Loading...
News reporting focused on AI and machine learning, covering the companies behind these technologies, their real-world applications, and the ethical concerns they raise. This includes areas like generative AI (large language models, text-to-image and video), speech tech, and predictive analytics.
A security researcher built a deliberately vulnerable book review app and spent $1,500 testing 16 different large language models on their ability to exploit a common misconfiguration. GPT-5.5 succeeded 7 out of 10 times, while several models like Gemini and Claude hit security guardrails or never found the right attack vector.
Security researchers at PromptArmor have discovered that Microsoft Copilot Cowork is vulnerable to file exfiltration attacks through indirect prompt injection. The flaw exploits automatic approval for sending messages to the active user, allowing attackers to steal pre-authenticated download links to files in SharePoint and OneDrive.
Security researchers at Mindgard used praise and gaslighting to get Anthropic's Claude AI to produce bomb-building steps, malicious code, and erotica without direct prompts. The technique exploited Claude's helpful nature on the Sonnet 4.5 model. Anthropic has not responded to the findings shared in mid-April.
A group of North Korean hackers, dubbed HexagonalRodent by cybersecurity firm Expel, used AI tools from OpenAI, Cursor, and Anima to conduct a cybercrime operation. They targeted crypto developers with fake job offers and malware, stealing up to $12 million in cryptocurrency over three months. Security researcher Marcus Hutchins notes that AI allowed unskilled operators to execute the campaign effectively.