Latest news as of 2/16/2026, 1:38:41 AM
Dark Reading
The Register
Google’s Gemini-powered tools tripped up by image-scaling prompt injection Security researchers with Trail of Bits have found that Google Gemini CLI and other production AI systems can be deceived by image scaling attacks, a well-known adversarial challenge for machine learning systems.…
Dark Reading
By using brief, plain clues in their prompts that are likely to influence the app to query older models, a user can downgrade ChatGPT for malicious ends.
Bleeping Computer
UK-based telecommunications company Colt Technology Services confirms that customer documentation was stolen as Warlock ransomware gang auctions files. [...]
Dark Reading
Trend Micro's Salvatore Gariuolo talks with the Black Hat USA 2025 News Desk about how the new ISO 15118 standard for electric vehicle smart charging and vehicle-to-grid communications can be weaponized by threat actors.
Dark Reading
NCC Group's David Brauchler III shared how foundational controls and threat modeling strategies can help secure agentic AI tools in ways traditional guardrails can't.
Dark Reading
Sam Collins and Marius Muench of the University of Birmingham, UK, join the Black Hat USA 2025 News Desk to explain how anti-cheat systems in video games provide valuable lessons on defending against threat actors' techniques and strategies.
The Register
Bill would let US President commission white hat hackers to go after foreign threats, seize assets on the online seas It's been more than 200 years since the United States issued a letter of marque allowing privateers to attack the vessels of foreign nations, but those letters may return to empower cyber operators if a bill introduced in Congress actually manages to pass. …
Dark Reading
New research highlights how threat actors abuse legitimate virtual private server offerings in order to spin up infrastructure cheaply, quietly, and fast.
The Hacker News
Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances. The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows - CVE-2025-57788 (CVSS score: 6.9) - A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user