Tag: security
New MacOS malware exploits trusted AI and search tools
AMOS operators used malvertising and poisoned ChatGPT/Grok conversations to push Mac malware Fake “free disk space” guides tricked users into running Terminal commands that installed AMOS Campaign abused Google ads and trusted AI platforms, boosting credibility and infection success AtomicOS (AMOS) criminals are using a combination of malvertising and GenAI…
Read More
OpenAI admits new models likely to pose ‘high’ cybersecurity risk
OpenAI warns future LLMs could aid zero‑day development or advanced cyber‑espionage Company is investing in defensive tooling, access controls, and a tiered cybersecurity program New Frontier Risk Council will guide safeguards and responsible capability across frontier models Future OpenAI Large Language Models (LLM) could pose higher cybersecurity risks as, in…
Read More
Google releases emergency fix for yet another zero-day
Google patched a high‑severity Chrome zero‑day alongside two medium‑severity flaws Vulnerability likely tied to a LibANGLE buffer overflow enabling memory corruption and remote code execution This marks Chrome’s eighth zero‑day fix this year, underscoring ongoing browser‑targeted attacks Google recently updated its Chrome browser to protect against a high-severity vulnerability that…
Read More
Russian airline hack came through third-party tech vendor
Aeroflot’s July outage was likely a supply‑chain attack via developer Bakka Soft Attackers exploited months‑old access, lacking 2FA, to deploy extensive malware and disrupt flights Damage reached tens of millions, though The Bell’s report remains unverified and politically sensitive The cyberattack against Aeroflot, Russia’s flagship airline, was allegedly a supply-chain…
Read More
Google adds prompt injection defenses to Chrome
Google strengthens Chrome against indirect prompt injection attacks with new defenses Features: User Alignment Critic & Agent Origin Sets for safer agent actions Agents now log activity and seek approval before accessing sensitive sites Google is adding new defenses to the Chrome browser, to make sure its agentic capabilities cannot…
Read More
Maximum severity React2Shell flaw exploited by North Korean hackers in malware attacks
React2Shell (CVE-2025-55182) critical flaw exploited by Chinese and North Korean groups North Korea deploys EtherRAT implant with Ethereum C2, Linux persistence, and Node.js runtime Researchers urge urgent updates to patched React versions 19.0.1, 19.1.2, and 19.2.1 The Chinese are not the only ones exploiting React2Shell, a maximum-severity vulnerability that was…
Read More