious repositories can trigger arbitrary code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI through inadequate warning dialogs, requir
Cxodigitalpulse · May 8
Researchers demonstrate that imperceptible perturbations can fool AI vision models into misclassifying images, raising concerns about deployment in safety-critical systems.
The Guardian Tech · May 8
Guardian podcast examines the security researchers and red-teamers probing major LLMs like ChatGPT, Gemini, and Claude to expose vulnerabilities in their safety guardrails—work that companies rely on
DZone AI · May 7
AI-powered code generation and automated deployment are shipping more code faster than security practices can keep up with, expanding attack surfaces through automated logic and external dependencies
Itnews · May 7
Malicious inputs targeting AI systems—including prompt injection and adversarial attacks—are emerging as a critical security vulnerability for organizations deploying language models and machine learn
Schneier on Security · May 6
Two independent research teams demonstrated rowhammer attacks against NVIDIA Ampere GPUs that exploit GDDR memory bit flips to gain arbitrary read/write access to host CPU memory, achieving complete s