All posts tagged: malware

Anthropic’s AI hacking tech triggers concern in German cyber agency – POLITICO

Anthropic’s AI hacking tech triggers concern in German cyber agency – POLITICO

Published by Sam Flores

Anthropic announced on Tuesday evening that it shared its latest model with a newly formed group of 12 cybersecurity firms and 40 other unnamed organizations to scan and stress-test their systems. Experts fear the model, if used for malicious purposes, could lead to massive cybersecurity breaches across the tech supply chain. BSI has not yet directly tested the tool, Plattner said in a written statement, but the agency had conversations with developers that had have given it “meaningful insight” into how the Mythos model works. Cyber officials have dialed up their warnings in recent months that AI tools are getting better at finding cyber flaws. The head of the EU’s cyber agency ENISA in February described the impact of AI on cybersecurity as an oncoming “storm.” According to Plattner, the German cyber chief, Anthropic’s new Mythos model means “we may reach a point in the medium term where unknown, classical software vulnerabilities simply cease to exist.” Source link

Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything

Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything

Published by skeptic

Following leaked revelations at the end of March that Anthropic had developed a powerful new Claude model, the company formally announced Mythos Preview on Tuesday along with news of an industry consortium it has convened, known as Project Glasswing, to grapple with the cybersecurity implications of the new model and advancing capabilities more generally across the AI field. The group includes Microsoft, Apple, and Google as well as Amazon Web Services, the Linux Foundation, Cisco, Nvidia, Broadcom, and more than 40 other tech, cybersecurity, critical infrastructure, and financial organizations that will have private access to the model, which is not yet being generally released. The idea, in part, is simply to give the developers of the world’s foundational tech platforms time to turn Mythos Preview on their own systems so they can mitigate vulnerabilities and exploit chains that the model develops in simulated attacks. More broadly, Anthropic emphasizes that the purpose of convening the effort is to kickstart urgent exploration of how AI capabilities across the industry are on the precipice, the company says, of …

After fighting malware for decades, this cybersecurity veteran is now hacking drones

After fighting malware for decades, this cybersecurity veteran is now hacking drones

Published by skeptic

Mikko Hyppönen is pacing back and forth on the stage, with his trademark dark blonde ponytail resting on an impeccable teal suit. A seasoned speaker, he is trying to make an important point to a room full of fellow hackers and security researchers at one of the industry’s global annual meet-ups. “I often call this ‘cybersecurity Tetris’,” he tells the audience with a serious face, reeling off the rules of the classic video game. When you complete a whole line of bricks, the row vanishes, leaving the rest of the bricks to fall into a new line. “So your successes disappear, while your failures pile up,” he tells the audience during his keynote at Black Hat in Las Vegas in 2025. “The challenge we face as cybersecurity people is that our work is invisible… when you do your job perfectly, the end result is that nothing happens.” Hyppönen’s work, however, has certainly not been invisible. As one of the industry’s longest serving cybersecurity figures, he has spent more than 35 years fighting malware. When he …

Hackers Are Posting the Claude Code Leak With Bonus Malware

Hackers Are Posting the Claude Code Leak With Bonus Malware

Published by skeptic

A WIRED investigation based on Department of Homeland Security records this week revealed the identities of paramilitary Border Patrol agents who frequently used force against civilians during Operation Midway Blitz in Chicago last fall. Several of the agents, WIRED found, appeared in similar operations in other states around the US. Customs and Border Protection may want to remember to protect its sensitive facility information. Using basic Google searches, WIRED discovered flashcards made by users of the online learning platform Quizlet that contained gate codes to CBP facilities and more. In a rare move, Apple this week released “backported” patches for iOS 18 to protect millions of people still using the older operating system from the DarkSword hacking technique that was found in use in the wild. Discovered in March, DarkSword allows attackers to infect iPhones that simply visit a website loaded with the takeover tools embedded in it. Apple initially pushed users to update to the current version of its operating system, iOS 26, but ultimately issued the iOS 18 patches after DarkSword continued to …

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Published by skeptic

Meta has paused all its work with the data contracting firm Mercor while it investigates a major security breach that impacted the startup, two sources confirmed to WIRED. The pause is indefinite, the sources said. Other major AI labs are also reevaluating their work with Mercor as they assess the scope of the incident, according to people familiar with the matter. Mercor is one of a few firms that OpenAI, Anthropic, and other AI labs rely on to generate training data for their models. The company hires massive networks of human contractors to generate bespoke, proprietary datasets for these labs, which are typically kept highly secret as they’re a core ingredient in the recipe to generate valuable AI models that power products like ChatGPT and Claude Code. AI labs are sensitive about this data because it can reveal to competitors—including other AI labs in the US and China—key details about the ways they train AI models. It’s unclear at this time whether the data exposed in Mercor’s breach would meaningfully help a competitor. While OpenAI …

Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool

Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool

Published by skeptic

Last week, DarkSword was then posted to open source code repository GitHub, making it all the more accessible. Security firms Malfors and Proofpoint soon after warned that another Russian hacker group linked to the Kremlin’s FSB intelligence agency was sending out phishing emails that used the technique. Independent security researcher Johnny Franks tells WIRED that he found yet another new, active domain—a fake website written in English, capable of infecting US-based users—that was part of a DarkSword hacking campaign as late as Thursday of last week, a finding confirmed by mobile security firm iVerify. Despite DarkSword’s growing threat to iOS 18 users, many stubbornly refused to update to iOS 26. On Reddit channels related to cybersecurity and iOS, some self-identified iPhone owners discussing DarkSword argued that Apple seemed to be taking advantage of the DarkSword hacking campaigns to push them onto its latest OS version, which some have found to be slow or overly animated. “Apple is trying to force you onto the dumpster fire that is liquid glass,” one Reddit user wrote. “If this …

MEPs told to leave phone at home for China trip – POLITICO

MEPs told to leave phone at home for China trip – POLITICO

Published by Sam Flores

A Parliament spokesperson said that “all necessary preventive and reactive measures are in place to ensure the security and safety of MEPs and [European Parliament] staff during official missions.” Both lawmakers and officials have been given “briefings, training and assistance regarding security,” they added. The European Parliament has used burner phones and security pouches to protect devices like mobile phones before, including on a trip to Hungary last year, POLITICO first reported. Other European Union institutions have beefed up their protections against cyberespionage, too. One senior official, granted anonymity to disclose details about security policy, told POLITICO’s Brussels Playbook that the Council of the EU had guidelines stating that “no electronics are taken to the U.S. or China … When this is not possible, the electronics that are brought back must be wiped.” Commission officials heading to the United States have also been issued burner phones and basic laptops to avoid espionage risks, the Financial Times reported last year. Source link

Delve did the security compliance on LiteLLM, an AI project hit by malware

Delve did the security compliance on LiteLLM, an AI project hit by malware

Published by skeptic

This is one of those Silicon Valley real-life episodes that seems pulled from the HBO satire show. This week, some really atrocious malware was discovered in an open source project developed by Y Combinator graduate LiteLLM. LiteLLM gives developers easy access to hundreds of AI models and provides features like spend management. It’s a breakout hit, downloaded as often as 3.4 million times per day, according to Snyk, one of the many security researchers monitoring the incident. The project had 40K stars on GitHub and thousands of forks (those who used it as a base to alter and make it their own). The malware was discovered, documented, and disclosed by research scientist Callum McMahon of FutureSearch, a company offering AI agents for web research. The malware slipped in through a “dependency,” meaning other open source software that LiteLLM relied upon. It then stole the log-in credentials of everything it touched. With those credentials, the malware gained access to more open source packages and accounts to harvest more credentials, and so on. The malware caused McMahon’s …

US Takes Down Botnets Used in Record-Breaking Cyberattacks

US Takes Down Botnets Used in Record-Breaking Cyberattacks

Published by skeptic

The collection of millions of hacked computers known as Aisuru and Kimwolf have been used to launch some of the biggest distributed denial-of-service (DDoS) attacks ever seen. Now United States law enforcement agencies have wiped both of them off the internet along with two of the other hordes of hijacked computers—known as botnets—in a single broad takedown. On Thursday, the US Department of Justice, working with the cybercrime-fighting agency within the US Department of Defense known as the Defense Criminal Investigative Service, announced that it had dismantled four massive botnets in a single operation, removing the command-and-control servers used to commandeer the hacker-run armies of compromised devices known by the names JackSkid, Mossad, Aisuru, and Kimwolf. Together, operators of the four botnets had amassed more than 3 million devices, the Justice Department said, and often sold access to those devices to other criminal hackers as well as using them to target victims with overwhelming floods of attack traffic to knock websites and internet services offline. Aisuru and Kimwolf, a distinct but Aisuru-related botnet, had together …

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

Published by skeptic

iPhone hacking techniques have sometimes been described almost like rare and elusive animals: Hackers have used them so stealthily and carefully against such a small number of hand-picked targets that they’re only rarely seen in the wild. Now a recent spate of espionage and cybercriminal campaigns has instead deployed those same phone-takeover tools, embedded in infected websites, to indiscriminately hack phones by the thousands. And one new technique in particular—capable of taking over any of hundreds of millions of iOS devices—has appeared on the web in an easily reusable form, putting a significant fraction of the world’s iPhone users at risk. Researchers at Google and cybersecurity firms iVerify and Lookout on Wednesday jointly revealed the discovery of a sophisticated iPhone hacking technique known as DarkSword that they’ve seen in use on infected websites, capable of instantly and silently hacking iOS devices that visit those sites. While the technique doesn’t affect the latest, updated versions of iOS, it does work against iOS devices running versions of Apple’s previous operating system release, iOS 18, which as of …