The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

Fake AI Chrome extensions with 300K users steal credentials, emails

A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants ...

Hackers Are Hammering Google’s Gemini With Prompts to Steal the LLM—Every AI Company Should Be Worried

Google reported today that bad actors are mass-prompting Gemini, sometimes over 100,000 times, in an effort to clone the AI chatbot. As tech companies race to build and launch stronger AI models, ...

Google says hackers are abusing Gemini AI for all attacks stages

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to ...