Microsoft IDs developers behind alleged generative AI hacking-for-hire scheme
Microsoft has identified individuals from Iran, China, Vietnam and the United Kingdom as primary players in an alleged international scheme to hijack and sell Microsoft accounts that could bypass safety guidelines for generative AI tools. In December, Microsoft petitioned a Virginia court to seize infrastructure and software from 10 unnamed individuals who the company claims ran a hacking-as-a-service operation that used stolen Microsoft API keys to sell access to accounts with Azure OpenAI to parties overseas. Those accounts were then used to generate “harmful content,” including thousands of images that violate Microsoft and OpenAI safety guidelines.
Hegseth orders pause in US cyber-offensive against Russia
US President Donald Trump’s administration is pausing its offensive cyber operations against Russia, officials say, as a diplomatic push continues to end the war in Ukraine. The reasoning for the instruction has not been publicly stated, and it is not clear how long the halt might last. The defence department has declined to comment. The directive reportedly came before Trump ended up in a televised row with Ukrainian President Volodymyr Zelensky at the White House on Friday. Since returning to office, Trump has markedly softened the American position towards Moscow in eagerness to reach a deal to end the war – following Russia’s full-scale invasion more than three years ago.
Nearly 12,000 API keys and passwords found in AI training dataset
Close to 12,000 valid secrets that include API keys and passwords have been found in the Common Crawl dataset used for training multiple artificial intelligence models. The Common Crawl non-profit organization maintains a massive open-source repository of petabytes of web data collected since 2008 and is free for anyone to use. Because of the large dataset, many artificial intelligence projects may rely, at least in part, on the digital archive for training large language models (LLMs), including ones from OpenAI, DeepSeek, Google, Meta, Anthropic, and Stability.
Vo1d Botnet Evolves as It Ensnares 1.6 Million Android TV Boxes
Cybercriminals continue to enhance the capabilities of the botnet known as Vo1d, which has grown significantly over the past half a year. In September 2024, Russian security firm Doctor Web warned that 1.3 million Android TV boxes around the world had been ensnared in the Vo1d botnet. Chinese security company QiAnXin (QAX) has also monitored the threat and on Thursday reported seeing nearly 90 new samples of the malware. Its researchers have observed activity from roughly 800,000 unique IPs associated with the botnet every day, with a peak at nearly 1.6 million on January 14, 2025.
CISO Liability Risks Spur Policy Changes at 93% of Organizations
Nearly all (93%) organizations have introduced policy changes over the past 12 months to address rising CISO personal liability risks, according to new research by cloud service provider Fastly. This includes 41% of organizations increasing CISO participation in strategic decisions at the board level. Additionally, 38% of respondents promised “increased scrutiny of security disclosure documentation from supervisory agencies.” The same proportion have also improved legal support for cybersecurity staff, including buying liability insurance.
