Risky Bulletin: Top AI models all fall to new prompt injection technique

Risky Bulletin: Top AI Models All Fall to New Prompt Injection Technique

Release Date: April 28, 2025
Host: Claire Aird
Podcast: Risky Bulletin by risky.biz

1. New Vulnerability in Leading AI Models

In today's headline story, Claire Aird discusses a significant breakthrough in cybersecurity affecting the largest artificial intelligence models. The Risky Business team has identified a new prompt injection technique capable of compromising all major AI models from industry giants.

"Models from the eight biggest AI companies are vulnerable to a new prompt injection technique," (00:04) Claire Aird explains.

This newly discovered attack, termed "policy puppetry," involves carefully crafted prompts that deceive large language models (LLMs) into interpreting malicious input as legitimate policy directives. The affected companies include OpenAI, Microsoft, Google, Meta, Anthropic, Mistral, Deepseek, and Quen. The vulnerability poses a substantial risk, potentially allowing attackers to manipulate AI outputs, bypass existing security measures, and exploit these models for various malicious purposes.

2. Meta Criticized for Handling Malicious Ads in Poland

Claire shifts focus to Meta (formerly Facebook), highlighting severe criticisms from Poland’s cybersecurity agency regarding the platform's inadequate response to malicious advertisements.

"Poland's cybersecurity agency has accused Meta of failing to take meaningful action against malicious ads on Facebook," (00:04) Claire notes.

Cert Poland alleges that Meta has not implemented essential recommendations from a meeting held the previous year, such as creating a block list for known fraudulent domains. Additionally, Meta has reportedly ignored multiple reports about malicious ads and continued to allow fraudster accounts to operate, despite these accounts propagating harmful advertisements. This situation underscores ongoing challenges in managing and mitigating fraudulent activities on large social media platforms.

3. Security Breach at Africa's Largest Telecommunications Company

Turning to Africa, Claire reports on a recent security breach at MTN, the continent's largest telecommunications provider.

"Hackers have breached customer data held by Africa's largest telco," (00:04) she states.

MTN confirmed the breach but provided limited details, mentioning that while some personal information was accessed, their billing and core networks remain secure and operational. The company is currently notifying affected customers and investigating the extent of the breach. This incident highlights the persistent threats faced by major telecommunications firms and the importance of robust cybersecurity measures to protect sensitive customer data.

4. Cyber Attack on Malaysian Brokerage Accounts

Claire covers a surge in cyberattacks targeting brokerage accounts in Malaysia.

"Hackers have made unauthorized trades on the Malaysian stock exchange after accessing brokerage accounts," (00:04) she reports.

Malaysian brokers have urged clients to change their passwords following these breaches. Notably, a similar attack affected Japanese brokerage accounts the previous week, suggesting a coordinated campaign targeting financial institutions in the region. Additionally, the Royal Cryptocurrency Exchange suffered a significant loss of over $780,000 earlier in the month due to a backdoor in one of its smart contracts. The stolen funds were laundered through Tornado Cash, a cryptocurrency mixer, complicating efforts to trace and recover the assets.

5. Russia Implements Internet Throttling to Counter Ukrainian Drone Strikes

In geopolitical news, Claire discusses Russia's defensive measures against Ukrainian drone strikes by throttling mobile internet speeds.

"Russian authorities are throttling mobile Internet speeds at night as a defence against Ukrainian drone strikes," (00:04) Claire explains.

The slowdown, reducing speeds to 512kbps between midnight and 5 a.m. daily, has been enacted in at least ten regions within the Rostov oblast since December. This tactic aims to disrupt the communication channels that Ukrainian UAVs might exploit, thereby mitigating the effectiveness of these drone attacks.

6. Appointment of Madhu Gotamukkala as CISA's Deputy Director

Claire updates listeners on significant personnel changes within the cybersecurity landscape.

"Madhu Gotamukkala will be CISA's new Deputy Director," (00:04) she announces.

Currently serving as the Chief Information Officer for the state of South Dakota, Gotamukkala will assume his new role at CISA, replacing Nitin Natarajan, who resigned in January. He is expected to transition into his role by mid-May, promising continuity and leadership within the agency.

7. Nigerian Authorities Crack Down on Sextortion Campaigns

Claire highlights international law enforcement efforts against sextortion schemes originating from Nigeria.

"Nigerian Authorities have arrested 22 suspects in relation to sextortion campaigns," (00:04) Claire shares.

These individuals were accused of posing as women to contact young teenagers, coercing them into providing sexually explicit photos, and then extorting money from the victims. The FBI has linked some suspects to cases where U.S. victims tragically took their own lives. The arrests were part of a collaborative operation between U.S. and Nigerian law enforcement agencies, aiming to dismantle these harmful networks.

8. Ohio Township Sues Auditor Over Business Email Compromise Scam

In a legal development, Claire discusses a lawsuit filed by an Ohio township against its auditor.

"An Ohio township has sued its auditor, who fell for a BEC scam," (00:04) she states.

The Town of Bezeta lost $160,000 due to funds being transferred to an attacker's bank account in a Business Email Compromise (BEC) scam last year. The township is seeking to hold County Auditor Martha Yoder liable for half of the loss, arguing that Yoder's failure to implement Multi-Factor Authentication (MFA) contributed to the breach. Auditor Yoder, however, counters that the township is at fault for not maintaining adequate security protocols.

9. North Korean Hackers Target Blockchain Developers via Fake US Companies

Claire reports on sophisticated cyber tactics employed by North Korean hackers targeting the blockchain sector.

"North Korean hackers have used two US Front companies to lure blockchain developers to fake job interviews," (00:04) Claire narrates.

Operating under the guise of legitimate cryptocurrency consulting businesses, BlockNovice LLC and Softglide LLC, these front companies conducted fraudulent job interviews with blockchain developers. Unsuspecting victims were infected with malware during the application process, enabling the hackers to infiltrate and compromise their current employers' systems. This campaign underscores the advanced and deceptive methods cybercriminals employ to breach technologically sophisticated industries.

10. CRAFT CMS Releases Security Updates for Zero-Day Exploit

Focusing on cybersecurity vulnerabilities, Claire discusses recent updates from the CRAFT CMS team.

"The CRAFT CMS team has released security updates to fix a zero day that was being exploited in the wild," (00:04) Claire informs listeners.

Initial attacks exploiting this zero-day vulnerability were detected in February. Attackers combined this with another bug to take control of websites running the CMS. According to the Orange SensePost security team, over 13,000 sites using vulnerable versions of CRAFT CMS were affected, with approximately half located in the United States. The prompt release of security patches aims to mitigate this widespread threat and secure affected websites against unauthorized access.

11. Teltonika SMS Gateways Targeted in Spam Campaign

Claire brings attention to ongoing cyberattacks targeting Teltonika SMS gateways.

"Teltonika SMS gateways are being hacked in what appears to be part of an SMS spam campaign," (00:04) she explains.

Attackers exploited devices still using default login credentials, compromising SMS gateways in Belgium and Saudi Arabia. This campaign likely aims to distribute spam messages, potentially facilitating further malicious activities such as phishing or spreading malware. Users are advised to update their device credentials and implement stronger security measures to prevent unauthorized access.

12. Planet Technology Addresses Five Critical Vulnerabilities

In the final news segment, Claire covers recent security issues identified in Planet Technology's products.

"Five vulnerabilities have been found in network management and industrial switch products from Planet Technology," (00:04) Claire reports.

The discovered bugs include authentication bypass, pre-auth command injection, and hard-coded credentials. Planet Technology responded by releasing patches in mid-April to address these vulnerabilities. Users of affected products are strongly encouraged to apply these updates promptly to secure their network management and industrial switch systems against potential exploits.

Conclusion

Today's Risky Bulletin covered a wide array of cybersecurity threats and developments, from vulnerabilities in major AI models to international law enforcement actions against cybercriminals. The episode underscores the evolving nature of cyber threats and the importance of proactive security measures across all sectors.

Stay informed and vigilant by tuning into future episodes of Risky Bulletin for the latest updates in cybersecurity.

Quote Attribution: All notable quotes are attributed to Claire Aird with corresponding timestamps from the transcript.