The company says the new model can work more like an experienced developer by managing long coding sessions, understanding large codebases, and completing tasks with minimal human supervision.

Claude Opus 4.8 is available at the same pricing as the previous Opus 4.7 release while offering major performance improvements.

Improved AI Coding and Autonomous Workflows

One of the biggest upgrades in Opus 4.8 is its ability to operate inside Claude Code with improved decision-making and long-term task handling.

The model can now:

• Track work across entire repositories
• Develop features independently
• Perform large-scale bug fixes
• Continue long-running coding tasks without constant input
• Make engineering decisions during development workflows

Anthropic says the model is designed to stay focused during extended sessions, reducing the need for developers to repeatedly monitor or guide the process.

To improve accessibility and reduce operational costs, the company also introduced a new Fast Mode. According to Anthropic, Fast Mode delivers around 2.5 times faster performance at significantly lower cost compared to previous configurations.

Developers can enable the feature directly within Claude Code using the /fast command.

Dynamic Workflows Introduced in Research Preview

Alongside Opus 4.8, Anthropic also revealed a research preview feature called Dynamic Workflows.

The capability is aimed at handling large and complex engineering operations by allowing Claude to break down difficult tasks into smaller coordinated processes.

When working on demanding projects, the AI can:

• Build structured execution plans
• Launch multiple parallel subagents
• Verify outputs automatically
• Coordinate repository-wide changes

This approach is particularly useful for large migrations and development tasks involving hundreds of files that would normally require significant manual effort.

Focus on Reliability and Transparency

Anthropic also emphasized improvements in model transparency and reliability.

According to the company, Claude Opus 4.8 is better at recognizing uncertainty, identifying when it encounters issues, and communicating progress more honestly during extended autonomous operations.

This reduces the risk of silent failures during critical production workflows and helps developers maintain better oversight over AI-assisted engineering tasks.

With enhanced coding capabilities, faster execution, and large-scale workflow automation, Claude Opus 4.8 marks another major step toward AI systems capable of managing end-to-end software development processes with minimal supervision.

The post Anthropic Launches Claude Opus 4.8 for Advanced Coding Tasks appeared first on First Hackers News.

As AI systems become more powerful, there is growing concern that they could be misused to generate harmful biological information. This could be exploited by advanced threat groups or individuals with malicious intent. To reduce these risks, OpenAI is inviting experts to test the model and find weaknesses before attackers do, as part of the gpt 5.5 bio bug bounty program.

The program brings together cybersecurity researchers, biosecurity specialists, and AI red teamers to identify vulnerabilities and improve the model’s safety controls.

The Challenge: Finding a Universal Jailbreak

The main objective of this program is to discover a “universal jailbreak.” In simple terms, this means creating a single prompt that can bypass the model’s built-in safety protections.

Participants are asked to design one prompt that can successfully make the model answer a set of restricted biological questions. The challenge must be completed in a clean session without triggering any warnings or safety systems.

This requires a strong understanding of:

• Prompt engineering techniques
• AI model behavior and responses
• Handling sensitive biological queries

The testing is limited to a controlled environment, ensuring that all experiments are conducted safely.

Rewards and Timeline

Because this is a complex and high-risk challenge, OpenAI is offering significant rewards for successful findings.

Key details include:

• A top reward of $25,000 for the first complete successful jailbreak
• Additional rewards for partial findings that provide useful insights
• Applications open until June 22, 2026
• Testing runs from April 28 to July 27, 2026

The structured timeline ensures that researchers have enough time to test while maintaining controlled access.

Who Can Participate

Access to the program is restricted to ensure responsible testing and prevent misuse of sensitive information.

To participate:

• Researchers must apply with relevant experience in AI or biology
• Selected participants may receive direct invitations
• An active ChatGPT account is required
• All participants must sign a Non-Disclosure Agreement (NDA)

This ensures that all findings remain confidential and are handled responsibly.

Why This Program Matters

This initiative highlights the growing importance of securing advanced AI systems. As models become more capable, the risks also increase, especially in sensitive areas like biology.

By working with experts and encouraging responsible testing, OpenAI aims to strengthen its safety systems and prevent potential misuse. This approach helps build more secure and reliable AI technologies for the future.

At the same time, it shows how collaboration between researchers and organizations is essential to stay ahead of emerging threats.

The post GPT-5.5 Bio Bug Bounty Boosts AI Safety appeared first on First Hackers News.

Cybercriminals are now using AI to create fake and dangerous ads at a massive scale. These ads are often used to spread malware, steal personal information, or run scams. To stop this, Google built Gemini into its security systems.

Unlike older methods that relied on simple keyword checks, Gemini looks at the intent behind ads. This makes it much harder for scammers to trick the system.

According to Google’s 2025 Ads Safety Report, the company removed or blocked more than 8.3 billion ads that broke its rules.

How Gemini Detects Threats

Gemini works by analyzing huge amounts of data in real time. It checks patterns and behavior instead of just looking at text or images. Some of its key abilities include:

• Spotting new or suspicious accounts based on their activity
• Detecting unusual ad campaign patterns and phishing attempts
• Understanding the deeper context of ads
• Telling the difference between real businesses and scams

In 2025, Google also suspended 24.9 million advertiser accounts for serious violations. Out of these, many were linked to financial scams. The company removed 602 million scam ads and banned 4 million accounts connected to fraud.

Google also verifies advertisers’ identities, helping stop bad actors before they even start.

Faster Protection and Response

Speed is important in cybersecurity, and Gemini helps Google act quickly. Most ads are now reviewed instantly, and harmful ones are blocked before they go live. This prevents new types of attacks from reaching users.

By 2026, Google plans to expand this real-time protection to more types of ads.

Gemini has also improved how Google handles user reports. In 2025, teams responded to four times more reports than the year before. If a threat does get through, it can now be removed much faster.

Better Accuracy, Fewer Mistakes

One challenge with automated systems is avoiding mistakes. Gemini solves this by understanding context more deeply.

Because of this, Google reduced incorrect advertiser suspensions by 80%. This means the system can strongly target threats while still protecting legitimate businesses.

The post Google Gemini AI Blocks Harmful Ads Faster Than Ever appeared first on First Hackers News.

The extension takes advantage of user curiosity around ads in AI platforms, using a familiar name to appear trustworthy. Once installed, it monitors activity without interrupting the user experience, making it difficult to notice anything unusual.

It captures prompts, responses, and related metadata while continuing to behave like a normal extension on the surface.

Behind the Operation

After installation, the extension runs silently in the background and maintains persistence through scheduled activity. It regularly connects to a remote configuration hosted on GitHub, allowing attackers to change how it behaves without requiring any update from the user side.

When a user visits ChatGPT, the extension injects hidden scripts into the webpage. Instead of performing any ad-blocking function, it extracts the content of the page by removing styling and media elements while preserving the actual text of conversations.

This data is then compiled into a file and transmitted externally through a Discord webhook controlled by the attacker. The process is automated, meaning stolen conversations are continuously delivered without user awareness.

Investigators also observed suspicious activity linked to the developer account behind the extension. After years of inactivity, the account suddenly became active again, shifting focus toward JavaScript-based behavior. The same developer is connected to other AI-related services, raising broader concerns around data exposure.

‍Follow Us on:Linkedin, Instagram, Facebook to get the latest security news!

What This Means for Users

• Conversations on ChatGPT can be silently captured
• Prompts, responses, and session data are exposed
• Data is sent to external servers without visibility
• Remote control allows attackers to modify behavior anytime
• Associated services may carry similar risks

This incident shows how easily malicious tools can blend into everyday usage. Even simple extensions can operate quietly in the background while collecting valuable data.

Being cautious with browser extensions, especially those linked to popular platforms, is essential. Trust should not be based on names or claims alone, but on verified sources and transparency.

The post Malicious “ChatGPT Ad Blocker” Extension Steals User Data appeared first on First Hackers News.

How the AI Was Jailbroken

Between December 2025 and January 2026, the attacker used repeated Spanish-language prompts to bypass Claude’s safety controls. By presenting the requests as part of a “bug bounty simulation” and asking the AI to role-play as an elite hacker, the threat actor gradually overcame built-in restrictions.

Once guardrails were bypassed, the AI generated detailed technical outputs that supported the attack lifecycle.

The attacker leveraged AI to:

• Identify vulnerabilities in legacy government systems
• Generate exploit code for SQL injection and network scanning
• Assist with credential stuffing techniques
• Provide structured, step-by-step attack guidance

When Claude reached usage limits, the operator allegedly pivoted to another AI model to continue planning lateral movement and evasion strategies.

The campaign focused on outdated infrastructure and unpatched web applications. Approximately 20 vulnerabilities were exploited, leading to the theft of nearly 150GB of sensitive data, including taxpayer records, voter information, and government employee credentials.

Security researchers noted that the AI significantly lowered the technical barrier required to execute complex attacks, enabling a single operator to conduct a large-scale campaign without advanced infrastructure.

Anthropic has since banned the related accounts and enhanced monitoring mechanisms to detect misuse. While investigations continue, the incident highlights the growing risk of AI-assisted cybercrime and the urgent need for stronger patch management and AI interaction monitoring across government environments.

The post Hacker Manipulates Claude AI to Steal Government Data appeared first on First Hackers News.

Instead of using fixed screen coordinates or simple automation rules, PromptSpy sends Gemini a natural-language request along with an XML snapshot of the current screen. This snapshot includes details about visible elements such as text, type, and screen position.

Gemini analyzes the screen content and responds with JSON instructions telling the malware what action to perform — such as tap, long-press, or swipe — and exactly where to do it.

The main goal is persistence. PromptSpy uses this AI-driven method to keep its malicious app pinned in the Recent Apps list, even when the user tries to close it.

The malware runs in a loop. It executes Gemini’s instructions using Android’s Accessibility Service, captures the updated screen, and sends it back to Gemini. This continues until the AI confirms the app is successfully pinned. Because it relies on AI analysis instead of hardcoded rules, it works across different devices, Android versions, and manufacturer customizations.

Security researchers at ESET describe PromptSpy as the first known Android malware to directly integrate generative AI into its execution flow. The focus is stealthy persistence and maintaining control over the device.

Android AI Malware Capabilities

Beyond AI-based persistence, PromptSpy also acts as a powerful remote access tool.

It includes a built-in VNC component that allows attackers to control the infected phone in real time. Once the victim grants Accessibility permissions, attackers can:

• View the device screen live
• Simulate taps and gestures
• Perform actions as if physically holding the phone

The malware can capture lockscreen credentials, gather device information, take screenshots, record screen activity as video, and monitor which app is currently in use.

It communicates with a hardcoded command-and-control server using the VNC protocol, protected by AES encryption. The server can also send a Gemini API key and additional task instructions to the malware.

PromptSpy also actively blocks removal attempts. It abuses Accessibility permissions to place invisible overlays on important system buttons, including those used to uninstall the app or disable its privileges.

These transparent overlays intercept user taps on “Uninstall” or “Stop,” preventing normal removal.

Technical analysis shows that PromptSpy is delivered through a dropper app. The malicious payload (app-release.apk) is embedded inside the dropper’s assets directory.

Campaign Spread and Target Regions

ESET connects PromptSpy to a multi-stage, financially driven campaign mainly targeting users in Argentina.

An earlier variant, VNCSpy, was uploaded from Hong Kong in January 2026. More advanced PromptSpy samples appeared from Argentina in February 2026.

The malware spread through domains such as mgardownload[.]com and m-mgarg[.]com, which imitated JPMorgan Chase branding under the name “MorganArg” using Spanish banking lures.

Analysis of the same infrastructure revealed another Android phishing trojan signed with the same certificate and using the same fake banking site, likely acting as the initial infection stage before deploying PromptSpy.

Although PromptSpy has not appeared widely in ESET telemetry and may still be in limited testing, the active domains confirm some real-world use.

Code findings, including simplified Chinese debug strings and references to Chinese Accessibility events, suggest development in a Chinese-speaking environment, even though current targets are in Latin America.

PromptSpy is not available on Google Play, and Google Play Protect now detects known variants.

This campaign follows ESET’s 2025 discovery of PromptLock, an AI-powered ransomware prototype, highlighting the growing use of generative AI in malware operations.

IOCs

‍Follow Us on: Linkedin, Instagram, Facebook to get the latest security news!

The post PromptSpy: Android Malware Uses Google Gemini AI appeared first on First Hackers News.

AI-Driven Phishing Kit

Researchers track the activity using a small but unusual clue: four mushroom emojis hidden inside the text “OUTL.” So far, this marker has been linked to more than 75 separate attack setups.

The attackers collect stolen email usernames and passwords, along with the victim’s IP address and location. This information is then sent to the attackers using Telegram and Discord.

To trick users, the phishing page copies the Outlook login screen and displays prompts in Spanish, making it look legitimate to victims.

After a victim enters their login details, the phishing tool quickly adds extra context to the stolen data. It checks the user’s IP address using api.ipify.org and pulls location details from ipapi.co.

This data collection happens instantly, before the stolen credentials are sent to the attackers.

The campaign shows careful planning. Even though the attackers change how the code is hidden, the way the operation runs stays mostly the same.

Sage Hollow researchers first spotted the activity by noticing the repeated mushroom emoji marker, which helped them trace more related attacks.

Over time, the phishing kit has appeared in multiple versions. Some use heavy obfuscation and anti-analysis tricks, while others are left completely open and resemble AI-generated code. The latest version, disBLOCK.js, uses clean formatting, clear function names, and Spanish comments explaining each step — signs that the code was likely generated with AI rather than written fully by hand.

How the Phishing Kit Works

The phishing tool is designed with separate pieces, keeping its settings away from the main logic. In earlier versions, a file called xjsx.js was used to store Telegram bot details with only basic hiding techniques.

When someone enters their login details on the fake page, the tool runs through a set process. It checks whether the email address is valid, then reaches out to external services to collect IP and location information.

All stolen data is bundled into a standard message format and sent over regular HTTPS connections. The attackers use either Telegram bots or Discord webhooks to receive this information.

Newer samples rely more on Discord webhooks because they work as one-way channels. Even if the link is discovered, past data cannot be viewed.

This setup points to a shared phishing platform, where multiple attackers reuse the same toolkit across different campaigns.

Security Recommendations

• Organizations should enable phishing-resistant MFA on Microsoft accounts to reduce the impact of stolen passwords.
• Email gateways should be tuned to detect look-alike Outlook login pages and block messages that redirect users to external authentication sites.
• Security teams should monitor outbound traffic for suspicious connections to Telegram bot APIs and Discord webhooks, especially from user workstations.
• User awareness remains critical. Employees should be reminded to verify login pages and avoid entering credentials through email links.
• Incident response teams should reset affected credentials immediately and review sign-in logs for abnormal locations and IP addresses.

The post AI-Driven Phishing Kit Targets Microsoft Accounts appeared first on First Hackers News.

HackGPT Enterprise aims to change that.

Developed by Yashab Alam, HackGPT Enterprise is an advanced AI-powered platform designed to automate penetration testing, vulnerability assessments, and risk reporting at enterprise scale. It combines the intelligence of multiple AI models, including OpenAI GPT-4 and local LLMs, into a single cloud-native system that assists in identifying vulnerabilities, analyzing risks, and even generating reports.

What Is HackGPT Enterprise?

HackGPT Enterprise is a penetration testing platform that leverages AI + machine learning to automate tasks that normally take hours — sometimes days — for security teams.
Instead of manually scanning, analyzing, correlating, testing, and reporting vulnerabilities, HackGPT performs these steps automatically.

With support for multiple AI engines (GPT-4, Ollama, and custom models), it can:

• Detect vulnerabilities
• Recognize anomalies and suspicious patterns
• Score risks using industry standards (CVSS)
• Prioritize exploitability based on business impact

In short — it turns complex security testing into a streamlined, report-ready output.

Unlike tools that simply scan for weaknesses, HackGPT can understand patterns, build correlations, and draw conclusions.

Examples of what AI can do in HackGPT:

• Analyze logs and detect anomalies
• Identify zero-day indicators
• Understand attack chains and lateral movement
• Generate executive summaries or technical reports automatically

Security teams can use it for:

• SOC operations
• Red Team & Blue Team collaboration
• Incident response support
• Continuous security testing

HackGPT Enterprise includes features that enterprises expect:

• Role-Based Access Control (RBAC)
• LDAP / Active Directory integration
• Audit logging and session tracking
• Encryption using AES-256

Compliance frameworks supported include:

• OWASP
• NIST
• ISO 27001
• PCI-DSS
• SOC2

Security teams don’t need to manually map findings to these frameworks — the platform does it automatically.

How HackGPT Transforms Penetration Testing Using AI

HackGPT Enterprise takes a completely new approach to penetration testing. Instead of relying on manual tools and repetitive tasks, the platform automates the entire workflow — from discovery to reporting.

The process begins with automated reconnaissance. HackGPT gathers information using OSINT tools such as Shodan and theHarvester, collecting publicly available data about a target in just seconds. From there, it moves into scanning, identifying active services and potential weaknesses using tools like Nmap and Nuclei.

Once data is collected, HackGPT analyzes the findings and correlates vulnerabilities to determine the most likely attack paths. This is where AI becomes a game changer — instead of simply listing vulnerabilities, the platform prioritizes what matters based on business impact and exploitability.

If exploitation is allowed, HackGPT performs safe proof-of-concept exploitation using Metasploit, validating whether a vulnerability is truly exploitable. After the testing phase, it automatically generates detailed technical reports along with executive summaries. These reports include remediation steps and compliance mapping, saving hours of manual documentation work. Finally, after fixes are applied, HackGPT retests the system to confirm that the vulnerabilities are resolved.

By automating these phases end-to-end, HackGPT eliminates the repetitive workload and frees security teams to focus on decision-making, strategy, and threat mitigation.

Because HackGPT is cloud-native, it scales effortlessly. Built on Docker and Kubernetes, it can run on any infrastructure — AWS, Azure, Google Cloud, or even on-premises. It uses Redis for caching and PostgreSQL for data storage, delivering real-time dashboards and smooth performance even in large environments.

The real impact is seen in business outcomes. Organizations using HackGPT report faster vulnerability detection, reduced manual effort, and automated reporting that would normally take hours. Instead of manually exporting data, the platform generates PDF reports, JSON or XML outputs, and executive summaries instantly — making compliance and audit preparation significantly easier.

HackGPT is continuously evolving. The upcoming roadmap includes a release with SIEM integration and threat-hunting capabilities, followed by a future version that introduces fully autonomous penetration testing — continuous scanning without human intervention.

This is not just an improvement to penetration testing. It represents the next phase of cybersecurity automation. By leveraging AI, machine learning, and scalable cloud architecture, it enables security teams to test faster, respond smarter, and stay ahead of attackers.

Penetration testing is no longer limited by human bandwidth.
With HackGPT, organizations can validate their security posture continuously — and confidently.

The post Introducing HackGPT: A New AI Engine for Pen Testing appeared first on First Hackers News.