The dark corners of the internet are evolving and fast. In 2025, artificial intelligence (AI) isn’t just a tool for innovation; it’s also one of the most powerful weapons in the hands of cybercriminals that is AI toolsA recent report by Google’s Threat Intelligence Group (GTIG) reveals that AI-based hacking tools are being actively promoted in underground forums, transforming how cybercrime is executed. What used to require advanced technical skills can now be done by anyone with access to these AI-driven platforms. The Underground AI Boom According to cybersecurity researchers at KELA, discussions around AI-powered hacking tools increased by over…
Author: Cyber infos
In cybersecurity, time is everything. The faster you can identify vulnerabilities, the safer your systems remain. Yet, traditional penetration testing has always been time-consuming and repetitive. That’s exactly the gap Pentest Copilot aims to close — by bringing artificial intelligence into the ethical hacker’s workflow in a way that feels both natural and genuinely helpful. Developed by BugBase Security, Pentest Copilot is an open-source, browser-based tool built to make penetration testing faster, smarter, and more efficient. Instead of relying solely on command-line interfaces and manual scripting, it combines AI automation with the insight and judgment only a human pentester can…
In 2025, the world runs on APIs. From banking apps to e-commerce stores, social media platforms to healthcare systems — APIs (Application Programming Interfaces) have become the connective tissue of our digital lives. They’re what allow your favorite apps to talk to each other, enable data sharing across ecosystems, and make digital experiences seamless. But this interconnectivity also brings a growing risk: the API attack surface is expanding faster than most organizations can secure it. Attackers are no longer just breaching firewalls; they’re exploiting poorly protected endpoints, hidden APIs, and business logic flaws that expose sensitive data or disrupt operations.…
Security firm LayerX has exposed a dangerous CSRF vulnerability in OpenAI’s ChatGPT Atlas browser that can inject persistent malicious instructions into ChatGPT’s memory, enabling remote code execution and broad phishing exploitation. When Convenience Becomes a Vector A troubling security hole has been found in OpenAI’s ChatGPT Atlas browser — and it’s the sort of flaw that feels modern and terrifying at once. Researchers at LayerX say attackers can exploit a Cross-Site Request Forgery (CSRF) weakness to write malicious instructions straight into ChatGPT’s persistent memory. Those instructions can then trigger harmful behavior later, including fetching and running code from attacker servers.…
Welcome back to this week’s Cybersecurity Newsletter — where we unpack the biggest digital threats, data breaches, and vulnerability updates making waves across the tech world. If you think cybersecurity is only about passwords and firewalls, think again. Every click, cloud service, and app update is now a potential doorway for attackers. This week’s stories hit close to home — from a major AWS outage that disrupted global businesses, to hackers abusing WSUS, and even Chrome browser flaws putting millions at risk. If that wasn’t enough, there’s been a surge in RDP brute-force attacks and new AI plugin vulnerabilities that…
When a new browser promises smarter AI-powered features, most of us get excited. But with that innovation often comes a new kind of risk. That’s exactly what happened with the recent Perplexity Comet vulnerability, a flaw that lets attackers hide commands inside screenshots — yes, actual images — and trick the browser into doing things users never intended. This discovery feels like something straight out of a sci-fi story, but it’s very real, and it’s another reminder that we’re still figuring out the limits of AI browsers. How It All Started The issue first came to light on October 21,…