The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...
MIT Technology Review

AI is already making online swindles easier. It could get much worse.

Some cybersecurity researchers say it’s too early to worry about AI-orchestrated cyberattacks. Others say it could already be happening.
The Hacker News

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Google finds nation-state hackers abusing Gemini AI for target profiling, phishing kits, malware staging, and model ...
ExtremeTech

Microsoft Fixes Windows 11 Bug That Let Attackers Run Remote Code in Notepad

The vulnerability comes from the way Notepad handles Markdown hyperlinks. Attackers craft malicious .md files with embedded ...

Attackers prompted Gemini over 100,000 times while trying to clone it, Google says

On Thursday, Google announced that “commercially motivated” actors have attempted to clone knowledge from its Gemini AI ...

Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Microsoft has fixed a serious security vulnerability affecting Markdown files in Notepad. In the company’s Tuesday patch ...

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond

From prompt injection to deepfake fraud, security researchers say several flaws have no known fix. Here's what to know about them.

Google says hackers are abusing Gemini AI for all attacks stages

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to ...