Russian hacker uses multiple AI tools to break hundreds of firewalls

A low-skilled threat actor was able to do a lot with the help of AI, Amazon researchers warn.
The Hacker News

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Researchers uncover wormable XMRig campaign using BYOVD exploit and LLM-built React2Shell attacks hitting 90+ hosts.
Computing

AI-powered hacker breaches 600 FortiGate firewalls, Amazon warns

An AI-assisted hacker campaign breached over 600 FortiGate firewalls worldwide by exploiting weak credentials and public interfaces in a chilling demonstration of how generative AI ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

AI helps novice threat actor compromise FortiGate devices in dozens of countries

Generative AI tools analyzed target networks and wrote exploit code, enabling an opportunistic attacker to have an outsized ...

Amazon says Russian-speaking hacker used AI to hit one of world's most deployed network firewalls in 5 weeks

A lone attacker, leveraging commercial AI tools, has breached over 600 organizations globally in just over a month.
Security Boulevard

Attacker Breached 600 FortiGate Appliances in AI-Assisted Campaign: Amazon

A bad actor used AI tools to compromise more than 600 FortiGate appliances around the world in five weeks, Amazon says, the latest example of how hackers are increasing are using the technology to ...
InfoQ

Anthropic Study: AI Coding Assistance Reduces Developer Skill Mastery by 17%

Anthropic research shows developers using AI assistance scored 17% lower on comprehension tests when learning new coding ...
Infosecurity Magazine

Fraud Investigation Reveals Sophisticated Python Malware

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack ...
CSO Online

New Arkanix stealer blends rapid Python harvesting with stealthier C++ payloads

The Arkanix infostealer combines LLM-assisted development with a malware-as-a-service model, using dual language implementations to maximize reach and establish persistence.