AI & LLM
AI and LLM covers generative models, agents, prompt injection, data security and new artificial intelligence tools. The collection connects capabilities, limitations, operational risks and their impact on technical work.

Shadow AI: The Real Threat Is Access Control, Not Data Leakage
The shadow AI problem has shifted from browser-based chatbots to enterprise systems: autonomous agents running with live credentials,…

Interpol: $40 Billion Scam Economy in Asia, Cybercrime Tops 30% of All Crime
Interpol's 2025/2026 assessment documents a nearly $40 billion organized scam economy in Asia-Pacific, with cybercrime exceeding 30% o…

June 2026 ThreatsDay Bulletin: When Claude’s Shared Chat Becomes a Malware Vector
The June 2026 ThreatsDay Bulletin documents the abuse of Anthropic Claude’s shared chat feature to distribute the MacSync credential s…

Novo Nordisk: Exposed GitHub Token Leads to 1.3 TB Theft Over Two Months
A GitHub personal access token exposed in client-side JavaScript opened a two-month dwell window: roughly 1.3 TB of data, AI models, a…

vbdec Disassembler Becomes Local AI Server via COM/ROT
Cisco Talos demonstrates how exposing vbdec's object model to the Windows Running Object Table enables local agentic automation withou…

AI Agents Used to Breach 14 Companies: Over 1,000 Sessions Recovered
A low-skill attacker leveraged local Claude and Codex agents to compromise at least 14 organizations, bypassing guardrails through nar…

Malicious JetBrains Plugins Steal AI API Keys: 70,000 Downloads
A coordinated campaign of 15 malicious plugins on the JetBrains Marketplace exfiltrates AI API keys from developers' IDEs. Roughly 70,…

Chinese APT UNC6508: A Year of Espionage on REDCap Servers
Google exposes UNC6508: over a year of REDCap server compromise at U.S. and Canadian medical and military institutions using InfiniteR…

Anthropic Disables Fable 5 and Mythos 5 on US Directive Restricting Foreign Access
On June 12, 2026, at 5:21 p.m. ET, Anthropic received a US government directive ordering the immediate suspension of all access to Fab…

The Gentlemen: LLMs Accelerate the Ransomware Attack Cycle
CERT-AGID reveals that The Gentlemen ransomware group uses LLMs to build platforms in three days and customize extortion. Technical cl…

The Gentlemen: LLMs Cut Ransomware Development to Three Days
CERT-AGID reports the ransomware group The Gentlemen uses LLMs to build platforms in three days, personalize extortion, and replicate…

HAMLOCK: Invisible AI Backdoor Spans Chip and Software
Researchers demonstrate HAMLOCK, a supply-chain attack that splits a neural-network backdoor between minimal software weight changes (…