FAKE OPENAI INVITES TARGET CYBERSECURITY FIRMS
■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE
Threat actors are creating fraudulent OpenAI tenants impersonating legitimate companies to trick employees into sharing sensitive data. The scheme uses fake organization invites to lure targets into submitting confidential information through chats and projects.
■ MORE FROM THE SECURITY DESK
A Cambridge study reveals that terrorist organizations including Boko Haram and ISIS are using ChatGPT, Claude, and Gemini to plan attacks and develop weapons. Safety filters designed to prevent such misuse have repeatedly failed.
The Australian Cyber Security Centre has issued an alert about coordinated exploitation of vulnerable content management systems and plugins worldwide. The campaign targets organizations using outdated or unpatched CMS software.
Artificial intelligence discovered a critical security vulnerability in Linux kernel code that human developers overlooked for over a decade. The bug could allow unauthorized root access to systems.
Researchers have demonstrated a new attack called 'Ghostcommit' that hides prompt injections in PNG files to fool AI code reviewers and agents into exposing repository secrets.