Developers clone unfamiliar repositories all the time. Open-source projects, work from teammates, sample code from a tutorial, a library someone recommended on a forum. The convention is old and reasonable: you look at what’s inside before you run it. AI coding assistants that work from the command line have inherited that convention, and a new piece of research from Adversa AI shows where the convention breaks. The research, called TrustFall, covers four agentic coding tools: … More →
The post One keypress is all it takes to compromise four AI coding tools appeared first on Help Net Security.
Hackers are using convincing fake pages for Claude AI to trick users into running malware on their own systems. The campaign, known as “InstallFix” or the Fake Claude Installer threat, marks a sharp shift in how cybercriminals exploit the trust people place in artificial intelligence tools. Instead of targeting software vulnerabilities, these attackers are targeting […]
The post Hackers Using Fake Claude AI Installer Pages to Trick Users Into Running Malware on Their Systems appeared first on Cyber Security News.
Don’t singularly focus on the speed of AI attacks. You must also prepare for the shift AI is bringing to the threat landscape. Join Tenable at EXPOSURE 2026 to witness a live AI-vs-AI battle and get clarity to defend your organization against next-generation autonomous threats.
Key takeawaysYou’ve heard and read a lot about how AI is upending cybersecurity. But have you actually seen an AI attack unfold right before your eyes? It’s one of many compelling reasons for you to join us at Tenable’s EXPOSURE 2026 conference in Boston from May 19 to 21.
During a keynote, you can witness a live simulation where two agentic AI tools — an offensive red team and a defensive blue team — duel, simultaneously attacking and protecting a vibe-coded expense report application that has an embedded large language model (LLM) chatbot.
The presentation, titled “The AI battle: A live defense simulation,” will offer you a unique opportunity to deepen your understanding of AI attacks and AI defenses, as well as gain invaluable insights to boost your organization’s AI security strategy.
AI attack speed is part of the pictureResearchers Robert McSulla and Ben Smith crafted the simulation to drive home this point: If you just focus on countering the machine speed of AI attacks, you’ll fall short of protecting your organization. Why? While AI has indeed accelerated cyber attacks, it has also radically transformed them in multiple other ways.
By creating a unique, custom demo of an all-out agentic AI battle, the researchers will showcase multiple novel attack vectors in a clear and structured manner, aided by elements such as a timeline, a battle status monitor, and a scorecard. For example, the presentation will unpack autonomous defensive assessments by the blue-team agent, as well as sophisticated attack planning by the red-team agent.
The presentation will make it clear that while AI makes attackers faster, this increased speed represents a quantitative change. You can defend against faster AI attacks if you tune up the tools you already have.
However, AI has also brought about substantial changes, including an expanded attack surface; AI vs. AI attacks; new adversary capabilities; and context poisoning. To counter these new elements, you can’t rely on conventional cybersecurity tools and processes. A web application firewall rule can’t defuse a prompt injection attack. A Sigma rule can’t detect a semantic jailbreak attempt.
During the presentation, you’ll see how in order to secure the simulation’s app – whose LLM chatbot has access to business logic, user data, and external tools – you’ll need security controls and capabilities designed specifically for AI.
In the end, you’ll emerge from the talk with concrete actions your team can implement right away, including:
“The AI battle: A live defense simulation” is just one of the many presentations at EXPOSURE 2026 that’ll boost your understanding of how and why exposure management is a requirement for effective cybersecurity in the AI era.
With an exposure management strategy, your cybersecurity teams can regain control over a chaotic attack surface that has exploded in size and complexity due to AI. Exposure management gives you unified visibility over all assets – wherever they are – and their security issues, such as vulnerabilities, misconfigurations, and overprivileged identities, so that you can proactively slash cyber risk, including AI-driven threats.
EXPOSURE 2026, which will be held in Boston from May 19 to May 21 at the Hilton Boston Park Plaza, features an impressive roster of cybersecurity experts, including:
You’ll also get a chance to hear directly from top-level Tenable executives, including:
If you’re looking to sharpen your cybersecurity skills and boost your professional development, EXPOSURE 2026 offers the following technical training tracks:
Eager to boost your understanding of AI security and exposure management? Register for EXPOSURE 2026 today.
Phone-based scams are evolving faster than most security filters can keep up with. Attackers are now leaning heavily on Voice over Internet Protocol (VoIP) numbers that disappear before detection systems can flag them, leaving users exposed and defenders scrambling. These scam campaigns arrive through email, where attackers embed phone numbers directly into message bodies, subject […]
The post Scammers Use Short-Lived VoIP Numbers and Reuse Windows to Defeat Reputation-Based Blocking appeared first on Cyber Security News.
A sophisticated China-linked hacker group known as UAT-8302 has been quietly targeting government agencies across South America and southeastern Europe, using a mix of custom malware and widely available open-source tools to steal sensitive data. The group has been active since at least late 2024 and stepped up its operations against government bodies in southeastern […]
The post UAT-8302 Uses Custom Malware and Open-Source Tools to Steal Data From Government Agencies appeared first on Cyber Security News.