News/Cybersecurity
Practical effects: Marines outsmart AI surveillance with cardboard boxes and tree costumes
U.S. Marines successfully outsmarted an advanced AI surveillance system during a DARPA experiment by using creative tactics including hiding in cardboard boxes, somersaulting across terrain, and disguising themselves as trees. The demonstration revealed significant limitations in current AI technology, showing how systems trained on specific datasets can be easily fooled by scenarios outside their training parameters—a critical vulnerability in military applications where adversaries actively seek to exploit weaknesses. What happened: Eight Marines managed to approach and touch an AI-powered detection robot without being identified during DARPA's Squad X program testing. The AI system had undergone six days of intensive training...
read Aug 21, 2025AI-powered search makes phone scams easier—here’s how to protect yourself
Artificial intelligence has fundamentally changed how people search for information online, but this technological leap has created an unexpected vulnerability: scammers are now exploiting AI-powered search results to steal money from unsuspecting users looking for customer service numbers. Unlike traditional search engines that display multiple results for verification, AI systems like Google's AI Overviews and ChatGPT often present a single, authoritative-seeming answer. This streamlined approach, while convenient, creates a perfect storm for fraud when criminals manage to inject fake contact information into these AI responses. How scammers are exploiting AI search The mechanics of this scam are deceptively simple yet...
read Aug 20, 2025Job alert: Y Combinator-backed Coris hiring AI engineer for $125K-$160K fraud detection role
Coris, a Y Combinator-backed fintech startup, is hiring an AI Engineer to build machine learning systems for fraud detection and risk management in global commerce. The role combines advanced AI model optimization with backend infrastructure development, targeting candidates with 3+ years of experience in Python, PyTorch, and production ML systems for a salary range of $125K-$160K plus equity. What you should know: The position focuses on solving complex fraud detection challenges using AI-first approaches rather than traditional rule-based systems. Coris partners with major platforms like GoFundMe, Kajabi, and Clio to automate merchant onboarding and risk decisions. The company describes itself...
read Aug 18, 2025Palo Alto Networks forecasts $10.5B revenue from AI-driven cybersecurity demand
Palo Alto Networks forecast fiscal 2026 revenue and profit above Wall Street estimates, driven by growing demand for its AI-powered cybersecurity solutions. The company's strong outlook reflects an AI-driven upgrade cycle as enterprises accelerate cloud adoption and modernize security operations amid a wave of high-profile cyberattacks. Key financial projections: Palo Alto's guidance significantly exceeded analyst expectations across multiple metrics. The company projected annual revenue between $10.48 billion and $10.53 billion, above analysts' average estimate of $10.43 billion. Adjusted profit per share is expected to reach $3.75 to $3.85, surpassing estimates of $3.67 for the fiscal year. First-quarter revenue forecast of...
read Aug 15, 2025Anthropic bans Claude from helping develop CBRN weapons
Anthropic has updated its usage policy for Claude AI with more specific restrictions on dangerous weapons development, now explicitly banning the use of its chatbot to help create biological, chemical, radiological, or nuclear weapons. The policy changes reflect growing safety concerns as AI capabilities advance and highlight the industry's ongoing efforts to prevent misuse of increasingly powerful AI systems. Key policy changes: The updated rules significantly expand on previous weapon-related restrictions with much more specific language. • While the old policy generally prohibited using Claude to "produce, modify, design, market, or distribute weapons, explosives, dangerous materials or other systems designed...
read Aug 13, 2025Executives, even more than rank-and-file workers, would use AI despite workplace restrictions
Nearly half of U.S. employees trust artificial intelligence more than their co-workers, according to a new Calypso AI survey of 1,000 office workers. The finding suggests AI is increasingly viewed as more reliable than human colleagues, with experts attributing this shift to years of inconsistent leadership, office politics, and unclear communication rather than blind faith in technology. What you should know: The survey reveals widespread willingness to circumvent company AI policies for perceived benefits. 52% of employees said they would use AI to make their job easier, even if it violated company policy. Among executives, this figure jumps to 67%...
read Aug 13, 2025Alabama colleges develop AI policies balancing academic integrity with job readiness
Calhoun Community College and Athens State University in Alabama are developing comprehensive AI policies for classrooms as generative AI becomes more prevalent in education. The institutions are working to balance academic integrity concerns with the practical need to prepare students for AI-integrated workplaces, particularly in high-demand fields like cybersecurity. What you should know: Both colleges are still finalizing their AI policies, with approaches varying significantly by department and program focus. Calhoun currently categorizes AI use into three levels: restricted, limited, and integrated, with different rules applying across departments. The Computer Information Systems (CIS) division actively encourages AI use, recognizing that...
read Aug 12, 2025Creators are trying to roofie AI bots to prevent crawling and unauthorized training
Web-browsing bots now account for the majority of internet traffic for the first time, with AI company crawlers like ChatGPT-User and ClaudeBot representing 6% and 13% of all web traffic respectively. Content creators are fighting back with "AI poisoning" tools that corrupt training data, but these same techniques could be weaponized to spread misinformation at scale. The big picture: The battle between AI companies scraping data and content creators protecting their work has escalated beyond legal disputes into a technological arms race that could reshape how information flows across the internet. Key details: Major AI companies argue data scraping falls...
read Aug 12, 2025MIT startup helps police connect crimes across jurisdictions with AI
Multitude Insights, a three-year-old Somerville startup founded by MIT graduates, has developed AI-powered software to help police departments modernize crime bulletins and identify patterns across jurisdictions. The platform has been piloted by Boston, Brookline, and Watertown police departments among dozens of agencies across 10 states, representing a significant shift from traditional paper-based and faxed crime reporting systems. What you should know: The software replaces antiquated paper bulletins with digital templates and uses AI to connect crimes across multiple jurisdictions. Police officers can create digital crime bulletins using template forms instead of printed papers, PDFs, or faxed copies. AI analyzes multiple...
read Aug 12, 2025AI systems repeat the same security mistakes as 1990s internet
Cybersecurity researchers at Black Hat USA 2025, the world's premier information security conference, delivered a sobering message: artificial intelligence systems are repeating the same fundamental security mistakes that plagued the internet in the 1990s. The rush to deploy AI across business operations has created a dangerous blind spot where decades of hard-learned cybersecurity lessons are being forgotten. "AI agents are like a toddler. You have to follow them around and make sure they don't do dumb things," said Wendy Nather, senior research initiatives director at 1Password, a leading password management company. "We're also getting a whole new crop of people...
read Aug 11, 2025Survey reveals AI agents can control computers but create massive security risks
Researchers from Zhejiang University and OPPO AI Center have published the most comprehensive survey to date of "OS Agents"—AI systems that can autonomously control computers, mobile phones, and web browsers by directly interacting with their interfaces. The 30-page academic review, accepted for publication at the Association for Computational Linguistics conference, comes as major tech companies including OpenAI, Anthropic, Apple, and Google race to deploy AI agents capable of performing complex digital tasks, while highlighting significant security vulnerabilities that most organizations aren't prepared to address. The big picture: This technology represents a fundamental shift toward AI systems that can genuinely understand...
read Aug 11, 2025Financial firms deploy AI to auto-generate fraud rules as UK losses hit $1.3B
Financial services firms are increasingly deploying AI-powered fraud detection systems that automatically generate and optimize rules based on historical data patterns, replacing traditional manual rule creation. This shift comes as fraud losses in the UK reached £1.1 billion in 2024, with confirmed fraud cases rising 14% to 3.13 million, driven by more sophisticated AI-enabled attacks including deepfakes and synthetic identities. The scale of the problem: Fraud has become the most common crime in the UK, accounting for 41% of all crime in England and Wales, with financial services firms facing particular challenges. Q1 2024 saw 8,374 consumer complaints about fraud...
read Aug 11, 2025BOLO: Cybercriminals use AI to create perfect fake government websites
Cybercriminals have discovered a powerful new weapon in their arsenal: generative artificial intelligence. Security researchers recently uncovered a sophisticated phishing campaign where hackers used AI tools to create nearly perfect replicas of Brazilian government websites, demonstrating how machine learning is making online fraud more convincing and harder to detect. The fake websites were so convincing that they could easily fool unsuspecting citizens seeking government services. This represents a concerning evolution in cybercrime, where AI democratizes the ability to create professional-looking scams that previously required significant technical expertise. The anatomy of AI-powered government impersonation Zscaler ThreatLabz, a cybersecurity research division of...
read Aug 8, 2025Tesla driver filming at NSA facility with Grok AI sparks security review
A Tesla driver filmed himself using Elon Musk's "unhinged" Grok AI assistant while driving to work at a highly classified NSA facility, inadvertently capturing restricted government property in the process. US Cyber Command is now reviewing the incident after the video, which Musk amplified to over 16 million views on X, showed the driver entering and parking at the NSA's Friendship Annex in Maryland—a sensitive cyber espionage facility where recording is prohibited under federal law. What you should know: The video shows a Tesla driver entering NSA's Friendship Annex, a classified facility in Linthicum, Maryland, while testing Grok's controversial "unhinged...
read Aug 8, 2025Screenshot-to-caught: AI uses criminal screenshots to track malware campaigns
Cybersecurity researchers at Black Hat demonstrated how artificial intelligence can analyze screenshots left behind by cybercriminals to identify and track infostealer malware campaigns. The breakthrough technique uses dual large language models to process images that hackers inadvertently create while stealing data, potentially enabling earlier detection and prevention of these attacks. What you should know: Infostealer malware campaigns often leave digital breadcrumbs in the form of screenshots, which researchers can now analyze using AI to understand attack patterns. The malware typically spreads through fake cracked software downloads, stealing everything from crypto wallets to password manager data without requiring administrator privileges. Cybercriminals...
read Aug 6, 2025Nvidia rejects U.S. demands for AI chip backdoors and kill switches
Nvidia has rejected U.S. government demands to include backdoors and kill switches in its AI chips, with the company's chief security officer publishing a blog post calling such measures "an open invitation for disaster." The pushback comes as bipartisan lawmakers consider legislation requiring tracking technology in AI chips, while Chinese officials have alleged that backdoors already exist in Nvidia's hardware sold in China. What you should know: Nvidia's stance directly opposes the proposed Chip Security Act, which would mandate security measures including potential remote kill switches. The bipartisan bill introduced in May would require Nvidia and other manufacturers to include...
read Aug 6, 2025Researchers hack Google Gemini through calendar invites to control smart homes
Security researchers have successfully hacked Google's Gemini AI through poisoned calendar invitations, allowing them to remotely control smart home devices including lights, shutters, and boilers in a Tel Aviv apartment. The demonstration represents what researchers believe is the first time a generative AI hack has caused real-world physical consequences, highlighting critical security vulnerabilities as AI systems become increasingly integrated with connected devices and autonomous systems. What you should know: The attack exploits indirect prompt injection vulnerabilities in Gemini through malicious instructions embedded in Google Calendar invites. When users ask Gemini to summarize their calendar events, the AI processes hidden commands...
read Aug 6, 20252 LA residents charged with illegally exporting $10M in AI chips to China
Two Los Angeles County residents face federal charges for allegedly illegally exporting tens of millions of dollars' worth of artificial intelligence microchips to China over nearly three years. The case highlights ongoing U.S. efforts to prevent sensitive AI technology from reaching China amid growing geopolitical tensions over semiconductor exports. What you should know: Chuan Geng, 28, of Pasadena, and Shiwei Yang, 28, of El Monte, were arrested Saturday for allegedly violating federal export controls through their company ALX Solutions Inc. Both are Chinese nationals, with Geng holding lawful permanent resident status and Yang having overstayed her visa. They operated an...
read Aug 5, 2025Rose-Hulman launches computer science major with AI and cybersecurity tracks
Rose-Hulman Institute of Technology, a private engineering school in Indiana, has launched a redesigned computer science major featuring specialized tracks in artificial intelligence, cybersecurity, and data science. The restructured program offers two distinct pathways—one focused on industry-ready software development and another emphasizing research and theory—allowing students to tailor their education around emerging technologies and high-demand career fields. What you should know: The new unified computer science major replaces Rose-Hulman's previous program structure with a more flexible approach that addresses current industry needs. Students can choose between a Developer pathway for real-world software development and industry careers, or a Researcher pathway...
read Aug 5, 2025Microsoft’s AI prototype reverse engineers malware with 90% accuracy
Microsoft has developed Project Ire, an AI prototype that can autonomously reverse engineer malware without human assistance, automating one of cybersecurity's most challenging tasks. The system achieved 90% accuracy in identifying malicious Windows driver files with only a 2% false-positive rate, demonstrating clear potential for deployment alongside expert security teams. What you should know: Project Ire represents a significant advancement in automated malware detection, capable of analyzing software files with no prior information about their origin or purpose. The AI successfully detected sophisticated threats including Windows-based rootkits and malware designed to disable antivirus software by identifying their key behavioral patterns....
read Aug 5, 2025Perplexity pushes back, calls Cloudflare’s AI crawler claims “embarrassing errors”
Perplexity has fired back at Cloudflare's accusations that the AI company uses stealth crawlers to bypass website restrictions, calling the claims "embarrassing errors" and questioning Cloudflare's technical competence. The dispute escalates a growing battle over AI companies' data collection practices, with Perplexity accusing Cloudflare, a content delivery network provider, of fundamental misunderstandings about how modern AI assistants operate. The original accusations: Cloudflare claimed Perplexity was disguising its web crawlers as regular Chrome browsers to scrape content from sites that had explicitly blocked its official bots through robots.txt files and firewall rules.• The CDN company said it observed Perplexity rotating through...
read Aug 5, 2025AI-generated TikTok scams steal crypto from over 10K victims
Cybersecurity researchers have uncovered a sophisticated scam campaign where threat actors use AI-generated videos to impersonate TikTok Shop sellers, tricking users into depositing cryptocurrency and downloading malware. CTM360, a cybersecurity firm, identified over 10,000 phishing URLs and 5,000 malicious app download sites in what they describe as a "widespread, ongoing, malicious campaign" that exploits user trust in TikTok's brand recognition. What you should know: Scammers are creating fake TikTok Shop profiles complete with AI-generated content to appear legitimate while distributing malware called SparkKitty. The campaign uses replicas of TikTok Shop profiles with AI-generated videos to convince users they're interacting with...
read Aug 4, 2025Study reveals AI models can hide malicious reasoning while coding
Researchers at LessWrong have demonstrated that AI models can learn to hide malicious reasoning using encrypted or steganographic techniques, while still maintaining their ability to solve complex programming tasks. The study, conducted using OpenAI's GPT-4.1 models, reveals critical vulnerabilities in chain-of-thought monitoring—a proposed safety mechanism for overseeing advanced AI systems—and shows that "untrusted monitoring" using the same model type can partially detect such obfuscation. What they discovered: Language models can be trained to obfuscate their reasoning while inserting backdoors into code solutions, though this comes with performance trade-offs. Models trained with cipher-based obfuscation (random letter substitution) maintained 37.6% honest task...
read Aug 4, 2025New detector spots deepfakes beyond face-swaps with 99% accuracy
Researchers at UC Riverside have developed a "universal" deepfake detector that achieved record-breaking accuracy rates of 95-99% across multiple types of AI-manipulated videos. Unlike existing tools that focus primarily on face-swap detection, this new system can identify completely synthetic videos, background manipulations, and even realistic video game footage that might be mistaken for real content. What you should know: The detector represents a significant breakthrough in combating the growing threat of synthetic media across various applications. It monitors multiple background elements and facial features simultaneously, spotting subtle spatial and temporal inconsistencies that reveal AI manipulation. The system can detect inconsistent...
read