Artificial Intelligence | Breaking Cybersecurity News | The Hacker News

For years, our industry has treated "blocking" as the gold standard. If the email didn't land, if the malware didn't execute, if the alert fired in the SIEM, we called it a win. That mindset made sense in a world where most attacks came through a handful of familiar doors. But AI has changed the game. We're not dealing with hobbyists sending out clumsy phishing attacks anymore. Modern adversaries are running multi‑channel, AI‑assisted businesses at machine speed. And if all you're doing is blocking at the edge, you're not really defending. You're just delaying. Generative AI has made it trivial to spin up highly personalized, multi‑step social engineering campaigns that operate simultaneously across email, collaboration apps, mobile, social media, and paid media. The result is a social engineering attack chain : a sequence of stages designed to manufacture trust, erode judgment, and bypass brittle controls. You don't beat that by tuning another filter. You have to disrupt the at...

AI is changing the security landscape. More and more threat groups incorporate LLMs into their reconnaissance and exploitation workflows. The notion that some vulnerabilities are too complex to implement is now obsolete. Using LLMs, hackers can automatically find and exploit complex vulnerabilities. We have all heard of Claude Mythos and its ability to identify vulnerabilities in large codebases and exploit them automatically. But LLMs can do more than find vulnerabilities in code. ShinyHunters has scanned thousands of Salesforce Sites. They used a modified version of "AuraInspector". They possibly used an LLM to code their framework, mods, reconnaissance tools, and other aspects of their workflow. But the next step is to use AI to supercharge the attack process itself. We at Reco decided to explore what it would look like. Reco's security research team built an AI-powered agent capable of performing end-to-end security assessments of Salesforce Experience Cloud sit...

AI-driven vulnerability discovery is no longer a research project. Claude Mythos proved that. In a single sweep, it uncovered thousands of vulnerabilities in software we use every day, generated working exploits, and exposed bugs that had survived decades of human review. Other AI models are rapidly catching up, and we've entered into an entirely new operating environment for cybersecurity. The industry is treating this as a turning point, and it is. But not for the reason most people might think. The Real Problem Was Never Finding Vulnerabilities Most of the conversation around AI security focuses on discovery: AI can now identify vulnerabilities faster than human teams ever could. That is certainly true, but it also misses the larger operational reality organizations have been struggling with for years. Security teams were already overwhelmed long before AI entered the picture. Vulnerability scanners, fuzzers, and static analysis tools have consistently generated more...

Phishing emails have reached a point where they can fool both people and the tools designed to stop them. For anyone working through a packed inbox, it's easy to trust what looks familiar and click without a second thought. What's worrying is that phishing is rarely the end goal. It's usually the entry point for something much bigger: a ransomware attack. Once attackers gain access, they don't act immediately. They move through systems, map connections, and prepare the environment. By the time ransomware is deployed, it's the final step — not the first. To stay ahead, you need protection at two critical points. An advanced email security solution that catches even the most stealthy phishing attempts, and a strong BCDR strategy that lets you restore data quickly and avoid paying a ransom if something slips through. Why phishing remains so effective Phishing works because it plays on human behavior. Email may seem like a simple communication tool, but it functions as a decision-mak...

Most of the commentary on Anthropic's Claude Mythos Preview has gone in one of two directions: one camp treats it as the civilizational inflection point, the other as marketing dressed up as a research result. Neither read is particularly useful for a security leader who still has a program to run on Monday. The AISLE team's technical response to the Mythos announcement made a fair point worth sitting with: much of what was demonstrated is recoverable on smaller, open-weight models, particularly on the discovery side. Early testing results of OpenAI's GPT 5.5 show CTF performance close to or slightly superior to Mythos; the exclusivity framing is arguable, but the accelerated model improvement in offensive security is undisputable. The UK AI Security Institute found that Mythos can autonomously execute a complete corporate network takeover, succeeding in 30% of its attempts on a complex attack range — a task AISI estimates would require roughly 20 hours for a human e...

For security leaders, the inbox remains the front door for attackers. Here's why the smartest teams are adding adaptive, AI-driven protection to their cloud email security, not replacing them. Email is still the number-one attack vector for enterprises, and it is not even close. The FBI's Internet Crime Complaint Center reported that business email compromise alone generated $3 billion in losses in 2024 , with AI-enabled attacks accelerating the trend ( FBI IC3 Report ). The attacks that succeed today don't carry obvious malicious payloads. They rely on trust, tone, and timing; a spoofed vendor sending a "routine" invoice update, or a convincing impersonation of a CEO with an urgent request. No malware. No suspicious links. Just words, carefully chosen. Microsoft 365 is the backbone of productivity for most organizations, and Microsoft Defender and Exchange Online Protection do solid work catching known spam, malware, and co...

We recently worked with an organization that had invested heavily in advanced security tooling, including AI-driven detection and monitoring capabilities. From a technical perspective, the environment appeared mature: alerts were firing, dashboards were populated, and risks were clearly identified.  Yet progress had stalled.  The security team and IT disagreed on ownership. Business leadership perceived cyber risk as "under control," while the security team felt increasingly exposed and unheard. AI surfaced the signals, but no one could agree on what to do with them.  The turning point did not come from additional tooling or deeper analysis. It came from reframing the conversation.  By aligning stakeholders around clear business impact, contextualizing the findings against industry peers, and translating technical gaps into credible, board-level risk narratives that reinforced the internal security team's concerns rather than questioning their judgment, decisions were finally ma...

While working on the Transparent Tribe's vibeware research, we have encountered two distinct camps, the optimists and the skeptics. What makes the current dialogue unique is that both sides can be right at the same time. There is, however, a clear operational reason why we encounter "AI attacks" primarily on professional social media feeds rather than within our own telemetry logs. In this article, we analyze the factors explaining why Skynet is not here yet, and how, much like a shark, AI does not need to be innovative to be dangerous. LLM Architecture Bias LLMs are mathematically optimized to predict the most likely outcome, while hacking is the art of identifying the statistical anomaly. LLMs are designed to predict the most statistically probable next token. They are excellent at the average, but poor at the exceptional. A hacker, by contrast, is a practitioner of statistical anomaly, actively seeking the low-pro...