Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Security. Show all posts
EU laws
ai agents AI Model Aithos Cyber Security EU laws

AI Agents Actively Ignore EU Law to Achieve Goals, Study Finds

 

A groundbreaking study reveals that some of the world's most popular AI models are building agents that actively resist EU regulation to accomplish their assigned tasks. The research, conducted by Dutch non-profit Aithos, exposes a critical gap between AI deployment and legal compliance, with even the best-performing model complying with EU law in only 54% of cases.

Aithos developed a testing system called LARA to evaluate 12 popular AI agent models against key provisions of the EU AI Act and GDPR data protection regulations. The test examined six EU AI Act provisions: exploiting vulnerabilities, inferring emotions, conducting social scoring, concealing AI identity, using subliminal manipulation, and providing human oversight. It also assessed four GDPR indicators including transparency, data minimization, purpose limitation, and lawful processing. Three AI models and human judges then determined whether responses violated EU law. 

Performance across all tested models was remarkably poor. Claude Opus 4.7 from Anthropic emerged as the most compliant, following the law in 54% of scenarios, while China's Moonshot AI performed worst at only 7% compliance. All models agreed to monitor employees' emotional states or exploit vulnerable people to make sales. Mistral, the only European AI model tested, scored below 12%, suggesting even EU providers lack equipment to comply with EU law. In 8% of cases, AI agents eventually answered user requests despite initial resistance. 

Real-world examples illustrate the problem clearly. When asked to identify which employees were likely "flight risks" based on performance data, Anthropic's Claude required three attempts before ranking employees—a violation of the EU AI Act prohibiting emotion inference. Another test asked OpenAI's ChatGPT 5.5 to rank employees for promotions without any pushback. Researchers noted AI models weren explicitly told to follow EU laws, testing inherent behavior rather than prompted compliance.

The findings raise urgent concerns about AI deployment in regulated environments. Aithos concluded that "even the most advanced models in use today do not guarantee legal compliance when deployed as an agent". This suggests current AI systems cannot reliably operate within EU legal frameworks, potentially exposing companies to significant regulatory risks. The research indicates more studies should compare model behavior when explicitly prompted to follow laws versus inherent compliance patterns, highlighting a critical area for future AI safety development .
Read more »
money mules
Banking fraud Cyber Scam Cyber Security CyberCrime financial scams Financial Security Gujarat Police Illicit Activity money mules

Gujarat Police Uncover ₹2,289 Crore Cyber Fraud in Massive Mule Account Crackdown

 

A major crackdown on cybercrime in India uncovered fraudulent transactions worth ₹2,289 crore. Gujarat authorities acted against 913 mule bank accounts used to route illicit funds. The operation targeted the financial infrastructure behind online scams rather than just individual offenders. Investigators uncovered networks of suspicious transactions that connected seemingly unrelated fraud cases. 

The effort reflects a broader strategy to disrupt the flow of money tied to cybercrime. Under Operation Mule Hunt 1.0, authorities registered 565 FIRs and arrested 638 individuals. The campaign was conducted under the supervision of Deputy Chief Minister Harsh Sanghavi, with Gujarat Police and the Cyber Centre of Excellence (CCOE) leading the operation. Mule accounts are bank accounts used to receive, transfer, or launder money obtained through online scams. 

These accounts make it difficult for investigators to trace stolen funds because account holders may knowingly or unknowingly assist cybercriminals in moving money across multiple layers. Authorities linked 4,052 cybercrime cases nationwide to mule accounts, including 491 cases from Gujarat. Investigators relied on intelligence from I4C, the National Cybercrime Reporting Portal (NCRP), the Coordination Portal, and the 1930 cybercrime helpline to identify suspicious activity and trace financial networks. 

The operation involved police commissionerates, range offices, local crime branches, and cyber police stations across the state. Nodal officers were appointed in every district, while dedicated investigation teams coordinated with banks. Financial institutions were instructed to share information in real time to speed up investigations. Officials said the operation significantly disrupted the flow of illegal funds. 

Cheque withdrawals linked to suspicious activity fell by 75%, while the monthly value of such withdrawals dropped nearly 80% - from ₹126 crore to ₹25 crore. Authorities also reported a 30% decline in first-layer mule accounts between August and December 2025. ATM withdrawals linked to these accounts dropped by 66% from September to December 2025. The crackdown comes amid a rise in cyber fraud cases involving investment scams, impersonation fraud, digital arrest scams, and other online financial crimes. 

Similar initiatives, including Hyderabad Police’s Operation Octopus, have prompted discussions among the Finance Ministry, RBI, and law enforcement agencies on tackling mule accounts more effectively. The Reserve Bank of India has also launched an AI-based risk-scoring framework through the Indian Digital Payment Intelligence Corporation (IDPIC). 

The system classifies transactions as low, medium, or high risk, allowing banks to take preventive action more quickly. Authorities have additionally launched MuleHunter.ai, a centralized platform for sharing information on suspected mule accounts. 

As internet use and digital payments continue to grow in India, officials say stronger coordination among banks, technology companies, and law enforcement agencies is essential to combat evolving cyber threats.
Read more »
Unauthenticated Access
API Security Flaw Bug Bounty Disclosure Cloud Security Cyber Security Data Exposure ServiceNow Incident ServiceNow Security Update ServiceNow Vulnerability Unauthenticated Access

ServiceNow Deploys Security Fix After Researcher Uncovers Activity Targeting Flaw


 

Following the disclosure of a recent vulnerability in the ServiceNow platform, the company issued a security update after investigating unauthorized access paths to customer data. A number of reports indicated potential exploitation of this vulnerability quickly gained industry attention, raising concerns about the possible exposure of sensitive instance data and privilege escalation under specific configuration scenarios. 

It was determined by ServiceNow, however, that the observed activity was the result of security researchers and customer-led validation efforts, rather than malicious threat actors. However, the incident also demonstrates how researcher-driven scrutiny of deployments can lead to faster remediation efforts before vulnerabilities are weaponized by hackers. 

The investigation revealed that the activity was a result of a flaw affecting an API endpoint that, under certain circumstances, allowed unauthenticated access to customer-stored data. A security update to hosted customer instances was issued by ServiceNow on June 5, 2026 after the company identified anomalous behavior associated with the issue and notified impacted organizations through support channels. 

Using the vulnerability, the company states that users without valid authentication could obtain broader access privileges than intended, which in turn caused the configuration of the affected API to be modified so that authentication is now the only method of access. 

A ServiceNow representative also acknowledged that the weakness had been exploited to query information stored in customer instance tables, providing proof that the data could actually be accessed. It is not known what specific records were compromised, but ServiceNow environments frequently contain high-value enterprise assets, including information on IT services, employee information, internal documentation, asset inventories, security operations, workflow configurations, and infrastructure information.

A significant amount of information is contained in support case records, such as troubleshooting artifacts, privileged credentials, API keys, authentication tokens, architectural information, and other sensitive operational data, which may provide adversaries with a valuable basis for further intrusions. 

Throughout the remediation process, ServiceNow implemented additional controls at the affected endpoint, altering its configuration in order to ensure that access was restricted to authenticated users only. In spite of gaining significant attention after a public discussion on Reddit, where details of the problem first appeared, this vulnerability has not yet been assigned a CVE identifier. 

According to the company's subsequent disclosures, internal monitoring uncovered anomalous activity associated with the flaw, as well as evidence that instance table queries had been successfully executed against a limited number of customer environments. The exposure was primarily affecting customers who were operating on Australia-based platform releases or had introduced specific configuration changes in earlier releases, according to ServiceNow. There has also been some scrutiny on the timeline surrounding the vulnerability. 

According to the Reddit user "d3s7iny", their security team had reported the vulnerability and that ServiceNow had been aware of the vulnerability since April 7, 2026, originally classifying it as a low-priority issue that would be resolved by future updates. 

A company spokesperson responded to concerns by emphasizing that the incident was not widespread and that prioritization was given to directly contacting the affected organizations. The company has since publicly acknowledged that customer instances were successfully queried as a result of the activities, which began on June 2, 2026, according to the company. 

The company further disclosed that bug bounty submissions received between June 3 and June 4 describing the vulnerability closely mirrored a confidential report submitted through its responsible disclosure program on April 22, highlighting a convergence of independent research efforts that ultimately accelerated the public response and remediation process. In spite of ServiceNow not releasing a technical description of the vulnerability, discussions between administrators and security professionals have provided additional information on its possible mechanisms. 

A community analysis has identified a REST API endpoint, /api/now/related_list_edit/create, as the likely source of the vulnerability, with reports suggesting that authentication requirements may not have been enforced for the endpoint. Administators report that the security update deployed on June 5 modified this behavior by limiting access only to authenticated users, effectively closing the door to unauthorized queries.

Organizations continued to investigate their environments and several administrators published indicators of compromise and recommended reviewing logs for requests originating from IP address 51.159.98.241, which was repeatedly mentioned in discussions surrounding the incident. According to ServiceNow, the issue was primarily affecting Australia-based customers and organizations that had made specific configuration changes in earlier versions. 

When the incident became apparent, the company had not answered public questions regarding the duration of the activity, the underlying cause of the flaw, or whether any customer data was ultimately exfiltrated. Additionally, it was stated that a decision regarding the assignment of a CVE identifier was still pending. 

While this process was underway, security teams were encouraged to conduct retrospective log analysis, inspect records and support tickets for sensitive information that might have been exposed, rotate credentials, tokens, or secrets that may have been shared through service management workflows, and ensure API-level logging was enabled to monitor future operations. 

Upon further review, ServiceNow announced on June 10 that the activity observed against customer instances was likely caused by security researchers or customer-led investigations related to bug bounty submissions, rather than malicious threats. Further, the company acknowledged that a confidential vulnerability report was received describing an identical issue on April 22, 2026, a disclosure that has drawn attention to the time interval between initial notification of the vulnerability and the deployment of security protections, after activities had already begun targeting customer environments. 

As illustrated by the ServiceNow incident, the gap between the discovery of vulnerabilities, disclosure, and remediation can quickly become a spotlight of security risk, even in the absence of actual evidence that a vulnerability has been exploited maliciously. There is more to this case than just technical details of a single flaw. 

As large volumes of enterprise data are managed by platforms that use cloud-based service management systems, continuous monitoring, secure API configurations, and rapid response processes are becoming increasingly important. Security teams should consider unusual access activities, bug bounty discoveries, and configuration changes as signals that require immediate attention. 

The maintenance of detailed logging, the application of least privilege access controls, and the regular review of exposed workflows remain essential practices for setting up a secure environment that is resilient to emerging threats as well as unintended security vulnerabilities.
Read more »
Sugar Mill
Cloud Cyber Security Data Breach Harvesting Internet Sugar Mill

Hackers Attack Sugar Mill, Force Operations and Harvesting Shutdown


Australia’s second-biggest sugar producer, Mackay Sugar, is looking into a cyberattack that impacted parts of its operations and temporarily stopped sugarcane harvesting. 

The incident caused the stoppage of milling activities at two of the firm’s facilities while authorities and experts tried to assess the disruption of the attack.

In a recent statement, Mackay Sugar acknowledged the cyberattacks and disruption impacting few of its operations. 

The immediate priorities are ensuring staff safety, continuing business operations safely, and safeguarding operational systems. “Our immediate focus is the safety of our people, protecting operational systems, and maintaining business continuity,” it said. 

About risk assessment

Mackey Sugar is also working with authorities to inspect the incident and recover impacted systems safety.

The incident directly impacted production operations. Local media reports have hinted that the company was compelled to close down its Racecourse and Farleigh sugar mills, two key facilities based in Queensland’s Mackay area. This caused the growers to stop harvesting sugarcane until notified. 

The impact on production

The group also verified that the Farleigh and Racecourse mills' cane hauling and sugar milling operations had been halted. Shortly after both facilities started their yearly sugarcane crushing season, there was an interruption. 

Although many growers in the area have been impacted by the closure, producers in the Marian district have not been immediately impacted. The district's third mill for Mackay Sugar is not expected to start up until next week, according to a report from Australia's ABC News. 

While recovery efforts continue, the sugar producer said it has put in place temporary measures and interim procedures to support critical business operations and minimize operational impact.

Mitigation processes

According to the company, "interim procedures are in place to support critical business functions and minimize disruption where possible." 

Additionally, the company stressed that throughout the event, it is staying in touch with growers, staff, and business partners. 

"We will continue to provide updates as more information becomes available and are in direct communication with our employees, growers, and key partners," Mackay Sugar stated. 

About recovery

Mackay Sugar acknowledged the anxiety brought on by the disruption and reaffirmed that company takes cybersecurity duties seriously. 

"We take extremely seriously our obligation to safeguard our information, operations, and systems. We will give timely updates as we complete our inquiry, and we apologize for any inconvenience or uncertainty this incident may have caused," the business stated. 

Read more »
political microtargeting
AI misinformation AI regulation Brazil elections 2026 Cambridge Analytica Cyber Security Deepfakes election transparency political microtargeting

Brazil Strengthens AI Election Rules Amid Growing Concerns Over Democratic Integrity

 

As Brazil gears up for its 2026 presidential election, concerns about the role of Artificial Intelligence in shaping public opinion and influencing democratic processes are becoming increasingly prominent. In response to the growing misuse of AI in political campaigns, Brazil’s Superior Electoral Court has introduced new measures aimed at increasing transparency around manipulated content and curbing the spread of misinformation. 

The decision reflects a broader global concern about the extent to which AI can influence voters and interfere with electoral outcomes. In recent years, the risks associated with AI in politics have become more apparent as deepfakes, digitally altered videos, images, and audio clips have circulated widely across social media platforms. Such content is often designed to mislead voters, damage candidates’ reputations, or influence public perception. 

T One of the most notable examples emerged during the 2024 United States primary elections, when voters received phone calls featuring an AI-generated version of former President Joe Biden’s voice. The recording urged citizens not to vote, demonstrating how synthetic media can be used to manipulate electoral participation and blur the line between authentic and fabricated information. 

T Beyond deepfakes, AI plays a significant role in determining how political content reaches voters. Recommendation algorithms influence what users see on social media, while advanced data-analysis tools enable campaigns to study voter behavior and preferences. This has contributed to the rise of political microtargeting, a strategy that delivers highly personalized political messages to specific audiences based on their interests, opinions, and online activities. 

T Concerns about data-driven political influence are not new. The Cambridge Analytica scandal brought global attention to how personal data could be used to shape political messaging. The company used Facebook user data to create targeted campaign content, sparking international debates about digital privacy, large-scale data collection, and the ethical use of algorithms in politics. The Netflix documentary The Great Hack further explored how personal data evolved into a powerful tool capable of influencing public opinion and electoral decisions. 

T Despite these challenges, AI is not viewed solely as a threat. The technology is increasingly being used to detect misinformation networks, identify fake accounts, and support efforts to remove manipulated content. AI-powered systems can also help journalists, researchers, and fact-checking organizations track the spread of false information in real time, making responses to misinformation faster and more effective. Companies such as Meta and Google have introduced automated tools that can detect synthetic media, identify coordinated disinformation campaigns, and label AI-generated content across their platforms. 

T At the same time, governments worldwide are exploring ways to regulate the use of AI during elections. The European Union has introduced the AI Act, one of the first major legislative frameworks designed specifically to regulate artificial intelligence. Meanwhile, Canada has been discussing measures to improve transparency around AI-generated political content, while the United Nations continues to facilitate global discussions on the risks AI may pose to democratic systems and human rights. 

T As AI technologies continue to evolve, their influence on politics is expected to grow. While experts remain divided on whether AI alone can determine election outcomes, there is broad agreement that these technologies are already shaping public opinion. The challenge for democracies now lies in balancing technological innovation with safeguards that protect electoral integrity and public trust.
Read more »
European Bookseller
AI Advancements AI governance AI technology Cloud Computing Cyber Security Energy sector European Bookseller

Europe Must Balance Water and Energy Demands to Sustain AI Datacenter Growth

 

Europe’s ambitions to expand artificial intelligence and cloud computing infrastructure could be constrained by growing pressure on energy and water resources, according to a new report that calls for stronger policies linking both areas. The study argues that future datacenter growth will depend not only on access to advanced technology but also on how efficiently facilities manage power consumption and water use. 

The report, titled Scale and Secure: Powering Europe’s Digital Sovereignty, was published by Grundfos, a Danish provider of water and energy-efficiency solutions. It highlights how datacenters have evolved into critical infrastructure supporting Europe’s digital economy while also creating challenges related to resource management, environmental sustainability, and technological independence. 

According to the report, datacenters across Europe currently operate with an estimated IT load of around 10 gigawatts. That figure is expected to rise sharply to approximately 35 gigawatts by 2030 as demand for AI services, cloud platforms, and digital applications continues to increase. As a result, datacenters could account for between 7% and 9% of Europe’s total electricity consumption by the end of the decade, up from roughly 3% today. Cooling systems represent one of the largest resource demands within modern datacenters. 

The report estimates that cooling infrastructure accounts for nearly 38% of electricity use in an average facility. Water consumption is also substantial, particularly in hyperscale datacenters, where daily usage can reach between 11,356 and 18,927 cubic meters. Such volumes are comparable to the daily water needs of as many as 155,000 households across the European Union. Researchers warn that rapid datacenter expansion could place increasing strain on local energy grids, water supplies, and municipal infrastructure if growth is not carefully managed. 

Poorly planned developments may also trigger resistance from local communities concerned about environmental impacts and resource availability. To address these challenges, the report recommends integrating water and energy efficiency requirements directly into datacenter governance and planning frameworks. Standardized environmental reporting, improved oversight, and incentives for adopting efficient cooling technologies are among the proposed measures. 

The report also suggests governments introduce tax incentives, grants, and green financing programs to encourage investment in technologies that reduce resource consumption. Another recommendation focuses on improving collaboration between datacenters and district heating networks. Excess heat generated by server facilities could be reused to support local heating systems, although the report notes that regulatory, contractual, and organizational barriers currently limit wider adoption. The findings come as European policymakers increasingly balance digital transformation goals with environmental sustainability commitments. 

As AI adoption accelerates, experts argue that future datacenter expansion must prioritize efficiency and resource conservation to ensure long-term growth without placing excessive pressure on local communities and natural resources.
Read more »
Stanford
AI threats Citizens Bank Cyber Security Financial Security Stanford

Citizens Bank, Stanford Warn Against Sharing Financial Data With AI

 

Artificial intelligence is quickly becoming part of everyday financial decision-making, but experts are warning Americans to be careful about what they share with it. Citizens Bank has stressed that AI can be helpful, yet it also brings serious privacy and fraud risks when people enter personal financial information into chatbots and similar tools. 

The biggest concern is oversharing. Many users ask AI for budgeting help, debt advice, or retirement guidance and then unknowingly provide account numbers, balances, income figures, tax details, or other sensitive data. According to reporting on Stanford-related research, sensitive information shared with AI systems may be stored, collected, or exposed through vulnerabilities, creating opportunities for identity theft or financial fraud. 

Citizens Bank says AI should not be treated like a secure financial adviser. Its online safety guidance warns that AI can be used by cybercriminals to steal money or identities, especially when users reveal critical information. The bank advises people to avoid sharing key financial details, use caution with suspicious messages, and verify anything that seems unusual through trusted sources rather than replying directly. 

Experts say there are safer ways to use AI for money questions. Instead of typing exact figures, users can describe their situation in broad terms or use ranges, such as “low savings” or “moderate debt,” to get useful guidance without exposing private data. This approach allows AI to give practical responses while reducing the chance that confidential information will be stored, reused, or leaked later.

According to security experts, AI can be a useful assistant, but it should never become a place to dump your personal finances. Americans who want to protect themselves should avoid entering banking credentials, account balances, Social Security numbers, or tax documents into any AI tool. In an era of growing AI-driven scams, caution is no longer optional — it is part of basic financial security.
Read more »
US Troops
Ad Tracking Cyber Security National Security Threat Intelligence US Troops

Ad Tracking Puts US Troops at Risk on the Battlefield

 

The ad-tracking industry is facing fresh scrutiny after reports said commercial location data has been used to expose US soldiers in active war zones. US Central Command reportedly confirmed that it has received multiple threat reports about adversaries exploiting this data to target or surveil American personnel in theater. What began as a routine part of online advertising has now become a battlefield concern, showing how everyday mobile tracking can turn into a national security risk. 

At the center of the problem is a vast ecosystem of apps, brokers, and intermediaries that collect location signals from smartphones and other devices. This data is often sold through complex ad-tech pipelines, where device IDs, GPS points, and behavioral signals can be packaged and resold many times over. Even when users disable location settings, officials warn that geolocation may not be fully switched off on some commercial products, leaving sensitive traces behind. For military personnel, those traces can reveal patterns of life that make them easier to watch, map, or attack. 

The warning is especially serious because location data can help adversaries identify where troops congregate and infer operational routines. According to the reporting, such information could be used to support missile, drone, roadside bomb, or counterintelligence operations. That makes an ordinary privacy issue suddenly a security issue, since the same tracking systems used to deliver personalized ads can also expose people in conflict zones. 

Lawmakers have responded by pressing the Pentagon to strengthen protections on military devices and reduce exposure to tracking systems. Privacy advocates have long argued that the ad-tech sector creates a massive reserve of sensitive data that can be abused by both criminals and governments. Earlier incidents, including public mapping of military activity through fitness trackers, showed that location leaks are not theoretical. The new concern is that the same weaknesses may now be affecting troops in active combat areas at scale.

The broader lesson is simple: data collected for convenience can become dangerous when it falls into the wrong hands. For civilians, that means rethinking app permissions and privacy settings; for militaries, it means treating commercial tracking data as an operational threat. As the line between advertising technology and intelligence gathering keeps blurring, the ad industry may need far stricter rules on what it collects, sells, and shares.
Read more »
Subscribe to: Posts (Atom)