Jailbroken Gemini Used to Orchestrate Crypto Scam Targeting QAnon and MAGA Communities
A report from TrendAI reveals how a Russian-speaking threat actor weaponized jailbroken Gemini LLMs to impersonate US veterans and drain cryptocurrency wallets.
Tag: AI and cybersecurity risks
The ‘Semantic’ Supply Chain: How Minor Text Edits Can Turn AI Agents Rogue
Researchers from the University of Maryland reveal how small changes to natural language in AI skill files can bypass security filters and hijack agent behavior.
Kash Patel’s ‘Based Apparel’ Site Goes Dark Following Malware Reports
Based Apparel, the clothing brand owned by FBI Director Kash Patel, has taken its website offline after reports of infostealer malware targeting visitors.
Google API Keys Remain Active for 23 Minutes After Deletion, Security Researchers Warn
Security researchers at Aikido discover a critical delay in Google API key revocation, allowing attackers to exfiltrate data and run up massive bills after keys are deleted.
NTSB Shuts Down Public Database After AI Users Reconstruct Dead Pilots’ Voices from Spectrograms
The NTSB has temporarily disabled its public accident database after internet users used AI and the Griffin-Lim algorithm to recreate audio from a fatal UPS crash.
NTSB Shuts Down Public Database After AI Users ‘Reverse Engineer’ Dead Pilots’ Voices
The NTSB has suspended access to its civil transportation accident database after internet users used AI and spectrograms to recreate audio of a fatal UPS crash.
yt-dlp Cuts Ties With Newer Bun Versions, Citing ‘Vibe-Coding’ and Security Risks
The popular media downloader yt-dlp is limiting and deprecating Bun support, citing security flaws and a shift toward AI-generated 'vibe-coding' in Bun's codebase.
CISA Under Fire After Contractor Leaks AWS GovCloud Keys on Public GitHub
Members of Congress are demanding answers from CISA after a contractor exposed critical AWS GovCloud keys and agency secrets via a public GitHub repository.
Europol Takedown of ‘First VPN’ Exposes Thousands of Cybercriminals Who Thought They Were Invisible
International law enforcement agencies have dismantled First VPN, a service marketed to Russian-speaking cybercriminals as a secure, no-logs haven.
yt-dlp Limits Bun Support After ‘Vibe-Coding’ Shift and Security Concerns
Popular media downloader yt-dlp is limiting and deprecating support for the Bun JavaScript runtime, citing security risks and a shift toward 'vibe-coding' in Bun's development.