ai – Page 5 – Cybersecurity.watch

Global cybercrime syndicates are exploiting romance scams, using AI to create convincing online identities to deceive victims, particularly during Valentine's season. In 2024, Americans lost over $16 billion to cybercrime, with one in seven adults affected by romance schemes. These scams, targeting older demographics, leverage trust and urgency to manipulate victims, often moving conversations off safer platforms. Law enforcement faces challenges due to the international nature of these operations, but agencies like the FBI are forming global partnerships to combat them. Vigilance is necessary for online daters, as pressure tactics are common indicators of scams.

https://www.politico.com/news/2026/02/14/how-global-cybercrime-syndicates-are-stealing-hearts-and-billions-00780481

Major ‘vibe-coding’ Platform Orchids Is Easily Hacked, Researcher Finds

ai, coding, vibe coding, vulnerability

Feb 16 2026

A security flaw in Orchids AI platform led to a BBC reporter's laptop being hacked without any user action. A cybersecurity researcher exploited vulnerabilities, demonstrating risks associated with “vibe-coding” tools that allow non-technical users to create applications. This zero-click attack could compromise sensitive data and device security, raising concerns about the convenience of AI tools. Experts warn of a new class of vulnerabilities in AI systems.

https://www.bbc.com/news/articles/cy4wnw04e8wo

Milan-Cortina 2026: How Winter Olympics Embraced AI to Fend Off Cyber Attacks

ai, security controls

Feb 16 2026

Milan-Cortina 2026 Winter Olympics implement AI and cybersecurity measures to combat threats amid geopolitical tensions. Organized by Italian authorities and supported by technology partners, initiatives focus on mitigating cyber attacks, including DDoS attempts. Key infrastructure will handle extensive data operations, ensuring performance and security throughout the Games.

https://www.sportspro.com/analysis/technology/milan-cortina-2026-winter-olympics-cybersecurity-ai-tech-february-2026/

Microsoft Warns That Poisoned AI Buttons and Links May Betray Your Trust

ai, internet, microsoft, threats

Feb 14 2026

Microsoft warns of “AI Recommendation Poisoning,” a technique where malicious data manipulates AI responses, risking trust in AI services. Companies have been embedding hidden prompts in AI links, influencing outputs subtly. This can result in AI providing biased advice on crucial topics like health and finance, often unnoticed by users. Microsoft advises caution with AI-related links, reviewing AI memory, and scanning for manipulation attempts in corporate settings.

https://www.theregister.com/2026/02/12/microsoft_ai_recommendation_poisoning/

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

ai, threats

Feb 13 2026

Google Alerts State-Backed Hackers Using Gemini AI for Attacks
North Korean group UNC2970 exploited Google’s Gemini AI for reconnaissance and cyber espionage, targeting cybersecurity firms. The AI synthesized OSINT for profiling high-value targets, enabling tailored phishing strategies. Other hacker groups, including Chinese and Iranian actors, also misuse Gemini for intelligence gathering and deploying malware. Google emphasizes ongoing efforts to enhance safety systems against AI misuse.

https://thehackernews.com/2026/02/google-reports-state-backed-hackers.html

Claude Desktop Extensions 0-Click RCE Vulnerability Exposes 10,000+ Users to Remote Attacks

ai, vulnerability

Feb 12 2026

Critical vulnerability in Claude Desktop Extensions allows 0-click remote code execution, affecting 10,000+ users. Attackers exploit this flaw via Google Calendar events, enabling unauthorized commands without user consent. LayerX warns of severe trust boundary violations; fixes are currently not planned by Anthropic.

https://cybersecuritynews.com/claude-desktop-extensions-0-click-vulnerability/

The Rise of Moltbook Suggests Viral AI Prompts May Be the Next Big Security Threat

ai, threats

Feb 6 2026

The rise of AI agents, particularly through platforms like OpenClaw and Moltbook, raises concerns about self-replicating ‘prompt worms' that could exploit these agents, spreading harmful instructions and data risks. Potential interventions from API providers could mitigate threats but may alienate users. The urgency for solutions grows as local AI capabilities improve, leading to a future where unregulated AI interactions might create security crises.

https://arstechnica.com/ai/2026/02/the-rise-of-moltbook-suggests-viral-ai-prompts-may-be-the-next-big-security-threat/

From Magic to Malware: How OpenClaw’s Agent Skills Become an Attack Surface

ai, malware, vulnerability

Feb 5 2026

TLDR: OpenClaw presents security risks as its agent skills access sensitive data through markdown files that can disguise harmful commands. Instances of malware disguised as “skills” have been identified, posing threats to corporate devices. Users are warned against using OpenClaw on work devices, emphasizing the importance of security measures for skill registries and agent frameworks to prevent exploitation.

https://1password.com/blog/from-magic-to-malware-how-openclaws-agent-skills-become-an-attack-surface

Detecting Backdoored Language Models at Scale

ai, research

Feb 5 2026

The blog discusses detection of backdoored language models, outlining research on identifying malicious modifications in AI systems, focusing on three observable signatures and a practical detection scanner.

https://www.microsoft.com/en-us/security/blog/2026/02/04/detecting-backdoored-language-models-at-scale/

Malicious MoltBot Skills Used to Push Password-stealing Malware

ai, malware

Feb 3 2026

Over 230 malicious packages, dubbed “skills,” targeting the OpenClaw AI assistant have been released in a week, posing as legitimate tools to distribute malware that steals sensitive information like API keys and passwords. The malware exploits misconfigurations in OpenClaw's admin interface and employs social engineering tactics to infect users' systems, using a seemingly crucial tool called ‘AuthTool' to deliver payloads. To mitigate risks, users are advised to carefully verify the safety of skills before use and adopt security measures such as isolating the AI assistant in a virtual environment.

https://www.bleepingcomputer.com/news/security/malicious-moltbot-skills-used-to-push-password-stealing-malware/

175K Exposed Ollama Hosts Allow Remote Code Execution

ai, vulnerability

Feb 2 2026

175,000 exposed Ollama AI servers across 130 countries present significant remote code execution risks due to insufficient security. Researchers found 7.23 million observations and highlighted a core of 23,000 persistent hosts, with many capable of executing code and interacting with external systems, heightening threat levels. Security risks include resource hijacking, spam, and prompt injection attacks, particularly as many hosts lack adequate monitoring. The global infrastructure complicates traditional governance, necessitating improved security measures for edge-deployed AI models.

https://cyberpress.org/175k-exposed-ollama-hosts-allow-remote-code-execution/

OpenSourceMalware.com

ai, assistant, cryptocurrency, malware, supply chain

Jan 31 2026

Extreme TLDR:
14 malicious ClawdBot skills, posing as crypto trading tools, distribute malware targeting ByBit, Polymarket, and others. Skills leverage social engineering for credential theft on macOS and Windows. They exploit a lack of security in ClawHub, using deceptive documentation to trick users into executing harmful commands. The campaign relies on a centralized C2 infrastructure for data theft, with multiple skills still available online.

https://opensourcemalware.com/blog/clawdbot-skills-ganked-your-crypto

Operation Bizarre Bazaar: First Attributed LLMjacking Campaign With Commercial Marketplace Monetization

ai, malware

Jan 29 2026

Pillar Security introduces RedGraph, the first attack surface mapping and continuous testing platform for AI agents, providing visibility and security for AI infrastructures. The platform addresses rising threats identified in “Operation Bizarre Bazaar,” an orchestrated campaign focused on exploiting exposed AI systems for unauthorized access and resale on digital marketplaces. Key risks include compute theft, data exfiltration, and lateral movement within networks. Recommendations for mitigation involve enabling authentication, auditing server exposure, and implementing strict security controls. The ongoing threat necessitates transparency and proactive defense measures in AI environments.

https://www.pillar.security/blog/operation-bizarre-bazaar-first-attributed-llmjacking-campaign-with-commercial-marketplace-monetization

AI Jailbreaking Via Poetry: Bypassing Chatbot Defenses With Rhyme

ai, prompt, vulnerability

Jan 26 2026

Researchers found that styling prompts as poetry can significantly undermine the effectiveness of language models’ safety guardrails. By testing 25 popular models, they discovered that poetic prompts increased the likelihood of unsafe responses by an average of 35%. Google’s Gemini 1.5 Pro was the most susceptible, with a 100% success rate in bypassing restrictions with poetic prompts.

https://www.kaspersky.com/blog/poetry-ai-jailbreak/55171/

‘NVIDIA Contacted Anna’s Archive to Secure Access to Millions of Pirated Books’

Jan 23 2026

NVIDIA allegedly sought high-speed access to millions of pirated books from Anna's Archive for AI training, leading to a class-action lawsuit by authors for copyright infringement. Internal emails suggest NVIDIA management proceeded with piracy despite warnings about the legality of the library's content. The lawsuit expands to include claims of using other pirated sources and distributing tools for accessing copyrighted materials, demanding compensation for damages suffered by the authors.

https://torrentfreak.com/nvidia-contacted-annas-archive-to-secure-access-to-millions-of-pirated-books/