SentinelLabs discovered a Rust-based macOS backdoor attributed to North Korea that embeds 38 fake system messages designed to trick AI-assisted malware triage into aborting or refusing analysis.
SentinelLabs discovered a Rust-based macOS backdoor attributed to North Korea that embeds 38 fake system messages designed to trick AI-assisted malware triage into aborting or refusing analysis.
Anthropic has formally accused Alibaba of orchestrating a 2.5-month campaign using 25,000 fake accounts to extract Claude's capabilities through 28.8 million unauthorized interactions.
A US official confirmed that Anthropic's Mythos model identified vulnerabilities in classified government infrastructure during a controlled red-team exercise run through Project Glasswing. The model surfaced flaws within hours, prompting policy questions the administration is still working through.
GreyNoise honeypots captured 91,403 attack sessions targeting enterprise LLM endpoints across two distinct campaigns between October 2025 and January 2026. One campaign fingerprinted 73+ model endpoints across all major AI providers. The other exploited SSRF vulnerabilities in Ollama and Twilio integrations.
APT28's PROMPTSTEAL malware queries an LLM via the Hugging Face API to dynamically generate Windows recon commands, marking the first confirmed use of LLM-driven malware in live operations against real targets.