• About WordPress
    • WordPress.org
    • Documentation
    • Learn WordPress
    • Support
    • Feedback
  • Log In
  • Register

AnonymousMedia.org

  • Home
  • Headline News
  • Videos
  • Chat
  • History
  • File Manager
  • Activity
  • Forums
  • ThreatsDay: Game Cheat Spyware, 24-Hour Ransomware, Chrome Sync Stalking + 12 More Stories

    ThreatsDay: Game Cheat Spyware, 24-Hour Ransomware, Chrome Sync Stalking + 12 More Stories


    Ravie LakshmananJul 16, 2026Hacking News / Cybersecurity News

    A lot of this week’s trouble starts with something that looks close enough.

    A familiar repo. A useful installer. A harmless sync setting. Then the handoff goes bad, the box starts talking to someone else, and the damage moves faster than the explanation.

    Old bugs are back, weak defaults are earning their keep, and some attack paths are so plain they barely feel like research. Here’s the mess.

    1. Game cheats drop spyware

      Cybersecurity researchers 11 malicious NuGet packages published as .NET command-line tools that present themselves as game utilities, bots, and “panels,” each of which act as a first-stage downloader responsible for fetching and executing a second-stage Python payload named “pepesoft.exe” from GitHub Releases and Hugging Face paths under the username “pepegit666,” along with a dormant BitTorrent fallback mechanism built into it. “The recovered payloads use downloader-supplied AWS-style key material to retrieve remote configuration, authenticate to Google Sheets, bind activations to hardware, and honor a remote HWID/UUID ban-list,” Socket said. “In the three direct-bytecode payloads, the larger game-automation application also exposes Telegram bot commands that can send screenshots back to the configured chat.”

    2. Fake installers deploy RATs

      UAT-11795, a sophisticated, Russian-speaking, financially motivated adversary, has been observed conducting a malicious campaign targeting users in the U.S. and Europe since at least June 2025. The activity delivers a Python-based remote access tool (RAT) dubbed Starland RAT and a command-and-control (C2) memory implant known as WLDR agent using trojanized installer lures for software like developer tooling, IT administration utilities, enterprise collaboration platforms, and consumer gaming applications (e.g., MobaXterm, WebEx, Zoom, DBeaver, and FaceIT). “The WLDR agent is a sophisticated PowerShell-based C2 memory implant that features encrypted beaconing, task queuing, and a Runspace execution engine for executing additional payloads,” Cisco Talos said. Alternatively, UAT-11795 has been linked to the deployment of CastleStealer and Remcos RAT. The malware is designed to target victims’ credentials and cryptocurrency wallet assets, harvest Active Directory information, and establish a persistent connection to the victims’ machines from the C2 server, likely with an aim to deliver and execute further payloads. The majority of the infections are in the U.S., with fewer potential impacts recorded in Germany, Romania, and Venezuela. The attack chain makes use of ClickFix lures to distribute HTA scripts, which then download and run trojanized installers to deliver Starland RAT, which then uses “curl.exe” to execute a PowerShell stager for decrypting and running WLDR agent. In recent weeks, ClickFix has also served as a conduit for TELEPUZ, a modular malware, and ClickLock Stealer, a macOS-focused information and cryptocurrency wallet stealer targeting users in Europe, North America, and MEA. “ClickLock Stealer targets data from 8 browsers, 31 crypto wallet browser extensions, 7 password manager extensions, 8 desktop wallet applications, extracts blockchain addresses across 6 chains, macOS Keychain, shell history, and FTP credentials,” Group-IB said.

    3. Network encrypted within hours

      An IT services company in South Asia was targeted by a previously undocumented ransomware family called Spirals in June 2026. “The Rust-based payload is either a new ransomware threat or one purpose-built for this attack,” Broadcom’s Symantec and Carbon Black Threat Hunter Team said. “Less than 24 hours after the initial breach, the ransomware payload was being pushed to machines on the network.” The attacker is said to have obtained initial access by compromising an internet-facing IIS web server and uploading an ASP.NET web shell. Over the next three hours, they established persistent access, conducted reconnaissance, uninstalled endpoint security software, dumped the Security Account Manager (SAM) hive, and set up covert remote access prior to deploying the payload across the network using PsExec. The ransom note seeks to apply pressure by threatening to publish stolen data after six days if a ransom is not paid and directs victims to a Tor portal for negotiations. The actor behind the attack remains unknown.

    4. Actively exploited flaws

      The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-46817, an improper privilege management vulnerability in Oracle E-Business Suite, and CVE-2023-4346, an overly restrictive account lockout mechanism vulnerability in KNX Association KNX Protocol Connection Authorization Option 1, to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply the fixes by July 18 and 29, 2026, respectively. Reports about active exploitation of CVE-2026-46817 emerged late last month. It’s currently not known how the KNX Protocol flaw is being abused and by whom.

    5. New rules for vulnerability reports

      CISA, in partnership with the National Security Agency (NSA), Japan Computer Emergency Response Team Coordination Center (JPCERT/CC), Netherlands’ National Cyber Security Centre (NCSC-NL), and United Kingdom’s National Cyber Security Centre (NCSC-UK), has published joint guidance to “helps software manufacturers and online service providers collaborate effectively with security researchers who identify weaknesses in software, networks, and hardware in a structured, transparent framework.” The agency said a “well-defined coordinated vulnerability disclosure (CVD) program enables software manufacturers and online service providers to better assess potential risk, improve their vulnerability management processes, and make informed decisions that improve product security for their customers.”

    6. 700-person scam network dismantled

      Authorities from the Netherlands have arrested a 46-year-old man with Israeli and Polish citizenship, who is alleged to be behind an international criminal organization with more than 700 employees who were employed at about 20 fraudulent call centers. These individuals posed as financial advisors to conduct investment fraud. “By maintaining regular contact, sometimes over a period of months, these scammers build a bond of trust with their victims,” the Dutch police said. “The initial deposit is always a relatively small amount that yields an immediate profit. The online platform where victims can view their investments is indistinguishable from the real thing, yet in reality, no actual investments are being made. Scammers use a friendly approach and cunning tactics to manipulate victims into depositing ever-larger sums. The money – often cryptocurrency – that victims believe they are investing ends up in the scammers’ pockets.” The operation has also led to the arrest of four “financial advisors.”

    7. €140M fraud network disrupted

      Spanish National Police have disrupted a cybercrime network accused of stealing and laundering about €140 million through fake investment platforms, CEO fraud, invoice fraud, and adversary-in-the-middle attacks across Europe. Four people have been apprehended in connection with the operation: two in Portugal, one in Spain, and one in Panama. “The suspects established and managed a network of over 800 bank accounts to receive substantial sums of illicit money swindled from numerous victims; these funds were immediately dispersed and concealed across another network of accounts, creating a chain of transactions that safeguarded the criminal proceeds and allowed the vast amounts of defrauded money to be hidden and laundered through ‘money mule’ accounts in third countries,” police said. “To create the complex web of accounts used for money laundering, the group utilized an extensive network of money mules – European citizens who had arrived in Spain from other countries – to set up companies and subsequently open bank accounts across Spanish territory.”

    8. Windows bind links evade EDR

      Bitdefender Labs has demonstrated three attack techniques in which Windows’ bind links can be misused to evade endpoint detection and response (EDR) products. “Windows includes a file-system virtualization feature that can redirect one local path to another without modifying the original file or leaving a persistent filesystem artifact,” Bitdefender’s Martin Zugec said. “It is implemented by bindflt.sys, the Bind Filter minifilter driver, and used legitimately by Store apps, Windows Sandbox, and Windows containers.” The techniques can be leveraged by an attacker running as a local administrator to bypass EDR sensors and built-in Windows defenses such as AMSI and AppLocker. The techniques include: File-Binding, Process-Binding, and Silo-Binding, each of which shadow a trusted file or DLL path, a trusted executable path, and a user-defined Windows silo. Microsoft has assessed the findings as low severity because it requires administrator access.

    9. 290 fake repos spread infostealer

      A financially-motivated threat actor has set up more than 290 fake GitHub repositories impersonating trusted software and security tooling vendors, including Arctic Wolf, to distribute a Windows infostealer that shares the same codebase as BoryptGrab. The 292 impersonated repositories span security tooling, fintech and personal finance, cryptocurrency wallets and exchanges, developer and productivity tools, secure email providers, macOS utilities, and gaming software. “The payload is a pure smash-and-grab in-memory infostealer, with a 41-entry cryptocurrency wallet path table and 19+ targeted browser names for broad, financially driven credential collection,” Arctic Wolf said. “Stolen data is packaged into a ZIP archive and exfiltrated to a C2 with an IP residing in Russia, on a hosting provider repeatedly associated with malware operations.” The malware does not set up persistence on the host and is instead designed to collect as much data as possible in a single execution. The brandjacking campaign is said to be the work of a Russian-speaking operator.

    10. $62M cybercrime indictment

      The U.S. Justice Department has unsealed a December 2024 indictment charging three Russian nationals and two related bulletproof hosting companies for their roles in cybercrimes against U.S. victims, causing tens of millions of dollars in losses. The charges are against Alexander Alexandrovich Volosovik, Kirill Andreevich Zatolokin, Yulia Vladimirovna Pankova, Media Land LLC, and ML.Cloud LLC. In tandem, the U.S. Department of State’s Rewards for Justice (RFJ) program has announced its offering a reward of up to $10 million and possible relocation for actionable information on foreign government-linked associates of Pankova, Volosovik, and Zatolokin, their malicious cyber activities, or foreign government-linked use of Media Land or ML.Cloud. The defendants and the companies were sanctioned by the U.S., the U.K., and Australia in November 2025. Earlier this week, the Council of the European Union also levied sanctions against Media Land, ML.Cloud, and Volosovik, as part of the first joint cyber sanctions package issued against Russia in collaboration with the U.K.

    11. Chrome Sync becomes spyware

      A legitimate Chrome sync technique meant for user convenience is being misused by stalkers to gain broad access to a device owner’s private information. “Chrome’s sync feature exists to make life easier,” Certo said. “Sign in with a Google account, and Chrome will keep your bookmarks, open tabs, browsing history, autofill data, and saved passwords in step across every device you use — your phone, tablet, laptop, whatever you’re signed into.” However, this can be turned into a surveillance tool in a simple step. All a digital intruder has to do is gain brief physical access to a victim’s phone, open the Chrome app and add a Google account under their control, and ensure sync is switched on for that account. “The victim carries on using their phone as normal,” Certo explained. “From this point, their browsing activity is copied to the attacker’s Google account in the background. The attacker opens the same Google account on their own device and reviews the victim’s browsing history whenever they choose, from anywhere with an internet connection.”

    12. eCards deliver remote access

      A sustained phishing campaign dubbed SeasonalInvite has been observed deploying and abusing commercial Remote Monitoring and Management (RMM) tools since at least January 2026 by making use of social engineering themes tied to the seasonal calendar in attacks targeting both Windows and macOS users. The attacks involve the abuse of ConnectWise ScreenConnect, LogMeIn Resolve, Kaseya, and O&O Syspectr. The bogus pages are likely distributed via phishing emails and poisoned search results. Forescout said it identified 959 eCard-themed domains and a traffic distribution system (TDS) using 2,658 gate pages to route victims to phishing pages while blocking automated security scanners. “The phishing pages are generated by a kit and contain indicators of likely AI-generated code, suggesting the threat actor used a large language model (LLM) to assemble delivery pages and rapidly retool the campaign,” it noted.

    13. OAuth codes bypass MFA defenses

      Cybersecurity researchers have identified a new AI-powered device code phishing toolkit called Jalisco, along with a credential harvester codenamed OmegaLord that captures phone numbers alongside passwords to intercept multi-factor authentication (MFA) codes. “Jalisco is a device code phishing toolkit that provisions fresh OAuth codes in real time, defeating the time-based controls defenders rely on and pairing naturally with AI-powered kits like ‘EvilTokens,’” ReliaQuest said. “OmegaLord, by contrast, is a JavaScript-based credential harvester that impersonates a PDF reader and collects phone numbers alongside credentials—a deliberate step toward intercepting or hijacking MFA.” The development comes amid a surge in device code phishing attacks in 2026 that employ purpose-built tools to run such campaigns at scale. “Once inside a compromised Microsoft 365 account, attackers establish persistence by pairing multiple attacker-controlled devices to the victim’s Entra ID tenant, then move quickly to exfiltrate sensitive data from software-as-a-service (SaaS) platforms for extortion,” the company added. In some cases, threat actors have been observed enrolling more than five devices to a single compromised account in an attempt to extend the window for exfiltration.

    14. 3,900 threat servers mapped

      A new analysis from Hunt.io has uncovered more than 3,900 threat activities enabling servers across 302 Eastern European infrastructure providers within the past 3 months. “Keitaro leads Eastern European threat activity enablement with 1,277 unique threat activity enabling IPs, followed by Tactical RMM (232) and Acunetix (173),” the threat intelligence company said. “Cloud Atlas APT infrastructure was observed across multiple Eastern European providers, confirming the group’s continued reliance on Eastern European hosting. Proton66 OOO was linked to active exploitation of CVE-2026-35273, a critical Oracle PeopleSoft zero-day attributed to the ShinyHunters group, with threat activity enabling infrastructure directly traceable to this Russian provider.”

    15. One infection, two revenue streams

      A financially motivated campaign has been observed delivering Vidar stealer and the XMRig cryptocurrency miner to consumer and small- and medium-sized business victims worldwide. The campaign was detected in April 2026. “Attackers lure victims via malvertising to pages for downloading files that impersonate cracked versions of copyright-protected software,” Palo Alto Networks Unit 42 said. “Upon execution, the loader drops and runs both Vidar stealer and XMRig. Vidar stealer targets information like browser credentials, cookies, and crypto wallets. XMRig mines Monero cryptocurrency.” The loader binaries use the Factory-v3 framework, which refers to a malware-as-a-service (MaaS0 builder used for different families of stealer malware. “The tag X3D MINER appears in Telegram operator notifications sent for every new victim infection,” Unit 42 added. “The operator behind this campaign runs a dual-monetization scheme. Criminals sell credentials and session cookies stolen by Vidar stealer on criminal log markets, while XMRig provides passive income from hijacked victim CPU cycles.”

    The lesson is not “trust nothing.” It is to stop granting trust in bulk. Check the repo, the installer, the account, the exposed service. Small shortcuts keep turning into full attack paths.

    And when a bug looks old, awkward, or too simple to matter, assume someone has already found a use for it. Patch the boring stuff. Tighten the defaults. Watch the handoffs.



    Source link

    07/16/2026
  • Writers Guild Of America Also Sues Paramount, Citing Looming Merger Layoff Bloodbath

    Writers Guild Of America Also Sues Paramount, Citing Looming Merger Layoff Bloodbath


    from the do-not-pass-go,-do-not-collect-$200 dept

    Not long after twelve states sued Paramount claiming its $111 billion merger with Warner Brothers would harm market competition, the Writers Guild of America (WGA) filed their own lawsuit, warning that the massive debt load from the media industry’s latest megamerger will result in an ocean of layoffs for an already reeling U.S. entertainment industry.

    The lawsuit notes that the current film industry is dominated by just five players: Disney (ABC), NBCUniversal (Comcast), Sony, Paramount (CBS), and Warner Brothers. Comcast recently restructured to make it easier to sell off its NBC and Universal properties, opening the door to a lot of very quick consolidation in addition to the speedy Skydance/Paramount/Warners merger.

    “With fewer competitors, the merged Paramount-Warner Bros. entity would have both the ​incentive and the ability to lower costs by suppressing writers’ wages and reducing output. Writers will be paid less and ​have fewer employment opportunities,” the WGA complaint said.

    Supreme Court precedent (for whatever that’s worth anymore) has long indicated that any merger
    yielding a post-merger market share exceeding 30% (which this deal does) is presumptively anticompetitive. The WGA notes that muted competition will result not just in fewer jobs, but lower wages and fewer opportunities for creatives overall across both film and television.

    “With fewer competitors, the merged Paramount-Warner Bros. entity would have both
    the incentive and the ability to lower costs by suppressing writers’ wages and reducing output.
    Writers will be paid less and have fewer employment opportunities,” the lawsuit states.

    While Paramount would like to pretend this is a debate, and most U.S. press outlets bury the lede, U.S. history is vividly clear on the harms created by media consolidation. That was most recently personified by AT&T’s disastrous acquisitions of DirecTV and Time Warner, which resulted in upward of 50,000 layoffs, higher prices, worse service, and no shortage of shuttered creative projects.

    The rushed acquisitions of both CBS/Paramount and Warner Brothers — all so Larry Ellison’s son can play media mogul — have created a particularly heavy debt load of $79 billion. Such debt is always paid for by consumers and labor, often in more ways than one.

    Paramount has promised to release 30 theatrical releases per year and to keep them in exclusively for theaters for 45 days, but as I’ve long made clear, pre-merger promises are utterly worthless. Especially in a country dead set on steadily lobotomizing its public interest regulators. As we’ve seen with consolidation in sectors like wireless, America’s favorite pastime is pretending to ignore the harms of pointless mergers.

    This is a pretty clear example of the kind of consolidation that should be blocked for the benefit of labor, markets, and consumers, but despite a lot of rambling pretense about a love of free market competition and entrepreneurial spirit, America consistently fails to walk the talk on antitrust, the impact of which is abundant and getting exponentially worse under pay-to-play Trumpism.

    Filed Under: antitrust, consolidation, film, hollywood, jobs, larry ellison, layoffs, media, mergers, movies

    Companies: paramount, warner bros., writers guild



    Source link

    07/16/2026
  • AI Can Find Bugs, But Human Knowledge Still Proves Them

    AI Can Find Bugs, But Human Knowledge Still Proves Them


    Artificial intelligence (AI) is changing offensive security, but it has not changed the standard that matters most: a finding has to be proven before it becomes useful. AI-assisted tools can read code quickly, generate payloads, summarize attack surfaces, explain unfamiliar APIs, and run repetitive testing workflows at impressive speed. That is a real advantage for security teams. It also creates a new kind of pressure, because the industry can now produce more vulnerability-looking output than ever before.

    The problem is that output is not the same as evidence. A generated report can sound polished, include a severity rating, and even contain a proof-of-concept that looks reasonable at first glance. None of that proves the bug exists in the deployed environment. None of it proves exploitability, impact, or risk. In offensive testing, the hard part has never been writing something that sounds like a vulnerability report. The hard part is demonstrating what is actually true.

    That distinction is becoming more important as AI becomes more common in security workflows. AI can accelerate discovery, but validation still depends on knowledge: knowledge of systems, protocols, application behavior, identity boundaries, memory corruption, business logic, and all the implementation details that separate a plausible theory from a real exploit. The future of offensive security will not belong to people who merely produce the largest number of findings. It will belong to people and teams that can prove what matters.

    The Industry Is Already Seeing the Cost of Shallow AI Output

    The warning signs are already visible. Bug bounty programs and maintainers have been dealing with a surge of low-quality AI-generated reports, often submitted with thin evidence, templated language, and little meaningful validation. Bugcrowd publicly addressed this pattern in its policy changes around AI-generated submissions, describing a class of reports that looked polished but created unnecessary triage burden rather than a useful security signal.

    This is not just a bug bounty problem. It is a preview of what happens anywhere AI is used to create security findings without enough human judgment behind them. If a tool can generate a convincing write-up in seconds, organizations will receive more reports, more alerts, and more claims. Unless those claims are validated, the result is not better security. It is a larger queue.

    Security teams are already overloaded with scanner output, dependency alerts, cloud configuration issues, and compliance findings. Adding AI-generated speculation on top of that does not help unless the quality bar goes up at the same time. A finding should answer basic questions clearly: what happened, how it was reproduced, what the attacker controls, which boundary was crossed, and what the demonstrated impact is. Without that, the report may be interesting, but it is not ready to drive engineering action.

    “Looks Vulnerable” Is Not the Same as Vulnerable

    One of the most dangerous habits in offensive testing is confusing a suspicious pattern with a validated vulnerability. AI can make that habit worse because it is good at explaining why something might be bad. A model may see user input near a database query and describe SQL injection. It may see a URL fetch and suggest SSRF. It may see a dangerous API in a code path and describe remote code execution. Sometimes the model is pointing at a real issue. Other times, it is missing the conditions that decide whether the issue matters.

    A tester still has to prove reachability. Does the attacker-controlled input actually reach the dangerous operation? Is authentication required? Is authorization enforced somewhere else? Is the vulnerable feature enabled? Does the production configuration expose the code path? Does the application normalize, encode, sanitize, or reject the payload before it matters? Does the issue cross a trust boundary or merely affect an internal-only path with no practical security impact?

    These questions are where real offensive security begins. They are also where shallow automation often breaks down. AI can generate hypotheses quickly, but hypotheses are not findings. A good tester treats AI output as a lead to investigate, not a conclusion to forward.

    Why Knowledge Still Matters

    The best offensive security practitioners are valuable because they understand systems, not because they can run tools. Tools have always been part of the job, but tool output has never been enough. A web scanner may identify a parameter that reflects input. A static analyzer may flag a dangerous function. A fuzzer may produce a crash. A language model may describe a plausible attack path. In every case, someone still needs to understand what the signal means.

    That understanding is usually earned through repetition. Senior researchers spent years doing the work manually: tracing requests, reading source, reverse engineering binaries, debugging crashes, writing exploit code, breaking authentication flows, and learning how real systems fail. That process builds memory and instinct. It teaches a practitioner when a finding is probably real, when a tool is being misled, and when a small bug may become serious if chained with something else.

    This kind of knowledge is hard to fake. It shows up in the questions a tester asks. It shows up in the way a report is written. It shows up in whether the tester can explain the exploit path without hiding behind generic language. Most importantly, it shows up when the first attempt fails. A person who understands the system can adapt. A person who only accepts the tool’s explanation is often stuck.

    AI Can Make Good Testers Faster, but Can Also Make People Rusty

    There is a real concern among experienced practitioners that overdependence on AI can make people rusty. This is not an anti-AI argument. It is a human learning argument. When a tool answers every question instantly, it becomes tempting to stop remembering details. When it writes the first version of every script, it becomes tempting to stop practicing. When it explains every code path, payload, crash, and error message, it becomes tempting to stop building the mental model yourself.

    That convenience has a cost. Offensive security rewards depth, pattern recognition, and technical recall. The hardest findings often come from recognizing that a behavior in one area violates an assumption somewhere else. They come from knowing how parsers, frameworks, allocators, identity providers, and authorization systems have failed before. They come from seeing the connection between small details that do not look important in isolation.

    If practitioners stop exercising those muscles, they lose some of the very skill that makes them effective. The risk is not that AI makes security professionals useless. The risk is that people let AI do too much of the thinking too early, then mistake fluency for competence. Prompting is useful, but it is not a replacement for judgment.

    Most AI-Assisted Testing Still Uses Familiar Techniques

    A lot of AI security marketing can make it sound as if machine learning is discovering vulnerabilities through some entirely new kind of reasoning. Sometimes models do surface patterns a human might miss, especially across large and unfamiliar codebases. That is useful. But in many practical offensive testing workflows, the underlying techniques are still familiar: enumerate endpoints, inspect parameters, trace data flow, compare authenticated and unauthenticated behavior, generate payloads, run fuzzers, observe responses, and determine whether the application state changed in a security-relevant way.

    In other words, many AI-enabled systems are orchestrating known testing techniques at scale. They can plan, execute, observe, and iterate faster than a human doing everything by hand. That is a meaningful improvement, but it does not remove the need to understand the result. If the system reports an authorization flaw, someone still has to know whether the object relationship matters. If it reports a memory corruption bug, someone still has to reason about reachability, crash context, mitigations, and exploitability. If it reports an API weakness, someone still has to determine whether the observed behavior violates the application’s trust model.

    The most valuable use of AI is not to replace those decisions. It is to reduce the mechanical work around them so skilled testers can spend more time on analysis and validation.

    What Good Validation Looks Like

    A validated offensive finding should be specific, reproducible, and tied to impact. It should not require the reader to guess why the issue matters. The report should make the exploit path clear enough that an engineer can reproduce it and a security leader can understand the risk. That does not mean every issue needs a dramatic exploit chain or a movie-style proof-of-concept. It means the evidence should support the claim.

    For AI-assisted testing, teams should draw a sharp line between leads and validated findings. A lead is something worth investigating. A validated finding is something that has been tested and proven. Mixing those categories creates confusion and wastes time. A good workflow can absolutely use AI to generate leads, but the promotion from lead to finding should require evidence.

    Practical Validation Checklist

    A practical validation standard does not need to be complicated. Before a lead becomes a reported finding, the tester should be able to answer questions like these:

    • What specific behavior was observed, and where did it occur?
    • What attacker-controlled input, identity, or state was required?
    • What security boundary was crossed, such as authentication, authorization, tenancy, trust, privilege, or memory safety?
    • What exact steps reproduce the behavior in the target environment?
    • What is the demonstrated impact, not just the theoretical worst case?
    • What evidence shows that the issue is reachable and relevant in the deployed configuration?
    • What would a fix need to change, and how can the team confirm that the fix works?

    This kind of checklist helps keep AI in the right role. It can help produce candidates, suggest test ideas, and speed up reproduction. It should not be allowed to skip the step where a human verifies the claim against reality.

    The Human Role Is Still Technical

    One of the underappreciated realities of AI security platforms is that human validation remains deeply important behind the scenes. That should not be surprising. Offensive security has always required judgment, and judgment is especially important when findings become consequential. The person reviewing the evidence has to decide whether the exploit path is realistic, whether the environment matters, whether the issue is isolated or chainable, and whether the severity claim is justified.

    This is not just an administrative quality-control function. It is technical work. Authorization flaws often depend on business logic and object relationships. API vulnerabilities may require understanding how roles, tenants, and resources interact. Memory corruption requires reasoning about crash state, control, mitigations, and exploit primitives. Cloud findings depend heavily on identity, trust policies, and service-specific behavior. AI can assist with all of this, but it does not remove the need for someone who knows what they are looking at.

    The higher the impact of a finding, the more important the human role becomes. Organizations do not want a confident guess when the result may affect engineering priorities, customer trust, compliance obligations, or executive risk decisions. They need proof.

    Avoiding Exaggerated Impact

    AI-generated reports can also overstate severity. Reflected input is not cross-site scripting until script execution is demonstrated. A URL fetch is not meaningful SSRF until the tester can show access to something the attacker should not reach. A dangerous function is not remote code execution unless reachability, control, and execution can be proven. These mistakes are not just embarrassing; they erode trust between security teams and engineering teams. It happens quite often that a finding will get a rating of CVSS 9.8, when in fact it might not even be a finding at all.

    Experienced researchers are careful with impact because they know it has to be earned. A bug in an admin-only feature does not carry the same risk as an unauthenticated internet-facing bug. A crash may be a denial of service, a path to code execution, or simply an unexploitable reliability issue, depending on the context. A missing check in one code path may be serious, or it may be protected by a control somewhere else. The only way to know is to validate.

    Good validation prevents both underreporting and overreporting. It helps testers avoid crying wolf, but it also gives them the evidence needed to make a strong case when the issue is genuinely serious. Tenable also recently brought up challenges in this space, including how there are often critical contextual combinations that are also missed.

    How Teams Should Use AI Without Losing Skill

    The right goal is not to avoid AI. The technology is too useful for that. The right goal is to use it in a way that strengthens offensive testing instead of weakening the people doing it. AI should help testers move faster, explore more hypotheses, and reduce repetitive work. It should not become a substitute for learning how systems behave.

    Security leaders can encourage that balance by setting expectations around evidence and training. Junior testers should still learn fundamentals before they outsource too much of the process. Senior testers should use AI as a force multiplier, not as an authority. Teams should review not only whether a finding was generated, but whether the tester can explain and reproduce it. That explanation is where real understanding becomes visible.

    A healthy AI-assisted offensive testing program should reward validated impact over volume. It should measure signal quality, not just finding the count. It should preserve manual practice in areas like request manipulation, code review, debugging, exploit development, threat modeling, and impact analysis. It should also use AI as a teaching tool: when the model suggests an issue, the tester should ask why, test the claim, and learn from the result.

    The Standard Has Not Changed: Prove It

    AI will continue to improve. Agents will become better at navigating applications, reading code, generating payloads, and documenting results. Some of this progress will be genuinely impressive, and security teams should take advantage of it. But offensive security cannot become a volume game where every plausible theory becomes someone else’s triage burden.

    The core standard of the field is still simple: prove it. Prove the bug exists. Prove the attacker can reach it. Prove the impact. Prove the business risk. Prove the fix works. AI does not lower that standard. If anything, it raises the importance of enforcing it, because convincing but unproven output is now easier to produce than ever.

    The best researchers and teams of the next decade will not be the ones that reject AI. They will be the ones who combine automation with technical judgment, using the machine to accelerate the work without handing it the final say. Knowing when to stop, inspect, test, and think will remain a competitive advantage. Knowledge still matters because validation still matters, and in offensive security, validation is the difference between noise and truth.

    I will be expanding on this topic in SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking at SANS Network Security 2026. Our course update blends together manual understanding of complex topics, such as exploit writing, and instructs how to leverage AI to assist in automating specific tasks.

    Register for SANS Network Security here.

    Note: This article has been expertly written and contributed by Stephen Sims, SANS Fellow.

    Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.





    Source link

    07/16/2026
←Previous Page
1 2 3 4 5 … 1,043
Next Page→