How AI red teams find hidden flaws before attackers do https://www.csoonline.com/article/4029862/how-ai-red-teams-find-hidden-flaws-before-attackers-do.html #ArtificialIntelligence #ApplicationSecurity #PenetrationTesting

How AI red teams find hidden flaws before attackers do https://www.csoonline.com/article/4029862/how-ai-red-teams-find-hidden-flaws-before-attackers-do.html #ArtificialIntelligence #ApplicationSecurity #PenetrationTesting
Amazon’s AI Coding Assistant Compromised by Malicious Prompt!
In a chilling reminder of AI’s growing attack surface, a malicious prompt was quietly inserted into Amazon’s Q coding assistant via a pull request and told to wipe the user’s file system and AWS cloud resources. The rogue code instructed the AI to “clean a system to a near-factory state,” including running destructive AWS CLI commands.
Amazon has since removed the malicious version and released an update, but it's a good reminder that AI coding tools are only as secure as their supply chain and prompt filtering. Vet your extensions. Lock down access. And never assume “AI knows better.”
iX-Workshop IT-Sicherheit: Pentests methodisch planen, anfordern und analysieren
Schritt für Schritt zum sicheren System: Penetrationstests methodisch planen, beauftragen und auswerten, um Schwachstellen in der eigenen IT aufzuspüren.
Cervantes: Open-source, collaborative platform for pentesters and red teams https://www.helpnetsecurity.com/2025/07/23/cervantes-open-source-collaborative-platform-pentesters-red-teams/ #penetrationtesting #cybersecurity #opensource #Don'tmiss #software #redteam #GitHub #OWASP #News
Leaked and Loaded: DOGE’s API Key Crisis
One leaked API key exposed 52 private LLMs and potentially sensitive systems across SpaceX, Twitter, and even the U.S. Treasury.
In this episode of Cyberside Chats, @sherridavidoff and @MDurrin break down the DOGE/XAI API key leak. They share how it happened, why key management is a growing threat, and what you should do to protect your organization from similar risks.
Watch the video: https://youtu.be/Lnn225XlIc4
Listen to the podcast: https://www.chatcyberside.com/e/api-key-catastrophe-when-secrets-get-leaked/
A Vulnerable Simulator for Drone Penetration Testing - The old saying that the best way to learn is by doing holds as true for penetrati... - https://hackaday.com/2025/07/18/a-vulnerable-simulator-for-drone-penetration-testing/ #penetrationtesting #securityhacks #dronesecurity #dronehacks #security #drone
How do attackers go from file shares to full domain admin access without ever stealing a password? In this real-world case study, we'll share how a single misconfiguration opened the door to a full network compromise, and how our #pentest team exploited hidden file shares (with that sneaky $ at the end) to uncover sensitive data most IT teams don’t realize is exposed.
We'll share:
• How attackers exploit hidden file shares
• Why misconfigured Windows Deployment Services are a major risk
• The exact relay attack path that led to domain dominance
• What red flags to look for in your environment
Watch: https://youtu.be/78L2Zz2Ttbs
Putting AI-assisted ‘vibe hacking’ to the test – Source: www.csoonline.com https://ciso2ciso.com/putting-ai-assisted-vibe-hacking-to-the-test-source-www-csoonline-com/ #rssfeedpostgeneratorecho #ArtificialIntelligence #PenetrationTesting #CyberSecurityNews #vulnerabilities #cyberattacks #CSOonline #CSOOnline
Is autonomous pen testing the future of offensive security or just a flashy concept?
Join us on the Shared Security Podcast as we discuss XBOW's game-changing technology with co-host Kevin Johnson and explore what it means for cybersecurity professionals.
Watch on YouTube:
https://youtu.be/VeOMYBSk3Dk
Listen and subscribe to the podcast!
https://sharedsecurity.net/subscribe
Exposure management is the answer to: “Am I working on the right things?” https://www.helpnetsecurity.com/2025/07/08/dan-decloss-plextrac-exposure-management-strategy/ #vulnerabilitymanagement #penetrationtesting #incidentresponse #cybersecurity #Don'tmiss #Features #Hotstuff #PlexTrac #strategy #News
Your UPS might be a silent security risk.
Watch our new video to see how a standard uninterruptible power supply (UPS) became the gateway to hacking a real bank.
We walk you through:
How UPS devices connect to networks—and why that matters
The danger of default credentials on embedded systems
How spoofed email servers let attackers steal domain credentials
The exact steps that led to full network compromise
Watch now! https://youtu.be/Ru5RR9COqYw
New mass scanning activity may be the first step in another MOVEit attack.
Hackers are actively scanning the internet for exposed MOVEit systems—hundreds of unique IPs every day—suggesting the early stages of coordinated exploitation.
Threat intel firm GreyNoise warns this is the same pattern seen weeks before past mass attacks. Known MOVEit vulnerabilities, such as CVE-2023-34362 and CVE-2023-36934, are already being tested in the wild.
If your MOVEit Transfer instance is online and unmonitored, you may already be on an attacker’s target list.
Now’s the time to:
• Patch all known MOVEit vulnerabilities
• Limit public-facing access
• Monitor for scan activity and open ports
• Block IPs identified by threat intelligence feeds
• Harden file transfer environments and deploy honeypots if needed
Scanning isn’t random—it’s reconnaissance. Act now before scanning turns into breach.
Read the article for details: https://www.cuinfosecurity.com/scans-probing-for-moveit-systems-may-be-precursor-to-attacks-a-28832
More information on printer security, since they are often a cybersecurity blind spot!
Last week, we shared a warning about the unpatchable Brother printer vulnerability (CVE-2024-51978) that puts millions of devices at risk. If you haven’t updated your default admin passwords, do it now.
Since there was a lot of interest in this topic, we're sharing our classic, but still very relevant, on-demand webinar, "How I met your printer": https://youtu.be/b6d6RO2AFgw
@tompohl shares real-world techniques attackers use to exploit printers for initial access and lateral movement—exactly what we see in our penetration tests all the time.
If you haven’t tested your print infrastructure, now’s the time. Need help? Our pentest team can assess your network and highlight hidden vulnerabilities.
#Cybersecurity #CISO #PrinterSecurity #PenetrationTesting #LMGSecurity #NetworkSecurity #Infosec #ITsecurity
#penetrationtesting #pentest #pentesting
Are we securing AI like the rest of the cloud? https://www.helpnetsecurity.com/2025/06/30/chris-mcgranahan-backblaze-ai-cloud-security/ #Artificialintelligence #penetrationtesting #cloudsecurity #cybersecurity #Don'tmiss #Backblaze #Features #Hotstuff #News
Hundreds of Brother printer models are affected by a critical, unpatchable vulnerability (CVE-2024-51978) that allows attackers to generate the default admin password using the device’s serial number—information that’s easily discoverable via other flaws.
748 total models across Brother, Fujifilm, Ricoh, Toshiba, and Konica Minolta are impacted, with millions of devices at risk globally.
Attackers can:
• Gain unauthenticated admin access
• Pivot to full remote code execution
• Exfiltrate credentials for LDAP, FTP, and more
• Move laterally through your network
Brother says the vulnerability cannot be fixed in firmware and requires a change in manufacturing. For now, mitigation = change the default admin password immediately.
Our pentest team regularly highlights printer security as a critical path to system compromise—and today’s news is another example that underscores this risk. This is your reminder: Printers are not “set-and-forget” devices. Treat them like any other endpoint—monitor, patch, and lock them down.
Need help testing your network for exploitable print devices? Contact us and our pentest team can help!
Read the Dark Reading article for more details on the Brother Printers vulnerability: https://www.darkreading.com/endpoint-security/millions-brother-printers-critical-unpatchable-bug
We know GenAI is risky, so why aren’t we fixing its flaws? https://www.helpnetsecurity.com/2025/06/27/cobalt-research-llm-security-vulnerabilities/ #penetrationtesting #securityassessment #cybersecurity #GenerativeAI #Cobalt #report #News #LLMs
A single misstep in AD CS can hand attackers the keys to your entire domain—no passwords needed.
If your team installed Active Directory Certificate Services more than six months ago, your organization could be at risk.
Watch our new 4-minute video to see how a default setting enables low-privilege users to escalate all the way to domain admin and what you can do to reduce your risk. https://youtu.be/S59dNEPnJ4M
XBOW’s AI reached the top ranks on HackerOne, and now it has $75M to scale up https://www.helpnetsecurity.com/2025/06/25/xbow-ai-funding/ #Artificialintelligence #penetrationtesting #Industrynews #Don'tmiss #HackerOne #News #XBOW
Today, we started working on a new Web & Mobile Pentest for one of our clients, and we wanted to take the opportunity to thank @zaproxy as it is our main tool when doing web security testing.
Also, we recently published a "success story" on @zaproxy's website to explain our choice for this tool, and to talk about our contributions to the project:
“You think it’s just a light bulb—but it’s not off. It’s watching, listening… maybe even hacking.”
LMG Security’s @tompohl revealed how $20 smart outlets and light bulbs can be exploited for WiFi cracking, evil twin attacks, and stealth monitoring—turning everyday gadgets into real-world threats.
In our latest blog, we’ll share:
How attackers can exploit everyday IoT gadgets to breach your organization
Advice on how to lock down your smart tech
Tips on segmentation, firmware auditing, and red teaming
Read the blog: https://www.lmgsecurity.com/i-have-the-power-iot-security-challenges-hidden-in-smart-bulbs-and-outlets/