The Silicon Conquistadors: Humanity and Digital Colonialism in the Age of AI
We don’t have to wait for AI to develop self-awareness and (perhaps more unlikely) ethical self-control to have a serious conversation about the dangers of this new trend.
ai
Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform
Tel Aviv, Israel based Tenzai has developed an AI-driven platform for penetration testing, which it says can continuously identify and address vulnerabilities.
The post Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform a…
‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics
Attackers intercepting network traffic can determine the conversation topic with a chatbot despite end-to-end encrypted communication.
The post ‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics appeared first on SecurityWeek.
Prompt Injection in AI Browsers
This is why AIs are not ready to be personal assistants:
A new attack called ‘CometJacking’ exploits URL parameters to pass to Perplexity’s Comet AI browser hidden instructions that allow access to sensitive data from connected services, like email and calendar.
In a realistic scenario, no credentials or user interaction are required and a threat actor can leverage the attack by simply exposing a maliciously crafted URL to targeted users.
[…]
CometJacking is a prompt-injection attack where the query string processed by the Comet AI browser contains malicious instructions added using the ‘collection’ parameter of the URL…
Cisco Finds Open-Weight AI Models Easy to Exploit in Long Chats
Cisco’s new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data.
65% of Top AI Firms Found Exposing Verified API Keys and Tokens on GitHub
A comprehensive security analysis has uncovered a troubling reality: 65% of leading AI companies have leaked verified secrets on GitHub, exposing critical API keys, authentication tokens, and sensitive credentials that could compromise their entire org…
Many Forbes AI 50 Companies Leak Secrets on GitHub
Wiz found the secrets and warned that they can expose training data, organizational structures, and private models.
The post Many Forbes AI 50 Companies Leak Secrets on GitHub appeared first on SecurityWeek.
Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting
With a 4M cybersecurity worker shortage, agentic AI helps SOCs move beyond triage, enabling proactive security once thought impossible. With a deficit of 4 million cybersecurity workers worldwide, it’s no surprise that most SOCs are still stuck in triage mode. That’s why agentic AI is stepping in to fill the gap. And this boost to […]
AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack
Microsoft uncovered Whisper Leak, a side-channel attack that lets network snoopers infer AI chat topics despite encryption, risking user privacy. Microsoft revealed a new side-channel attack called Whisper Leak, which lets attackers who can monitor network traffic infer what users discuss with remote language models, even when the data is encrypted. The company warned that […]
Ambassador Kwatra Engages Intel CEO to Advance India’s Semiconductor And AI Ambitions
US Ambassador to India, Vinay Mohan Kwatra, held a strategic meeting with Intel CEO, Lip Bu Tan, in Washington DC to deepen collaboration between the global tech giant and India’s semiconductor and Artificial Intelligence ecosystem.The interaction focused on aligning Intel’s India expansion with the Government’s vision under the India Semiconductor Mission (ISM) and the India AI Mission.In a post