Experimental News Clipping Site

Tag: tactics

  • The Register: Shell to pay: Crims invade your PC with CastleRAT malware, now in C and Python

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/05/clickfix_castlerat_malware/ Source: The Register Title: Shell to pay: Crims invade your PC with CastleRAT malware, now in C and Python Feedly Summary: Pro tip, don’t install PowerShell commands without approval A team of data thieves has doubled down by developing its CastleRAT malware in both Python and C variants. Both versions spread by…

  • Schneier on Security: GPT-4o-mini Falls for Psychological Manipulation

    by

    Kurt Seifried
    in

    Source URL: https://www.schneier.com/blog/archives/2025/09/gpt-4o-mini-falls-for-psychological-manipulation.html Source: Schneier on Security Title: GPT-4o-mini Falls for Psychological Manipulation Feedly Summary: Interesting experiment: To design their experiment, the University of Pennsylvania researchers tested 2024’s GPT-4o-mini model on two requests that it should ideally refuse: calling the user a jerk and giving directions for how to synthesize lidocaine. The researchers created experimental…

  • Slashdot: India’s AI Story Is ‘All Talk, Little Substance,’ Says Bernstein

    by

    Kurt Seifried
    in

    Source URL: https://slashdot.org/story/25/09/04/1231230/indias-ai-story-is-all-talk-little-substance-says-bernstein?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: India’s AI Story Is ‘All Talk, Little Substance,’ Says Bernstein Feedly Summary: AI Summary and Description: Yes Summary: The text describes a warning from investment research firm Bernstein regarding potential challenges that India faces in the AI sector due to aggressive pricing strategies from US technology companies. The report…

  • The Register: Crims claim HexStrike AI penetration tool makes quick work of Citrix bugs

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/03/hexstrike_ai_citrix_exploits/ Source: The Register Title: Crims claim HexStrike AI penetration tool makes quick work of Citrix bugs Feedly Summary: LLMs and 0-days – what could possibly go wrong? Attackers on underground forums claimed they were using HexStrike AI, an open-source red-teaming tool, against Citrix NetScaler vulnerabilities within hours of disclosure, according to Check…

  • The Register: It looks like you’re ransoming data. Would you like some help?

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/03/ransomware_ai_abuse/ Source: The Register Title: It looks like you’re ransoming data. Would you like some help? Feedly Summary: AI-powered ransomware, extortion chatbots, vibe hacking … just wait until agents replace affiliates It’s no secret that AI tools make it easier for cybercriminals to steal sensitive data and then extort victim organizations. But two…

  • Slashdot: AI-Powered Drone Swarms Have Now Entered the Battlefield

    by

    Kurt Seifried
    in

    Source URL: https://tech.slashdot.org/story/25/09/02/2139235/ai-powered-drone-swarms-have-now-entered-the-battlefield?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: AI-Powered Drone Swarms Have Now Entered the Battlefield Feedly Summary: AI Summary and Description: Yes Summary: The provided text highlights Ukraine’s innovative use of artificial intelligence in coordinating drone swarm attacks against Russian positions. This technology marks a significant advancement in military applications of AI and drone warfare, showcasing…

  • Unit 42: Model Namespace Reuse: An AI Supply-Chain Attack Exploiting Model Name Trust

    by

    Kurt Seifried
    in

    Source URL: https://unit42.paloaltonetworks.com/model-namespace-reuse/ Source: Unit 42 Title: Model Namespace Reuse: An AI Supply-Chain Attack Exploiting Model Name Trust Feedly Summary: Model namespace reuse is a potential security risk in the AI supply chain. Attackers can misuse platforms like Hugging Face for remote code execution. The post Model Namespace Reuse: An AI Supply-Chain Attack Exploiting Model…

  • Krebs on Security: The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/ Source: Krebs on Security Title: The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft Feedly Summary: The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate…

  • The Cloudflare Blog: Automating threat analysis and response with Cloudy

    by

    Kurt Seifried
    in

    Source URL: https://blog.cloudflare.com/automating-threat-analysis-and-response-with-cloudy/ Source: The Cloudflare Blog Title: Automating threat analysis and response with Cloudy Feedly Summary: Cloudy now supercharges analytics investigations and Cloudforce One threat intelligence! Get instant insights from threat events and APIs on APTs, DDoS, cybercrime & more – powered by Workers AI. AI Summary and Description: Yes Summary: The text discusses…