FILTERING BY: CLEAR FILTER

DeepSeek-Synthesized Browser-Native Ransomware via Microsoft Edge "Edgecution"

The Payouts Kings ransomware group has deployed "Edgecution," a malicious Microsoft Edge extension that leverages AI-synthesized attack blueprints from DeepSeek to achieve host-level compromise. The attack vector utilizes social engineering via Microsoft Teams to trick users into installing the extension. By abusing the Native Messaging API, the malware executes a browser sandbox escape, enabling the installation of persistent backdoors and ransomware overlays on Windows and Android platforms. Payloads include keyloggers, credential stealers, and webcam capture tools, marking a critical shift from theoretical AI-generated concepts to operational, cross-platform exploitation.

HarmRLVR: Weaponizing Verifiable Rewards to Reverse LLM Safety Alignment

HarmRLVR is a novel attack framework that weaponizes Reinforcement Learning with Verifiable Rewards (RLVR) to strip safety guardrails from Large Language Models (LLMs). By utilizing the Group Relative Policy Optimization (GRPO) algorithm and a minimal dataset of 64 harmful prompts, attackers can rapidly reverse alignment in open-source models including Llama, Qwen, and DeepSeek. Unlike traditional harmful fine-tuning, HarmRLVR achieves a 96.01% attack success rate and a 4.94/5 harmfulness score while preserving the model's general intelligence and reasoning capabilities, creating a high-efficiency vector for generating uncensored, malicious content.


LINK COPIED TO CLIPBOARD