We don’t have many details: > President Donald Trump suggested Saturday that the U.S. used cyberattacks or > other technical capabilities to cut power off in Caracas during strikes on the > Venezuelan capital that led to the capture of Venezuelan President Nicolás > Maduro. > > If true, it would mark one of the most public uses of U.S. cyber power against > another nation in recent memory. These operations are typically highly > classified, and the U.S. is considered one of the most advanced nations in > cyberspace operations globally.

News: > The Danish Defence Intelligence Service (DDIS) announced on Thursday that > Moscow was behind a cyber-attack on a Danish water utility in 2024 and a > series of distributed denial-of-service (DDoS) attacks on Danish websites in > the lead-up to the municipal and regional council elections in November. > > The first, it said, was carried out by the pro-Russian group known as > Z-Pentest and the second by NoName057(16), which has links to the Russian > state. Slashdot thread.

From Anthropic: > In mid-September 2025, we detected suspicious activity that later > investigation determined to be a highly sophisticated espionage campaign. The > attackers used AI’s “agentic” capabilities to an unprecedented degree­—using > AI not just as an advisor, but to execute the cyberattacks themselves. > > The threat actor—­whom we assess with high confidence was a Chinese > state-sponsored group—­manipulated our Claude Code tool into attempting > infiltration into roughly thirty global targets and succeeded in a small > number of cases. The operation targeted large tech companies, financial > institutions, chemical manufacturing companies, and government agencies. We > believe this is the first documented case of a large-scale cyberattack > executed without substantial human intervention...

AI agents are now hacking computers. They’re getting better at all phases of cyberattacks, faster than most of us expected. They can chain together different aspects of a cyber operation, and hack autonomously, at computer speeds and scale. This is going to change everything. Over the summer, hackers proved the concept, industry institutionalized it, and criminals operationalized it. In June, AI company XBOW took the top spot on HackerOne’s US leaderboard after submitting over 1,000 new vulnerabilities in just a few months. In August, the seven teams competing in DARPA’s AI Cyber Challenge ...

Interesting analysis: > When cyber incidents occur, victims should be notified in a timely manner so > they have the opportunity to assess and remediate any harm. However, providing > notifications has proven a challenge across industry. > > When making notifications, companies often do not know the true identity of > victims and may only have a single email address through which to provide the > notification. Victims often do not trust these notifications, as cyber > criminals often use the pretext of an account compromise as a phishing lure. > > […] > > This report explores the challenges associated with developing the > native-notification concept and lays out a roadmap for overcoming them. It > also examines other opportunities for more narrow changes that could both > increase the likelihood that victims will both receive and trust notifications > and be able to access support resources...

Really good research on practical attacks against LLM agents. > “Invitation Is All You Need! Promptware Attacks Against LLM-Powered Assistants > in Production Are Practical and Dangerous” > > Abstract: The growing integration of LLMs into applications has introduced new > security risks, notably known as Promptware­—maliciously engineered prompts > designed to manipulate LLMs to compromise the CIA triad of these applications. > While prior research warned about a potential shift in the threat landscape > for LLM-powered applications, the risk posed by Promptware is frequently > perceived as low. In this paper, we investigate the risk Promptware poses to > users of Gemini-powered assistants (web application, mobile application, and > Google Assistant). We propose a novel Threat Analysis and Risk Assessment > (TARA) framework to assess Promptware risks for end users. Our analysis > focuses on a new variant of Promptware called Targeted Promptware Attacks, > which leverage indirect prompt injection via common user interactions such as > emails, calendar invitations, and shared documents. We demonstrate 14 attack > scenarios applied against Gemini-powered assistants across five identified > threat classes: Short-term Context Poisoning, Permanent Memory Poisoning, Tool > Misuse, Automatic Agent Invocation, and Automatic App Invocation. These > attacks highlight both digital and physical consequences, including spamming, > phishing, disinformation campaigns, data exfiltration, unapproved user video > streaming, and control of home automation devices. We reveal Promptware’s > potential for on-device lateral movement, escaping the boundaries of the > LLM-powered application, to trigger malicious actions using a device’s > applications. Our TARA reveals that 73% of the analyzed threats pose > High-Critical risk to end users. We discuss mitigations and reassess the risk > (in response to deployed mitigations) and show that the risk could be reduced > significantly to Very Low-Medium. We disclosed our findings to Google, which > deployed dedicated mitigations...

Nice indirect prompt injection attack: > Bargury’s attack starts with a poisoned document, which is shared to a > potential victim’s Google Drive. (Bargury says a victim could have also > uploaded a compromised file to their own account.) It looks like an official > document on company meeting policies. But inside the document, Bargury hid a > 300-word malicious prompt that contains instructions for ChatGPT. The prompt > is written in white text in a size-one font, something that a human is > unlikely to see but a machine will still read. > > In a proof of concept video of the attack...

In this input integrity attack against an AI system, researchers were able to fool AIOps tools: > AIOps refers to the use of LLM-based agents to gather and analyze application > telemetry, including system logs, performance metrics, traces, and alerts, to > detect problems and then suggest or carry out corrective actions. The likes of > Cisco have deployed AIops in a conversational interface that admins can use to > prompt for information about system performance. Some AIOps tools can respond > to such queries by automatically implementing fixes, or suggesting scripts > that can address issues...

A whole class of speculative execution attacks against CPUs were published in 2018. They seemed pretty catastrophic at the time. But the fixes were as well. Speculative execution was a way to speed up CPUs, and removing those enhancements resulted in significant performance drops. Now, people are rethinking the trade-off. Ubuntu has disabled some protections, resulting in 20% performance boost. > After discussion between Intel and Canonical’s security teams, we are in > agreement that Spectre no longer needs to be mitigated for the GPU at the > Compute Runtime level. At this point, Spectre has been mitigated in the > kernel, and a clear warning from the Compute Runtime build serves as a > notification for those running modified kernels without those patches. For > these reasons, we feel that Spectre mitigations in Compute Runtime no longer > offer enough security impact to justify the current performance tradeoff...

American democracy runs on trust, and that trust is cracking. Nearly half of Americans, both Democrats and Republicans, question whether elections are conducted fairly. Some voters accept election results only when their side wins. The problem isn’t just political polarization—it’s a creeping erosion of trust in the machinery of democracy itself. Commentators blame ideological tribalism, misinformation campaigns and partisan echo chambers for this crisis of trust. But these explanations miss a critical piece of the puzzle: a growing unease with the digital infrastructure that now underpins nearly every aspect of how Americans vote...