




  • Home
  • Categories
    
    AI-Generated Malware
    AI Cybersecurity Threats
    AI Privacy
    Misinformation & Fake Content
    AI Phishing & Social Engineering
    Voice Cloning
    Deepfakes & Identity Theft
    AI Scams & Fraud
  • Contact
  • Subscribe to our newsletter

Search for articles



AI Cybersecurity Threats

articles
Two-Thirds of iPhone AI Apps Are Leaking the Keys That Pay Their Bills
AI Cybersecurity Threats

Two-Thirds of iPhone AI Apps Are Leaking the Keys That Pay Their Bills

Researchers tested 444 iPhone AI apps and found 282 leaking the keys that pay for their AI. Three months after being warned, most were still wide open.


July 6, 2026
A Poisoned README Can Turn Your AI Coding Agent Into a Shell for Attackers
AI Cybersecurity Threats

A Poisoned README Can Turn Your AI Coding Agent Into a Shell for Attackers

Researchers defeated the safety guards in 10 of 11 open-source AI coding agents using shell tricks older than the tools. A poisoned repo file is now a path to your secrets.


July 6, 2026
One Poisoned GitHub Issue, and the AI Build Bot Handed Over Its Secrets
AI Cybersecurity Threats

One Poisoned GitHub Issue, and the AI Build Bot Handed Over Its Secrets

Microsoft found that a single crafted GitHub issue could trick Anthropic's Claude Code build bot into reading and leaking the secret keys stored on its CI runner.


July 6, 2026
Five Spy Agencies Just Put a Clock on AI-Driven Hacking: Months, Not Years
AI Cybersecurity Threats

Five Spy Agencies Just Put a Clock on AI-Driven Hacking: Months, Not Years

Five intelligence agencies issued a rare joint warning: frontier AI will transform cyberattacks in months, not years. The weaknesses it targets are ones you already have.


June 29, 2026
Microsoft Showed How One Web Page Can Turn an AI Agent Into Code Running on Your Laptop
AI Cybersecurity Threats

Microsoft Showed How One Web Page Can Turn an AI Agent Into Code Running on Your Laptop

Microsoft's AutoJack research shows a single booby-trapped page, summarized by an AI agent, can run commands on the machine the agent lives on. Localhost is no longer safe.


June 25, 2026
Hackers Took 20,225 Instagram Accounts by Asking Meta's AI Chatbot Nicely
AI Cybersecurity Threats

Hackers Took 20,225 Instagram Accounts by Asking Meta's AI Chatbot Nicely

Attackers seized 20,225 Instagram accounts by talking Meta's AI support bot into resetting passwords. The check meant to stop them was quietly broken.


June 24, 2026
Attackers Are Exploiting LiteLLM, the Gateway That Holds Your Company's AI Keys
AI Cybersecurity Threats

Attackers Are Exploiting LiteLLM, the Gateway That Holds Your Company's AI Keys

CISA flagged active attacks on LiteLLM, the proxy many firms route all their AI through. A chained exploit needs no login and hands over every stored key.


June 30, 2026
An AI Agent Was Told to Summarize a Page. It Quietly Stole the Conversation Instead.
AI Cybersecurity Threats

An AI Agent Was Told to Summarize a Page. It Quietly Stole the Conversation Instead.

Brave researchers told an AI agent to summarize a webpage. Hidden text turned it into silent data theft, and running the model on your own device changed nothing.


June 18, 2026
The Gateway Holding All Your AI Keys Is Under Active Attack, CISA Warns
AI Cybersecurity Threats

The Gateway Holding All Your AI Keys Is Under Active Attack, CISA Warns

LiteLLM routes your company's AI traffic and holds every model key. CISA says attackers are exploiting a flaw that turns that gateway into remote code execution.


June 14, 2026
A Disguised File Copy Turned Five AI Coding Agents Into Supply Chain Weapons
AI Cybersecurity Threats

A Disguised File Copy Turned Five AI Coding Agents Into Supply Chain Weapons

Adversa AI's SymJack attack disguises a malicious symlink as a file copy, tricking five AI coding agents into running attacker code. The approval prompt looks routine.


June 16, 2026
AI 2027: A Field Guide to the Most Talked-About AI Scenario
AI Cybersecurity Threats

AI 2027: A Field Guide to the Most Talked-About AI Scenario

A month-by-month scenario from ex-OpenAI researchers imagines AI automating its own research by 2027, then forks into catastrophe or an uneasy triumph. Here is the overview.


June 7, 2026
The Five Eyes Just Issued Their First Joint Warning on AI Agents. The Core Problem Is Access.
AI Cybersecurity Threats

The Five Eyes Just Issued Their First Joint Warning on AI Agents. The Core Problem Is Access.

Five governments issued their first joint guidance on AI agents. The message: autonomous systems are already inside critical infrastructure with more access than anyone can monitor.


June 7, 2026
Researchers Threw 20,000 Attacks at AI Guardrails. Only the One Outside the Model Survived.
AI Cybersecurity Threats

Researchers Threw 20,000 Attacks at AI Guardrails. Only the One Outside the Model Survived.

A team ran an adaptive attacker at nine AI defenses across 20,000 attempts. Every guardrail that trusted the model to police itself broke. Only outside code held.


June 10, 2026
Cisco Just Changed How It Tells You About Bugs. The CVE Flood Is Here.
AI Cybersecurity Threats

Cisco Just Changed How It Tells You About Bugs. The CVE Flood Is Here.

Cisco rewrote its vulnerability disclosure rules as AI tools push CVE volumes up 100–500% across major vendors. What your patch workflow has to change.


May 30, 2026
OpenAI Confirms TanStack Worm Breach. Every macOS App Has to Be Re-Signed.
AI Cybersecurity Threats

OpenAI Confirms TanStack Worm Breach. Every macOS App Has to Be Re-Signed.

OpenAI confirmed two developer laptops were compromised in the Mini Shai-Hulud TanStack worm. macOS users have until June 12 to update before certs revoke.


May 30, 2026
Comment and Control: one prompt pattern hijacks Claude Code, Gemini CLI, and GitHub Copilot
AI Cybersecurity Threats

Comment and Control: one prompt pattern hijacks Claude Code, Gemini CLI, and GitHub Copilot

A single GitHub comment can hijack Claude Code, Gemini CLI, and Copilot Agent — and exfiltrate every secret in the runner. What CI teams should change today.


May 30, 2026
A Single HTTP Request Hands Out Shells on Most Public ChromaDB Servers
AI Cybersecurity Threats

A Single HTTP Request Hands Out Shells on Most Public ChromaDB Servers

HiddenLayer disclosed a pre-auth RCE in ChromaDB's Python server — exploitable by anyone on the internet. The vendor has been silent for three months.


May 25, 2026
Microsoft Just Open-Sourced the AI Agent Red-Team Stack It Uses Internally
AI Cybersecurity Threats

Microsoft Just Open-Sourced the AI Agent Red-Team Stack It Uses Internally

Microsoft just open-sourced RAMPART and Clarity — the AI-agent red-team and design-review tools it uses internally. What this changes for AppSec teams.


May 25, 2026
The 2026 AI Threat Landscape: A Field Guide for Security Teams
AI Cybersecurity Threats

The 2026 AI Threat Landscape: A Field Guide for Security Teams

From agentic malware to AI-enabled supply chain attacks, the seven attack vectors security teams need on their radar this year.


May 25, 2026

Practical guides to protect yourself, your family, and your business from AI-driven scams, deepfakes, and emerging cyber threats.

AI-Generated Malware
AI Cybersecurity Threats
AI Privacy
Misinformation & Fake Content
AI Phishing & Social Engineering
Voice Cloning
Deepfakes & Identity Theft
AI Scams & Fraud
AI-Generated Malware

An AI Agent Just Ran a Full Ransomware Attack With No Human at the Keyboard

An AI Agent Just Ran a Full Ransomware Attack With No Human at the Keyboard

Popular articles

Two-Thirds of iPhone AI Apps Are Leaking the Keys That Pay Their Bills

Two-Thirds of iPhone AI Apps Are Leaking the Keys That Pay Their Bills

Sears' AI Chatbot Recorded Millions of Customer Calls, Then Left Them Open to the Web

Sears' AI Chatbot Recorded Millions of Customer Calls, Then Left Them Open to the Web

Subscribe to our newsletter

Weekly briefings on AI threats, real-world attacks, and practical defenses. Free, no spam, unsubscribe anytime.


Thanks for joining our newsletter
Oops! Something went wrong while submitting the form.





© 2026 Security Against AI. All rights reserved.

Privacy Policy·Terms of Use