How threat actors abused generative AI to create exploits and exfiltrate 150GB of government data

Weekly insights on threats, vulnerabilities, and security best practices.

Three Chinese AI companies executed sophisticated distillation attacks against Anthropic's Claude, generating 16M queries through 24K fraudulent accounts to steal model capabilities.

Truffle Security discovered nearly 3,000 exposed Google Cloud API keys with Gemini access embedded in client-side code, enabling unauthorized AI endpoint access and data theft.

Pentagon's designation of Anthropic as supply chain risk reveals critical attack vectors in AI procurement. Analysis of exploitation TTPs targeting AI supply chains.