- SesameOp: Novel backdoor uses OpenAI Assistants API for command and control
November 3, 2025
Microsoft Incident Response – Detection and Response Team (DART) researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface (API) as a mechanism for command-and-control (C2) communications. Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as ...
- Clearview AI faces criminal heat for ignoring EU data fines
October 28, 2025
Privacy advocates at Noyb filed a criminal complaint against Clearview AI for scraping social media users’ faces without consent to train its AI algorithms. Austria-based Noyb (None of Your Business) is targeting the US company and its executives, arguing that if successful, individuals who authorized the data collection could face criminal penalties, including imprisonment. The complaint ...
- Key Emerging Cybersecurity Threats and Challenges for 2025 and Beyond
October 27, 2025
The global threat landscape is undergoing an unprecedented transformation. Organizations are facing dizzying levels of complexity, driven by rapid technological innovation, the widespread adoption of artificial intelligence, and the expected disruptive effects of quantum computing. At the same time, shifting geopolitical dynamics, the rise of sophisticated cybercriminal networks, and the introduction of new regulatory frameworks are ...
- Australia’s politicians and businesspeople private phone numbers leaked online amid huge data breach
October 13, 2025
The private phone numbers of some Australia’s most high-profile politicians and businesspeople have been leaked online, including those of the prime minister and Opposition leader. A third-party website is reportedly using artificial intelligence to trawl through other sites like LinkedIn, lifting the personal details of politicians. The site boasts to have the personal phone numbers and ...
- Weaponized AI Assistants & Credential Thieves
October 9, 2025
Just weeks after the s1ngularity attack weaponized AI assistants, the NPM ecosystem was rocked by a far more dangerous threat: a self-propagating worm named Shai-Hulud. In a sobering demonstration of this rapid escalation in attack techniques, the worm has compromised over 187 packages, including several developer-facing tools published by cybersecurity firm CrowdStrike. These two distinct events ...
- Microsoft terminates services for Israeli military after investigation into mass surveillance of Palestinians
September 25, 2025
Microsoft has terminated a set of services for the Israeli military after an investigation suggested Israel was using the company’s cloud computing technology for mass surveillance of Palestinians. In a statement posted the company’s blog, Microsoft President Brad Smith said the company had “ceased and disabled a set of services to a unit within the Israel ...
- This Is How Your LLM Gets Compromised
September 24, 2025
Plainly speaking, Artificial intelligence is no longer a fringe technology. It has become a core component of modern business, from customer service chatbots to complex data analysis. We often treat the Large Language Models (LLMs) that are at the core of this technology as trusted black boxes. But like any software, they can be tampered with, ...
- How AI-Native Development Platforms Enable Fake Captcha Pages
September 19, 2025
Artificial intelligence has revolutionized web development, empowering even novice users to create professional-looking websites. Tools like Lovable enable anyone to build and host applications with little to no coding knowledge, while Netlify and Vercel position themselves as AI-native development platforms. However, cybercriminals are increasingly exploiting these services to create and host fake captcha challenge websites, which ...
- RevengeHotels: a new wave of attacks leveraging LLMs and VenomRAT
September 16, 2025
RevengeHotels, also known as TA558, is a threat group that has been active since 2015, stealing credit card data from hotel guests and travelers. RevengeHotels’ modus operandi involves sending emails with phishing links which redirect victims to websites mimicking document storage. These sites, in turn, download script files to ultimately infect the targeted machines. The final ...
- Shiny tools, shallow checks: how the AI hype opens the door to malicious MCP servers
September 15, 2025
In this article, Kaspersky researchers explore how the Model Context Protocol (MCP) — the new “plug-in bus” for AI assistants — can be weaponized as a supply chain foothold. The researchers start with a primer on MCP, map out protocol-level and supply chain attack paths, then walk through a hands-on proof of concept: a seemingly legitimate ...
Artificial Intelligence