Research Archives

Underground AI models promise to be hackers ‘cyber pentesting waifu’

Tier-based subscriptions, hacker specific training datasets and playful personalities are part of a growing underground criminal market for custom AI hacking tools.

4 days ago By Derek B. Johnson

Binary code depicted in waves. (iStock/Getty Images)

Shai-Hulud worm returns stronger and more automated than ever before

Self-replicating malware has infected almost 500 open-source packages, exposing more than 26,000 GitHub repositories in less than 24 hours.

5 days ago By Matt Kapko

New research finds that Claude breaks bad if you teach it to cheat

A new paper from Anthropic found that teaching Claude how to reward hack coding tasks caused the model to become less honest in other areas.

5 days ago By Derek B. Johnson

Binary code and missile launchers. (Anton Petrus/Getty Images)

Amazon warns of global rise in specialized cyber-enabled kinetic targeting

The company said the boundaries between cyber and physical attacks are dissolving as nation-states use network intrusions to aid military targeting in real time.

Nov 19, 2025 By Matt Kapko

cryptomining cryptojacking cryptocurrency — (Getty Images)

Hackers turn open-source AI framework into global cryptojacking operation

Malicious hackers have been attacking the development environment of an open-source AI framework, twisting its functions into a global cryptojacking bot for profit, according to researchers at…

Nov 18, 2025 By Derek B. Johnson

Fortinet office in Burnaby, BC, Canada, July 7, 2023. (Getty Images)

Fortinet’s delayed alert on actively exploited defect put defenders at a disadvantage

The security vendor silently patched a vulnerability, but did not assign the flaw a CVE or publicly disclose its existence until 17 days later. By then, widespread…

Nov 17, 2025 By Matt Kapko

The Claude by Anthropic app logo appears on the screen of a smartphone. (Photo by Jaque Silva/NurPhoto via Getty Images)

China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work

Anthropic and AI security experts told CyberScoop that behind the hype, effective AI-driven cyberattacks still require skilled humans, with the attack possibly done to send a message…

Nov 14, 2025 By Derek B. Johnson

A wave breaks against a pier and a lighthouse as storm Ana smashes into France in Cassis on December 11, 2017, southeastern France. (Photo by BORIS HORVAT / AFP) (Photo by BORIS HORVAT/AFP via Getty Images)

Google, researchers see signs that Lighthouse text scammers disrupted after lawsuit

SecAlliance and Silent Push confirmed that the suspected Chinese operators of the phishing kit appear to have been affected.

Nov 14, 2025 By Tim Starks

Binary code displayed on a screen reflected in glasses. (Jakub Porzycki/NurPhoto via Getty Images)

Amazon pins Cisco, Citrix zero-day attacks to APT group

The vendors disclosed and patched the defects last summer, but not before advanced attackers exploited the vulnerabilities to likely gain prolonged access for espionage, according to Amazon.

Nov 12, 2025 By Matt Kapko

Amazon told some customers Wednesday that a technical problem may have resulted in their information being exposed. (Getty Images)

Amazon rolls out AI bug bounty program

Select researchers and academic teams will get access to Amazon’s NOVA models next year as the tech giant continues to integrate the AI tools into its own…

Nov 11, 2025 By Derek B. Johnson