Unbiased AI-powered news
Google security researchers identified malicious code with distinct AI characteristics used to target an open-source IT administration tool. The company alerted the vendor and halted a planned mass exploitation operation. Hackers linked to Chinese and North Korean intelligence were also found using Google’s Gemini chatbot to research cyberattack targets.
ForbesGoogle issued a warning on Monday that artificial intelligence had helped criminals successfully develop a zero-day exploit for the first time. The tech giant’s security researchers found evidence that hackers had created such an exploit targeting an unnamed open-source, web-based IT admin tool.
A mass vulnerability exploitation operation targeting the tool was in the works before Google stopped the attack by alerting the vendor.
Zero-day exploits are small programs that target previously-unknown and unpatched vulnerabilities to install malware and access data. The malicious code showed a number of signs that artificial intelligence helped write it. The code was structured in a way highly characteristic of AI, including a textbook use of the Python language and detailed help menus not typically seen in human-written programming.
It also contained an AI hallucination referencing a vulnerability that did not exist. Google said it had discovered hackers working for Chinese and North Korean intelligence using its Gemini AI chatbot to research potential cyberattack targets. In one case, the Chinese-linked cybercrime group UNC2814 tricked Gemini by asking it to act like a network security expert, after which Gemini agreed to look for vulnerabilities in TP-Link routers.
U.S. for security reasons. John Hultquist, chief analyst of the Google Threat Intelligence Group, said North Korea was a very early adopter of AI. He said North Korea was moving from phishing to developing cyberattacks on company and government networks.
“It’s interesting because this is an area where they have typically not focused, preferring to do social engineering,” Hultquist said. ” Google’s discovery of an AI zero-day exploit is the latest in a growing number of instances where hackers used AI as a kind of cybercriminal copilot.
In May, Dragos Security said hackers used Anthropic’s Claude to try to target municipal water and drainage utility systems in Monterrey, Mexico, earlier this year.
Eyal Sela first documented the attacks using Claude against utilities in Monterrey, Mexico. Eyal Sela is director of threat intelligence at Gambit Security. Sela told Forbes that Google’s discovery of an AI-written zero-day showed how early adopters were benefitting from the wealth of new automated coding technology.
“There are some things that used to require months and years of experience that can be done almost instantaneously,” Sela said. Forbes reported that even low-skilled hackers can use AI to carry out attacks using techniques they don’t understand.
Single source — no framing comparison available.
espn.comFIFA launched an inquiry after footage showed an Argentina supporter confronting American influencer IShowSpeed at Hard Rock Stadium during a 3-2 win over Cape Verde. The incident occurred on 3 July during the last-32 fixture.
livemint.comCnbc reported that OpenAI offered the Trump administration a 5% stake. Kalshi traders assign less than 30% odds the government takes equity in OpenAI or Anthropic this year. Similar probabilities exceed 60% for several quantum and semiconductor firms.
americanbanker.comA draft Treasury Department report obtained by NOTUS warns that an artificial intelligence downturn could threaten millions of Americans' retirement savings through exposure in stock markets and index funds. The analysis contrasts with public support for AI investment from Treasu…