Attackers systematically exploit AI branding in social engineering campaigns to manipulate employees — the attack vector is shifting from technical to behavioral vulnerabilities.
Prompt injection vulnerability in Google Gemini Voice Assistant enables hidden malicious commands through manipulated notifications, potentially leading to social engineering and data misuse.
Pig Butchering has become an industrialized, cross-border fraud system with a division of labor structure, in which forced laborers are sometimes also involved.
Romance scams and AI-driven emotional manipulation require a rethink of security architecture: Technical protection without psychological early detection is no longer sufficient.
A social engineering attack on an employee in April enabled unauthorized access to customer data from nearly 6 million people at Carnival Corporation, including passport and driver’s license numbers.
Hackers compromised Instagram profiles through prompt injection attacks against Meta’s AI support system and bypassed automated identity verification using deepfake-generated videos.
The JINX-0164 group compromises crypto developers through fake LinkedIn job interviews to deploy the Python malware AUDIOFIX, which steals passwords, SSH keys, and cryptocurrency wallet data.
Threat actors are abusing ChatGPT share links to host fake OpenAI outage pages that redirect users to download malware disguised as a ChatGPT desktop application, exploiting user trust in legitimate channels through social engineering.