I’ve said from the beginning that the biggest risk with AI isn’t that it writes bad code. It’s that people are starting to trust it to make decisions it has no business making.
New research drives that point home.
Researchers have uncovered a new attack called HalluSquatting, and it exploits one of AI’s most well-known weaknesses: it would rather make something up than admit it doesn’t know the answer.
That behavior, which we’ve all come to know as hallucination, is no longer just an annoyance. It can now be turned into a weapon.
Here’s how it works. [Read more…]
For years, companies drilled one thing into employees’ heads: don’t trust weird emails. Problem is, attackers adapted. Instead of fighting against people’s skepticism around email, they moved to platforms employees already trust without thinking twice about it. One of the biggest targets right now is Microsoft Teams
A sinister campaign known as ShadowCaptcha is using over 100 compromised WordPress sites as unwitting hosts, redirecting visitors to fake CAPTCHA pages. These deceptive pages trigger malware delivery ranging from credential stealers to ransomware and cryptocurrency miners.
Hackers posing as IT support are targeting employees at large companies to sneak into their Salesforce systems and steal data. They start with a phone call, pretending to help with a routine issue. The real goal? To get the employee to connect to a fake version of Salesforce’s Data Loader tool. Once that happens, the attackers can quietly grab sensitive company data.