Artificial Intelligence

‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics

‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics 2025-11-11 at 14:10 By Ionut Arghire Attackers intercepting network traffic can determine the conversation topic with a chatbot despite end-to-end encrypted communication. The post ‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original […]

‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics Read More »

To get funding, CISOs are mastering the language of money

To get funding, CISOs are mastering the language of money 2025-11-11 at 09:00 By Mirko Zorz In this Help Net Security interview, Chris Wheeler, CISO at Resilience, talks about how CISOs are managing changing cybersecurity budgets. While overall spending is up, many say the increases don’t match their most pressing needs. Wheeler explains how organizations

To get funding, CISOs are mastering the language of money Read More »

Many Forbes AI 50 Companies Leak Secrets on GitHub

Many Forbes AI 50 Companies Leak Secrets on GitHub 2025-11-10 at 18:35 By Eduard Kovacs Wiz found the secrets and warned that they can expose training data, organizational structures, and private models. The post Many Forbes AI 50 Companies Leak Secrets on GitHub appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Many Forbes AI 50 Companies Leak Secrets on GitHub Read More »

How to adopt AI security tools without losing control

How to adopt AI security tools without losing control 2025-11-10 at 11:28 By Help Net Security In this Help Net Security video, Josh Harguess, CTO of Fire Mountain Labs, explains how to evaluate, deploy, and govern AI-driven security tools. He talks about the growing role of AI in security operations and the new kinds of

How to adopt AI security tools without losing control Read More »

AI is rewriting how software is built and secured

AI is rewriting how software is built and secured 2025-11-10 at 11:28 By Anamarija Pogorelec AI has become part of everyday software development, shaping how code is written and how fast products reach users. A new report from Cycode, The 2026 State of Product Security for the AI Era, explores how deeply AI now runs

AI is rewriting how software is built and secured Read More »

Data Exposure Vulnerability Found in Deep Learning Tool Keras

Data Exposure Vulnerability Found in Deep Learning Tool Keras 2025-11-07 at 15:41 By Ionut Arghire The vulnerability is tracked as CVE-2025-12058 and it can be exploited for arbitrary file loading and conducting SSRF attacks. The post Data Exposure Vulnerability Found in Deep Learning Tool Keras appeared first on SecurityWeek. This article is an excerpt from

Data Exposure Vulnerability Found in Deep Learning Tool Keras Read More »

Researchers Hack ChatGPT Memories and Web Search Features

Researchers Hack ChatGPT Memories and Web Search Features 2025-11-06 at 19:09 By Eduard Kovacs Tenable researchers discovered seven vulnerabilities, including ones affecting the latest GPT model. The post Researchers Hack ChatGPT Memories and Web Search Features appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Researchers Hack ChatGPT Memories and Web Search Features Read More »

Follow Pragmatic Interventions to Keep Agentic AI in Check

Follow Pragmatic Interventions to Keep Agentic AI in Check 2025-11-06 at 14:45 By Steve Durbin Agentic AI speeds operations, but requires clear goals, least privilege, auditability, red‑teaming, and human oversight to manage opacity, misalignment, and misuse. The post Follow Pragmatic Interventions to Keep Agentic AI in Check appeared first on SecurityWeek. This article is an

Follow Pragmatic Interventions to Keep Agentic AI in Check Read More »

OpenGuardrails: A new open-source model aims to make AI safer for real-world use

OpenGuardrails: A new open-source model aims to make AI safer for real-world use 2025-11-06 at 10:28 By Mirko Zorz When you ask a large language model to summarize a policy or write code, you probably assume it will behave safely. But what happens when someone tries to trick it into leaking data or generating harmful

OpenGuardrails: A new open-source model aims to make AI safer for real-world use Read More »

Humans built the problem, AI just scaled it

Humans built the problem, AI just scaled it 2025-11-06 at 08:04 By Anamarija Pogorelec Information moves across cloud platforms, personal devices, and AI tools, often faster than security teams can track it. Proofpoint’s 2025 Data Security Landscape report shows that most organizations faced data loss last year, usually caused by their own people. With AI

Humans built the problem, AI just scaled it Read More »

What shadow AI means for your company’s security

What shadow AI means for your company’s security 2025-11-06 at 07:45 By Help Net Security In this Help Net Security video, Peled Eldan‏, Head of Research at XM Cyber, explains the hidden risks of shadow AI. He describes how employees often use unapproved AI tools at work to save time or solve problems, even when

What shadow AI means for your company’s security Read More »

Google uncovers malware using LLMs to operate and evade detection

Google uncovers malware using LLMs to operate and evade detection 2025-11-05 at 20:53 By Zeljka Zorz PromptLock, the AI-powered proof-of-concept ransomware developed by researchers at NYU Tandon and initially mistaken for an active threat by ESET, is no longer an isolated example: Google’s latest report shows attackers are now creating and deploying other malware that

Google uncovers malware using LLMs to operate and evade detection Read More »

Malware Now Uses AI During Execution to Mutate and Collect Data, Google Warns

Malware Now Uses AI During Execution to Mutate and Collect Data, Google Warns 2025-11-05 at 17:25 By Eduard Kovacs Google has released a report describing the novel ways in which malware has been using AI to adapt and evade detection. The post Malware Now Uses AI During Execution to Mutate and Collect Data, Google Warns

Malware Now Uses AI During Execution to Mutate and Collect Data, Google Warns Read More »

PortGPT: How researchers taught an AI to backport security patches automatically

PortGPT: How researchers taught an AI to backport security patches automatically 2025-11-05 at 09:07 By Mirko Zorz Keeping older software versions secure often means backporting patches from newer releases. It is a routine but tedious job, especially for large open-source projects such as the Linux kernel. A new research effort has built a tool that

PortGPT: How researchers taught an AI to backport security patches automatically Read More »

AI can flag the risk, but only humans can close the loop

AI can flag the risk, but only humans can close the loop 2025-11-05 at 09:07 By Mirko Zorz In this Help Net Security interview, Dilek Çilingir, Global Forensic & Integrity Services Leader at EY, discusses how AI is transforming third-party assessments and due diligence. She explains how machine learning and behavioral analytics help organizations detect

AI can flag the risk, but only humans can close the loop Read More »

Google says 2026 will be the year AI supercharges cybercrime

Google says 2026 will be the year AI supercharges cybercrime 2025-11-05 at 07:06 By Anamarija Pogorelec Security leaders are staring down a year of major change. In its Cybersecurity Forecast 2026, Google paints a picture of a threat landscape transformed by AI, supercharged cybercrime, and increasingly aggressive nation-state operations. Attackers are moving faster, scaling their

Google says 2026 will be the year AI supercharges cybercrime Read More »

Scattered LAPSUS$ Hunters: Anatomy of a Federated Cybercriminal Brand

Scattered LAPSUS$ Hunters: Anatomy of a Federated Cybercriminal Brand 2025-11-04 at 16:27 By Trustwave SpiderLabs’ Cyber Threat Intelligence team is tracking the recent emergence of what appears to be the consolidation of three well-known threat groups into a “federated alliance” that offers, among its activities, Extortion-as-a-Service (EaaS). This article is an excerpt from SpiderLabs Blog

Scattered LAPSUS$ Hunters: Anatomy of a Federated Cybercriminal Brand Read More »

How Software Development Teams Can Securely and Ethically Deploy AI Tools

How Software Development Teams Can Securely and Ethically Deploy AI Tools 2025-11-03 at 18:13 By Matias Madou To deploy AI tools securely and ethically, teams must balance innovation with accountability—establishing strong governance, upskilling developers, and enforcing rigorous code reviews. The post How Software Development Teams Can Securely and Ethically Deploy AI Tools appeared first on

How Software Development Teams Can Securely and Ethically Deploy AI Tools Read More »

Claude AI APIs Can Be Abused for Data Exfiltration

Claude AI APIs Can Be Abused for Data Exfiltration 2025-11-03 at 15:57 By Ionut Arghire An attacker can inject indirect prompts to trick the model into harvesting user data and sending it to the attacker’s account. The post Claude AI APIs Can Be Abused for Data Exfiltration appeared first on SecurityWeek. This article is an

Claude AI APIs Can Be Abused for Data Exfiltration Read More »

Employees keep finding new ways around company access controls

Employees keep finding new ways around company access controls 2025-11-03 at 07:30 By Anamarija Pogorelec AI, SaaS, and personal devices are changing how people get work done, but the tools that protect company systems have not kept up, according to 1Password. Tools like SSO, MDM, and IAM no longer align with how employees and AI

Employees keep finding new ways around company access controls Read More »

Scroll to Top