Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

Cybersecurity researchers have disclosed that artificial intelligence AI assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control C2 relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade...

Grok continues producing sexualized images after promised fixes

Journalists decided to test whether the Grok chatbot still generates non‑consensual sexualized images, even after xAI, Elon Musk’s artificial intelligence company, and X, the social media platform formerly known as Twitter, promised tighter safeguards. Unsurprisingly, it does. After scrutiny from...

Elon Musk’s Grok ‘Undressing’ Problem Isn’t Fixed

X has placed more restrictions on Grok’s ability to generate explicit AI images, but tests show that the updates have created a patchwork of limitations that fail to fully address the issue...

Regulators around the world are scrutinizing Grok over sexual deepfakes

Grok’s failure to block sexualized images of minors has turned a single “isolated lapse” into a global regulatory stress test for xAI’s ambitions. The response from lawmakers and regulators suggests this will not be solved with a quick apology and a hotfix. Last week we reported on Grok's apology...

X Didn’t Fix Grok's ‘Undressing’ Problem. It Just Makes People Pay for It

X is allowing only “verified” users to create images with Grok. Experts say it represents the “monetization of abuse”—and anyone can still generate images on Grok’s app and website...

Grok Is Generating Sexual Content Far More Graphic Than What's on X

A WIRED review of outputs hosted on Grok’s official website shows it’s being used to create violent sexual images and videos, as well as content that includes apparent minors...

Grok Is Pushing AI ‘Undressing’ Mainstream

Paid tools that “strip” clothes from photos have been available on the darker corners of the internet for years. Elon Musk’s X is now removing barriers to entry—and making the results public...

Grok apologizes for creating image of young girls in “sexualized attire”

Another AI system designed to be powerful and engaging ends up illustrating how guardrails routinely fail when development speed and feature races outrun safety controls. In a post on X, AI chatbot Grok confirmed that it generated an image of young girls in “sexualized attire.” The potential...

Penetration Testing of Agentic AI: A Comparative Security Analysis across Models and Frameworks

Agentic AI introduces security vulnerabilities that traditional LLM safeguards fail to address. Although recent work by Unit 42 at Palo Alto Networks demonstrated that ChatGPT-4o successfully executes attacks as an agent that it refuses in chat mode, there is no comparative analysis in multiple...

Chatbots Are Pushing Sanctioned Russian Propaganda

ChatGPT, Gemini, DeepSeek, and Grok are serving users propaganda from Russian-backed media when asked about the invasion of Ukraine, new research finds...

EUVD-2021-1526

Malware in sbrugna...

EUVD-2021-22722

Malware in sbrugna...

EUVD-2007-1221

Malware in sbrugna...

AI in the 2026 Midterm Elections

We are nearly one year out from the 2026 midterm elections, and it's far too early to predict the outcomes. But it's a safe bet that artificial intelligence technologies will once again be a major storyline. The widespread fear that AI would be used to manipulate the 2024 US election seems rather...

EUVD-2021-32644

Malicious code in bioql PyPI...

Grok, ChatGPT, other AIs happy to help phish senior citizens

If you are under the impression that cybercriminals need to get their hands on compromised AI chatbots to help them do their dirty work, think again. Some AI chatbots are just so user friendly that they can help the user craft phishing text, and even malicious HTML and Javascript code. A few week...

CVE-2025-59053 AIRI's character card/chat UI is vulnerable to XSS and can lead to RCE

AIRI is a self-hosted, artificial intelligence based Grok Companion. In v0.7.2-beta.2 in the packages/stage-ui/src/components/MarkdownRenderer.vue path, the Markdown content is processed using the useMarkdown composable, and the processed HTML is rendered directly into the DOM using v-html. An...

PT-2025-37257

Name of the Vulnerable Software and Affected Versions: AIRI versions 0.7.2-beta.2 Description: AIRI is a self-hosted, artificial intelligence based Grok Companion. The application processes Markdown content using the useMarkdown composable and renders it directly into the DOM using v-html. An...

AI in Government

Just a few months after Elon Musk's retreat from his unofficial role leading the Department of Government Efficiency DOGE, we have a clearer picture of his vision of government powered by artificial intelligence, and it has a lot more to do with consolidating power than benefitting the public. Ev...

Scammers Exploit Grok AI With Video Ad Scam to Push Malware on X

Researchers at Guardio Labs have uncovered a new "Grokking" scam where attackers trick Grok AI into spreading malicious…...