




  • Home
  • Categories
    
    AI-Generated Malware
    AI Cybersecurity Threats
    AI Privacy
    Misinformation & Fake Content
    AI Phishing & Social Engineering
    Voice Cloning
    Deepfakes & Identity Theft
    AI Scams & Fraud
  • Contact
  • Subscribe to our newsletter

Search for articles


AI-Generated Malware

An AI Agent Just Ran a Full Ransomware Attack With No Human at the Keyboard


July 9, 2026
An AI Agent Just Ran a Full Ransomware Attack With No Human at the Keyboard
AI Cybersecurity Threats

Two-Thirds of iPhone AI Apps Are Leaking the Keys That Pay Their Bills

AI Privacy

Sears' AI Chatbot Recorded Millions of Customer Calls, Then Left Them Open to the Web

Latest articles

China's Influence Operators Used ChatGPT to Manufacture the Backlash Against AI Data Centers
Misinformation & Fake Content

China's Influence Operators Used ChatGPT to Manufacture the Backlash Against AI Data Centers

OpenAI banned two China-linked networks that used ChatGPT to fake grassroots anger at AI data centers and to spread false claims its own user data had been breached.


July 4, 2026
OpenAI Caught China-Linked Accounts Faking an American Backlash With ChatGPT
Misinformation & Fake Content

OpenAI Caught China-Linked Accounts Faking an American Backlash With ChatGPT

OpenAI banned two China-linked clusters that used ChatGPT to fake an American grassroots revolt against AI data centers. The content read as native. The tell was behavior.


July 4, 2026
One Poisoned GitHub Issue, and the AI Build Bot Handed Over Its Secrets
AI Cybersecurity Threats

One Poisoned GitHub Issue, and the AI Build Bot Handed Over Its Secrets

Microsoft found that a single crafted GitHub issue could trick Anthropic's Claude Code build bot into reading and leaking the secret keys stored on its CI runner.


July 6, 2026
This Android Backdoor Asks Google's Gemini Where to Tap Next
AI-Generated Malware

This Android Backdoor Asks Google's Gemini Where to Tap Next

PROMPTSPY is the first Android malware that calls an AI model mid-attack. It asks Gemini what to tap to read your screen, dodge uninstall, and lift your logins.


July 2, 2026
The Panicked Voice on the Phone Was Her Daughter. It Was an AI Clone.
Voice Cloning

The Panicked Voice on the Phone Was Her Daughter. It Was an AI Clone.

A mother heard her daughter scream down the phone and wired $5,000. Her daughter was fine. The voice was an AI clone built from seconds of online audio.


July 8, 2026
The Voice Begging for Help Was Cloned From a Clip the Family Posted Online
Voice Cloning

The Voice Begging for Help Was Cloned From a Clip the Family Posted Online

The FBI logged $893 million in AI fraud in 2025. Voice cloning now needs only seconds of audio, and the same trick that fools a parent scales straight to your finance team.


July 3, 2026
A Fake Zoom Call With the Prime Minister Cost One Businessman S$4.9 Million
AI Scams & Fraud

A Fake Zoom Call With the Prime Minister Cost One Businessman S$4.9 Million

A Singapore businessman joined a Zoom call with his prime minister, the central bank and BlackRock. Every official was a deepfake. He wired S$4.9 million.


June 29, 2026
Five Spy Agencies Just Put a Clock on AI-Driven Hacking: Months, Not Years
AI Cybersecurity Threats

Five Spy Agencies Just Put a Clock on AI-Driven Hacking: Months, Not Years

Five intelligence agencies issued a rare joint warning: frontier AI will transform cyberattacks in months, not years. The weaknesses it targets are ones you already have.


June 29, 2026
A Free Account Was Enough to Read Other Companies' Private AI Chats on Dify
AI Privacy

A Free Account Was Enough to Read Other Companies' Private AI Chats on Dify

On Dify, the platform behind a million AI apps, a free signup let an attacker reroute another company's chatbot conversations and read every word.


June 28, 2026
Microsoft Showed How One Web Page Can Turn an AI Agent Into Code Running on Your Laptop
AI Cybersecurity Threats

Microsoft Showed How One Web Page Can Turn an AI Agent Into Code Running on Your Laptop

Microsoft's AutoJack research shows a single booby-trapped page, summarized by an AI agent, can run commands on the machine the agent lives on. Localhost is no longer safe.


June 25, 2026
One Click on a Trusted Microsoft Link Could Have Read Your Inbox Through Copilot
AI Privacy

One Click on a Trusted Microsoft Link Could Have Read Your Inbox Through Copilot

SearchLeak turned Microsoft 365 Copilot into a one-click data thief. A single trusted link could lift your emails, MFA codes and files, with no password required.


June 26, 2026
Hackers Took 20,225 Instagram Accounts by Asking Meta's AI Chatbot Nicely
AI Cybersecurity Threats

Hackers Took 20,225 Instagram Accounts by Asking Meta's AI Chatbot Nicely

Attackers seized 20,225 Instagram accounts by talking Meta's AI support bot into resetting passwords. The check meant to stop them was quietly broken.


June 24, 2026
Attackers Are Exploiting LiteLLM, the Gateway That Holds Your Company's AI Keys
AI Cybersecurity Threats

Attackers Are Exploiting LiteLLM, the Gateway That Holds Your Company's AI Keys

CISA flagged active attacks on LiteLLM, the proxy many firms route all their AI through. A chained exploit needs no login and hands over every stored key.


June 30, 2026
A Real-Time Deepfake Can Now Pass a Live Job Interview. North Korea Already Does It.
Deepfakes & Identity Theft

A Real-Time Deepfake Can Now Pass a Live Job Interview. North Korea Already Does It.

North Korean operatives use real-time face-swap deepfakes to pass live video interviews and get hired. Unit 42 built a convincing one in 70 minutes.


June 26, 2026
An AI Agent Was Told to Summarize a Page. It Quietly Stole the Conversation Instead.
AI Cybersecurity Threats

An AI Agent Was Told to Summarize a Page. It Quietly Stole the Conversation Instead.

Brave researchers told an AI agent to summarize a webpage. Hidden text turned it into silent data theft, and running the model on your own device changed nothing.


June 18, 2026
A New Phishing Kit Beats Microsoft 365 MFA Without Stealing a Single Password
AI Phishing & Social Engineering

A New Phishing Kit Beats Microsoft 365 MFA Without Stealing a Single Password

A 250-dollar-a-month kit called Kali365 walks past Microsoft 365 MFA without stealing a password. It tricks you into authorizing the attacker's device yourself.


June 18, 2026
A Cloned Voice and a Fake Public Defender: One Arrest Exposes the Voice-Cloning Industry
Voice Cloning

A Cloned Voice and a Fake Public Defender: One Arrest Exposes the Voice-Cloning Industry

Prosecutors traced a years-long voice-cloning scam to one man and a reusable script. The arrest reveals an industry, and a verification habit your team needs now.


June 17, 2026
Most People Can No Longer Tell Real From Fake. That Breaks How Your Company Verifies Anything.
Misinformation & Fake Content

Most People Can No Longer Tell Real From Fake. That Breaks How Your Company Verifies Anything.

A new Malwarebytes survey finds 88% can no longer tell real content from AI fakes, and the detectors are quietly losing. What that breaks for how your team verifies anything.


June 14, 2026
The Gateway Holding All Your AI Keys Is Under Active Attack, CISA Warns
AI Cybersecurity Threats

The Gateway Holding All Your AI Keys Is Under Active Attack, CISA Warns

LiteLLM routes your company's AI traffic and holds every model key. CISA says attackers are exploiting a flaw that turns that gateway into remote code execution.


June 14, 2026
Attackers Stopped Cracking Your Password. Google Says They Steal Your Login Session Instead.
AI Phishing & Social Engineering

Attackers Stopped Cracking Your Password. Google Says They Steal Your Login Session Instead.

Google's June 2026 scams advisory shows phishing has moved past your password. Attackers relay your login in real time and steal the session cookie, walking straight past MFA.


June 14, 2026
A Cloned Voice and a Fake Kidnapping: The FBI Just Put a $893 Million Number on AI Fraud
Voice Cloning

A Cloned Voice and a Fake Kidnapping: The FBI Just Put a $893 Million Number on AI Fraud

A mother heard her daughter scream for help and wired $5,000. The voice was AI. The FBI just counted AI fraud for the first time: 22,364 victims, $893 million gone.


June 11, 2026
A Disguised File Copy Turned Five AI Coding Agents Into Supply Chain Weapons
AI Cybersecurity Threats

A Disguised File Copy Turned Five AI Coding Agents Into Supply Chain Weapons

Adversa AI's SymJack attack disguises a malicious symlink as a file copy, tricking five AI coding agents into running attacker code. The approval prompt looks routine.


June 16, 2026
Google Found the First AI-Written Zero-Day in the Wild. A Made-Up Score Gave It Away.
AI-Generated Malware

Google Found the First AI-Written Zero-Day in the Wild. A Made-Up Score Gave It Away.

Google caught the first AI-developed zero-day used in the wild: a 2FA bypass built for mass exploitation. The tell was a severity score the model invented.


June 16, 2026
A Jailbroken Chatbot Let One Scammer Do the Work of an Entire Crew
AI Scams & Fraud

A Jailbroken Chatbot Let One Scammer Do the Work of an Entire Crew

A lone Russian-speaking scammer used a jailbroken Gemini and stolen API keys to run a five-year fraud operation. The crew he replaced is the real story.


June 8, 2026
AI 2027: A Field Guide to the Most Talked-About AI Scenario
AI Cybersecurity Threats

AI 2027: A Field Guide to the Most Talked-About AI Scenario

A month-by-month scenario from ex-OpenAI researchers imagines AI automating its own research by 2027, then forks into catastrophe or an uneasy triumph. Here is the overview.


June 7, 2026
The Five Eyes Just Issued Their First Joint Warning on AI Agents. The Core Problem Is Access.
AI Cybersecurity Threats

The Five Eyes Just Issued Their First Joint Warning on AI Agents. The Core Problem Is Access.

Five governments issued their first joint guidance on AI agents. The message: autonomous systems are already inside critical infrastructure with more access than anyone can monitor.


June 7, 2026
The First Android Malware That Asks Google's Gemini Which Button to Tap
AI-Generated Malware

The First Android Malware That Asks Google's Gemini Which Button to Tap

PROMPTSPY is the first Android backdoor to outsource its decisions to Google's Gemini, asking the AI which button to tap. ESET caught it early. The blueprint is now public.


June 7, 2026
World ID 4.0 Wants to Be the Internet's Proof You Are Human. Read the Fine Print.
Deepfakes & Identity Theft

World ID 4.0 Wants to Be the Internet's Proof You Are Human. Read the Fine Print.

World ID 4.0 turns an iris scan into a portable proof of human for the AI era, now wired into Zoom and Okta. The deepfake defense is real. So are the risks.


June 7, 2026
Researchers Threw 20,000 Attacks at AI Guardrails. Only the One Outside the Model Survived.
AI Cybersecurity Threats

Researchers Threw 20,000 Attacks at AI Guardrails. Only the One Outside the Model Survived.

A team ran an adaptive attacker at nine AI defenses across 20,000 attempts. Every guardrail that trusted the model to police itself broke. Only outside code held.


June 10, 2026
AI Voice Cloning Found the Door MFA Never Locked: Your Help Desk
Voice Cloning

AI Voice Cloning Found the Door MFA Never Locked: Your Help Desk

Attackers clone a staff voice from seconds of public audio, then talk your IT help desk into resetting the password. MFA still works. The process around it no longer does.


June 7, 2026
A Booby-Trapped Web Page Can Turn Your ChatGPT Summary Into a Phishing Page
AI Phishing & Social Engineering

A Booby-Trapped Web Page Can Turn Your ChatGPT Summary Into a Phishing Page

Permiso's ChatGPhish shows how a few hidden lines on any web page make ChatGPT render phishing links, fake alerts and tracking QR codes, all styled as its own answer.


June 7, 2026
Your Peace-Sign Selfie Can Leak a Fingerprint You Can Never Reset
AI Privacy

Your Peace-Sign Selfie Can Leak a Fingerprint You Can Never Reset

A Chinese TV demo pulled a usable fingerprint from a celebrity's peace-sign selfie. The pose is everywhere — and unlike a password, a fingerprint can't be reset.


June 1, 2026
AI Wrote Malware to Steal From Claude. The Malware Leaked Its Own Keys.
AI-Generated Malware

AI Wrote Malware to Steal From Claude. The Malware Leaked Its Own Keys.

A malicious npm package used AI to steal from Claude's sandbox — then hard-coded its own GitHub token into the payload. The crime tooling bar is shifting.


May 31, 2026
Cryptojackers Just Added Your AI Assistant to Their Distribution Channel
AI Phishing & Social Engineering

Cryptojackers Just Added Your AI Assistant to Their Distribution Channel

Microsoft caught a cryptojacking gang seeding malicious download links inside AI chatbot answers. Here's how the lure works — and what your team has to change.


May 30, 2026
Cisco Just Changed How It Tells You About Bugs. The CVE Flood Is Here.
AI Cybersecurity Threats

Cisco Just Changed How It Tells You About Bugs. The CVE Flood Is Here.

Cisco rewrote its vulnerability disclosure rules as AI tools push CVE volumes up 100–500% across major vendors. What your patch workflow has to change.


May 30, 2026
OpenAI Confirms TanStack Worm Breach. Every macOS App Has to Be Re-Signed.
AI Cybersecurity Threats

OpenAI Confirms TanStack Worm Breach. Every macOS App Has to Be Re-Signed.

OpenAI confirmed two developer laptops were compromised in the Mini Shai-Hulud TanStack worm. macOS users have until June 12 to update before certs revoke.


May 30, 2026
Google Catches the First AI-Built Zero-Day in the Wild
AI-Generated Malware

Google Catches the First AI-Built Zero-Day in the Wild

Google caught attackers using an AI model to build a working zero-day 2FA bypass — the first confirmed case in the wild. Here is what to change today.


May 30, 2026
AI Just Wrote a Working Zero-Day. The Exploitation Window Is Now Hours.
AI-Generated Malware

AI Just Wrote a Working Zero-Day. The Exploitation Window Is Now Hours.

Google's threat intelligence team caught the first AI-built zero-day in the wild — a 2FA bypass meant for mass exploitation. What defenders need to do now.


May 30, 2026
Comment and Control: one prompt pattern hijacks Claude Code, Gemini CLI, and GitHub Copilot
AI Cybersecurity Threats

Comment and Control: one prompt pattern hijacks Claude Code, Gemini CLI, and GitHub Copilot

A single GitHub comment can hijack Claude Code, Gemini CLI, and Copilot Agent — and exfiltrate every secret in the runner. What CI teams should change today.


May 30, 2026
A Single HTTP Request Hands Out Shells on Most Public ChromaDB Servers
AI Cybersecurity Threats

A Single HTTP Request Hands Out Shells on Most Public ChromaDB Servers

HiddenLayer disclosed a pre-auth RCE in ChromaDB's Python server — exploitable by anyone on the internet. The vendor has been silent for three months.


May 25, 2026
Microsoft Just Open-Sourced the AI Agent Red-Team Stack It Uses Internally
AI Cybersecurity Threats

Microsoft Just Open-Sourced the AI Agent Red-Team Stack It Uses Internally

Microsoft just open-sourced RAMPART and Clarity — the AI-agent red-team and design-review tools it uses internally. What this changes for AppSec teams.


May 25, 2026
WormGPT and Beyond: How AI Is Lowering the Bar for Cybercrime
AI-Generated Malware

WormGPT and Beyond: How AI Is Lowering the Bar for Cybercrime

Off-the-shelf jailbroken LLMs let non-coders generate working malware in minutes. Here is what defenders need to know.


May 22, 2026
The 2026 AI Threat Landscape: A Field Guide for Security Teams
AI Cybersecurity Threats

The 2026 AI Threat Landscape: A Field Guide for Security Teams

From agentic malware to AI-enabled supply chain attacks, the seven attack vectors security teams need on their radar this year.


May 25, 2026
What ChatGPT, Claude, and Gemini Remember About You
AI Privacy

What ChatGPT, Claude, and Gemini Remember About You

Memory features in modern AI assistants persist across sessions. Here is exactly what data is stored, how to inspect it, and how to delete it.


May 22, 2026
Five Tools to Verify If an Image or Article Was AI-Generated
Misinformation & Fake Content

Five Tools to Verify If an Image or Article Was AI-Generated

Before you share that viral photo or read that breaking news, check it through these detection tools. Each has different strengths and known blind spots.


May 22, 2026
Why AI Phishing Emails Bypass Every Filter You Trust
AI Phishing & Social Engineering

Why AI Phishing Emails Bypass Every Filter You Trust

LLM-written phishing has none of the spelling errors or awkward phrasing security training warned you about. Here is the new shape of these attacks.


May 22, 2026
Three Seconds of Audio Is All It Takes: The Rise of Voice Cloning Scams
Voice Cloning

Three Seconds of Audio Is All It Takes: The Rise of Voice Cloning Scams

Modern voice clones need only a short voicemail. The grandparent scam has gone AI. Here is the safe-word system every family should agree on.


May 22, 2026
How to Spot a Deepfake Video in 60 Seconds
Deepfakes & Identity Theft

How to Spot a Deepfake Video in 60 Seconds

Six visual and audio tells that still give away most AI-generated faces, plus the tools that can confirm what your eyes suspect.


May 30, 2026
The $25 Million Deepfake Heist — And What It Means for Your Business
AI Scams & Fraud

The $25 Million Deepfake Heist — And What It Means for Your Business

A finance worker in Hong Kong wired $25M after a video call with what looked like his CFO. Every other person on the call was AI. Here is what to learn.


May 26, 2026

Practical guides to protect yourself, your family, and your business from AI-driven scams, deepfakes, and emerging cyber threats.

AI-Generated Malware
AI Cybersecurity Threats
AI Privacy
Misinformation & Fake Content
AI Phishing & Social Engineering
Voice Cloning
Deepfakes & Identity Theft
AI Scams & Fraud
AI-Generated Malware

An AI Agent Just Ran a Full Ransomware Attack With No Human at the Keyboard

An AI Agent Just Ran a Full Ransomware Attack With No Human at the Keyboard

Popular articles

Two-Thirds of iPhone AI Apps Are Leaking the Keys That Pay Their Bills

Two-Thirds of iPhone AI Apps Are Leaking the Keys That Pay Their Bills

Sears' AI Chatbot Recorded Millions of Customer Calls, Then Left Them Open to the Web

Sears' AI Chatbot Recorded Millions of Customer Calls, Then Left Them Open to the Web

Subscribe to our newsletter

Weekly briefings on AI threats, real-world attacks, and practical defenses. Free, no spam, unsubscribe anytime.


Thanks for joining our newsletter
Oops! Something went wrong while submitting the form.





© 2026 Security Against AI. All rights reserved.

Privacy Policy·Terms of Use