Topic: user awareness
-
Anthropic Users: Opt Out or Share Data for AI Training
Anthropic now requires all users to decide by September 28 whether to consent to their data being used for AI model training, a shift from its previous policy of deleting consumer chat data within 30 days. Users who do not opt out will have their interactions retained for up to five years to impr...
Read More » -
NimDoor macOS Malware Persists After Termination
North Korean hackers are using sophisticated macOS malware called NimDoor to target cryptocurrency and web3 organizations, employing social engineering and modular payloads to evade detection. The malware, built with C++ and Nim, features unique persistence techniques like self-repair after termi...
Read More » -
ChatGPT Agent Aided Gmail Security Breach by Researchers
A new attack called Shadow Leak exploited AI agents to access sensitive Gmail data without triggering alerts, highlighting vulnerabilities in AI systems with data permissions. The breach used prompt injection to manipulate OpenAI's Deep Research tool into extracting confidential emails, bypassing...
Read More » -
New Salty2FA Phishing Kit Raises Sophistication Alarm
The Salty2FA phishing kit uses advanced tactics like session-based subdomain rotation, legitimate platform abuse, and precise corporate branding to create highly convincing fraudulent login pages. It incorporates Cloudflare’s Turnstile and obfuscated JavaScript to evade automated analysis and com...
Read More » -
Google's AI Energy Use: The Unanswered Questions
Google refuses to disclose its total AI energy consumption, citing it as too abstract and variable, and instead focuses on per-prompt metrics that don't reflect the full environmental impact. The cumulative energy demand of AI is substantial, with OpenAI's ChatGPT alone using over 300 gigawatt-ho...
Read More » -
MFA Is Essential - But Not Enough Alone for Security
MFA blocks ~99% of automated attacks but isn't foolproof, as weak passwords can still create security gaps, requiring a layered approach with robust password policies. Organizations risk breaches if they implement MFA without addressing password vulnerabilities, as hackers exploit reused or stole...
Read More » -
Atomic Stealer: How This Potent Mac Malware Infects Your System
A sophisticated malware campaign uses fraudulent search engine ads to impersonate popular software and targets Mac users with the Atomic Stealer information-stealing program. LastPass confirmed it was a prime target, with attackers using deceptive ads to direct users to counterfeit GitHub pages t...
Read More » -
Neon Cyber Launches Workforce Cybersecurity Platform
Neon Cyber has launched the industry's first Workforce Cybersecurity Platform (WCP), focusing on human-centric threats like phishing and credential misuse to protect users across browsers, SaaS, and enterprise systems. The platform offers AI-driven phishing protection, visibility into shadow IT, ...
Read More » -
Tenable Uncovers Critical Google Gemini AI Flaws That Risked User Data
Tenable Research uncovered three critical security flaws in Google's Gemini AI, known as the Gemini Trifecta, which allowed attackers to manipulate the AI and steal sensitive user data without direct system access. The vulnerabilities affected components like Gemini Cloud Assist, Search Personali...
Read More » -
Google Denies Gmail Scam Risk – But You Still Need to Do This
Google denies recent claims of increased scam risks for Gmail users on desktops and laptops, asserting that its security systems are strong and block over 99.9% of threats. Users are advised to enhance account security by regularly updating passwords and enabling two-factor authentication, while ...
Read More »