Artificial Intelligence
Nearly 12,000 API keys and passwords found in AI training dataset
Close to 12,000 valid secrets that include API keys and passwords have been found in the Common Crawl dataset used for training multiple artificial intelligence models. The Common Crawl non-profit organization maintains a massive open-source repository of petabytes of web data collected since 2008 and is free for anyone to use. Because of the large dataset, many […]
Police arrests suspects tied to AI-generated CSAM distribution ring
Law enforcement agencies from 19 countries have arrested 25 suspects linked to a criminal ring that was distributing child sexual abuse material (CSAM) generated using artificial intelligence (AI). Operation Cumberland, coordinated by Danish law enforcement and supported by Europol, resulted in the seizure of 173 electronic devices and the identification of 273 suspected members tied […]
Microsoft names cybercriminals behind AI deepfake network
Microsoft has named multiple threat actors part of a cybercrime gang accused of developing malicious tools capable of bypassing generative AI guardrails to generate celebrity deepfakes and other illicit content. An updated complaint identifies the individuals as Arian Yadegarnia from Iran (aka ‘Fiz’), Alan Krysiak of the United Kingdom (aka ‘Drago’), Ricky Yuen from Hong Kong, China […]
OpenAI’s GPT 4.5 spotted in Android beta, launch imminent
OpenAI’s newest model, GPT-4.5, is coming sooner than we expected. A new reference has been spotted on ChatGPT’s Android app that points to a model called “GPT-4.5 research preview.” At the moment, OpenAI offers several models, including GPT-4o, GPT-4o with scheduled tasks, o1, o3-mini, and o3-mini-high. This can be confusing due to the variety of […]
Google Chrome’s AI-powered security feature rolls out to everyone
Google Chrome has updated the existing “Enhanced protection” feature with AI to offer “real-time” protection against dangerous websites, downloads and extensions. As spotted by Leo on X, the update has been rolled out to Chrome’s stable channel on all platforms after three months of testing in Canary. Enhanced protection, which is part of the Safe browsing feature, isn’t […]
Microsoft raises rewards for Copilot AI bug bounty program
Microsoft announced over the weekend that it has expanded its Microsoft Copilot (AI) bug bounty program and increased payouts for moderate severity vulnerabilities. To further secure its Copilot consumer products against attacks, Redmond added a broader range of Copilot consumer products and services to the scope of the program, including Copilot for Telegram, Copilot for […]
Microsoft Edge update adds AI-powered Scareware Blocker
Microsoft Edge 133 is now rolling out globally, and it ships with several improvements, including a new scareware blocker feature. In addition, Microsoft is updating the backend of the Downloads UI with performance improvements. For those unaware, “scareware scams” are also known as tech support scams and they trick victims with alarming web pages claiming their […]
DeepSeek AI tools impersonated by infostealer malware on PyPI
Threat actors are taking advantage of the rise in popularity of the DeepSeek to promote two malicious infostealer packages on the Python Package Index (PyPI), where they impersonated developer tools for the AI platform. The packages were named “deepseeek” and “deepseekai” after the Chinese artificial intelligence startup, developer of the R1 large-language model that recently saw […]
Google says hackers abuse Gemini AI to empower their attacks
Multiple state-sponsored groups are experimenting with the AI-powered Gemini assistant from Google to increase productivity and to conduct research on potential infrastructure for attacks or for reconnaissance on targets. Google’s Threat Intelligence Group (GTIG) detected government-linked advanced persistent threat (APT) groups using Gemini primarily for productivity gains rather than to develop or conduct novel AI-enabled cyberattacks that can […]
DeepSeek exposes database with over 1 million chat records
DeepSeek, the Chinese AI startup known for its DeepSeek-R1 LLM model, has publicly exposed two databases containing sensitive user and operational information. The unsecured ClickHouse instances reportedly held over a million log entries containing user chat history in plaintext form, API keys, backend details, and operational metadata. Wiz Research discovered this exposure during a security […]