**Risky Business #801: AI Models Can Hack, and It's Weirding Us Out**

The world of cybersecurity is facing a new era of challenges with the emergence of highly advanced AI models that can hack into systems with unprecedented ease. This phenomenon has left many experts scratching their heads, wondering if the days of human-led bug hunting are numbered.

Google has recently announced that its AI-based bug hunter has discovered 20 security vulnerabilities in various systems. While this finding is alarming, it's essential to note that XBOW, a tool used by Google to identify vulnerabilities, is not yet ready to replace human-led bug hunting entirely. As James Kettle, a cybersecurity expert, aptly put it, "There I am being careful to balance hyping my talk without going too far and then this gets published... maybe the countdown timer is just too ominous!"

The use of AI models to identify vulnerabilities has opened up new avenues for cyberattacks. China has once again been accused of using its hackers to compromise foreign systems. In a disturbing development, Nvidia chips have raised concerns that they could be used to track, trace, and even shut down Chinese AIs.

In recent days, SonicWall has warned customers to take their VPN devices offline after experiencing several ransomware incidents. The company's Gen 7 firewalls have also been affected by a recent threat activity report from ReVault.

But what happens when your System-on-Chip (SoC) turns against you? In a chilling reminder of the risks associated with AI-powered systems, nearly 100,000 ChatGPT conversations were recently made searchable on Google. This incident highlights the importance of cybersecurity measures in protecting sensitive information.

Meanwhile, Microsoft has caught Russian hackers targeting foreign embassies, and the Kremlin's most devious hacking group is using Russian ISPs to plant spyware. The threat landscape continues to evolve, with new challenges emerging every day.

In a surprising turn of events, Blizzard has been found to be secretly running an AI-powered campaign against diplomats. Microsoft has also responded to a news report about Russia blocking a popular US-made internet speed test tool over national security concerns.

As we navigate this complex and ever-changing landscape, it's essential to remain vigilant and proactive in protecting our systems and data from the threats of AI-powered hacking. The countdown timer may be ticking, but for now, human-led bug hunting remains an integral part of our cybersecurity arsenal.

**Risky Bulletin:**

* China is accused of using its hackers to compromise foreign systems * Nvidia chips could track, trace, and even shut down Chinese AIs * SonicWall warns customers to take their VPN devices offline after ransomware incidents * Nearly 100,000 ChatGPT conversations were made searchable on Google * The Kremlin's most devious hacking group is using Russian ISPs to plant spyware

**Recent Threat Activity:**

* Gen 7 SonicWall Firewalls – SSLVPN Recent Threat Activity ReVault! * Microsoft catches Russian hackers targeting foreign embassies - Ars Technica * The Kremlin’s Most Devious Hacking Group Is Using Russian ISPs to Plant Spyware | WIRED