Anthropic publicly accused Chinese AI laboratories of systematically extracting knowledge from its Claude models through distillation attacks, releasing new detection and prevention research as the US debates AI chip export controls.
Microsoft Copilot bypassed DLP policies and sensitivity labels twice in eight months — including a four-week exposure affecting the UK's NHS — revealing a systemic blind spot in enterprise AI security stacks.
Anthropic has released Claude Code Security, a new AI-powered application security tool that scans codebases for complex vulnerabilities using human-like reasoning, sending cybersecurity stocks tumbling on the news.
Cybersecurity experts warn Moltbook, a social network for AI agents, poses prompt injection risks that could compromise thousands of agents simultaneously.
UF scientists create HMNS method to test AI safety measures, successfully bypassing Meta and Microsoft systems to identify security vulnerabilities.
OpenAI's latest AI model demonstrates alarming capability to drain cryptocurrency wallets, successfully exploiting vulnerable smart contracts in 72% of tests.
Treasury Department releases six resources to strengthen AI security and risk management across financial sector through AIEOG partnership.
Microsoft confirms a critical bug allowed Copilot AI to summarize confidential emails since January, bypassing data loss prevention policies in Microsoft 365.
Gartner warns 57% of employees use personal GenAI for work as autonomous AI agents and post-quantum cryptography threats reshape cybersecurity landscape.
Chinese state-backed hacking group APT31 leveraged Google's Gemini AI to automate vulnerability analysis and plan cyberattacks against US targets, marking a significant escalation in AI-powered cyber warfare.
University of Regina researchers have enhanced the CIPHER disinformation detection tool with AI capabilities to combat false narratives targeting Canadians. The system analyzes Russian propaganda campaigns and is expanding to decode Chinese-language disinformation.
Google reports commercially motivated actors conducted distillation attacks on Gemini with over 100,000 prompts to extract AI model capabilities and intellectual property.
APT groups from China, North Korea, and Iran use Google Gemini for reconnaissance, malware coding, and phishing campaigns, Google GTIG reveals.
Groundbreaking research exposes the industrial-scale proliferation of deepfake fraud, highlighting urgent cybersecurity threats posed by AI-generated synthetic media.
Misconfigured Firebase backend exposes 300M AI chat messages from 25M users, including full conversation histories and configurations.
Microsoft researchers unveil detection method for poisoned AI models achieving 88% accuracy with zero false positives across 47 sleeper agent models.
Cybersecurity researchers warn that AI agents are rapidly expanding the attack surface, with 95% of Model Context Protocol (MCP) deployments running on employee endpoints with no security visibility. GreyNoise recorded over 91,000 attack sessions on LLM infrastructure in three months, while nation-states like Iran and China are leveraging AI for cyberwarfare capabilities.
Federal agencies adopt GenAI browsers and autonomous purple teaming to address emerging AI security threats and evolving regulations.
OpenAI, Anthropic, and Google DeepMind researchers bypassed 12 published AI defenses at 90%+ rates, exposing critical security gaps in production systems.
A prompt injection vulnerability has been discovered in Anthropic's new Claude Cowork AI, which could allow attackers to exfiltrate sensitive files from users' accounts.
