BUG BOUNTY PROGRAMS BATTLE AI-GENERATED SPAM
■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE
Companies running bug bounty programs are implementing stricter background checks and deploying AI systems to filter out low-quality reports generated by artificial intelligence. The surge in spurious submissions is forcing organizations to rethink their vulnerability disclosure processes.
■ MORE FROM THE SECURITY DESK
A Cambridge study reveals that terrorist organizations including Boko Haram and ISIS are using ChatGPT, Claude, and Gemini to plan attacks and develop weapons. Safety filters designed to prevent such misuse have repeatedly failed.
The Australian Cyber Security Centre has issued an alert about coordinated exploitation of vulnerable content management systems and plugins worldwide. The campaign targets organizations using outdated or unpatched CMS software.
Artificial intelligence discovered a critical security vulnerability in Linux kernel code that human developers overlooked for over a decade. The bug could allow unauthorized root access to systems.
Researchers have demonstrated a new attack called 'Ghostcommit' that hides prompt injections in PNG files to fool AI code reviewers and agents into exposing repository secrets.