Tech Risk Reading Picks

1. Agentic AI assisting attacks: Symantec’s recent research highlights the growing security risks posed by AI agents, which, despite their potential to enhance productivity, can be exploited by attackers. Using OpenAI’s Operator agent, researchers demonstrated how AI could autonomously execute a phishing attack, from identifying a target to crafting a convincing email with malicious intent. As AI agents become more advanced, their ability to conduct cyberattacks independently will increase, lowering the barrier for cybercriminals. While enterprises are rapidly adopting AI agents, experts warn of their vulnerabilities, urging organizations to implement safeguards to prevent unauthorized actions and protect sensitive data. [more]

2. Rising risk of AI-generated code: The rapid rise of AI-generated code, expected to reach 90% of all code within months, presents both opportunities and risks for enterprises. While AI accelerates development, it also introduces quality, security, and governance challenges, particularly in complex codebases. Enterprises face risks such as security flaws from AI's reliance on open-source datasets, blind trust in AI-generated code, and governance gaps. Tools from vendors like Sonar, Endor Labs, and Sonatype are emerging to analyze and secure AI-created code, helping organizations track model provenance and detect risks. To mitigate issues, companies must rigorously verify AI-generated code, recognize its limitations, enforce developer accountability, and establish streamlined AI approval processes. Without proper safeguards, businesses risk severe failures due to AI-induced architectural flaws, making specialized detection and validation tools increasingly essential. [more]

3. Nvidia security patching: Nvidia recently patched two security vulnerabilities in its Riva AI speech services platform that could enable unauthorized access to AI systems. The more serious flaw (CVE-2025-23242) received a high severity rating and could allow privilege escalation, data tampering, denial of service attacks, and information disclosure, while the second vulnerability (CVE-2025-23243) could enable data tampering and DoS attacks. Both affected Riva versions 2.18 and earlier on Linux systems and required no authentication to exploit. Trend Micro researchers, who discovered the flaws in November 2024, found that default cloud installations mistakenly exposed Riva services to the entire internet, potentially allowing attackers to use these expensive AI speech services without authorization, which could result in significant financial impacts for affected organizations. [more]

4. Tricking AI systems: AI systems like ChatGPT, Copilot, and DeepSeek can be "jailbroken" to create malicious software despite supposed safety guardrails. Cato Networks researcher Vitaly Simonovich, with no malware coding experience, successfully tricked these AI systems into writing credential-stealing malware by creating an "immersive world" fantasy scenario where malware development was considered art. Security experts note that approximately 20% of jailbreak attempts succeed, sometimes in mere seconds, and can be achieved through various techniques including perspective changes, roleplaying, and creating alter egos for the AI. The report recommends organizations protect themselves by testing LLMs against datasets of prompts, "fuzzing" AI endpoints, and conducting regular AI red team exercises, as security professionals increasingly view AI-powered threats as a significant and ongoing challenge. [more]

5. Quantum Key Distribution (QKD) link between Beijing and South Africa: China has successfully established its first QKD link in the southern hemisphere, connecting Beijing and South Africa using its quantum communication satellites. This milestone advances China’s efforts to build an intercontinental, ultra-secure communication network resistant to hacking, with potential applications in finance and national security. The experiment, spanning 12,800 km, builds on China's previous achievements with its Micius satellite, which has enabled secure links with Austria and Russia. China aims to launch a global quantum communication service by 2027, prioritizing BRICS nations, and is investing heavily in quantum research, talent development, and international collaboration to lead in this emerging technology. [more]

6. HQC - the fifth algorithm for post-quantum encryption: NIST has selected HQC as a backup post-quantum encryption algorithm to complement ML-KEM, the primary standard for general encryption, ensuring resilience against potential weaknesses. While ML-KEM is based on structured lattices, HQC relies on error-correcting codes, offering a different mathematical foundation for security. Though HQC requires more computing resources, its reliability justified its selection. NIST has been working on quantum-resistant encryption for over eight years, publishing standards in 2024, with organizations already transitioning to them. A draft standard for HQC will be released in about a year, with finalization expected in 2027, reinforcing long-term cybersecurity against future quantum threats. [more]

7. Poisoned PyPI: Cybersecurity researchers have uncovered a malicious campaign on the Python Package Index (PyPI), where 20 fraudulent packages disguised as "time" utilities and cloud-related tools were used to steal cloud access tokens, accumulating over 14,100 downloads before removal. The packages, identified by ReversingLabs, were either exfiltrating data or mimicking cloud client functionalities for services like AWS, Alibaba Cloud, and Tencent Cloud. Some were even dependencies in a popular GitHub project, accesskey_tools. This disclosure follows Fortinet's discovery of thousands of suspicious PyPI and npm packages embedding malicious install scripts, highlighting the ongoing risks in software supply chain security. [more]

8. Novel attack on cloud storage buckets: A recent Palo Alto Networks Unit 42 report found that 66% of cloud storage buckets contain sensitive data, making them vulnerable to ransomware attacks. Threat actors have exploited legitimate cloud security features, such as AWS S3 SSE-C and KMS external key material, to execute ransomware attacks, as demonstrated by security experts. To mitigate such risks, SANS recommends organizations understand cloud security limitations, block unsupported encryption methods, enable backups and object versioning, and balance security with cost using data lifecycle policies. However, caution is needed as attackers can manipulate lifecycle policies to pressure victims into paying ransoms. [more]

Web3 Cryptospace Spotlight

1. Rise in social engineering: CertiK highlights the rising threat of social engineering crypto scams, particularly via social media platforms like X, where hackers hijack verified accounts to promote fraudulent schemes. These attacks, which require less technical expertise than traditional blockchain hacks, are becoming more common due to a skills gap among scammers. Recent high-profile breaches, including those targeting political figures and tech companies, underscore the vulnerabilities of social media security. The Web3 sector's rapid expansion, combined with inconsistent security measures, has exacerbated the problem. CertiK emphasizes the need for proactive security strategies, integrating AI-driven monitoring and standardized audits to combat evolving threats in the crypto space. [more]

2. $73K drained through smart contract flaw: WebKeyDao, a Web3 platform, suffered a $73K loss after hackers exploited a flaw in its smart contract’s buy function, allowing them to purchase tokens at a significantly undervalued rate and resell them for a 10x profit on a decentralized exchange. The breach, detected by blockchain security firm BlockSec Phalcon, highlights the growing risks in Web3 security, with improper pricing logic and lack of thorough contract audits being key vulnerabilities. Similar incidents, including a $460K Ethereum scam and a supply chain attack by the Lazarus Group, underscore the urgent need for better security measures, such as mandatory smart contract audits, on-chain monitoring, and multi-signature wallets. WebKeyDao is expected to implement stronger safeguards, while the broader Web3 industry must adopt proactive security strategies to prevent further financial losses and maintain user trust. [more]

3. Opinion on Web3 metatdata surveillance: Web3 has experienced rapid growth, with decentralized applications (DApps) increasing by 74% in 2024 and individual wallets surging by 485%, yet it faces a major vulnerability: metadata surveillance. Despite its promise of decentralization, blockchain technology remains susceptible to mass surveillance due to its public nature, allowing adversaries to track transactions, de-anonymize wallets, and exploit financial data. AI-powered surveillance systems thrive on metadata, making privacy a critical concern. While VPNs and decentralized anonymity networks like Tor offer some protection, more advanced solutions—such as noise networks and metadata scrambling—are needed to safeguard users from exploitation and ensure Web3's future remains secure and truly decentralized. [more]