Latest news as of 4/19/2025, 4:13:08 AM
Dark Reading
Threat actors would be at least temporarily derailed, experts say. But the real issue ladders back to organizations’ weak cyber hygiene.
The Register
Using LLMs to pick programs, people, contracts to cut is bad enough – but doing it with Musk's Grok? Yikes A group of 48 House Democrats is concerned that Elon Musk's cost-trimmers at DOGE are being careless in their use of AI to help figure out where to slash, creating security risks and giving the oligarch's artificial intelligence lab an inside track to train its models on government info.…
Dark Reading
Identity verification, insurance claims, and financial services are all seeing surges in AI-enabled fraud, but organizations are taking advantage of AI systems to fight fire with fire.
Bleeping Computer
The Interlock ransomware gang now uses ClickFix attacks that impersonate IT tools to breach corporate networks and deploy file-encrypting malware on devices. [...]
Dark Reading
The notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal.
Bleeping Computer
OpenAI has launched three new reasoning models - o3, o4-mini, and o4-mini-high for Plus and Pro subscribers, but as it turns out, these models do not offer 'unlimited' usage as the non-reasoning 4o. [...]
The Register
Some in the infosec world definitely want to see Big Red crucified CISA – the US government's Cybersecurity and Infrastructure Security Agency – has issued an alert for those who missed Oracle grudgingly admitting some customer data was stolen from the database giant's public cloud infrastructure.…
Bleeping Computer
The FBI warns that scammers posing as FBI IC3 employees are offering to "help" fraud victims recover money lost to other scammers. [...]
Bleeping Computer
ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that could allow remote attackers to perform unauthorized execution of functions on the device. [...]
The Hacker News
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan