LIVE · cybersecurity feed

threat intelligence

zeroday.news · 19h ago·high

The Threat Isn’t the Frontier Model

The article argues that the primary AI security threat is not advanced frontier models, but rather the increasing accessibility of powerful open-source AI models that can be run on modest hardware. Adversaries are expected to leverage these models for autonomous attacks as quantization reduces their resource requirements. CISOs are urged to proactively build and test defensive AI agents now to counter this emerging threat, focusing on areas like Continuous Threat Exposure Management (CTEM), Breach and Attack Simulation (BAS), and Security Operations.

zeroday.news · 1d ago·high

CrowdStrike Uncovers New Prompt Injection Techniques

CrowdStrike has identified and cataloged 18 new prompt injection techniques, expanding their taxonomy to over 200 distinct methods. These new techniques, including Trigger-Activated Rule Addition and Algorithmic Payload Decomposition, highlight the evolving sophistication of attacks against AI systems. The company emphasizes the need for enhanced AI threat modeling, red teaming, detection engineering, and runtime visibility to combat these emerging threats.

zeroday.news · 7d ago

Safe Events Start With Threat Intel & Digital Security

Proactive cybersecurity measures are essential for ensuring the smooth operation of events. By anticipating potential digital threats, organizers can prevent disruptions and maintain a secure environment.

zeroday.news · 13d ago

Beyond IOCs: AI-enabled threat intelligence

This week's newsletter explores how artificial intelligence can enhance threat intelligence capabilities. AI is expected to facilitate the creation of easily searchable data sources derived from intelligence reports, thereby improving access and utility of information for security professionals.

zeroday.news · 75d ago·medium

AI threats in the wild: The current state of prompt injections on the web

Google's Threat Intelligence teams have analyzed the prevalence of indirect prompt injection (IPI) attacks on the public web. Their research indicates that while sophisticated IPI attacks are not yet widespread, there is a growing trend of experimentation by threat actors. The observed attacks range from harmless pranks and SEO manipulation to more concerning attempts at data exfiltration and system destruction, though current implementations are often simplistic.