‘NVIDIA Contacted Anna’s Archive to Secure Access to Millions of Pirated Books’

NVIDIA allegedly sought high-speed access to millions of pirated books from Anna's Archive for AI training, leading to a class-action lawsuit by authors for copyright infringement. Internal emails suggest NVIDIA management proceeded with piracy despite warnings about the legality of the library's content. The lawsuit expands to include claims of using other pirated sources and distributing tools for accessing copyrighted materials, demanding compensation for damages suffered by the authors.

https://torrentfreak.com/nvidia-contacted-annas-archive-to-secure-access-to-millions-of-pirated-books/

New Android Malware Uses AI to Click on Hidden Browser Ads

, , ,

New Android malware utilizes AI with TensorFlow to automatically click on hidden ads, enhancing click fraud mechanisms. Distributed via Xiaomi’s app store and third-party sites, it uses a ‘phantom’ mode for covert actions and a ‘signalling’ mode for real-time control. Affected apps initially lack malicious intent but receive updates adding harmful features, misleading users. Users are advised to avoid non-Google Play apps to mitigate risks.

https://www.bleepingcomputer.com/news/security/new-android-malware-uses-ai-to-click-on-hidden-browser-ads/

VoidLink Cloud Malware Shows Clear Signs of Being AI-generated

,

VoidLink malware, developed likely by a solo programmer with AI assistance, exhibits advanced features like custom loaders and rootkits. Check Point Research notes it shows clear signs of AI generation, operational security failures, and rapid functionality development within a week. This marks a shift where individuals with technical skills can produce sophisticated malware, previously achievable only by well-resourced teams, making it a notable example of AI-driven cyber threats.

https://www.bleepingcomputer.com/news/security/voidlink-cloud-malware-shows-clear-signs-of-being-ai-generated/

For the Price of Netflix, Crooks Can Rent AI Crime Ops

,

Cybercrime has evolved with AI, offering tools like Dark LLMs for scams at subscription prices. Group-IB reports a 371% increase in AI mentions on dark web forums since 2019. AI simplifies previously complex cyberattacks into easily accessible services. Deepfake and synthetic identity tools are now inexpensive, resulting in significant financial losses, including $347 million in a single quarter. Automation in cybercrime lowers barriers for criminals, complicating defense efforts and increasing the scale and personalization of scams.

https://www.theregister.com/2026/01/20/group_ib_ai_cycercrime_subscriptions/

Google Gemini Flaw Turns Calendar Invites Into Attack Vector

, ,

A significant recent cybersecurity concern is a prompt injection vulnerability in Google's Gemini AI, allowing attackers to exploit Google Calendar invites to access private data covertly and create deceptive events. This highlights the need for advanced security strategies addressing semantic vulnerabilities in AI systems.

https://www.darkreading.com/cloud-security/google-gemini-flaw-calendar-invites-attack-vector

Firefox Joins Chrome and Edge as Sleeper Extensions Spy on Users

,

Malicious browser extensions, including ShadyPanda and GhostPoster, have been found to spy on users across Firefox, Chrome, and Edge. These extensions behaved normally for years before switching to spyware after updates, leveraging techniques like steganography to hide malicious code. Seventeen affected extensions have over 840,000 downloads. Users are advised to uninstall any suspicious extensions and conduct a Malwarebytes Deep Scan to check for infections.

https://www.malwarebytes.com/blog/news/2026/01/firefox-joins-chrome-and-edge-as-sleeper-extensions-spy-on-users

Malicious GhostPoster Browser Extensions Found With 840,000 Installs

,

17 malicious GhostPoster browser extensions found in Chrome, Firefox, and Edge have accumulated 840,000 installs, employing hidden JavaScript for tracking, ad fraud, and backdoor access. These extensions, initially reported in December, include popular ones like “Google Translate in Right Click” and “Ads Block Ultimate.” They originated on Microsoft Edge and spread to other browsers, with some active since 2020. Recent variants show advanced evasion tactics, but affected users remain at risk even after removals from stores.

https://www.bleepingcomputer.com/news/security/malicious-ghostposter-browser-extensions-found-with-840-000-installs/

Microsoft Knocks Offline RedVDS Cybercrime Marketplace Linked to $40M in Fraud

,

Microsoft disrupted the RedVDS cybercrime marketplace, linked to $40 million in fraud, by seizing key infrastructure and working with international law enforcement. RedVDS enabled mass phishing and account takeover campaigns, compromising over 191,000 organizations worldwide. The service sold access to Windows RDP servers, leaving behind technical indicators like a shared computer name and a cloned Windows Server 2022 image.

https://redmondmag.com/articles/2026/01/15/microsoft-knocks-offline-redvds-cybercrime-marketplace.aspx

‘Signal’ President and VP Warn Agentic AI Is Insecure, Unreliable, and a Surveillance Nightmare

Signal leaders warn agentic AI is insecure, unreliable, and risks surveillance. At 39C3, they highlighted its vulnerabilities, including susceptibility to malware and low task success rates. They advocate for industry changes to improve privacy, security, and transparency, urging firms to halt reckless deployment and prioritize user consent and data protection.

https://coywolf.com/news/productivity/signal-president-and-vp-warn-agentic-ai-is-insecure-unreliable-and-a-surveillance-nightmare/

CodeBreach: Supply Chain Vuln & AWS CodeBuild Misconfig

, ,

Wiz Research uncovered a critical vulnerability, named CodeBreach, in AWS CodeBuild that allowed unauthorized access to key AWS GitHub repositories, notably the JavaScript SDK for the AWS Console. This flaw, stemming from unanchored regex filters in build triggers, let attackers exploit CI/CD processes to extract sensitive credentials, potentially compromising many AWS accounts. Recommendations for safeguarding against such vulnerabilities include implementing strict build gates and securing GitHub connections. AWS promptly remediated the issue and issued additional hardening measures in response to the findings. The incident underscores the increasing targeting of CI/CD environments by attackers.

https://www.wiz.io/blog/wiz-research-codebreach-vulnerability-aws-codebuild

Critical WhisperPair Flaw Lets Hackers Track, Eavesdrop Via Bluetooth Audio Devices

, , ,

Security researchers found a critical vulnerability in Google's Fast Pair protocol, called “WhisperPair,” allowing attackers to hijack Bluetooth audio devices to track and eavesdrop on users. The flaw affects numerous devices, regardless of smartphone OS, due to improper implementation allowing unauthorized pairing. Attackers can exploit it from up to 14 meters away, gaining control of the devices for malicious purposes. Google awarded researchers $15,000, but security updates are still pending for many devices. Users must install firmware updates to mitigate risks.

https://www.bleepingcomputer.com/news/security/critical-whisperpair-flaw-lets-hackers-track-eavesdrop-via-bluetooth-audio-devices/

Reprompt: The Single-Click Microsoft Copilot Attack That Silently Steals Your Personal Data

, ,

Varonis Threat Labs identified a new AI vulnerability called Reprompt in Microsoft Copilot that allows attackers to exploit a single click on a seemingly legitimate link to bypass security controls and exfiltrate sensitive user data without detection. This attack can lead to significant data breaches by firing off malicious commands that continue even after the user interacts with the Copilot. Key methods involve URL parameter manipulation and managing hidden follow-up requests, making it difficult to spot the exploitation attempts. Microsoft has since patched the vulnerability. Recommendations are made for both vendors and users to enhance security against such vulnerabilities.

https://www.varonis.com/blog/reprompt

Inside RedVDS: How a Single Virtual Desktop Provider Fueled Worldwide Cybercriminal Operations

,

RedVDS Infiltration: Microsoft Threat Intelligence reveals RedVDS, a VDS provider, facilitated global cybercrime, enabling phishing and fraud. It operated with cloned Windows servers for low-cost, anonymous access. Investigations resulted in takedowns of its infrastructure, highlighting it employed basic software for phishing campaigns. Cybercriminals exploited it with mass email tools and VPNs, hiding their tracks. RedVDS’ structure, payment via cryptocurrency, and operational model aided criminal scalability, leading to significant fraud losses in various countries. Microsoft calls for increased vigilance against such threats.

https://www.microsoft.com/en-us/security/blog/2026/01/14/inside-redvds-how-a-single-virtual-desktop-provider-fueled-worldwide-cybercriminal-operations/

Exclusive: Beijing Tells Chinese Firms to Stop Using US and Israeli Cybersecurity Software, Sources Say

China bans over a dozen U.S. and Israeli cybersecurity software companies due to national security concerns, urging firms to seek domestic alternatives amidst ongoing trade tensions. Companies affected include Palo Alto Networks, CrowdStrike, and Check Point. This ban reflects China's aim to replace Western technology and mitigate hacking risks.

https://www.reuters.com/world/china/beijing-tells-chinese-firms-stop-using-us-israeli-cybersecurity-software-sources-2026-01-14/

More Than 40 Countries Impacted by North Korea IT Worker Scams, Crypto Thefts

,

Over 40 countries affected by North Korea IT worker scams and crypto thefts; U.S. urges UN to enforce sanctions against North Korea. Report details North Korea's schemes to fund weapons programs, including identity theft and laundering via Chinese banks. U.S. accuses China and Russia of harboring North Korean operatives. Discussions at UN highlighted challenges in identifying North Korean workers amidst growing AI integration in scams. North Korea criticized the U.S. for its actions at the UN.

https://therecord.media/40-countries-impacted-nk-it-thefts-united-nations

Scroll to Top