攻撃者がHugging Face上に作成したOpenAIを騙る偽のリポジトリが、ダウンロード数でトップに達しました。このリポジトリには情報窃取マルウェアが仕込まれています。
OpenAIを模した名称の悪意あるリポジトリが、Hugging Faceプラットフォームにおいてダウンロード数1位となりました。この悪意あるアップロードは正規のOpenAIツールを装っていますが、実際にはインストールしたユーザーに対して情報窃取マルウェアを送り込みます。
AIによるレポート AIによって生成された画像
Hackers exploited Meta's AI support chatbot to take over Instagram accounts by tricking it into changing associated email addresses. The vulnerability allowed password resets without two-factor authentication after matching locations via VPN. Meta resolved the issue with an emergency patch on May 29.
Cybersecurity researchers have identified a fraudulent website mimicking the popular AI tool Claude that delivers backdoor malware to visitors. The discovery highlights how cybercriminals are capitalizing on growing interest in artificial intelligence platforms.
AIによるレポート
Seventy-three Microsoft open source packages were compromised late last week with malware that steals credentials from cloud services and developer tools. The malicious code activates when opened in AI coding agents.
A new report indicates that most companies have released software containing known security flaws. The problem is especially pronounced with AI-created code, which exceeds the speed of manual fixes.
AIによるレポート
Ubuntu's official Twitter account posted a now-deleted tweet promoting a fake AI agent that directed users to a cryptocurrency scam. The incident follows a five-day DDoS attack on Canonical's web services that ended earlier this month.