- Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacksby info@thehackernews.com (The Hacker News) on 27/08/2025 at 19:04
The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments. "Unlike traditional on-premises ransomware, where the threat actor typically deploys malware to encrypt critical files across endpoints within the compromised network and then negotiates for a decryption key,
- Someone Created First AI-Powered Ransomware Using OpenAI's gpt-oss:20b Modelby info@thehackernews.com (The Hacker News) on 27/08/2025 at 17:07
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts in real-time. The open-weight language model was released by OpenAI earlier this month. "PromptLock
- Anthropic Disrupts AI-Powered Cyberattacks Automating Theft and Extortion Across Critical Sectorsby info@thehackernews.com (The Hacker News) on 27/08/2025 at 15:10
Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized its artificial intelligence (AI)-powered chatbot Claude to conduct large-scale theft and extortion of personal data in July 2025. "The actor targeted at least 17 distinct organizations, including in healthcare, the emergency services, and government, and religious institutions," the company said. "
- ShadowSilk Hits 35 Organizations in Central Asia and APAC Using Telegram Botsby info@thehackernews.com (The Hacker News) on 27/08/2025 at 13:47
A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting government entities within Central Asia and Asia-Pacific (APAC). According to Group-IB, nearly three dozen victims have been identified, with the intrusions mainly geared towards data exfiltration. The hacking group shares toolset and infrastructural overlaps with campaigns undertaken by threat
- The 5 Golden Rules of Safe AI Adoptionby info@thehackernews.com (The Hacker News) on 27/08/2025 at 11:30
Employees are experimenting with AI at record speed. They are drafting emails, analyzing data, and transforming the workplace. The problem is not the pace of AI adoption, but the lack of control and safeguards in place. For CISOs and security leaders like you, the challenge is clear: you don’t want to slow AI adoption down, but you must make it safe. A policy sent company-wide will not cut it.