Toggle light / dark theme

Some agentic AI browsers may come with major cybersecurity risks

In the last year or so, artificial intelligence companies have rolled out a spate of web browsers equipped with AI agents. A user might ask one of these agents to plan a vacation, and it will open browser tabs to research routes and restaurants, then make reservations and add events to the user’s calendar. How well it does any of this varies.

New research from the University of Washington found that the most powerful of these browsers also open users up to significant cybersecurity risks. A UW team studied seven popular agentic browsers and found that four create ways for malicious actors to bypass a fundamental cybersecurity protocol called the “same-origin policy,” which makes websites that are open in a browser unable to interact with each other’s information.

Researchers ran a successful proof-of-concept cyberattack on one browser, ChatGPT Atlas. They had a website steal information from another site embedded within it—as if an ad on an email site could snatch sensitive information from the user’s emails. Researchers also found the right conditions for similar attacks in three other browsers: Chrome with Gemini, Claude for Chrome and Perplexity Comet. The browsers that gave agents fewer permissions were generally safer.

New ClickLock macOS malware traps users into revealing login password

A new macOS information-stealing malware dubbed ClickLock terminates all visible processes to force users into entering their system login password.

The malware is designed to steal cryptocurrency assets, login credentials, password-manager data, browser information, and macOS authentication data, and it can also install a persistent backdoor for ongoing remote access to infected systems.

Researchers at Group-IB analyzed the ClickLock shell script after discovering the malware on VirusTotal, where it was first submitted on June 9. At the time of the report, it remained undetected by all security vendors available on the platform.

TuxBot v3 Evolution Shows Signs of LLMAssisted IoT Botnet Development

Cybersecurity researchers have disclosed details of a previously unreported Internet-of-Things (IoT) botnet framework dubbed TuxBot v3 Evolution that shows signs of being developed with assistance from a large language model (LLM), albeit with not so successful results.

“While the AI complied with their request to generate botnet code, it included a safety disclaimer that the developer failed to remove before shipping,” Palo Alto Networks Unit 42 said. “Although the LLM clearly aided in constructing the botnet, several functions in the analyzed samples failed to work correctly.”

The cybersecurity company said a manual code review would have resolved these errors and that it’s possible more polished iterations of the malware exist out there in the wild.

AsyncAPI npm packages infected with credential-stealing malware

Five malicious versions of AsyncAPI packages were published to the Node Package Manager (npm) in a supply-chain attack that delivered a remote access trojan with info-stealing capabilities.

The threat actor exploited a misconfigured GitHub Actions workflow and pushed trojanized packages in the @asyncapi namespace that had a cummulative weekly download count of more than 2.25 million.

Multiple security companies confirmed that on July 14, an attacker compromised two AsyncAPI GitHub repositories and injected malware into project files.

Google Gemini CLI abused as a hacking agent, malware botnet operator

A Russian-speaking threat actor known as “bandcampro” used Google’s open-source Gemini CLI AI tool as a hacking agent and to operate a small-scale botnet.

The AI agent responded to the attacker’s prompts, troubleshooting problems on the fly and even proposing operational improvements at least 59 times.

In more than 200 sessions between May 19 and April 21, the threat actor worked with the AI tool to deploy and operate an infrastructure that controlled eight systems in a dental clinic and to get access to the OpenDental database.

/* */