TessMore Internet Business

OpenAI launched its latest threat report, ​​​​“Disrupting Malicious Uses of AI,” on Tuesday, revealing how hackers have been using AI for cyberattacks. Malicious actors have been using ChatGPT to assist in their operations, applying different strategies. According to OpenAI’s report , the recent threat analyses, which the startup began issuing in February, have helped it understand malicious actors’ campaigns and how the use of AI systems has evolved over the past few months. “Repeatedly, and across different types of operations, the threat actors we banned were building AI into their existing workflows, rather than building new workflows around AI,” states the document. “We found no evidence of new tactics or that our models provided threat actors with novel offensive capabilities.” OpenAI highlighted several cases to demonstrate how threat actors use AI models. In one of the case studies, Russian-speaking cybercriminals attempted to develop malware — including features to evade d...

Researchers from the blockchain firm Elliptic have revealed that North Korea-linked hackers have stolen over $2 billion in cryptocurrencies this year. The report states that 2025 has already set a record for the largest sum in history, even before the year ends. According to Elliptic’s announcement , the figures are not exact, but considering major thefts reported and confirmed this year, such as Bybit’s $1.5 billion hack — considered the largest heist in digital asset history — along with other recent attacks, the total amount stolen since January is estimated to have surpassed the $2 billion mark. “Attributing cyber thefts to North Korea is not an exact science: Elliptic and other experts use a combination of blockchain analytics, observed laundering patterns, and intelligence sources to make an attribution,” states the report. Beyond the Bybit theft, the experts analyzed more than 30 North Korea-linked incidents, including hacks targeting Seedify, LND.fi, and WOOX. Elliptic com...

The popular messaging app Discord confirmed last week that it had suffered a data breach. Malicious actors accessed sensitive information through a third-party service, stealing an unknown number of users’ private data, such as government IDs, names, and addresses. According to The Guardian , Discord — an online platform with over 200 million active monthly users — confirmed it had suffered a data breach and that malicious actors had requested a ransom. The platform stated that hackers ​​“also gained access to a small number of government ID images (e.g., driving license, passport) from users who had appealed an age determination,” and that it would notify affected users whose private data had been compromised. The company had been requiring users’ IDs to verify their ages. According to one of the users affected who shared their experience in Forbes , Discord provided a few more details in the message sent to the victims. “We’re reaching out to you because of a recent security inci...

Google announced a new AI vulnerability program on Monday as part of the company’s broader AI bounty initiative that began in 2023. Bug hunters can now earn up to $30,000 for a single qualifying report under the updated rules. According to Google’s Bug Hunter announcement , the company has revised the rules for its Vulnerability Reward Program (VRP), focused on AI systems. Since its launch, this initiative has awarded AI researchers more than $430,000 for uncovering AI vulnerabilities The new AI Vulnerability Reward Program aims to help keep users safe by incorporating lessons learned from previous programs and offering clearer guidance under updated criteria. “The updated rules provide for base rewards of up to $20,000,” states the document. “We've also adopted the same report quality and novelty bonus multipliers as the Google VRP, which could raise the reward for an individual report to as much as $30,000.” Google also shared a table outlining award categories, including th...

Key Takeaways Only about 1 in 10 ransomware victims officially report their attacks or losses to authorities. Phishing was the most-reported cybercrime in 2024, receiving 193,407 complaints, but it accounted for only $70 million in losses, representing just 0.4 percent of the total money lost to cybercrime that year. In 2024, the total number of cybercrime complaints reported to the FBI’s IC3 reached 859,532, equating to approximately one complaint for every 395 U.S. residents. In 2024, financial losses due to cybercrime reached a new record of an astounding $16.6 billion. In 2024, investment scams led financial losses by type of cybercrime, with reported losses nearing $6.6 billion. 100 of the most high-profile cybercrime cases from 1988 to 2025 collectively resulted in financial losses surpassing $128 billion. Introduction Cybercrime has become a global economic threat, with costs soaring across sectors and borders. But who’s paying the price — and how has that changed over...

According to Cybernews , Medusa Ransomware posted its demands on the dark web last Friday, along with 33 images as proof of the 834.4 GB of stolen data. The screenshots allegedly show financial documents and sensitive information related to both employees and customers. Comcast has not confirmed the breach. “The size of the data leak indicates that it could be a serious breach, strongly suggesting the stolen files include a wide variety of data types far beyond the initially revealed documents,” said Mantas Sabeckis, Information Security Researcher at Cybernews. “The data in these documents dates as early as 2020 up to 2025, leading us to believe that they’ve breached the core business system and exfiltrated sensitive files.” The leaked images reportedly include a file tree showing stolen directories from different departments. Examples include Human Resources (training, employment, and compliance records) and Security (logs and reports). “The file tree list reveals that attackers ...

The Prime Minister of the United Kingdom announced last week a new digital ID scheme that will be mandatory for all workers, presented as part of a strategy to combat illegal employment. The measure has raised concerns among cybersecurity experts. According to the official announcement shared by the UK government, the digital ID will be free and mandatory for Right to Work checks. It is also expected to streamline access to essential government services such as driving licences, tax records, welfare, and childcare. UK citizens and legal residents will hold their new digital ID on their smartphones, without the need for a paper document, the way they use contactless mobile payment or the National Health Service (NHS) app. “There will be no requirement for individuals to carry their ID or be asked to produce it - but digital ID will be mandatory as a means of proving your Right to Work,” states the document. “This will stop those with no right to be here from being able to find work...

A group of hackers targeted the Kido International nursery chain and demanded a ransom last week. The attackers threatened to release private data onto the dark web. According to the BBC , the hackers breached the nursery’s internal system and posted 10 children’s profiles on the dark web on Thursday and 10 more last Friday. The leaked data included sensitive information such as photographs, details about household members, and birth dates and locations. Stolen records also contained families’ and employees’ names, contact details, and national insurance numbers. British authorities and the Metropolitan Police are investigating. Kido International informed parents about the breach and said that the compromised data had been stored on Famly, a software service widely used by childcare providers and nurseries. "This malicious attack represents a truly barbaric new low, with bad actors trying to expose our youngest children's data to make a quick buck," said Anders Laust...