News

Fake military IDs, bogus résumés: How North Korean and Chinese hackers use AI tools to infiltrate companies and other targets

From bogus résumés to fake IDs, North Korean and Chinese hackers are using AI chatbots to infiltrate companies and carry out ...

JavaScript packages with billions of downloads were injected with malicious code in world's largest supply chain hack, geared to steal crypto — a phishing email is all it ...

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.

Hacker exploits AI chatbot in cybercrime spree

Anthropic investigates alarming AI abuse case where hacker automated entire cybercrime campaign using Claude, stealing ...

AI-powered penetration tool, an attacker's dream, downloaded 10K times in 2 months

In a report published today and shared with The Register, the AI security company's Regalado and fellow researcher Amanda ...
Crowdfund Insider

“CopyPasta” Security Vulnerability Detected in Coinbase’s AI Coding Assistant

Cybersecurity professionals at HiddenLayer exposed a sophisticated attack method dubbed the "CopyPasta License Attack" ...
CSO Online

Warning: Hackers have inserted credential-stealing code into some npm libraries

Dozens of npm libraries, including a color library with over 2 million downloads a week, have been replaced with novel ...
Cryptopolitan on MSN

North Korean hackers used ChatGPT to create a fake South Korean military ID for a phishing attack

A North Korea-backed hacking group called Kimsuky used ChatGPT to build a fake South Korean military ID and launched a ...
Cybernews

Vibe coders lose crypto after installing extensions on popular marketplaces

Programmers using popular AI tools (Cursor, Windsurf, VSCode) get their crypto stolen by hackers, who infiltrate extension marketplaces.

Kering, owner of Gucci, Balenciaga, and other luxury brands, confirms hack

Kering said the hackers did not steal credit card numbers and that it has contacted the customers whose data is part of the ...
SecurityWeek

ChatGPT’s Calendar Integration Can Be Exploited to Steal Emails

A new ChatGPT calendar integration can be abused to execute an attacker’s commands, and researchers at AI security firm ...

Forced laborer details how AI was used for phishing scams

STORY: “So he told me, ‘We're here to scam people and we're doing scamming.”:: Nairobi, Kenya Duncan Okindo was lured from ...