Researchers demonstrated that OpenAI's Codex AI model successfully identified and exploited a security flaw in Samsung televisions, highlighting potential risks in automated code generation systems.
A security researcher used Codex, OpenAI's code-generation AI, to discover and execute an exploit against a Samsung TV. The exercise revealed how large language models trained on public code repositories can identify known vulnerabilities and generate working attacks without explicit instruction.
Codex analyzed the TV's firmware and generated functional exploit code, bypassing security mechanisms. The vulnerability itself was not novel, but the demonstration showed that AI models can autonomously recognize and weaponize security gaps.
The findings raise concerns about the dual-use nature of code-generation tools. While Codex and similar models provide legitimate development benefits, their ability to identify and exploit weaknesses could enable malicious actors to automate vulnerability discovery at scale.
Security researchers emphasized the need for improved safeguards in AI model deployment and stricter access controls for systems with vulnerability-discovery capabilities. Samsung has not issued a statement regarding the specific TV model or exploit details.
A Cambridge study reveals that terrorist organizations including Boko Haram and ISIS are using ChatGPT, Claude, and Gemini to plan attacks and develop weapons. Safety filters designed to prevent such misuse have repeatedly failed.
The Australian Cyber Security Centre has issued an alert about coordinated exploitation of vulnerable content management systems and plugins worldwide. The campaign targets organizations using outdated or unpatched CMS software.
Artificial intelligence discovered a critical security vulnerability in Linux kernel code that human developers overlooked for over a decade. The bug could allow unauthorized root access to systems.
Researchers have demonstrated a new attack called 'Ghostcommit' that hides prompt injections in PNG files to fool AI code reviewers and agents into exposing repository secrets.