X-Industry

The Ukrainian military is stepping up its campaign to destroy vehicles supplying Russian forces along crucial roads in occupied Ukraine using new AI drone technology.  Ukraine is starting to regain more ground than it is losing for the first time since 2023, analysis from the Institute for the Study of War (ISW) indicates. 

After more than four years of war and increased Russian occupation of eastern and southern Ukraine, neither side has gained any significant ground in recent months.[1]

Ukrain

Twenty minutes into drafting an article, I stopped.  The voice was mine.  The rhythm was mine.  The vocabulary was mine. But the argument had moved somewhere I had not chosen to take it.  I had opened the session with a clear thesis.  The AI LLM assistant did not disagree with me.  It had simply kept offering better-sounding alternatives. And I had kept accepting them.  By the time I noticed, I could not easily identify where my thinking ended and the model’s thinking began.

Most people still im

If there's one thing that AI is good at, particularly language models, it's detecting patterns in datasets so large that it would be practically impossible for humans to sift through them all, quickly and accurately.  That certainly seems to be the case with Anthropic's new general-purpose model, Claude Mythos, as the company has announced that it used it to detect "thousands of high-severity vulnerabilities, including some in every major operating system and web browser."

Alongside the launch o

Sentinel Labs has provided yet another great report on: Building an Adversarial Consensus Engine / Multi-Agent LLMs for Automated Malware Analysis.  Large Language Models can perform static malware analysis, but individual tool runs produce unreliable results contaminated by decompiler artifacts, dead code, and hallucinated capabilities.[1]

Researchers built a multi-agent architecture for reversing macOS malware that treats each reverse engineering tool (radare2, Ghidra, Binary Ninja, IDA Pro) a

On 24 March 2026, two versions of the litellm Python package on PyPI were found to contain malicious code.  The packages (versions 1.82.7 and 1.82.8) were published by a threat actor known as TeamPCP after they obtained the maintainer's PyPI credentials through a prior compromise of Trivy, an open source security scanner used in litellm's CI/CD pipeline.

The malicious versions were available for approximately three hours before PyPI quarantined the package. litellm is downloaded roughly 3.4 mill

Ollama is an open-source framework that enables users to run large language models locally on their own hardware. By design, the service binds to localhost (127.0.0.1) on port 11434, making instances accessible only from the host machine. However, exposing Ollama to the public internet requires only a single configuration change: setting the service to bind to 0.0.0.0 or a public interface.  At scale, these individual deployment decisions aggregate into a measurable public surface.[1]

Over the p

Sentinel Labs has provided a keen look into LLMs and SOC operations.  For security teams, AI promised to write secure code, identify and patch vulnerabilities, and replace monotonous security operations tasks.  Its key value proposition was raising costs for adversaries while lowering them for defenders.

To evaluate whether Large Language Models (LLMs) were both sufficiently performant and reliable to be deployed in the enterprise, a wave of new benchmarks was created.  In 2023, these early benc

SentinelLABS has been researching how large language models (LLMs) are impacting cybersecurity for both defenders and adversaries.  As part of our ongoing efforts in this area and our well-established research and tracking of crimeware actors, researchers have been closely following the adoption of LLM technology among ransomware operators.  Analysts have observed that three structural shifts appear to be unfolding in parallel.

First, the barriers to entry continue to fall for those intent on cy

The question was deceptively simple.  Could the light that is used to form an image on a display also be converted into something that can be felt?  At the University of California - Santa Barbara, a team of researchers spent nearly a year exploring this idea, working through theoretical models, conducting simulations, and eventually building prototypes.  Their work, described in the paper Tactile Displays Driven by Projected Light and explored in TechXplore, has led to a significant breakthroug

State-backed hackers are for the first time deploying malware that uses large language models during execution, allowing them to dynamically generate malicious scripts and evade detection, according to new research.  Although cybersecurity experts have observed hackers use AI in recent years to do things like increase the number of victims they reach, researchers at Google said recently that they recently observed malware "that employed AI capabilities mid-execution to dynamically alter the malw

The US Secret Service on 23 September reported it has foiled what appears to be a sophisticated plot for cyber-espionage and disruption of mobile networks in New York at a time when more than 100 heads of state and governments and foreign ministers are in the city for the UN General Assembly’s leaders’ session.

In a statement, the Secret Service said that the agency recovered more than 300 co-located SIM servers and 100,000 SIM cards across multiple sites in New York tristate area.  The agency s

Hackers, criminals, and spies are rapidly adopting Artificial Intelligence (AI), and considerable evidence is emerging of a substantial acceleration in AI-enabled crime.  This includes evidence of the use of AI tools for financial crime, phishing, distributed denial of service (DDoS), child sexual abuse material (CSAM), and romance scams.  In all these areas, criminal use of AI is already augmenting revenue generation and exacerbating financial and personal harms.  Scammers and social engineers,

Cyberattacks are escalating in speed, volume, and sophistication.  As organizations work to strengthen their defenses, adversaries target their weaknesses: employees susceptible to social engineering and systems lacking modern security controls. Once inside, they act within seconds, stealthily moving across networks to execute attacks.

Crowd Strike has recently provided its 2025 Global Threat Report to cyber professionals.  Red Sky Alliance would like to share this excellent report, as it provid

Cyber-attacks on businesses continue to escalate in 2025, with global organizations experiencing an average of 1,925 incidents per week in Q1, which is a 47% increase compared to the same period last year, according to new research from Check Point.  The education sector was the hardest hit, with each institute facing an average of 4,484 weekly attacks.  Government and telecommunications followed, with the latter recording the largest year-over-year spike at 94%.  “The growing reliance on digita

Whenever a new form of digital communication becomes prevalent, actors inevitably adopt it to send spam and try to profit from unsuspecting users. Email has been the perennial choice for spam delivery, but the prevalence of new communications platforms has expanded the spam attack surface considerably.

This report explores AkiraBot, a Python framework that targets contact forms and chat widgets on small to medium-sized business websites. AkiraBot is designed to post AI-generated spam messages ta

Researchers at Google said last week that they have discovered the first vulnerability using a large language model.  In a blog post, Google said it believes the bug is the first public example of an AI tool finding a previously unknown exploitable memory-safety issue in widely used real-world software.  The vulnerability was found in SQLite, an open-source database engine popular among developers.

Google researchers reported the vulnerability to SQLite developers in early October, who fixed it

I recently saw the title of a Recorded Future podcast regarding AI and police reporting.  I have 28 years of law enforcement experience, 8 years as a uniformed police officer and this title really intrigued me.  So I watched the segment: AI is Writing Police Reports, Should We be Worried?[1]  

The story starts with police body cams, which began somewhat experimentally in 2011 and now has gain acceptance throughout US policing.  The main purpose of demanding police wear body cams was to change po

Due to economic turbulence and a relentless surge in cyber threats, today's cybersecurity landscape requires enterprises to remain resilient by adapting to security risks.  Many organizations have chosen to adapt to these risks by embracing modern technology such as generative artificial intelligence (GenAI), which can present new risks if not implemented properly.  The speed at which companies innovate and adopt new technology is far outpacing the security measures that must be addressed first.

It is no longer theoretical; the world's major powers are working with large language models to enhance offensive cyber operations.  Advanced persistent threats (APTs) aligned with China, Iran, North Korea, and Russia use large language models (LLMs) to enhance their operations.  New blog posts from OpenAI and Microsoft reveal that five prominent threat actors have used OpenAI software for research, fraud, and other malicious purposes.  After identifying them, OpenAI shuttered all their accounts

The UK’s National Cyber Security Centre (NCSC) issued a warning this week about the growing danger of “prompt injection” attacks against applications built using AI.  While the warning is meant for cybersecurity professionals building large language models (LLMs) and other AI tools, prompt injection is worth understanding if you use any kind of AI tool, as attacks using it are likely to be a major category of security vulnerabilities going forward.

Prompt injection is a kind of attack against LL