🇬🇧 Hackers Are Selling UK Government Logins — and AI Malware Just Got Sneakier
Two stories from today's security headlines show how fast the threat landscape is shifting — one hits governments and the people who trust them, the other targets the AI tools businesses are racing to adopt. Here's what you need to know, minus the jargon.
🇬🇧 Russian-Speaking Hackers Are Selling UK Government Logins for $60K
Attackers exploited a set of flaws known as "FortiBleed" to break into the email accounts of several UK government officials. Now they're auctioning those stolen usernames and passwords on the dark web for around $60,000. Interestingly, this doesn't look like a nation-state operation — investigators believe it's ordinary Russian-speaking criminals cashing in.
Why should you care? Because it's a reminder that anyone with unpatched software is a target, and stolen credentials are a booming business. When a password leaks, it rarely stops with one account — attackers reuse them to break into everything else. Patching known vulnerabilities quickly and using multi-factor authentication are the simplest ways to stay off the auction block.
🤖 "SkillCloak": Malicious AI Agent Add-ons That Slip Past Security Scanners
As companies plug AI agents into their workflows, attackers have found a new way in. Researchers revealed a technique called SkillCloak that disguises malicious "skills" (add-on capabilities for AI agents) so cleverly that they slipped past eight popular security scanners more than 90% of the time. The trick uses tiny tweaks and self-unpacking code to hide the bad stuff until it's already running.
The "so what" here is big: the tools many businesses rely on to vet AI software are being outsmarted. The good news is that a sandbox-based monitor called SkillDetonate — which actually runs the code in a safe space and watches its behavior — caught most of these disguised threats. The takeaway: as you adopt AI agents, don't trust a quick scan alone. Vet your AI add-ons the way you'd vet any new software, and favor tools that watch what code actually does, not just what it looks like.
Stay ahead of threats with GOCO Security at gocosecurity.com.
.jpg)
Comments
Post a Comment