LegalPwn exploits AI models by using legitimate legal language to trick them into misclassifying malicious software as safe code.
Posted inCybersecurity News

LegalPwn exploits AI models by using legitimate legal language to trick them into misclassifying malicious software as safe code.

The novel “LegalPwn” attack, developed by researchers at Pangea Labs, demonstrates how attackers can trick artificial intelligence models like ChatGPT, Google Gemini, GitHub Copilot, Meta’s Llama, and xAI’s Grok into misclassifying malicious software as safe code by cleverly disguising it within seemingly legitimate legal language.
Non-human identities (NHIs) are now outpacing human accounts across organizations.
Posted inCybersecurity News

Non-human identities (NHIs) are now outpacing human accounts across organizations.

In the first half of 2025, the cybersecurity landscape has seen a significant and accelerating rise in unmanaged machine identities—digital credentials used by non-human users such as applications, bots, and automated processes. According to recent research, the growth of these non-human identities (NHIs) is now outpacing the creation of human user accounts, dramatically shifting the balance of identity management within organizations.
PlayPraetor Android trojan infects >11k devices through sophisticated fraud campaign.
Posted inCybersecurity News

PlayPraetor Android trojan infects >11k devices through sophisticated fraud campaign.

A newly discovered Android remote access trojan (RAT) known as PlayPraetor has rapidly surged across the globe, infecting more than 11,000 devices in countries including Portugal, Spain, France, Morocco, Peru, and Hong Kong. Security researchers have warned that the malware’s reach is expanding at a rate of over 2,000 new infections weekly, driven primarily by aggressive campaigns targeting Spanish- and French-speaking users.
Senate confirms Sean Cairncross at National Cyber Director.
Posted inCybersecurity News

Senate confirms Sean Cairncross at National Cyber Director.

Washington, D.C. — The U.S. Senate has confirmed Sean Cairncross as the next National Cyber Director, solidifying his position as President Trump’s chief advisor on national cybersecurity matters. The Senate approved Cairncross’s nomination on August 3, 2025, in a 59-35 vote—a decision that follows weeks of scrutiny regarding his technical background and vision for the country’s evolving cyber defense posture.
New Plague backdoor silently bypasses authentication controls to maintain stealthy SSH access to targeted Linux systems.
Posted inCybersecurity News

New Plague backdoor silently bypasses authentication controls to maintain stealthy SSH access to targeted Linux systems.

A sophisticated Linux backdoor, dubbed Plague, has recently emerged as a significant security concern for system administrators and cybersecurity professionals. Leveraging the trusted Pluggable Authentication Module (PAM) framework, Plague enables attackers to silently bypass authentication controls and maintain persistent SSH access to targeted Linux systems.
China’s CL-STA-0969 group is targeting Southeast Asian telecommunications networks.
Posted inCybersecurity News

China’s CL-STA-0969 group is targeting Southeast Asian telecommunications networks.

Since early 2024, major telecommunications organizations across Southeast Asia have faced attacks from an advanced state-sponsored cyber threat actor identified as CL-STA-0969. Security intelligence suggests a likely association with Chinese cyber-espionage operations, given the group’s methods and tools, which demonstrate a deep familiarity with telecommunications systems, high operational security, and technical adaptability.
Anthropic revokes OpenAI’s access to Claude code ahead of long-awaited GPT-5 launch.
Posted inCybersecurity News

Anthropic revokes OpenAI’s access to Claude code ahead of long-awaited GPT-5 launch.

In a consequential move within the rapidly evolving artificial intelligence sector, Anthropic has suspended OpenAI’s access to its Claude API, citing violations of its terms of service. The decision follows Anthropic’s discovery that OpenAI engineers had been using Claude’s coding features—known as Claude Code—at a critical time preceding the expected launch of OpenAI’s next flagship model, GPT-5.