A new AI-powered computer worm could prove to be the stuff of cybersecurity nightmares

University of Toronto researchers built a worm powered by open-weight AI that adapts to its targets. Experts say it changes ...
Bleeping Computer

Google: Hackers used AI to develop zero-day exploit for web admin tool

Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web administration tool was likely generated using AI. The exploit could be leveraged ...
Dark Reading

Hackers Use AI for Exploit Development, Attack Automation

Threat actors are abusing AI tools in increasingly sophisticated ways, including exploit development and attack orchestration. Google today published new research tracking how adversaries leverage AI ...
Bleeping Computer

US sanctions Russian broker for buying stolen zero-day exploits

The U.S. Treasury Department has sanctioned a Russian exploit broker who bought stolen hacking tools from a former executive of a U.S. defense contractor. The Department's Office of Foreign Assets ...
PC World

Security expert publishes Windows exploit after Microsoft went silent

PCWorld reports on the ‘BlueHammer’ zero-day vulnerability that allows attackers to potentially take over Windows computers through privilege escalation. A frustrated security researcher published the ...
CBS News

Anthropic's Mythos AI can spot weaknesses in almost every computer on Earth. Uh-oh.

Anthropic's latest AI technology, called Mythos, is so powerful at revealing software vulnerabilities that the company is afraid to release the model publicly lest it fall into the hands of bad actors ...
Tidbits

What Anthropic’s Mythos and Project Glasswing Mean for Your Apple Devices

Anthropic, the company behind the Claude AI chatbot, made two security announcements that were shocking for many but seen as inevitable by those of us working in AI security. First, it announced ...
Computer Weekly

Computer Misuse Act reform to move forward in National Security Bill

The long-awaited reform of Britain’s outdated Computer Misuse Act of 1990 – which has hamstrung the work of the nation’s cyber security professionals and researchers for years – is to be included in a ...