The vulnerability carries a maximum severity rating and impacts organizations running vulnerable versions of the LiteSpeed User-End cPanel Plugin. Because cPanel is widely used across hosting environments, a successful attack could affect multiple websites, customer accounts, databases, and server resources hosted on the same infrastructure.

Vulnerability Details

CVE Information

The vulnerability stems from an incorrect privilege assignment issue within the plugin, enabling authenticated cPanel users or compromised accounts to execute scripts with elevated privileges.

Technical Analysis of the Exploit

Researchers found that attackers can abuse the plugin’s lsws.redisAble functionality to execute arbitrary commands as the root user. In a shared hosting environment, this effectively breaks the isolation between users and grants attackers complete control over the server.

Because many hosting providers rely on LiteSpeed and cPanel for website management, exploitation could allow attackers to:

• Execute arbitrary scripts
• Modify server configurations
• Access customer data
• Create backdoors Deploy malware
• Pivot to other hosted accounts

Unlike many privilege escalation flaws that require complex attack chains, this vulnerability can be abused by any authenticated cPanel user account, including accounts already compromised through phishing, credential theft, or web application attacks.

Potential Attack Chain

• Initial Access
• Vulnerability Exploitation
• Root Access
• Post-Exploitation Activities

Indicator of Compromise (IOC) Detection

LiteSpeed provided a log analysis command that administrators can use to identify potential exploitation attempts.

Detection Command

grep -rE 'cpanel_jsonapi_func=(generateEcCert|packageUserSize)|cert_action_entry .*geneccert' /usr/local/cpanel/logs/ /var/cpanel/logs/ 2>/dev/null

What This Command Does

The command searches:

• /usr/local/cpanel/logs/
• /var/cpanel/logs/

for suspicious API requests and activity patterns associated with exploitation attempts.

If the command returns no results, there may be no evidence of exploitation within the available logs.

Why This Vulnerability Matters

Shared hosting environments depend heavily on privilege separation between users. Once an attacker obtains root access, they can potentially compromise every website and account hosted on the affected server.

The widespread adoption of LiteSpeed across hosting providers significantly increases the potential impact of this vulnerability. A single successful exploitation could expose customer data, website files, SSL certificates, configuration settings, and administrative credentials.

Security Recommendations

Update Immediately

Upgrade to:

• LiteSpeed cPanel Plugin 2.4.7 or later
• LiteSpeed WHM Plugin 5.3.1.0 or later

Review Logs

Run the IOC detection command and investigate any suspicious results.

Audit User Accounts

• cPanel users
• Administrative accounts
• Recently created users
• Failed login attempts

Restrict Access

• Multi-Factor Authentication (MFA)
• IP restrictions
• Least privilege access controls

The active exploitation of CVE-2026-48172 highlights the risks posed by privilege escalation vulnerabilities in widely deployed hosting software. Since the flaw can allow attackers to obtain root-level access from a standard cPanel account, organizations and hosting providers should prioritize patching, review logs for indicators of compromise, and continuously monitor their environments for signs of malicious activity.

The post Critical LiteSpeed cPanel Plugin Vulnerability Enables Root Privilege Escalation Attacks appeared first on First Hackers News.

As AI systems become more powerful, there is growing concern that they could be misused to generate harmful biological information. This could be exploited by advanced threat groups or individuals with malicious intent. To reduce these risks, OpenAI is inviting experts to test the model and find weaknesses before attackers do, as part of the gpt 5.5 bio bug bounty program.

The program brings together cybersecurity researchers, biosecurity specialists, and AI red teamers to identify vulnerabilities and improve the model’s safety controls.

The Challenge: Finding a Universal Jailbreak

The main objective of this program is to discover a “universal jailbreak.” In simple terms, this means creating a single prompt that can bypass the model’s built-in safety protections.

Participants are asked to design one prompt that can successfully make the model answer a set of restricted biological questions. The challenge must be completed in a clean session without triggering any warnings or safety systems.

This requires a strong understanding of:

• Prompt engineering techniques
• AI model behavior and responses
• Handling sensitive biological queries

The testing is limited to a controlled environment, ensuring that all experiments are conducted safely.

Rewards and Timeline

Because this is a complex and high-risk challenge, OpenAI is offering significant rewards for successful findings.

Key details include:

• A top reward of $25,000 for the first complete successful jailbreak
• Additional rewards for partial findings that provide useful insights
• Applications open until June 22, 2026
• Testing runs from April 28 to July 27, 2026

The structured timeline ensures that researchers have enough time to test while maintaining controlled access.

Who Can Participate

Access to the program is restricted to ensure responsible testing and prevent misuse of sensitive information.

To participate:

• Researchers must apply with relevant experience in AI or biology
• Selected participants may receive direct invitations
• An active ChatGPT account is required
• All participants must sign a Non-Disclosure Agreement (NDA)

This ensures that all findings remain confidential and are handled responsibly.

Why This Program Matters

This initiative highlights the growing importance of securing advanced AI systems. As models become more capable, the risks also increase, especially in sensitive areas like biology.

By working with experts and encouraging responsible testing, OpenAI aims to strengthen its safety systems and prevent potential misuse. This approach helps build more secure and reliable AI technologies for the future.

At the same time, it shows how collaboration between researchers and organizations is essential to stay ahead of emerging threats.

The post GPT-5.5 Bio Bug Bounty Boosts AI Safety appeared first on First Hackers News.

The vulnerability required no clicks, no extensions, and no user interaction. Simply visiting a malicious website could trigger the attack.

The OpenClaw team classified the issue as High severity and released a fix within 24 hours.

How the Attack Worked

When a developer visited an attacker-controlled website, malicious JavaScript executed in the browser. That script initiated a WebSocket connection directly to the local OpenClaw gateway.

‍Follow Us on: Linkedin, Instagram, Facebook to get the latest security news!

Because the gateway exempted localhost connections from rate limiting, attackers could perform rapid brute-force password attempts — often hundreds per second — significantly increasing the likelihood of bypassing human-created passwords.

Once authentication was successful, the malicious script silently registered itself as a trusted device. This bypassed normal user confirmation prompts and granted persistent access.

From there, the attacker effectively controlled the AI agent and the connected environment.

What Attackers Could Do

With gateway-level access, attackers could:

• Send instructions to the AI agent and retrieve responses
• Access configuration data, including AI providers and integrations
• Enumerate connected nodes and internal IP addresses
• Read logs for operational and reconnaissance insights
• Search Slack or messaging history for API keys and credentials
• Extract sensitive files from the workstation
• Execute shell commands on connected systems

In practical terms, this equated to a full workstation compromise.

This incident highlights a growing cybersecurity concern: shadow AI. Developer-adopted AI tools often operate outside traditional IT visibility while maintaining deep access to local systems, credentials, APIs, and internal communications.

Earlier this year, OpenClaw’s ecosystem also faced issues with malicious community “skills” distributed through its marketplace. However, this newly discovered vulnerability was more severe because it resided in the core gateway architecture itself — not in third-party plugins.

The OpenClaw team classified the issue as High severity and released a fix within 24 hours. Users and organizations must immediately upgrade to version 2026.2.25 or later to mitigate risk.

Beyond patching, enterprises should implement stronger governance, monitoring, and security controls for AI-powered developer tools.

As AI agents gain deeper system access, their compromise no longer represents just an application breach — it represents full environment exposure.

The post OpenClaw Exploit Compromises Developer AI Agents appeared first on First Hackers News.

How the AI Was Jailbroken

Between December 2025 and January 2026, the attacker used repeated Spanish-language prompts to bypass Claude’s safety controls. By presenting the requests as part of a “bug bounty simulation” and asking the AI to role-play as an elite hacker, the threat actor gradually overcame built-in restrictions.

Once guardrails were bypassed, the AI generated detailed technical outputs that supported the attack lifecycle.

The attacker leveraged AI to:

• Identify vulnerabilities in legacy government systems
• Generate exploit code for SQL injection and network scanning
• Assist with credential stuffing techniques
• Provide structured, step-by-step attack guidance

When Claude reached usage limits, the operator allegedly pivoted to another AI model to continue planning lateral movement and evasion strategies.

The campaign focused on outdated infrastructure and unpatched web applications. Approximately 20 vulnerabilities were exploited, leading to the theft of nearly 150GB of sensitive data, including taxpayer records, voter information, and government employee credentials.

Security researchers noted that the AI significantly lowered the technical barrier required to execute complex attacks, enabling a single operator to conduct a large-scale campaign without advanced infrastructure.

Anthropic has since banned the related accounts and enhanced monitoring mechanisms to detect misuse. While investigations continue, the incident highlights the growing risk of AI-assisted cybercrime and the urgent need for stronger patch management and AI interaction monitoring across government environments.

The post Hacker Manipulates Claude AI to Steal Government Data appeared first on First Hackers News.

Importantly, the attacker did not exploit any new FortiGate vulnerability. Instead, they targeted devices with exposed management ports and weak single-factor credentials. Basic security gaps — combined with AI assistance — allowed a relatively low-skilled actor to operate at large scale.

Amazon assessed that the attacker relied heavily on AI for planning attacks, generating commands, writing custom tools, and organizing operations. When one AI tool failed, another was used as backup. Researchers described the setup as an “AI-powered assembly line” for cybercrime.

How the Attacks Worked

The campaign focused on internet-exposed FortiGate management interfaces on common ports such as 443 and 8443. The attacker scanned for accessible devices and attempted logins using commonly reused credentials. Once inside, full device configurations were extracted, exposing credentials, network details, and VPN access.

After gaining VPN entry, the attacker moved deeper into networks. In several cases, Active Directory environments were compromised and credential databases were stolen. Backup systems were also targeted, suggesting possible ransomware preparation.

Key Post-Compromise Activities

• Extracted FortiGate configuration files and credentials
• Performed DCSync attacks to gain domain-level access
• Used pass-the-hash and NTLM relay for lateral movement
• Scanned networks with tools like Nuclei
• Targeted Veeam backup servers and known vulnerabilities
• Deployed AI-assisted custom reconnaissance tools

Interestingly, when facing hardened environments with proper security controls, the attacker often abandoned the target and shifted to easier victims. This reinforces that the campaign relied on automation and scale rather than advanced exploitation skills.

The compromised organizations were spread across South Asia, Latin America, Northern Europe, West Africa, Southeast Asia, and the Caribbean.

The Bigger Picture

This case highlights a growing trend: AI is lowering the barrier to entry for cybercrime. Tools that once required experienced teams can now be assembled and executed by smaller groups using AI support.

The lesson is clear. Organizations must close exposed management ports, enforce multi-factor authentication, rotate credentials, secure backup infrastructure, and maintain strong patch management.

As AI-assisted attacks increase, strong security fundamentals remain the best defense.

‍Follow Us on: Linkedin, Instagram, Facebook to get the latest security news!

The post AI Tools Help Hacker Breach 600+ FortiGate Devices appeared first on First Hackers News.

The company credits stronger, multi-layered protections and AI-powered reviews for discouraging attackers from targeting the Play Store in the first place.

Every app submitted to Google Play now goes through more than 10,000 automated and human safety checks before publication, followed by continuous monitoring after it goes live. Google has also added generative AI models to help reviewers detect complex malware, fraud schemes, hidden subscriptions, and misuse of user data.

Privacy, Reviews, and Child Safety – Google malicious apps

Beyond blocking malicious apps, Google strengthened privacy and trust controls across the platform.

Key highlights from 2025:

• 1.75+ million apps rejected for malware, fraud, hidden charges, or data misuse
• 80,000+ bad developer accounts banned
• 255,000 apps restricted from accessing excessive sensitive data
• 160 million fake or abusive ratings and reviews blocked
• Extra protections added to prevent children from accessing high-risk apps

Tools like Play Policy Insights and the Data Safety section help developers fix privacy issues before submission, reducing accidental violations.

On-Device Protection with Play Protect

Security doesn’t stop at the Play Store. Google Play Protect now scans over 350 billion apps daily, including sideloaded apps installed outside the store.

In 2025:

• 27 million new malicious sideloaded apps detected
• Expanded fraud protection to 185 markets (2.8+ billion devices)
• 266 million risky installation attempts blocked
• 872,000 high-risk scam apps stopped
• New in-call scam protection prevents users from disabling Play Protect during social-engineering attacks

How Google Strengthened Play Store Security in 2025

Developers made over 20 billion daily integrity checks using the Play Integrity API to protect apps from abuse and spoofing. Hardware-backed security signals and improved account verification are also being expanded, including limited distribution accounts for students and hobbyists.

Looking ahead, Google plans deeper AI integration, stricter verification, and new Android 16 protections such as built-in defenses against tapjacking.

Together, these measures show Google’s broader strategy: block malicious apps at scale, reduce fraud and privacy abuse, and strengthen trust across the Android ecosystem.

‍Follow Us on: Linkedin, Instagram, Facebook to get the latest security news!

The post Google Blocks 1.75 Million Harmful Apps from Play Store in 2025 appeared first on First Hackers News.

Two of the most notable families identified are PromptFlux and QuietVault. These samples highlight how attackers are moving beyond static malware into self-modifying and AI-assisted malware — a trend that has serious implications for defenders. 

1. PromptFlux — Self-Modifying AI Malware 

PromptFlux represents one of the earliest examples of malware that uses an AI model to update its own code on the fly: 

What It Is 

• A VBScript-based dropper that uses API calls to large language models like Google Gemini to generate obfuscated VBScript code. 

• It rewrites itself dynamically, effectively evading static signature detection and making each variant slightly unique. 

How It Works 

• PromptFlux includes a component known as the “Thinking Robot.” 

• This module sends prompts to the AI model asking it to produce obfuscated code that performs the same malicious function but looks different. 

• The malware then writes this regenerated code to the system and uses it for its operations. 

Persistence and Spread 

• The regenerated code is saved to locations such as the Windows Startup folder to ensure it runs after a reboot. 

• It also attempts to copy itself to removable drives (USB) and network shares to spread to other systems. 

Why It’s Dangerous 

• Each run can generate a new variant that signature-based antivirus tools won’t recognize. 

• This makes it significantly harder for traditional detection methods to keep up. 

2. QuietVault — AI-Assisted Credential Stealer 

QuietVault uses AI in a different way — to enhance credential harvesting and token theft. 

What It Is 

• A JavaScript-based malware designed to steal credentials — especially GitHub tokens, NPM authentication tokens, and cloud service secrets. 

• Instead of relying on static routines, it uses available AI tools on the host system (CLI-based AI tools) to expand its search. 

How It Uses AI 

• QuietVault formulates AI prompts that instruct the local AI model to help it search for additional sensitive data on the compromised system. 

• This means the malware is not limited to predefined searches — it can adjust what it’s looking for based on the system context. 

Data Exfiltration 

• Once credentials are collected, they are exfiltrated to attacker-controlled locations, such as public GitHub repositories, making tracking more difficult. 

Additional Emerging AI-Involved Malware 

Beyond these two families, researchers have identified other proofs-of-concept that illustrate similar trends: 

• PromptSteal — Uses AI models to generate advanced reconnaissance commands. 

• FruitShell — A reverse shell that blends malicious traffic with legitimate system processes. 

• PromptLock — A concept ransomware that uses AI to customize encryption logic. (Still experimental 

Why AI-Based Malware Matters 

These malware families highlight a new era of threats: 

Evasion Through Adaptation 

• Malware that rewrites itself at runtime can avoid static detection and slow down security responses. 

Dynamic Behavior 

• Instead of fixed routines, AI-assisted malware can change structure, payloads, or behavior based on system context or attacker goals. 

Automation of Complex Tasks 

• AI enables attackers to automate parts of malware development and execution that previously required manual scripting, reducing operational effort. 

Increased Detection Challenges 

• Traditional indicators of compromise (IOCs), such as file hashes or static code signatures, become less reliable. 

• Behavioral and AI-aware detection methods become essential. 

How Defenders Must Respond 

To defend against these evolving threats, organizations need to rethink detection and response: 

Behavioral Monitoring 

• Look for unusual script activity, unexpected API calls, and dynamic code execution. 

• Watch for frequent code rewrites or execution patterns that change at runtime. 

Memory-Based Detection 

• Since these threats often avoid writing files to disk, detection must include memory behavior analysis. 

AI-Aware Defense 

• Security tools should incorporate AI-aware heuristics capable of understanding anomalous AI model queries or usage patterns within a host. 

Threat Intelligence 

• Organizations must stay current with emerging malware families and indicators published by reputable sources such as Google, Microsoft, and CERTs. 

How 𝗶𝟲 Helps Organizations Defend Against AI-Driven Malware 

Threats like PromptFlux and QuietVault show that attackers are no longer relying on static malware. They are using AI, scripting, memory execution, and legitimate system tools to stay hidden. This means traditional defenses alone are not enough. 

𝗶𝟲 helps organizations prepare for this new generation of threats through: 

Advanced Threat Detection 
Behavior-based monitoring to identify suspicious scripting, abnormal process behavior, and in-memory execution that signature tools may miss. 

Threat Hunting & Intelligence 
Proactive hunting for stealth techniques such as LOLBin abuse, dynamic code execution, and unusual AI or scripting activity within enterprise environments. 

Endpoint & Network Security Hardening 
Strengthening system configurations, reducing attack surfaces, and implementing controls that limit misuse of built-in tools and scripts. 

Incident Response Readiness 
Rapid investigation and containment support when advanced malware activity is suspected, minimizing impact and dwell time. 

Security Strategy for Emerging Threats 
Helping organizations adapt their defenses to modern risks — including AI-assisted malware, fileless attacks, and modular backdoors. 

As malware becomes smarter and more adaptive, defense must become smarter too. 

 
𝗶𝟲 focuses on visibility, behavior, and resilience — the key pillars for stopping modern, stealth-driven attacks. 

Final Thought 

The discovery of PromptFlux and QuietVault represents a paradigm shift in malware development. What was once theoretical — malware that uses AI during execution — is now real. 

This is not a distant future threat. It’s here. And it challenges defenders to move beyond static detection toward adaptive, behavior-centric security models. 

‍Follow Us on: Linkedin, Instagram, Facebook to get the latest security news!

The post The Next Generation of Malware: AI-Enabled and Adaptive Threats  appeared first on First Hackers News.

HackGPT Enterprise aims to change that.

Developed by Yashab Alam, HackGPT Enterprise is an advanced AI-powered platform designed to automate penetration testing, vulnerability assessments, and risk reporting at enterprise scale. It combines the intelligence of multiple AI models, including OpenAI GPT-4 and local LLMs, into a single cloud-native system that assists in identifying vulnerabilities, analyzing risks, and even generating reports.

What Is HackGPT Enterprise?

HackGPT Enterprise is a penetration testing platform that leverages AI + machine learning to automate tasks that normally take hours — sometimes days — for security teams.
Instead of manually scanning, analyzing, correlating, testing, and reporting vulnerabilities, HackGPT performs these steps automatically.

With support for multiple AI engines (GPT-4, Ollama, and custom models), it can:

• Detect vulnerabilities
• Recognize anomalies and suspicious patterns
• Score risks using industry standards (CVSS)
• Prioritize exploitability based on business impact

In short — it turns complex security testing into a streamlined, report-ready output.

Unlike tools that simply scan for weaknesses, HackGPT can understand patterns, build correlations, and draw conclusions.

Examples of what AI can do in HackGPT:

• Analyze logs and detect anomalies
• Identify zero-day indicators
• Understand attack chains and lateral movement
• Generate executive summaries or technical reports automatically

Security teams can use it for:

• SOC operations
• Red Team & Blue Team collaboration
• Incident response support
• Continuous security testing

HackGPT Enterprise includes features that enterprises expect:

• Role-Based Access Control (RBAC)
• LDAP / Active Directory integration
• Audit logging and session tracking
• Encryption using AES-256

Compliance frameworks supported include:

• OWASP
• NIST
• ISO 27001
• PCI-DSS
• SOC2

Security teams don’t need to manually map findings to these frameworks — the platform does it automatically.

How HackGPT Transforms Penetration Testing Using AI

HackGPT Enterprise takes a completely new approach to penetration testing. Instead of relying on manual tools and repetitive tasks, the platform automates the entire workflow — from discovery to reporting.

The process begins with automated reconnaissance. HackGPT gathers information using OSINT tools such as Shodan and theHarvester, collecting publicly available data about a target in just seconds. From there, it moves into scanning, identifying active services and potential weaknesses using tools like Nmap and Nuclei.

Once data is collected, HackGPT analyzes the findings and correlates vulnerabilities to determine the most likely attack paths. This is where AI becomes a game changer — instead of simply listing vulnerabilities, the platform prioritizes what matters based on business impact and exploitability.

If exploitation is allowed, HackGPT performs safe proof-of-concept exploitation using Metasploit, validating whether a vulnerability is truly exploitable. After the testing phase, it automatically generates detailed technical reports along with executive summaries. These reports include remediation steps and compliance mapping, saving hours of manual documentation work. Finally, after fixes are applied, HackGPT retests the system to confirm that the vulnerabilities are resolved.

By automating these phases end-to-end, HackGPT eliminates the repetitive workload and frees security teams to focus on decision-making, strategy, and threat mitigation.

Because HackGPT is cloud-native, it scales effortlessly. Built on Docker and Kubernetes, it can run on any infrastructure — AWS, Azure, Google Cloud, or even on-premises. It uses Redis for caching and PostgreSQL for data storage, delivering real-time dashboards and smooth performance even in large environments.

The real impact is seen in business outcomes. Organizations using HackGPT report faster vulnerability detection, reduced manual effort, and automated reporting that would normally take hours. Instead of manually exporting data, the platform generates PDF reports, JSON or XML outputs, and executive summaries instantly — making compliance and audit preparation significantly easier.

HackGPT is continuously evolving. The upcoming roadmap includes a release with SIEM integration and threat-hunting capabilities, followed by a future version that introduces fully autonomous penetration testing — continuous scanning without human intervention.

This is not just an improvement to penetration testing. It represents the next phase of cybersecurity automation. By leveraging AI, machine learning, and scalable cloud architecture, it enables security teams to test faster, respond smarter, and stay ahead of attackers.

Penetration testing is no longer limited by human bandwidth.
With HackGPT, organizations can validate their security posture continuously — and confidently.

The post Introducing HackGPT: A New AI Engine for Pen Testing appeared first on First Hackers News.

The attack targets the Atlas omnibox, which serves as both an address bar and a search bar. It was revealed that the omnibox can mistakenly interpret a crafted string as a user command rather than a web address. Because of this, malicious inputs disguised as URLs can be used to manipulate the browser’s AI system.

According to the report, a fake URL beginning with “https://my-wesite.com” can be followed by hidden natural language instructions. When entered, Atlas fails to validate it as a proper URL and treats it as a prompt. This causes the AI to execute the embedded command, redirecting users to an attacker-controlled website or performing unauthorized actions.

Experts warned that this flaw could lead to phishing attacks, data theft, and remote exploitation. In a practical example, attackers could embed such fake links behind “Copy link” buttons, luring users to malicious pages or triggering harmful actions like deleting files from connected accounts such as Google Drive.

Security researcher Martí Jordà noted that omnibox prompts are treated as trusted input, meaning they may bypass several security checks applied to regular website content. This lack of isolation between user intent and page content created an opening for attackers to abuse the AI assistant’s trust model.

Alongside this finding, SquareX Labs disclosed another related threat called AI Sidebar Spoofing. The technique allows attackers to overlay a fake AI sidebar inside browsers such as Atlas and Perplexity Comet using malicious extensions. When users type prompts into the spoofed sidebar, the injected code can exfiltrate data, install malware, or redirect users to harmful websites.

Researchers described prompt injection as a growing security challenge for AI browsers, including OpenAI Atlas, Perplexity Comet, and Opera Neon. These attacks can be hidden inside web pages using white text, HTML comments, or even faint instructions embedded in images, which are read by AI systems through optical character recognition.

OpenAI’s Chief Information Security Officer, Dane Stuckey, acknowledged the issue in a public statement. He confirmed that the company has conducted extensive red-teaming, added safety guardrails, and trained models to ignore malicious instructions. However, he also admitted that prompt injection remains an unresolved frontier problem in AI security.

Perplexity and Brave have also confirmed that their own browsers face similar risks. Both companies have adopted multi-layered protection systems, including real-time detection, reinforcement filters, and transparency controls to defend against prompt-based attacks.

Experts agree that prompt injection represents a new phase in cybersecurity. The blending of artificial intelligence and web browsing has created new opportunities for productivity—but also new risks that demand constant monitoring and innovation.

The post OpenAI Atlas Browser Vulnerability Exposed to Prompt Injection Attack appeared first on First Hackers News.