Called A2, the framework mimics human analysis to identify vulnerabilities in Android applications and then validates them.
The post Academics Build AI-Powered Android Vulnerability Discovery and Validation Tool appeared first on SecurityWeek.
AI Supply Chain Attack Method Demonstrated Against Google, Microsoft Products
An AI supply chain issue named Model Namespace Reuse can allow attackers to deploy malicious models and achieve code execution.
The post AI Supply Chain Attack Method Demonstrated Against Google, Microsoft Products appeared first on SecurityWeek.
Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect
AI-powered phishing attacks leverage ConnectWise ScreenConnect for remote access, underscoring their sophistication.
The post Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect appeared first on SecurityWeek.
PromptLock: First AI-Powered Ransomware Emerges
Proof-of-concept ransomware uses AI models to generate attack scripts in real time.
The post PromptLock: First AI-Powered Ransomware Emerges appeared first on SecurityWeek.
Beyond the Prompt: Building Trustworthy Agent Systems
Building secure AI agent systems requires a disciplined engineering approach focused on deliberate architecture and human oversight.
The post Beyond the Prompt: Building Trustworthy Agent Systems appeared first on SecurityWeek.
AI Systems Vulnerable to Prompt Injection via Image Scaling Attack
Researchers show how popular AI systems can be tricked into processing malicious instructions by hiding them in images.
The post AI Systems Vulnerable to Prompt Injection via Image Scaling Attack appeared first on SecurityWeek.
Managing the Trust-Risk Equation in AI: Predicting Hallucinations Before They Strike
New physics-based research suggests large language models could predict when their own answers are about to go wrong — a potential game changer for trust, risk, and security in AI-driven systems.
The post Managing the Trust-Risk Equation in AI: Predicting Hallucinations Before They Strike appeared first on SecurityWeek.
Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ for Enterprise
Researchers demonstrate how multi-turn “storytelling” attacks bypass prompt-level filters, exposing systemic weaknesses in GPT-5’s defenses.
The post Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ for Enterprise appeared first on SecurityWeek.
Major Enterprise AI Assistants Can Be Abused for Data Theft, Manipulation
Zenity has shown how AI assistants such as ChatGPT, Copilot, Cursor, Gemini, and Salesforce Einstein can be abused using specially crafted prompts.
The post Major Enterprise AI Assistants Can Be Abused for Data Theft, Manipulation appeared first on SecurityWeek.
Vibe Coding: When Everyone’s a Developer, Who Secures the Code?
As AI makes software development accessible to all, security teams face a new challenge: protecting applications built by non-developers at unprecedented speed and scale.
The post Vibe Coding: When Everyone’s a Developer, Who Secures the Code? appeared first on SecurityWeek.