A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from developer machines and deliver a self-propagating worm.
“This is effectively a Mini Shai-Hulud campaign: it uses the same core tactics of install-time execution, credential harvesting, CI/CD targeting, encrypted exfiltration, and potential
from The Hacker News https://ift.tt/kt45CwY
Monday hit like a cron job with anger issues.
A busted auth path here, a repo-side faceplant there, some “patched-ish” thing already getting chewed on in the wild, and then the usual bonus round: poisoned dev tools, sketchy forum chatter, phishing kits pretending to be productivity, and AI lowering the bar for people who already thought ‘curl | sh’ had a personality.
The vibe is simple: old
via The Hacker News https://ift.tt/fakAgvS
Securing AI systems represents cybersecurity’s next frontier, creating specialized career paths as organizations grapple with novel vulnerabilities, regulatory requirements, and cross-functional demands.
from darkreading https://ift.tt/jM8lZiJ
via IFTTT
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
from SANS Internet Storm Center, InfoCON: green https://ift.tt/wtOWN8H
via IFTTT
In recent media events, Tesla has demoed progressively more sophisticated versions of its Optimus robots. The sales pitch is pretty simple: "Current AI" is fun, but what we really need is not something to create more funny kitten pictures. We need AI to load and empty dishwashers, fold laundry, and mow lawns. But the robot has not been for sale yet, and there is no firm release date.
In the past, Tesla has accepted preorders for future products, asking for a deposit, which in some cases was even refundable. But aside from an April Fool's posting announcing such a presale, as far as I can tell, no presale has been offered by Tesla.
However, if you search for "Optimus Tesla preorder" and other similar terms, sites claiming to offer Optimus preorders will be advertised.
These are sponsored listings. The official Tesla site (without the preorder option) shows below these fake links.
We have often seen sponsored listings like this used to advertise malware. But in this case, I suspect, the goal is simply to steal money from people willing to pay for preorders. The interesting twist is that the theft may remain unnoticed until the customer expects delivery, which may be months or years from now.
So far, I have seen these ads lead to three different websites:
Other suspect domains:
The sites display a complete copy of a slightly older design of the Tesla.com website. As far as I can tell, the design does not include a login page. Standard phishing does not appear to be the goal here. Not having a login page may make it easier to hide that no orders are being placed. Customers will not be able to use the fake site to check their order status.
It asks for a $250 non-refundable deposit, which aligns with what Tesla asked for in prior preorder events.
I tried to place an order with a test credit card number, and it was accepted, showing that the credit card was not charged (yet?). Next, I was directed to auth.cp-tesla.com to set up an account. I never received the e-mail confirmation, so I am not sure if my spam filters dropped it or if it is supposed to fail. The original Tesla site uses "auth.tesla.com" for authentication.
Setting up credit card processing for a fake site is likely too complicated, and I assume the site just collects the payment card data to later use the cards on other sites for fraudulent orders or just to resell the payment card data (are there still "Carder" forums? Have not looked at that in a while). So far, the fake sites have only been available for a few days before being shut down. I assume that Tesla monitors these sites and sends takedown requests as they find them.
Preorders are accepted not only for Optimus robots but also for other Tesla products. Interestingly, the data is sent to different sites, not just to the original site. One URL used is https://ift.tt/L5wjOts. There are a few open directory listings on offers-tesla.com (for example,/api and /js). File dates are from March and May 2025, which is likely around the time the Tesla site was copied. The fake site is hosted behind Cloudflare.
—
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Social Media Links: https://jbu.me
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
from SANS Internet Storm Center, InfoCON: green https://ift.tt/uaWwJbs
via IFTTT
Cybersecurity researchers have uncovered a jailbreak technique to bypass ethical guardrails erected by OpenAI in its latest large language model (LLM) GPT-5 and produce illicit instructions.
Generative artificial intelligence (AI) security platform NeuralTrust said it combined a known technique called Echo Chamber with narrative-driven steering to trick the model into producing undesirable
from The Hacker News https://ift.tt/7NqE6r9
via IFTTT
Security startups of all stripes submitted applications for Black Hat USA’s Startup Spotlight. Prime Security won with its AI security architect platform.
from darkreading https://ift.tt/u91ZOf7
via IFTTT
from darkreading https://ift.tt/04Mij8R
via IFTTT
LAS VEGAS — One of the big worries during the generative AI boom is where exactly data is traveling when users enter queries or commands into the system. According to new research, those worries may also extend to one of the world’s most popular consumer technology companies.
Apple’s artificial intelligence ecosystem, known as Apple Intelligence, routinely transmits sensitive user data to company servers beyond what its privacy policies indicate, according to Israeli cybersecurity firm Lumia Security.
The research, presented Wednesday at the 2025 Black Hat USA conference, detailed how Apple’s Siri assistant sends the content of dictated messages and commands, including WhatsApp communications, to Apple servers even when such transmission isn’t necessary to complete user requests. The data flows occur outside Apple’s heavily promoted Private Cloud Compute system, which the company markets as providing enhanced privacy protections.
The research comes as Apple has long positioned itself as a privacy-focused company, building marketing campaigns around the company’s concentration on privacy for individual users
The investigation, led by Lumia senior security researcher Yoav Magid, concentrated on several different ways users can interact with Siri. While Siri has been around since 2010, the company announced it was part of Apple Intelligence in 2024.
Magid showed that when given a prompt, Siri automatically scans users’ devices for installed applications related to voice queries and transmits this information to Apple servers. When a user asks about weather, for example, Siri identifies and reports all weather-related apps on the device. Additionally, location data accompanies every Siri request regardless of whether location information is relevant to the query.
Further research showed that audio playback metadata, including the names of songs, podcasts, or videos being played, is sent to Apple servers without explicit user visibility into these data flows.
Perhaps most significantly, the research found that messages dictated through Siri to platforms like WhatsApp are transmitted to Apple servers, raising questions about the end-to-end encryption functionality built into WhatsApp. Magid found these messages are sent through Apple’s Private Cloud Compute infrastructure, which is specifically designed to provide additional privacy protections for sensitive AI processing tasks.
The practice raises questions about end-to-end encryption claims made by messaging platforms, since message content leaves the device through Apple’s systems before reaching intended recipients.
Testing revealed that message transmission to Apple servers continues even when users explicitly disable settings that allow Siri to “learn” from specific applications or network communication to Apple servers is blocked.
“I’m not quite sure why this communication is necessary,” Magid said.
In the course of conducting the research, he found that Apple sometimes processes the data depending on whether a request is processed through traditional Siri infrastructure or the newer Apple Intelligence system.
Similar queries can trigger different data- handling practices with different privacy implications. For example, asking “What is the weather today?” sends data to Siri servers under one privacy policy, while “Ask ChatGPT what is the weather today?” routes the request through Apple Intelligence’s Private Cloud Compute under different terms.
“Two similar questions, two different traffic flows, two different privacy policies,” Magid noted in a blog.
This dual system means users have no way to predict which privacy framework applies to their interactions, creating uncertainty about how their data will be handled.
Apple acknowledged some aspects of the research findings after Lumia reported the issues in February. Initially, Magid said Apple indicated it would work toward fixes for identified problems.
However, by July, Magid said that Apple shifted its position, telling researchers that the message transmission behavior was not a privacy issue related to Apple Intelligence, but rather stemmed from third-party services’ use of SiriKit, Apple’s extension system for integrating external apps with Siri.
The company maintained that Siri’s servers operate separately from Apple’s Private Cloud Compute system, though this distinction is not clearly communicated to users.
Apple disputed characterizations that the data collection represented privacy violations, arguing that existing policies adequately disclose the practices.
The company told CyberScoop that it “respectfully disagrees” with the research, with an Apple spokesperson pointing back to the functionality of SiriKit and the privacy policies regarding Siri.
The research highlights how traditional privacy frameworks may be inadequate for governing AI systems that require extensive data analysis to function effectively. The complexity of modern AI systems makes it difficult for users to understand when their data is being transmitted to external servers, processed locally, or shared with third parties.
For enterprise users, the findings could raise compliance concerns when sensitive corporate information potentially leaves organizational networks through employee devices running Apple Intelligence.
“AI capabilities are now all around us. Any typical app these days incorporates AI, whether it’s Grammarly, Canva or Salesforce,” Magid wrote in the blog. “Knowing when a feature is powered by AI or not, is not really trivial anymore.”
The post Research reveals possible privacy gaps in Apple Intelligence’s data handling appeared first on CyberScoop.
from CyberScoop https://ift.tt/LZyCtTJ
via IFTTT
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
from SANS Internet Storm Center, InfoCON: green https://ift.tt/LIEea2j
via IFTTT