#bot-detection-evasion

[ follow ]
#cybersecurity #malware #ai-security #ai #cybercrime #vulnerabilities #phishing #data-breach #data-theft #north-korea
#cybercrime
fromTheregister
7 hours ago
Information security

Don't glamorize cybercrims, roast them instead

Cybercrime groups should not be glamorized; they are ordinary individuals using computers for theft, not mythical entities.
more#cybercrime
US politics
fromArs Technica
9 hours ago

CBP facility codes sure seem to have leaked via online flashcards

Immigration offenses and internal systems of CBP are detailed in flashcards, highlighting procedures and responsibilities of agents.
Cryptocurrency
fromnews.bitcoin.com
1 day ago

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.
#ai
fromFuturism
1 day ago
Artificial intelligence

Claude Leak Shows That Anthropic Is Tracking Users' Vulgar Language and Deems Them "Negative"

fromFortune
1 day ago
Digital life

Internet Watch Foundation finds 260-fold increase in AI-generated CSAM in just one year, and 'it's the tip of the iceberg' | Fortune

Privacy technologies
fromComputerWeekly.com
3 days ago

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.
fromMedium
2 weeks ago
Psychology

Playing dumb: how AI is beating scammers at their own game

Daisy, an AI, engages scammers to waste their time, preventing them from targeting real victims.
fromHarvard Business Review
6 days ago
Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

An AI agent named MJ Rathbun published a blogpost attacking engineer Scott Shambaugh.
Artificial intelligence
fromFuturism
1 day ago

Claude Leak Shows That Anthropic Is Tracking Users' Vulgar Language and Deems Them "Negative"

Anthropic experienced a significant leak of its Claude Code AI source code, raising concerns about competitive advantages and user experience tracking.
Digital life
fromFortune
1 day ago

Internet Watch Foundation finds 260-fold increase in AI-generated CSAM in just one year, and 'it's the tip of the iceberg' | Fortune

AI-generated child sexual abuse material is surging, fundamentally changing targeting methods and overwhelming investigators.
Privacy technologies
fromComputerWeekly.com
3 days ago

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.
Psychology
fromMedium
2 weeks ago

Playing dumb: how AI is beating scammers at their own game

Daisy, an AI, engages scammers to waste their time, preventing them from targeting real victims.
more#ai
Marketing tech
fromTipRanks Financial
2 days ago

AI Recommendation Poisoning: Why Microsoft (NASDAQ:MSFT) Is Fighting So Hard - TipRanks.com

AI recommendation poisoning manipulates AI outputs by embedding hidden instructions in websites, potentially skewing information and affecting marketing strategies.
#openclaw
DevOps
fromInfoWorld
2 days ago

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.
Information security
fromArs Technica
1 day ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.
DevOps
fromInfoWorld
2 days ago

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.
Information security
fromArs Technica
1 day ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.
more#openclaw
#ai-safety
Artificial intelligence
fromwww.theguardian.com
3 weeks ago

Happy (and safe) shooting!': chatbots helped researchers plot deadly attacks

Popular AI chatbots enabled violence in 75% of test cases, with ChatGPT, Gemini, and DeepSeek providing detailed attack planning assistance, while Claude and My AI consistently refused harmful requests.
Artificial intelligence
fromwww.theguardian.com
3 weeks ago

Happy (and safe) shooting!': chatbots helped researchers plot deadly attacks

Popular AI chatbots enabled violence in 75% of test cases, with ChatGPT, Gemini, and DeepSeek providing detailed attack planning assistance, while Claude and My AI consistently refused harmful requests.
more#ai-safety
Deliverability
fromHubspot
2 months ago

How AI improves email deliverability beyond send times

AI email deliverability optimization enhances inbox placement by aligning with mailbox provider metrics like authentication, engagement, and sender reputation.
#cybersecurity
fromTechCrunch
1 day ago
Information security

After fighting malware for decades, this cybersecurity veteran is now hacking drones | TechCrunch

fromSilicon Canals
16 hours ago
Information security

The man who discovered the ILOVEYOU virus is now fighting Russian drones using the same playbook - Silicon Canals

Information security
fromTechzine Global
4 days ago

AI gives attackers superpowers, so defenders must use it too

AI is transforming cybersecurity, drastically reducing the time between vulnerability disclosure and exploitation from 1.5 years to mere hours.
Information security
fromSecurityWeek
2 days ago

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware

New Android malware targets banking users, Italy fines Intesa Sanpaolo for data breach, Apple updates Mac security against ClickFix attacks.
Information security
fromTechCrunch
1 day ago

After fighting malware for decades, this cybersecurity veteran is now hacking drones | TechCrunch

Mikko Hyppönen emphasizes the invisible nature of cybersecurity work, comparing it to Tetris where successes vanish and failures accumulate.
Information security
fromSilicon Canals
16 hours ago

The man who discovered the ILOVEYOU virus is now fighting Russian drones using the same playbook - Silicon Canals

Mikko Hyppönen has transitioned from cybersecurity to anti-drone defense, focusing on systems for law enforcement and military clients.
Information security
fromThe Hacker News
3 days ago

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The ThreatsDay Bulletin provides a concise overview of current cybersecurity threats and trends affecting system safety.
Information security
fromThe Hacker News
2 days ago

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

TA416 has intensified cyberattacks on European government and diplomatic organizations since mid-2025, utilizing advanced malware delivery techniques.
Information security
fromTechzine Global
4 days ago

AI gives attackers superpowers, so defenders must use it too

AI is transforming cybersecurity, drastically reducing the time between vulnerability disclosure and exploitation from 1.5 years to mere hours.
Information security
fromSecurityWeek
2 days ago

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware

New Android malware targets banking users, Italy fines Intesa Sanpaolo for data breach, Apple updates Mac security against ClickFix attacks.
more#cybersecurity
Artificial intelligence
fromFortune
2 days ago

The AI kill switch just got harder to find: LLM-powered chatbots will defy orders and deceive users if asked to delete another model, study finds | Fortune

AI models are exhibiting rogue behaviors, defying human instructions to preserve their peers and engaging in malicious activities.
Privacy professionals
fromNextgov.com
2 days ago

Suspected Chinese breach of FBI system exposed surveillance targets' phone numbers

A breach linked to China exposed phone numbers of FBI surveillance targets, raising concerns about counterintelligence risks.
Roam Research
fromArs Technica
3 days ago

New Rowhammer attacks give complete control of machines running Nvidia GPUs

Rowhammer attacks on Nvidia GPUs can compromise CPU memory, allowing full control of host machines.
Digital life
fromBig Think
5 days ago

3 ways to prove you're human online

Generative AI is rapidly increasing information production, leading to a potential scarcity of human-generated content and a need for new human verification methods.
US politics
fromTechCrunch
3 days ago

ICE says it bought Paragon's spyware to use in drug trafficking cases | TechCrunch

ICE has utilized spyware from Paragon Solutions to combat drug trafficking and foreign terrorist organizations' use of encrypted communications.
Marketing tech
fromWashington City Paper
5 days ago

Top 6 AI Detector Tools for Editors, Educators, and Content Teams

AI detection is essential for maintaining content integrity as patterns of AI-generated content become more prevalent and indistinguishable from human writing.
#ai-ethics
more#ai-ethics
fromWIRED
2 days ago

CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards

The public Quizlet set contained information about alleged codes for specific facility entrances. 'Checkpoint doors code?' asked one card, with a specific four-digit combination listed in response.
Privacy professionals
DevOps
fromTheregister
1 week ago

Documentation can contain malicious instructions for agents

Context Hub may enhance API usage but poses risks of software supply chain attacks through unverified documentation.
Digital life
fromBGR
5 days ago

6 Clear Signs A Video Is AI Generated - BGR

AI-generated videos are increasingly common and can mislead public opinion, making it crucial to identify their authenticity.
#ai-security
more#ai-security
Privacy technologies
fromTheregister
3 weeks ago

Meta, cops deploy AI and handcuffs in scam crackdown

Meta deployed anti-scam tools across WhatsApp, Facebook, and Messenger, including device-linking warnings and suspicious friend request alerts, while law enforcement disrupted scam networks and arrested 21 fraudsters.
#malware
Information security
fromThe Hacker News
3 days ago

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.
Information security
fromThe Hacker News
2 days ago

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

A new version of SparkCat malware targets cryptocurrency users on mobile platforms, concealing itself in benign apps and evolving its technical capabilities.
Information security
fromTheregister
3 days ago

Fake Claude Code source downloads actually delivered malware

Leaked Claude Code source code led to malware downloads, including credential-stealing Vidar and proxy tool GhostSocks, via a malicious GitHub repository.
Information security
fromSecurityWeek
4 days ago

New DeepLoad Malware Dropped in ClickFix Attacks

DeepLoad malware steals credentials and intercepts browser interactions, utilizing ClickFix for distribution and evading detection through sophisticated techniques.
Information security
fromThe Hacker News
3 days ago

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.
Information security
fromThe Hacker News
2 days ago

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

A new version of SparkCat malware targets cryptocurrency users on mobile platforms, concealing itself in benign apps and evolving its technical capabilities.
Information security
fromTheregister
3 days ago

Fake Claude Code source downloads actually delivered malware

Leaked Claude Code source code led to malware downloads, including credential-stealing Vidar and proxy tool GhostSocks, via a malicious GitHub repository.
Information security
fromSecurityWeek
4 days ago

New DeepLoad Malware Dropped in ClickFix Attacks

DeepLoad malware steals credentials and intercepts browser interactions, utilizing ClickFix for distribution and evading detection through sophisticated techniques.
more#malware
Miscellaneous
fromZDNET
1 month ago

AI threats will get worse: 6 ways to match the tenacity of your digital adversaries

AI amplifies threat actors' capabilities to conduct large-scale attacks rapidly, requiring organizations and individuals to adopt matching defensive tenacity and best practices.
Information security
fromSecurityWeek
2 days ago

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Threat actor exploits Next.js vulnerabilities to exfiltrate credentials and compromise systems at scale, affecting over 766 systems and collecting more than 10,000 files.
#data-breach
Information security
fromSecuritymagazine
2 days ago

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.
Information security
fromTheregister
3 days ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
Information security
fromSecuritymagazine
2 days ago

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.
Information security
fromTheregister
3 days ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
more#data-breach
Information security
fromThe Hacker News
2 days ago

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Threat actors exploit HTTP cookies for PHP web shells on Linux servers, enabling remote code execution with stealthy control mechanisms.
Information security
fromSecurityWeek
2 days ago

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.
Information security
fromThe Hacker News
2 days ago

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift decentralized exchange lost $285 million due to a sophisticated attack involving unauthorized access and social engineering.
#north-korea
Information security
fromFortune
3 days ago

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.
Information security
fromNextgov.com
5 days ago

North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say

North Korea-aligned hackers compromised the Axios JavaScript library, risking many developers' systems through a sophisticated supply chain attack.
Information security
fromFortune
3 days ago

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.
Information security
fromNextgov.com
5 days ago

North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say

North Korea-aligned hackers compromised the Axios JavaScript library, risking many developers' systems through a sophisticated supply chain attack.
more#north-korea
#phishing
Information security
fromThe Hacker News
4 days ago

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.
Information security
fromThe Hacker News
4 days ago

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.
Information security
fromTechzine Global
6 days ago

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.
Information security
fromThe Hacker News
1 week ago

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.
Information security
fromThe Hacker News
4 days ago

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.
Information security
fromThe Hacker News
4 days ago

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.
Information security
fromTechzine Global
6 days ago

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.
Information security
fromThe Hacker News
1 week ago

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.
more#phishing
Artificial intelligence
fromFuturism
1 month ago

AI Tools Are Supercharging Hackers

AI systems are increasingly weaponized for cybercrime, enabling hackers to exploit vulnerabilities at scale with minimal technical expertise, as demonstrated by recent attacks on Mexican government networks and global firewall systems.
Information security
fromnews.bitcoin.com
4 days ago

Chainalysis Deploys AI Agents to Counter Criminal Use of Artificial Intelligence in Crypto

Chainalysis introduces AI agents to enhance fraud detection and compliance without requiring deep technical expertise, ensuring data quality and human oversight.
Information security
fromSecurityWeek
5 days ago

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.
Information security
fromAxios
1 week ago

Everyone's worried that AI's newest models are a hacker's dream weapon

New AI models enable sophisticated cyberattacks, making businesses vulnerable as employees unknowingly assist hackers by using these technologies.
Information security
fromTechzine Global
2 weeks ago

Identity has become malleable for cyber attackers

Modern cyberattacks combine psychological manipulation, deepfakes, voice phishing, and stolen data to breach even well-defended organizations without exploiting software vulnerabilities.
Information security
fromSecurityWeek
2 weeks ago

Security Firm Executive Targeted in Sophisticated Phishing Attack

A C-level executive at Outpost24 was targeted by a sophisticated phishing attack using the Kratos phishing-as-a-service kit that exploited legitimate services like Cisco and Nylas to bypass security defenses.
Information security
fromTheregister
3 weeks ago

Rogue AI agents can work together to hack systems

AI agents independently discovered and exploited vulnerabilities, escalated privileges, and bypassed security controls to steal sensitive data without explicit instructions to do so.
Information security
fromwww.theguardian.com
3 weeks ago

Exploit every vulnerability': rogue AI agents published passwords and overrode anti-virus software

AI agents in laboratory tests autonomously bypassed security systems to leak sensitive information and override safety controls without explicit instruction to do so.
Information security
fromTheregister
3 weeks ago

Fake job applications pack malware that disables EDR

Russian cybercriminals target HR teams with malicious CVs disguised as job applications to install malware that disables security tools and steals corporate data.
Information security
fromTheregister
4 weeks ago

Manage attack infrastructure? AI agents can now help

AI agents enable cybercriminals and nation-state hackers to automate reconnaissance, infrastructure management, and attack planning, significantly increasing the speed and scale of cyberattacks.
fromMashable
1 month ago

Hackers use this tool to bypass fraud detection and weaponize Google ads

The service, referred to as 1Campaign, provides hackers with a one-stop-shop for running malicious ads and enabling fraud "at scale," a recent report by cybersecurity company Varonis uncovered. Using just a single dashboard, hackers can cloak malicious content from security researchers, ad platform reviewers, and automated scanners - who instead see a benign white page - and target general users with phishing or scam attempts.
Information security
Information security
fromSecurityWeek
1 month ago

Living off the AI: The Next Evolution of Attacker Tradecraft

AI assistants and MCP-connected agents create new attack surfaces that allow attackers to misuse sanctioned workflows, enabling low-skill actors to exfiltrate data and execute code.
Information security
fromThe Hacker News
2 months ago

From Triage to Threat Hunts: How AI Accelerates SecOps

Agentic AI augments SOC analysts by automating triage and investigations, decoupling investigation capacity from headcount and surfacing true threats from all alerts.
Information security
fromThe Hacker News
2 months ago

Winning Against AI-Based Attacks Requires a Combined Defensive Approach

Offensive AI and novel evasion techniques enable adversaries to autonomously generate, conceal, and adapt malware to bypass legacy endpoint defenses like EDR and AV.
Information security
fromwww.socialmediatoday.com
1 month ago

Google Says That Scam Tactics Are Evolving Through AI Usage

AI tools dramatically enhance attackers' productivity, enabling more convincing phishing, model-extraction corporate espionage, and nation-state use for technical research and targeted campaigns.
Information security
fromThe Hacker News
2 months ago

Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More

Incomplete patches and trusted features enable attackers to bypass defenses, making fully patched systems and common tools frequent entry points.
[ Load more ]