Editor’s Pick

Researchers have uncovered a sustained and ongoing campaign by Russian spies that uses a clever phishing technique to hijack Microsoft 365 accounts belonging to a wide range of targets, researchers warned.

The technique is known as device code phishing. It exploits “device code flow,” a form of authentication formalized in the industry-wide OAuth standard. Authentication through device code flow is designed for logging printers, smart TVs, and similar devices into accounts. These devices typically don’t support browsers, making it difficult to sign in using more standard forms of authentication, such as entering user names, passwords, and two-factor mechanisms.

Rather than authenticating the user directly, the input-constrained device displays an alphabetic or alphanumeric device code along with a link associated with the user account. The user opens the link on a computer or other device that’s easier to sign in with and enters the code. The remote server then sends a token to the input-constrained device that logs it into the account.

Read full article

Comments

There’s a growing collaboration between hacking groups engaging in espionage on behalf of nation-states and those seeking financial gains through ransomware and other forms of cybercrime, researchers noted this week.

There has always been some level of overlap between these two groups, but it has become more pronounced in recent years. On Tuesday, the Google-owned Mandiant security firm said the uptick comes amid tighter purse strings and as a means for concealing nation-state-sponsored espionage by making it blend in with financially motivated cyberattacks.

Opportunities abound

“Modern cybercriminals are likely to specialize in a particular area of cybercrime and partner with other entities with diverse specializations to conduct operations,” Mandiant researchers explained. “The specialization of cybercrime capabilities presents an opportunity for state-backed groups to simply show up as another customer for a group that normally sells to other criminals. Purchasing malware, credentials, or other key resources from illicit forums can be cheaper for state-backed groups than developing them in-house, while also providing some ability to blend in to financially motivated operations and attract less notice.”

Read full article

Comments

In the nascent field of AI hacking, indirect prompt injection has become a basic building block for inducing chatbots to exfiltrate sensitive data or perform other malicious actions. Developers of platforms such as Google’s Gemini and OpenAI’s ChatGPT are generally good at plugging these security holes, but hackers keep finding new ways to poke through them again and again.

On Monday, researcher Johann Rehberger demonstrated a new way to override prompt injection defenses Google developers have built into Gemini—specifically, defenses that restrict the invocation of Google Workspace or other sensitive tools when processing untrusted data, such as incoming emails or shared documents. The result of Rehberger’s attack is the permanent planting of long-term memories that will be present in all future sessions, opening the potential for the chatbot to act on false information or instructions in perpetuity.

Incurable gullibility

More about the attack later. For now, here is a brief review of indirect prompt injections: Prompts in the context of large language models (LLMs) are instructions, provided either by the chatbot developers or by the person using the chatbot, to perform tasks, such as summarizing an email or drafting a reply. But what if this content contains a malicious instruction? It turns out that chatbots are so eager to follow instructions that they often take their orders from such content, even though there was never an intention for it to act as a prompt.

Read full article

Comments

OpenAI is entering the final stages of designing its long-rumored AI processor with the aim of decreasing the company’s dependence on Nvidia hardware, according to a Reuters report released Monday. The ChatGPT creator plans to send its chip designs to Taiwan Semiconductor Manufacturing Co. (TSMC) for fabrication within the next few months, but the chip has not yet been formally announced.

The OpenAI chip’s full capabilities, technical details, and exact timeline are still unknown, but the company reportedly intends to iterate on the design and improve it over time, giving it leverage in negotiations with chip suppliers—and potentially granting the company future independence with a chip design it controls outright.

In the past, we’ve seen other tech companies, such as Microsoft, Amazon, Google, and Meta, create their own AI acceleration chips for reasons that range from cost reduction to relieving shortages of AI chips supplied by Nvidia, which enjoys a near-market monopoly on high-powered GPUs (such as the Blackwell series) for data center use.

Read full article

Comments

A little over two weeks ago, a largely unknown China-based company named DeepSeek stunned the AI world with the release of an open source AI chatbot that had simulated reasoning capabilities that were largely on par with those from market leader OpenAI. Within days, the DeepSeek AI assistant app climbed to the top of the iPhone App Store’s “Free Apps” category, overtaking ChatGPT.

On Thursday, mobile security company NowSecure reported that the app sends sensitive data over unencrypted channels, making the data readable to anyone who can monitor the traffic. More sophisticated attackers could also tamper with the data while it’s in transit. Apple strongly encourages iPhone and iPad developers to enforce encryption of data sent over the wire using ATS (App Transport Security). For unknown reasons, that protection is globally disabled in the app, NowSecure said.

Basic security protections MIA

What’s more, the data is sent to servers that are controlled by ByteDance, the Chinese company that owns TikTok. While some of that data is properly encrypted using transport layer security, once it’s decrypted on the ByteDance-controlled servers, it can be cross-referenced with user data collected elsewhere to identify specific users and potentially track queries and other usage.

Read full article

Comments

For much of the past year, the trail of destruction and mayhem left behind by ransomware hackers was on full display. Digital extortion gangs paralyzed hundreds of US pharmacies and clinics through their attack on Change Healthcare, exploited security vulnerabilities in the customer accounts of cloud provider Snowflake to breach a string of high-profile targets, and extracted a record $75 million from a single victim.

Yet beneath those headlines, the numbers tell a surprising story: Ransomware payments actually fell overall in 2024—and in the second half of the year dropped more precipitously than in any six-month period on record.

Cryptocurrency tracing firm Chainalysis today released a portion of its annual crime report focused on tracking the ransomware industry, which found that ransomware victims’ extortion payments totaled $814 million in 2024, a drop of 35 percent compared to the record $1.25 billion that hackers extracted from ransomware victims the previous year. Breaking down the payments over the course of 2024 shows an even more positive trend: Hackers collected just $321 million from July through December compared to $492 million the previous half year, the biggest falloff in payments between two six-month periods that Chainalysis has ever seen.

Read full article

Comments

Researchers said they recently discovered a zero-day vulnerability in the 7-Zip archiving utility that was actively exploited as part of Russia’s ongoing invasion of Ukraine.

The vulnerability allowed a Russian cybercrime group to override a Windows protection designed to limit the execution of files downloaded from the Internet. The defense is commonly known as MotW, short for Mark of the Web. It works by placing a “Zone.Identifier” tag on all files downloaded from the Internet or from a networked share. This tag, a type of NTFS Alternate Data Stream and in the form of a ZoneID=3, subjects the file to additional scrutiny from Windows Defender SmartScreen and restrictions on how or when it can be executed.

There’s an archive in my archive

The 7-Zip vulnerability allowed the Russian cybercrime group to bypass those protections. Exploits worked by embedding an executable file within an archive and then embedding the archive into another archive. While the outer archive carried the MotW tag, the inner one did not. The vulnerability, tracked as CVE=2025-0411, was fixed with the release of version 24.09 in late November.

Read full article

Comments

A mirror proxy Google runs on behalf of developers of the Go programming language pushed a backdoored package for more than three years until Monday, after researchers who spotted the malicious code petitioned for it to be taken down twice.

The service, known as the Go Module Mirror, caches open source packages available on GitHub and elsewhere so that downloads are faster and to ensure they are compatible with the rest of the Go ecosystem. By default, when someone uses command-line tools built into Go to download or install packages, requests are routed through the service. A description on the site says the proxy is provided by the Go team and “run by Google.”

Caching in

Since November 2021, the Go Module Mirror has been hosting a backdoored version of a widely used module, security firm Socket said Monday. The file uses “typosquatting,” a technique that gives malicious files names similar to widely used legitimate ones and plants them in popular repositories. In the event someone makes a typo or even a minor variation from the correct name when fetching a file with the command line, they land on the malicious file instead of the one they wanted. (A similar typosquatting scheme is common with domain names, too.)

Read full article

Comments

Federal prosecutors have indicted a man on charges he stole $65 million in cryptocurrency by exploiting vulnerabilities in two decentralized finance platforms and then laundering proceeds and attempting to extort swindled investors.

The scheme, alleged in an indictment unsealed on Monday, occurred in 2021 and 2023 against the DeFI platforms KyberSwap and Indexed Finance. Both platforms provide automated services known as “liquidity pools” that allow users to move cryptocurrencies from one to another. The pools are funded with user-contributed cryptocurrency and are managed by smart contracts enforced by platform software.

“Formidable mathematical prowess”

The prosecutors said Andean Medjedovic, now 22 years old, exploited vulnerabilities in the KyberSwap and Indexed Finance smart contracts by using “manipulative trading practices.” In November 2023, he allegedly used hundreds of millions of dollars in borrowed cryptocurrency to cause artificial prices in the KyberSwap liquidity pools. According to the prosecutors, he then calculated precise combinations of trades that would induce the KyberSwap smart contract system—known as the AMM, or automated market makers—to “glitch,” as he wrote later.

Read full article

Comments

Dell is calling much of its workforce back into the office five days a week starting on March 3. The technology giant is framing the mandate as a business strategy, but there’s reason to believe the policy may drive employee turnover.

Business Insider detailed an internal memo today from CEO and Chairman Michael Dell informing workers that if they live within an hour of a Dell office, they’ll have to go in five days a week.

“What we’re finding is that for all the technology in the world, nothing is faster than the speed of human interaction,” Dell wrote, per Business Insider. “A thirty-second conversation can replace an email back-and-forth that goes on for hours or even days.”

Read full article

Comments