New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes

/in

Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model’s (LLM) safety and content moderation guardrails with just a single character change.
“The TokenBreak attack targets a text classification model’s tokenization strategy to induce false negatives, leaving end targets vulnerable to attacks that the implemented

The Hacker News – ​Read More

The AI Arms Race: Deepfake Generation vs. Detection

/in

AI-generated voice deepfakes have crossed the uncanny valley, fueling a surge in fraud that outpaces traditional security measures. Detection technology is racing to keep up.

The post The AI Arms Race: Deepfake Generation vs. Detection appeared first on SecurityWeek.

SecurityWeek – ​Read More

The $200,000 Zoom call

/in

A crypto CEO shared his screen. What happened next unraveled his digital life.

The Record from Recorded Future News – ​Read More

AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar

/in

AI is changing everything — from how we code, to how we sell, to how we secure. But while most conversations focus on what AI can do, this one focuses on what AI can break — if you’re not paying attention.
Behind every AI agent, chatbot, or automation script lies a growing number of non-human identities — API keys, service accounts, OAuth tokens — silently operating in the background.
And here’s

The Hacker News – ​Read More

Ransomware attack on ticketing platform upends South Korean entertainment industry

/in

Yes24, a South Korean ticketing platform and online bookseller, has been disrupted for days after a ransomware attack, with effects rippling into K-pop concerts, theater performances and more.

The Record from Recorded Future News – ​Read More

New ‘SmartAttack’ Steals Air-Gapped Data Using Smartwatches

/in

The new attack technique uses smartwatches to capture ultrasonic covert communication in air-gapped environments and exfiltrate data.

The post New ‘SmartAttack’ Steals Air-Gapped Data Using Smartwatches appeared first on SecurityWeek.

SecurityWeek – ​Read More

Hirundo Raises $8 Million to Eliminate AI’s Bad Behavior

/in

Hirundo tackles AI hallucinations and bias by making trained models “forget” poisoned, malicious, and confidential data.

The post Hirundo Raises $8 Million to Eliminate AI’s Bad Behavior appeared first on SecurityWeek.

SecurityWeek – ​Read More

EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data

/in

Aim Labs uncovers EchoLeak, a zero-click AI flaw in Microsoft 365 Copilot that allows data theft via email. Learn how this vulnerability enables sensitive information exfiltration without user interaction and its implications for AI security.

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

/in

A novel attack technique named EchoLeak has been characterized as a “zero-click” artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 Copilot’s context sans any user interaction.
The critical-rated vulnerability has been assigned the CVE identifier CVE-2025-32711 (CVSS score: 9.3). It requires no customer action and has been already

The Hacker News – ​Read More

Researchers confirm two journalists were hacked with Paragon spyware

/in

The confirmation of two hacked victims further deepens an ongoing spyware scandal that, for now, appears largely focused on the Italian government.

Security News | TechCrunch – ​Read More