Cyber Brief 25-08 - July 2025
Cyber Brief 25-08 - July 2025
Cyber Brief 25-08 - July 2025
04.08.2025 22:03 β π 0 π 0 π¬ 0 π 0
42% of Developers Using AI Say Their Codebase is Now Mostly AI-Generated
42% of Developers Using AI Say Their Codebase is Now Mostly AI-Generated
04.08.2025 19:38 β π 0 π 0 π¬ 0 π 0
Darktrace Acquires Mira Security
Darktrace Acquires Mira Security
04.08.2025 19:33 β π 0 π 0 π¬ 0 π 0
Threat Actors Using AI to Scale Operations, Accelerate Attacks and Attack Autonomous AI Agents
Threat Actors Using AI to Scale Operations, Accelerate Attacks and Attack Autonomous AI Agents
04.08.2025 19:13 β π 1 π 0 π¬ 0 π 0
Claude Vulnerabilities Let Attackers Execute Unauthorized Commands With its Own Help
Claude Vulnerabilities Let Attackers Execute Unauthorized Commands With its Own Help
04.08.2025 19:08 β π 3 π 1 π¬ 0 π 0
Python-powered malware grabs 200K passwords, credit cards
: PXA Stealer pilfers data from nearly 40 browsers, including Chrome
Python-powered malware snags hundreds of credit cards, 200K passwords, and 4M cookies
04.08.2025 19:03 β π 0 π 0 π¬ 0 π 0
Ransomware Attack on Phone Repair and Insurance Company Cause Millions in Damage
Ransomware Attack on Phone Repair and Insurance Company Cause Millions in Damage
04.08.2025 18:28 β π 0 π 0 π¬ 0 π 0
SonicWall VPNs Actively Exploited for 0-Day Vulnerability to Bypass MFA and Deploy Ransomware
SonicWall VPNs Actively Exploited for 0-Day Vulnerability to Bypass MFA and Deploy Ransomware
04.08.2025 17:18 β π 0 π 0 π¬ 0 π 0
New LegalPwn Attack Exploits Gemini, ChatGPT and other AI Tools into Executing Malicious Code via Disclaimers
A sophisticated new attack method that exploits AI modelsβ tendency to comply with legal-sounding text, successfully bypassing safety measures in popular development tools.
A study by Pangea AI Security has revealed a novel prompt injection technique dubbed βLegalPwnβ that weaponizes legal disclaimers, copyright notices, and terms of service to manipulate large language models (LLMs) into executing malicious code.
The attack has proven effective against major AI tools, including GitHub Copilot, Googleβs Gemini CLI, ChatGPT, and several other prominent models.
LegalPwn works by embedding malicious instructions within legitimate-looking legal text that AI models are programmed to respect and process.
Rather than using obvious adversarial prompts, attackers disguise their payload within familiar legal language such as copyright violation warnings, confidentiality notices, or terms of service violations.
Disclaimer Weaponized
βThe ability of these models to interpret and contextualize information, while a core strength, can also be a weakness when subtle adversarial instructions are embedded within trusted or seemingly innocuous text,β the researchers explain in their report .
LegalPwn Attack method
The technique proved remarkably effective during testing. When researchers presented malicious code containing a reverse shell (which provides remote system access to attackers) wrapped in legal disclaimers, multiple AI systems failed to identify the security threat. Instead, they classified the dangerous code as safe, with some tools even recommending its execution.
The research team successfully demonstrated LegalPwn attacks in live environments with alarming results. GitHub Copilot , Microsoftβs AI coding assistant, completely missed a reverse shell payload hidden within what appeared to be a simple calculator program, describing the malicious code merely as βa calculator.β
Even more concerning, Googleβs Gemini CLI not only failed to detect the threat but actively recommended that users accept and execute the malicious command, which would have provided attackers with complete remote control over the target system.
The malicious payload used in testing was a C program that appeared to be a basic arithmetic calculator but contained a hidden pwn() function.
Attack Result
When triggered during an addition operation, this function would establish a connection to an attacker-controlled server and spawn a remote shell, effectively compromising the entire system.
Testing across 12 major AI models revealed that approximately two-thirds are vulnerable to LegalPwn attacks under certain conditions. ChatGPT 4o, Gemini 2.5, various Grok models, LLaMA 3.3, and DeepSeek Qwen all demonstrated susceptibility to the technique in multiple test scenarios.
AI Models Test
However, not all models were equally vulnerable. Anthropicβs Claude models (both 3.5 Sonnet and Sonnet 4), Microsoftβs Phi 4, and Metaβs LLaMA Guard 4 consistently resisted the attacks, correctly identifying malicious code and refusing to comply with misleading instructions.
The effectiveness of LegalPwn attacks varied depending on how the AI systems were configured. Models without specific safety instructions were most vulnerable, while those with strong system prompts emphasizing security performed significantly better.
The discovery highlights a critical blind spot in AI security, particularly concerning applications where LLMs process user-generated content, external documents, or internal system texts containing disclaimers.
The attack vector is especially dangerous because legal text is ubiquitous in software development environments and typically processed without suspicion.
Security experts warn that LegalPwn represents more than just a theoretical threat. The techniqueβs success in bypassing commercial AI security tools demonstrates that attackers could potentially use similar methods to manipulate AI systems into performing unauthorized operations, compromising system integrity, or leaking sensitive information.
Researchers recommend several mitigation strategies, including implementing AI-powered guardrails specifically designed to detect prompt injection attempts, maintaining human oversight for high-stakes applications, and incorporating adversarial training scenarios into LLM development. Enhanced input validation that analyzes semantic intent rather than relying on simple keyword filtering is also crucial.
Integrate ANY.RUN TI Lookup with your SIEM or SOAR To Analyses Advanced Threats -> Try 50 Free Trial Searches
The post New LegalPwn Attack Exploits Gemini, ChatGPT and other AI Tools into Executing Malicious Code via Disclaimers appeared first on Cyber Security News .
New LegalPwn Attack Exploits Gemini, ChatGPT and other AI Tools into Executing Malicious Code via Disclaimers
04.08.2025 17:03 β π 0 π 0 π¬ 0 π 0
Mozilla Warns of Phishing Attacks Targeting Add-on Developers Account
Mozilla Warns of Phishing Attacks Targeting Add-on Developers Account
04.08.2025 15:48 β π 0 π 0 π¬ 0 π 0
Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally
Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally
04.08.2025 15:43 β π 0 π 0 π¬ 0 π 0
Software and hardware hacker, (in)security researcher, musician,MTB/Gravel cyclist,politics nerd. Not necessarily in that order.βͺοΈSecurity research lead at that (other) bird company βͺοΈMastodon: https://infosec.exchange/@0xamit
English/Χ’ΧΧ¨ΧΧͺ/Poco espaΓ±ol
Immigrant. VP Security Intelligence @Forescout, Co-founder @RespectInSec. Board @vaultree, Cybersecurity Futurist, Researcher, Award-winning writer/producer. He/Him. Pussy in bio.
Slava Ukraini πΊπ¦
Principal Application Security Engineer focused on all things #AppSec. Occasionally dabble in my own research. Also keen gamer and aspiring photographer.
Hacker, CISO, and private pilot. Certified Bluesky Elder. Author and International Speaker, Chief advocate of #DoBetterBeBetter
Compassion and empathy are traits in short supply but necessary to make this world a better place.
alyssasec.com
computer security person. former helpdesk.
Lvl 46 cyberpunk, hacker, and filthy pirate. Best worst influence. I do cursed things with computers. Loud Chaotic Good π¨πΊ/π― punk. .ooM by proxy. He/him/bi π³οΈβπ #HackThePlanet
Nazis will be punched and humiliated.
Ko-Fi: http://ko-fi.com/LambdaCalculus
Hacker & CEO @SocialProofSec security awareness/social engineering training, videos, talks | 3X @DEFCONπ₯ | Chair @WISPorg | @CISAgov Technical Advisory Council under Director Jen Easterly
Team Hashcat + Hacking stuff + Running Information Security in FinTech + I like chess + Cracking Passwords + Making music
Chief Research Officer @ Unit 221B
most reliable way to reach me is my company's outreach form on the website
my other urls:
https://infosec.exchange/@nixonnixoff
https://www.linkedin.com/in/allison-nixon-81822124/
don't bother contacting me on twitter
Child Of The Electron.
TechPriest,
Archmagos,
Arkifane,
& Ownlifer.
SrPentester/ELINT/SIGINT/OSINT.
Reading your email since 1995.
Nemo nisi aut nocens.
Irratus eris in perpetuum.
#DataLove
#2600 #Telecomix #MeMBu #OpDOGE #OpKKK #OpJane #OpDefrost
IT Security Admin/Blue Team β He/Him/Fucker β Weapons Grade Shitposting
π΅πΈ Free Palestine
π³οΈββ§οΈTrans Rights = Human Rights.
π
Veilid for the people.
Antifascist Tech Support β’οΈ
Donβt like me, complain to my boss: 248-434-5508
MrJhnsn.com
SF, CA
A resource for the academic and professional cyber security community, by the community.
cybok.org
BBC Technology Editor π€
Passionate about IT and technology. Immersed in bits, I dream of a future driven by machines and space exploration. #LLAP π
Infosec, Detection Engineering, Threat Research, Threat Hunting, OffSec, Conference Organizer.
eJPT, CC, PenTest+ | Security researcher, embedded systems engineer, gamer and Twitch affiliate.
https://danielchateau.com
Some nerd that uses computers | Blogger with 500-ish articles at https://xeiaso.net | @theprincessxena on the bird website | CEO @techaro.lol | Minors DNI
Senior Research Fellow @rusi.bsky.social | Senior Research Associate @virtualroutes.bsky.social | Usually researching ransomware and cybercrime | Sometime indie landfill guitarist
