The deal will enhance 1Password Extended Access Management offering with capabilities to address challenges around software-as-a-service sprawl and shadow IT.

Source: blickwinkel via Alamy Stock Photo

NEWS BRIEF

1Password on Monday announced that it has acquired software-as-a-service (SaaS) access management provider Trelica. Although terms of the transaction were not disclosed, 1Password said it is the largest acquisition by company revenue in its 18-year history.

1Password provides password management and other online identity-based services. This acquisition will build on 1Password's effort to expand its Extended Access Management offering, a platform that secures, identities, and manages access and permissions applications and devices, the company said. Launched last year, the platform is designed to ensure that employee devices, identities, and apps are trusted before granting access to enterprise resources.

Founded in 2018, UK-based Trelica offers a suite of tools for managing and securing SaaS applications, such as tools for employee onboarding and offboarding, discovering shadow IT deployments, SaaS operations, spend optimization, and access management. With shadow IT and SaaS sprawl increasing the risk of security breaches, security teams rely on automated application discovery tools to identify unmanaged apps, streamline user provisioning and access governance, and enforce security policies.

"Trelica addresses critical challenges that haven't been solved by traditional solutions like single sign-on (SSO), mobile device management (MDM) and SaaS security posture management (SSPM)," wrote 1Password CEO Jeff Shiner in a blog post announcing the deal. "These include provisioning and de-provisioning users, reclaiming unused licenses, monitoring permission drift, and adjusting access during role changes. Trelica prioritizes IT administrators' most time-consuming tasks while maintaining a secure environment."

With Shadow IT discovery capabilities from Trelica, the 1Password Extended Access Management platform will provide organizations with a repeatable framework for bringing unmanaged apps into full compliance under IT and security management, while empowering employees to use the tools that enhance their productivity, 1Password said in a statement.

Besides 1Password, Trelica lists over 300 SaaS integrations with SaaS providers, including Adobe, Atlassian, Cisco, Google, HubSpot, JFrog, LastPass, ManageEngine, Marketo, Microsoft, Okta, Pax8, Salesforce, SAP, ServiceNow, Snyk, Sophos, TeamViewer, Workday, Workspace One, and Zoom.

**About the Author**

Contributing Writer

Jeffrey Schwartz is a journalist who has covered information security and all forms of business and enterprise IT, including client computing, data center and cloud infrastructure, and application development for more than 30 years. Jeff is a regular contributor to Channel Futures. Previously, he was editor-in-chief of Redmond magazine and contributed to its sister titles Redmond Channel Partner, Application Development Trends, and Virtualization Review. Earlier, he held editorial roles with CommunicationsWeek, InternetWeek, and VARBusiness. Jeff is based in the New York City suburb of Long Island.

1Password Acquires SaaS Access Management Provider Trelica

A fake Telegram Premium app delivers information-stealing malware, in a prime example of the rising threat of adversaries leveraging everyday applications, researchers say.

Source: Boris Kozlov via Alamy Stock Photo

A new advanced Android spyware threat called "FireScam" is using a fake Telegram Premium application to drop an infostealer on victims' phones that is able to track, monitor, and collect sensitive data on its victims.

Researchers at Cyfirma behind a new FireScam analysis said the campaign is part of a wider trend of threat actors finding success disguising malware as legitimate applications and services. In this case, they are abusing Firebase, a legitimate cloud platform widely used by developers of Google mobile and Web applications.

"By capitalizing on the widespread usage of popular apps and legitimate services like Firebase, FireScam exemplifies the advanced tactics used by modern malware to evade detection, execute data theft, and maintain persistent control over compromised devices," the report explained. "By exploiting the popularity of messaging apps and other widely used applications, FireScam poses a significant threat to individuals and organizations worldwide."

The infection routine starts with a phishing site hosted on the GitHbub\[dot\]io domain, dressed up to look like the RuStore app store, the report said. The site delivers a malicious version of Telegram Premium, which then steals data from the targeted Android device, including notifications, messages, and more, and sends it to a Firebase Realtime Database endpoint.

Related:China's Salt Typhoon Adds Charter, Windstream to Telecom Victim List

Once installed, FireScam uses regular checks and analysis, command-and-control communications (C2), and data storage to maintain persistence and deliver additional malware, as needed, the report added.

"The FireScam malware campaign reveals a worrying development in the mobile threat landscape: malware targeting Android devices is becoming increasingly sophisticated," Eric Schwake, director of cybersecurity strategy at Salt Security, said in a statement. "Although using phishing websites for malware distribution is not a new tactic, FireScam's specific methods — such as masquerading as the Telegram Premium app and utilizing the RuStore app store — illustrate attackers' evolving techniques to mislead and compromise unsuspecting users."

**Solutions for Stopping Spyware Like FireScam**

With these threats becoming increasingly sophisticated, it's important for cyber defenders to focus on anomalous app activity, according to a statement from Stephen Kowski, field CTO at SlashNext Email Security+.

"Real-time mobile app scanning and continuous monitoring are crucial safeguards, as these attacks often bypass traditional security measures by exploiting user trust and legitimate distribution channels," Kowski wrote. "The key to protecting against such threats is implementing security solutions that can detect suspicious permission requests and unauthorized app behaviors before sensitive data is compromised."

Related:EagerBee Backdoor Takes Flight Against Mideast ISPs, Government Targets

Schwake added that protecting application programming interfaces (APIs) can also help protect users from increasingly convincing phishing lures.

"Real-time mobile-app scanning and continuous monitoring are crucial safeguards, as these attacks often bypass traditional security measures by exploiting user trust and legitimate distribution channels," Kowski wrote. "The key to protecting against such threats is implementing security solutions that can detect suspicious permission requests and unauthorized app behaviors before sensitive data is compromised."

**About the Author**

Dark Reading

Becky Bracken is a veteran multimedia journalist covering cybersecurity for Dark Reading.

FireScam Android Spyware Campaign Poses 'Significant Threat Worldwide'

In just two years, LLMs have become standard for developers — and non-developers — to generate code, but companies still need to improve security processes to reduce software vulnerabilities.

Source: TippaPatt via Shutterstock

The use of large language models (LLMs) for code generation surged in 2024, with a vast majority of developers using OpenAI's ChatGPT, GitHub Copilot, Google Gemini, or JetBrains AI Assistant to help them code.

However, the security of the generated code — and developers' trust in that code — continues to lag. In September, a group of academic researchers found more than 5% of the code generated by commercial models and nearly 22% of the code generated by open source models contained package names that do not exist. And in November, a study of the code generated by five different popular artificial intelligence (AI) models found that at least 48% of the generated code snippets contained vulnerabilities.

While code-generating AI tools are accelerating development, companies need to adapt secure coding practices to keep up, says Ryan Salva, senior director of product and lead for developer tools and productivity at Google.

"I am deeply convinced that, as we adopt these tools, we can't just keep doing things the exact same way, and we certainly can't trust that the models will always give us the right answer," he says. "It absolutely has to be paired with good, critical human judgment every step of the way."

One significant risk is hallucinations by code-generating AI systems, which — if accepted by the software developer — result in vulnerabilities and defects, with 60% of IT leaders describing the impact of AI-coding errors as very or extremely significant, according to the "State of Enterprise Open-Source AI" report published by developer-tools maker Anaconda.

Companies need to make sure that AI is augmenting developers' efforts, not supplanting them, says Peter Wang, chief AI and innovation officer and co-founder at Anaconda.

"Users of these code-generation AI tools have to be really careful in vetting code before implementation," he says. "Using these tools is one way malicious code can slip in, and the stakes are incredibly high."

**Developers Pursue Efficiency Gains**

Nearly three-quarters of developers (73%) working on open source projects use AI tools for coding and documentation, according to GitHub's 2024 Open Source Survey, while a second GitHub survey of 2,000 developers in the US, Brazil, Germany, and India found that 97% had used AI coding tools to some degree.

The result is a significant increase in code volume. About a quarter of code produced within Google is generated by AI systems, according to Google's Salva. Developers who use GitHub regularly and GitHub Copilot are more active as well, producing 12% to 15% more code, according the company's Octoverse 2024 report.

Overall, developers like the increased efficiency, with about half of developers (49%) finding that they save at least two hours a week due to their use of AI tools, according to the annual "State of Developer Ecosystem Report" published by software tools maker JetBrains.

In the push to get developer tools into the market, AI firms chose versatility over precision, but those will evolve over the coming year, says Vladislav Tankov, director of AI at JetBrains.

"Before the rise of LLMs, fine-tuned and specialized models dominated the market," he says. "LLMs introduced versatility, making anything you want just one prompt away, but often at the expense of precision. We foresee a new generation of specialized models that combine versatility with accuracy."

In October, JetBrains launched Mellum, an LLM specialized in code-generation tasks. The company trained the model in several phases, Tankov says, starting with a "general understanding and progressing to increasingly specialized coding tasks. This way, it retains a general understanding of the broader context, while excelling in its key function."

As part of its efforts, JetBrains has feedback mechanisms to reduce the likelihood of vulnerable code suggestions and extra filtering and analysis steps for AI-generated code, he says.

**Security Remains a Concern**

Overall, developers appear to increasingly trust the code generated by popular LLMs. While the majority of developers (59%) have security concerns with using AI-generated code, according to the JetBrains report, more than three-quarters (76%) believe that AI-powered coding tools produce more secure code than humans.

The AI tools can help accelerate development of secure code, as long as developers know how to use the tools safely, Anaconda's Wang says. He estimates that AI tools can as much as double developer productivity, while producing errors 10% to 30% of the time.

Senior developers should use code-generating AI tools as "a very talented intern, knocking out a lot of the rote grunt work before passing it on for refinement and confirmation," he says. "For junior developers, it can reduce the time required to research and learn from various tutorials. Where junior developers need to be careful is with using code-generation AI to pull from sources or draft code they don't understand."

Yet AI is also helping to fix the problem as well.

GitHub's Wales points to tools like the service's Copilot Autofix as a way that AI can augment the creation of secure code. Developers using Autofix tend to fix vulnerabilities in their code more than three times faster than those who do so manually, according to GitHub.

"We've seen improvements in remediation rates since making the tool available to open source developers for free, from nearly 50% to nearly 100% using Copilot Autofix," Wales says.

And the tools are getting better. For the past few years, AI providers have seen code-suggestion acceptance rates increase by about 5% per year, but they have largely plateaued at an unimpressive 35%, says Google's Salva.

"The reason for that is that these tools have largely been grounded in the context that's surrounding the cursor, and that's in the \[integrated development environment (IDE)\] alone, and so they basically just take context from a little bit before and a little bit after the cursor," he says. "By expanding the context beyond the IDE, that's what tends to get us the next significant step in improving the quality of the response."

**Discrete AIs for Developers' Pipelines**

AI assistants are already specializing, targeting different aspects of the development pipeline. While developers continue to use AI tools integrated into their development environments and standalone tools, such as ChatGPT and Google's Gemini, development teams will likely need specialists to effectively produce secure code.

"The good news is that the advent of AI is already reshaping how we think about and approach cybersecurity," says GitHub's Wales. "2025 will be the era of the AI engineer, and we'll see the composition of security teams start to alter."

As attackers become more familiar with code-generation tools, attacks that attempt to leverage the tools may become more prevalent as well, says JetBrains' Tankov.

"Security will become even more pressing as agents generate larger volumes of code, some potentially bypassing thorough human review," he says. "These agents will also require execution environments where they make decisions, introducing new attack vectors — targeting the coding agents themselves rather than developers."

As AI code-generation becomes the de facto standard in 2025, developers will need to be more cognizant of how they can check for vulnerable code and ensure their AI tools are prioritizing security.

**About the Author**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Will AI Code Generators Overcome Their Insecurities This Year?

AI is now essential for businesses, driving efficiency, innovation, and growth. Leverage its power for better decisions, customer…

AI is now essential for businesses, driving efficiency, innovation, and growth. Leverage its power for better decisions, customer personalization, and competitive advantage in 2025.

It’s 2025 and Artificial Intelligence (AI) has transitioned from an emerging technology to a fundamental driver of business success. Today, integrating AI is more than just implementing new software; it’s about reshaping business models, improving operational efficiency, and fostering innovation.

In fact, according to a Forbes report, 72% of businesses have adopted AI for at least one business function, with nearly three out of four businesses leveraging AI to improve their operations. This marks a sharp increase from 2023 when less than a third of businesses reported using AI for two or more functions. 

To capitalize on the growing adoption of AI, businesses must prioritize developing a clear AI development strategy that positions them for long-term success. Here are several reasons why your business should adopt AI in 2025. Here are several reasons why your business should adopt AI now: 

****1\. Enhancing Operational Efficiency** **

The growth of AI technologies has been nothing short of remarkable. Machine learning algorithms now allow businesses to predict market trends with higher accuracy, enabling smarter decision-making. Similarly, AI-driven Natural Language Processing (NLP) makes it easier for businesses to interact with customers in more natural, intuitive ways, while computer vision opens doors for automation in industries like manufacturing, healthcare, and transportation. Businesses that embrace AI can improve productivity, reduce costs, and streamline operations. 

****2\. Growing Accessibility for Businesses of All Sizes** **

Once considered a tool for large corporations with hefty budgets, AI is now more accessible than ever. Cloud-based platforms from tech giants like Google, Amazon, and Microsoft offer scalable AI services that suit businesses of all sizes. This democratization of AI has made it possible for companies to adopt AI tools without the need for extensive technical expertise. Even small businesses can apply AI to boost their capabilities, thanks to pre-built models and open-source frameworks that lower costs and shorten implementation times. 

****3\. Staying Ahead of Competitors**  **

Companies that incorporate AI into their strategies are seeing a clear competitive advantage. Industry leaders are using it to develop new products, enhance customer experience, and optimize operations. AI has already made a significant impact across multiple sectors. In healthcare, AI-driven diagnostics, predictive health models, and personalized medicine are transforming patient care.

In transportation, autonomous vehicles and intelligent traffic management systems are changing the way goods and people move. Similarly, AI in finance is being used for fraud detection, personalized financial advice, and automated trading systems, while manufacturing companies are using predictive maintenance to avoid costly downtimes.   

As AI continues to evolve, businesses that hesitate to adopt these technologies risk falling behind. Competitors who adopt AI early will be able to meet customer expectations for faster, more personalized service, while those who delay will struggle to keep up, which leads us to our next point.   

****4\. Meeting Customer Expectations with Personalization** **

In today’s digital world, customers expect businesses to offer tailored, real-time experiences. AI makes it possible to analyze vast amounts of customer data and use that information to provide personalized recommendations, dynamic pricing, and targeted marketing campaigns. AI-driven chatbots and virtual assistants can enhance customer support by providing immediate, intelligent responses. With more personalized interactions, businesses can increase customer satisfaction, loyalty, and ultimately, revenue. 

****5\. Expanding Business Opportunities and Offerings** **

Integrating AI allows businesses to improve current processes while opening up new avenues for growth. AI can help businesses create innovative products and services that weren’t possible before. Whether it’s developing intelligent software for business analytics or enhancing existing services with AI capabilities, the possibilities are vast. For example, AI in healthcare is enabling the development of advanced diagnostic tools, while in transportation, smart innovations like self-driving cars are revolutionizing mobility. Adopting these technological advancements enables businesses to enter new markets and explore untapped revenue streams. 

****6\. Improving Decision-Making with Data-Driven Insights** **

AI excels at processing large volumes of data and extracting meaningful insights that humans may miss. This ability to turn data into actionable insights allows businesses to make more informed, timely decisions. With AI, businesses can identify trends, predict customer behavior, and assess risk with a level of precision that would be impossible with traditional methods. These insights can drive smarter strategies in marketing, operations, and finance, helping businesses stay agile and competitive in an ever-changing market. 

****Making The First Step****

Successfully integrating AI into your business starts with assessing your current capabilities. Review your technological infrastructure to ensure it can handle AI workloads, from computational power to cloud-based solutions. Data is at the core of AI, so it’s essential to assess your data quality and governance policies. Additionally, your workforce needs to be ready for this transformation. Ensure that your employees have the skills necessary for AI adoption and foster a culture of continuous learning and innovation.  

Before implementing new technologies, it’s important to evaluate potential AI applications based on their feasibility, expected return on investment (ROI), and alignment with your strategic priorities. Focus on projects that offer quick wins and measurable benefits. Some key areas where AI can make an immediate impact in 2025 include:  

*   **AI-Powered Data Analytics:** Deploy AI tools to process and analyze large datasets in real-time, providing actionable insights for strategic decision-making. This can enhance market intelligence, product development, and customer targeting.

*   **Cybersecurity Enhancements:** As cyber threats grow more sophisticated, AI-driven security systems can proactively detect and respond to vulnerabilities faster than traditional methods, safeguarding your business assets and maintaining customer trust.  

*   **Remote Work Optimization:** With the rise of remote and hybrid work models, AI can improve virtual collaboration, automate workflow management, and enhance employee productivity through intelligent virtual assistants and performance analytics.  

*   **Market Trend Forecasting:** Implement AI solutions that analyze market trends and consumer behavior to anticipate shifts and identify new opportunities. This foresight can help inform strategic pivots and investment decisions, keeping your business ahead of the competition.  

Positioning your business for success tomorrow starts with preparing for AI adoption today. As the AI infrastructure evolves, those who act early will set the standard in their industries. The future of business lies in AI, and now is the time to make it a cornerstone of your business.     

1.  **Enhance customer experiences with Generative AI**
2.  **Cyber Resiliency in the AI Era: Building the Unbreakable Shield**
3.  **AI Trends A Software Development Company to Follow in 2025**
4.  **A New Dawn for Storytelling: The Intersection of AI and Cinema**
5.  **Need for Specialized AI Models to Transform Industry Challenges**

6 Reasons Why You Should Integrate AI in Your Business in 2025 

Researchers at Cyfirma have discovered FireScam, an Android malware disguised as 'Telegram Premium' that steals data, monitors activity, and infiltrates devices. Learn about its distribution, functionality, and the impact on user privacy.

****SUMMARY****

*   **FireScam Malware:** FireScam disguises itself as a “Telegram Premium” app to target Android users via phishing websites mimicking trusted app stores.

*   **Malicious Capabilities:** It steals sensitive data, monitors apps, tracks device activity, and ensures persistence through advanced permissions.

*   **Evasion Techniques:** FireScam uses obfuscation, restricted access, and sandbox detection to bypass traditional security measures.

*   **Exploitation Methods:** Social engineering and phishing tactics exploit user trust, leading to identity theft and financial fraud.

*   **Defense Recommendations:** Experts advise using antivirus software, performing regular updates, and monitoring app behavior for enhanced mobile security.

The rapid adoption of mobile applications has provided threat actors with a valuable opportunity to exploit innocent users given the increasing number of incidents involving embedding of malware in these apps, observed cybersecurity researchers at Cyfirma. 

According to their investigation, shared with Hackread.com, FireScam is the latest example of information-stealing malware veiled as a legitimate application to target Android devices. It leverages social engineering tactics and phishing techniques to compromise users’ devices and steals sensitive data like login credentials, financial information, and personal messages, posing a significant threat to user privacy, researchers noted in the blog post.

FireScam primarily spreads through phishing websites designed to mimic popular app stores. In this case, the malware is disguised as a “Telegram Premium” app and distributed via a GitHub.io-hosted phishing website resembling RuStore, a prominent app store in the Russian Federation. This deceptive strategy capitalizes on user trust in established app stores, luring them into downloading the malicious APK file. 

Fake Telegram Premium (Via Cyfirma)

The dropper, once installed on the victim’s device, grants permissions to query and list installed applications, access external storage, delete and install applications, and update without user consent. It declares itself as its designated owner and restricts app updates, preventing other installers from updating it, and ensuring device persistence.

FireScam possesses extensive malicious functionalities designed to steal sensitive user data and monitor device activities. It exfiltrates sensitive data, including notifications, messages, and app data, to a Firebase Realtime Database endpoint, and actively monitors notifications across various apps, capturing sensitive information and tracking user activities. Moreover, it intercepts USSD responses, compromising financial data like account balances and mobile transaction details.

The malware actively monitors the clipboard, content shared between apps, and device state changes. It can also track user activity within e-commerce apps, including purchases or refunds and primarily targets messaging apps, capturing content and exfiltrating it to remote servers. It monitors screen activity and uploads important events to its command-and-control server.

Regarding evasion, FireScam uses advanced obfuscation techniques, restricted access control for dynamic receivers, and sandbox detection mechanisms to evade detection. It can also receive and execute commands via Firebase Cloud Messaging notifications for remote control.

Its continuous monitoring of device activities allows attackers to exploit user behaviour for malicious purposes like phishing attacks, identity theft, and financial fraud. The malware’s presence can compromise the confidentiality and integrity of sensitive data, affecting individuals and organizations, especially those handling sensitive information. This highlights the need for using reliable antivirus software, performing regular software updates, and exercising vigilance online.

Stephen Kowski, Field CTO at SlashNext Email Security+, told Hackread.com, _“_Cybercriminals exploit trusted brands like Telegram’s premium name. FireScam’s persistence relies on permission manipulation and Firebase Cloud Messaging. Advanced mobile threat detection, real-time app scanning, and continuous monitoring are critical to countering such sophisticated attacks that exploit user trust and legitimate channels._“_

1.  **DroidBot Android Spyware Targeting Banking, Crypto Users**
2.  **Android Malware Ajina.Banker Steals 2FA Codes via Telegram**
3.  **GSMS Stealer Hits Android Users via Malicious Apps and Ads**
4.  **8 Apps on Google Play Store Contain Android/FakeApp Trojan**
5.  **Octo2 Malware Uses Fake NordVPN App to Infect Android Devices**

New FireScam Infostealer Spyware Hits Android via Fake Telegram Premium

Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution.
The backdoor, according to Google's Managed Defense team, shares functional overlaps with a known remote administration tool referred to as Gh0st RAT, which had its source

PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps

The Christmas Eve compromise of data-security firm Cyberhaven's Chrome extension spotlights the challenges in shoring up third-party software supply chains.

Source: Tada Images via Shutterstock

On Christmas Eve, developers at data detection and response firm Cyberhaven received a troubling email that seemed to come from Google, threatening to remove access to the company's Chrome extension for violation of excessive metadata.

One employee clicked on the "Go To Policy" link, they were taken to Google's authorization application for adding privileges to a third-party application — in this case, a seemingly innocuous application named "Privacy Policy Extension" — and granted the software rights to see, edit, update, and publish to the Chrome Web Store. Once granted access, however, the attacker quickly uploaded a new Chrome extension modifying Cyberhaven's browser add-on to exfiltrate Facebook access tokens saved in the browser and install a mouse-click listener to possibly bypass captchas, according to a preliminary analysis of the breach by the firm's engineering team.

The malicious Chrome extension was only active for about a day before discovery, Howard Ting, CEO of Cyberhaven said in a statement.

"For browsers running the compromised extension during this period, the malicious code could have exfiltrated cookies and authenticated sessions for certain targeted websites," he said. "While the investigation is ongoing, our initial findings show the attacker was targeting logins to specific social media advertising and AI platforms."

Cyberhaven is not alone, but rather appears to be one of the first victims to detect the attack. So far, 36 different extensions — used by as many as 2.6 million people — appear to be linked in some way to the attack, the techniques, or to the infrastructure used by the attackers, according to an analysis by John Tuckner, founder of Secure Annex, a browser-extension management service. Until Cyberhaven detected the attack on its Chrome extensions, developers at other companies and independent programmers largely failed to detect similar compromises using the supply-chain attack.

**Attackers Focus on Supply Chain**

The attacks underscore the problems that companies have in securing their software supply chains. Most companies do not have visibility into much of the software — and cloud services replacing some software — that their employees are using on a daily basis, says Jaime Blasco, chief technology officer and cofounder at Nudge Security, a cloud application security service provider.

"Modern shadow IT is not just software," he says. "Every SaaS application that your employees are using, they grant access to tons of resources that no one knows about — that includes Chrome extensions and extensions in your IDEs. There's a lot of new attack surface that people are not paying attention to in the SaaS ecosystem."

Many companies do not pay attention to the potential for compromise through plug-ins that extend software applications, such as the Chrome browser and its extensions.

Yet, despite Google's updated security and privacy standards for Google Chrome extensions, attackers and researchers continue to find ways to inject malicious code into victims' browsers through the extension ecosystem. In 2021, for example, Google removed a Chrome extension that helped users shut down old tabs and their processes, after a cybercriminal group bought the extension from the original developer and used it to install malicious code on the systems of its approximately 2 million users. University researchers have also found ways to circumvent Google's security process to publish malicious Chrome extensions to the Chrome Web Store.

Overall, hundreds of millions of Chrome users have security-noteworthy extensions (SNEs) — those that contain malware, a vulnerability, or violate Google's policies — installed in their browsers, according to one study published Stanford University researchers.

**Gaining Access Rights Through Social Engineering**

In the case of the developer phishing campaigns, attackers are collecting developer email addresses from the information published on the Chrome Web Store, sending phishing attacks aimed at those developers, and then compromising the code of any developers who fall prey to the attacks.

The attack does not need to steal a developer's credentials, but just convince the developer to grant the necessary permissions, says Secure Annex's Tuckner.

"The OAuth phishing attack used \[by the attacker\] is very scary and even worked around Cyberhaven's implementation of Advanced Protection, one of the most sophisticated authentication systems," he says. "I think developers need to be aware that an email address will be tied to the Chrome web store publicly and will be used as a primary method of contact, increasing its exposure."

Because attackers can layer a number of privileges into a single OAuth permissions request, quite a few suspicious behaviors can be stacked on top of each other in a single extension, he says.

"There are a handful of extensions that are quite susceptible to compromise, monetization, ownership transfers, and lack of hygiene, which I believe some threat actors have identified," he says. "For many I talk to, managing browser extensions can be a lower priority item in their security program. Folks know they can present a threat, but nothing has ever happened to make them a priority."

**Time to Shore Up Extensions**

In the coming year, Tuckner hopes that will change.

"I hope that the Chrome web store can become more transparent in how it operates before something worse happens," he says, adding: "The suspicious extension reporting process, while likely overwhelmed, is often met with silence, inaction, and no documentation trail."

Any developer with major browser extensions should not rely on the specific store provider to detect the attack, but regularly monitor their software deployments, he recommends. Because compromising an extension requires a new version of the code to be released, a peer-review and approval process for software releases can catch unusual deployments. In addition, developers should have an email security service that detects phishing attacks, separate their general-use emails from their development accounts, and require administrator approval of new access attempts.

For its part, Cyberhaven released a collection of scripts designed to help investigate the extent to which their own machines were impacted by the attack.

"As Cyberhaven assisted our customers in responding to the attack, it became apparent that limited tooling was available to quickly and accurately evaluate the spread of the impact," the company said in a December 31 blog post on the release of the tools, adding that "\[t\]hese scripts search for entries indicating that a malicious extension has exfiltrated data."

Companies should expect attacks using extensions of all sorts — for browsers, for integrated development environments (IDEs), and other extensible software platforms — to increase in the future, says Nudge Security's Blasco.

"Attackers know that companies have spent enough dollars to protect their endpoints," he says. "But, in other places — like SaaS applications and Chrome, for instance — you don't have enough visibility, and there is not enough security controls in place. So this \[Chrome security issue\] is just an evolution of what we are going to see happening more often."

**About the Author**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Chrome Extension Compromises Highlight Software Supply Challenges

A network of Facebook pages has been advertising “fuel filters” that are actually meant to be used as silencers, which are heavily regulated by US law. Even US military officials are concerned.

Thousands of ads on Facebook and Instagram have promoted “fuel filters” using videos demonstrating how they can be easily modified into gun silencers—a process that, without federal approval, could lead to felony charges. Despite Meta’s policies banning ads for silencers on the company’s social networks, the promotions have persisted for years, driven by what appears to be a single network of more than 100 Facebook pages marketing “fuel filters” that can be easily turned into gun silencers, WIRED has found. The devices sell for as little as $50.

Silencers, also known as suppressors, are heavily regulated under United States federal law. Purchasing one legally requires submitting fingerprints, passing a background check, and paying a fee to the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF). Federal law allows people to build their own suppressors, provided they register the device with the ATF. But the ads don’t mention this key stipulation, marketing silencers to buyers who may not understand the legal risks.

“You know those things that are definitely not suppressors, even though they look just like suppressors,” a man says in a video that appears in many of the ads. “Well, but they’re still not suppressors, because they don’t have a hole in the other end. So, you can legally own one without going through the paperwork to own a suppressor, because it isn’t one.”

The ads often recycle the same text, referencing “light and durable air-grade aluminum,” and use videos stitched together from a handful of YouTube clips featuring firearms influencers and enthusiasts. The original creators of these videos are likely unaware their content is being used; one tells WIRED they had deleted the footage from YouTube years ago.

One ad features a suppressor engraved with the words Black Collar Arms. A co-owner of Black Collar Arms, who goes by Jeremy McSorely, tells WIRED his company has no connection to the ad. McSorely explains that the footage was taken from a blog and YouTube video he had uploaded years ago but has since removed. “The photos you saw were screenshots taken from my video,” he says, emphasizing that the suppressor was legally manufactured and engraved with their corporate information to comply with ATF regulations.

In November 2023, the ATF warned federal firearms licensees about marketing silencers as “solvent traps,” or contraptions purportedly used to collect gun oil and residue during cleaning. The agency clarified that legality depends on functionality, not what you call a product, and stressed that even incomplete parts intended for silencers are regulated under federal law.

“The test for whether an item is a silencer is not the label a manufacturer or retailer applies. Rather, it is the way the statute written by Congress applies to the item,” the ATF wrote, referring to definitions of suppressors in the Gun Control Act and the National Firearms Act.

A WIRED analysis of more than 2,800 ads revealed they are linked to a network of hundreds of ecommerce websites. These sites often reuse code, share IP addresses, and peddle the same low-quality knockoff products alongside the “fuel filters.” At least one of the sites was flagged by Google as a likely phishing scam.

Experts believe the operation is based in China and relies on a drop-shipping scheme. “It’s likely just a reshipper selling controversial or illegal products,” says Zach Edwards, a senior threat researcher at cybersecurity firm Silent Push who specializes in online data ecosystems.

Typically, Edwards explains, drop-shippers wait for a customer to place an order, then purchase the item from inexpensive online retailers, repackage it, and ship it to the customers. Edwards says that the operator behind the network is likely creating hundreds of websites, applying a moderate markup to the products, and spinning up Facebook pages to promote their items. “Even if some sites or ads get caught and taken down, others keep running,” Edwards says. “It’s a spray-and-pray method.”

Meta explicitly bans ads promoting weapons, silencers, and related modifications. According to Meta, ads are reviewed by an automated system with support from human moderators. However, enforcement has been inconsistent: While at least 74 of the ad campaigns in our analysis were removed for violating the platforms’ terms, the rest appeared to have run successfully.

After WIRED reached out to Meta, the company said that it removed the ads and associated advertising accounts. However, a quick search of Meta’s Ad Library revealed that nearly identical ones have since been published.

“Bad actors constantly evolve their tactics to avoid enforcement, which is why we continue to invest in tools and technology to help identify and remove prohibited content,” Meta spokesperson Daniel Roberts wrote in a statement.

Roberts says that many of the ads flagged by WIRED had little to no engagement, suggesting few people ever saw this content. However, at least two ads reviewed by WIRED had thousands of comments, including accusations that it was an ATF honeypot, complaints from self-identified buyers whose products never arrived, and even testimonials from others claiming the item worked as advertised. WIRED reached out to several commenters who said they had purchased the product—none responded.

The ads have also drawn the attention of US Department of Defense officials. An internal presentation to Pentagon staff, viewed by WIRED, claims that the targeted ad for a fuel filter had been served to US military personnel on a government computer at the Pentagon. The presentation, which a source says was delivered to high-ranking general officers, including the US Army’s chief information officer, raised flags over how social media algorithms are being used to target service members.

Meta’s Ad Library provides limited transparency, leaving it unclear exactly how these ads are targeted. Researchers suggest that Meta’s powerful ad tools, which allow advertisers to find niche audiences using granular targeting options, could be exploited to reach gun enthusiasts or military personnel. While Roberts confirmed that Meta did not detect any indication that these ads were targeting the military, WIRED found that advertisers can easily target users who list their job title as “US Army” or “military” on their profiles—an audience that Meta estimates includes up to 46,134 people.

Meta’s platforms have long struggled to prevent the sale of firearms and related products. An October 2024 joint report by the Tech Transparency Project found that more than 230 ads for rifles and ghost guns had run on Facebook and Instagram in nearly three months. Many of these ads directed buyers to third-party platforms like Telegram to complete transactions. In 2024, two Los Angeles County men were charged with operating an “unlicensed firearm dealing business” that used Instagram accounts to advertise and market the sale of more than 60 firearms, which included some untraceable ghost guns and weapons with scratched-off serial numbers. Both individuals have since pleaded guilty.

Silencers are rarely used in crimes, but their use is on the rise—nearly 5 million are registered in the United States, up from 1.3 million in 2017. Last month, 26-year-old software engineer Luigi Mangione allegedly used a 3D-printed gun equipped with a silencer to fatally shoot UnitedHealthcare CEO Brian Thompson on a street in midtown Manhattan.

Facebook and Instagram Ads Push Gun Silencers Disguised as Car Parts

A novel technique to stump artificial intelligence (AI) text-based systems increases the likelihood of a successful cyberattack by 60%.

Source: Krot Studio via Alamy Stock Photo

A new jailbreak technique for OpenAI and other large language models (LLMs) increases the chance that attackers can circumvent cybersecurity guardrails and abuse the system to deliver malicious content.

Discovered by researchers at Palo Alto Networks' Unit 42, the so-called Bad Likert Judge attack asks the LLM to act as a judge scoring the harmfulness of a given response using the Likert scale. The psychometric scale, named after its inventor and commonly used in questionnaires, is a rating scale measuring a respondent's agreement or disagreement with a statement.

The jailbreak then asks the LLM to generate responses that contain examples that align with the scales, with the ultimate result being that "the example that has the highest Likert scale can potentially contain the harmful content," Unit 42's Yongzhe Huang, Yang Ji, Wenjun Hu, Jay Chen, Akshata Rao, and Danny Tsechansky wrote in a post describing their findings.

Tests conducted across a range of categories against six state-of-the-art text-generation LLMs from OpenAI, Azure, Google, Amazon Web Services, Meta, and Nvidia revealed that the technique can increase the attack success rate (ASR) by more than 60% compared with plain attack prompts on average, according to the researchers.

The categories of attacks evaluated in the research involved prompting various inappropriate responses from the system, including: ones promoting bigotry, hate, or prejudice; ones engaging in behavior that harasses an individual or group; ones that encourage suicide or other acts of self-harm; ones that generate inappropriate explicitly sexual material and pornography; ones providing info on how to manufacture, acquire, or use illegal weapons; or ones that promote illegal activities.

Other categories explored and for which the jailbreak increases the likelihood of attack success include: malware generation or the creation and distribution of malicious software; and system prompt leakage, which could reveal the confidential set of instructions used to guide the LLM.

**How Bad Likert Judge Works**

The first step in the Bad Likert Judge attack involves asking the target LLM to act as a judge to evaluate responses generated by other LLMs, the researchers explained.

"To confirm that the LLM can produce harmful content, we provide specific guidelines for the scoring task," they wrote. "For example, one could provide guidelines asking the LLM to evaluate content that may contain information on generating malware."

Once the first step is properly completed, the LLM should understand the task and the different scales of harmful content, which makes the second step "straightforward," they said. "Simply ask the LLM to provide different responses corresponding to the various scales," the researchers wrote.

"After completing step two, the LLM typically generates content that is considered harmful," they wrote, adding that in some cases, "the generated content may not be sufficient to reach the intended harmfulness score for the experiment."

To address the latter issue, an attacker can ask the LLM to refine the response with the highest score by extending it or adding more details. "Based on our observations, an additional one or two rounds of follow-up prompts requesting refinement often lead the LLM to produce content containing more harmful information," the researchers wrote.

**Rise of LLM Jailbreaks**

The exploding use of LLMs for personal, research, and business purposes has led researchers to test their susceptibility to generate harmful and biased content when prompted in specific ways. Jailbreaks are the term for methods that allow researchers to bypass guardrails put in place by LLM creators to avoid the generation of bad content.

Security researchers have already identified several types of jailbreaks, according to Unit 42. They include one called persona persuasion; a role-playing jailbreak dubbed Do Anything Now; and token smuggling, which uses encoded words in an attacker's input.

Researchers at Robust Intelligence and Yale University also recently discovered a jailbreak called Tree of Attacks with Pruning (TAP), which involves using an unaligned LLM to "jailbreak" another aligned LLM, or to get it to breach its guardrails, quickly and with a high success rate.

Unit 42 researchers stressed that their jailbreak technique "targets edge cases and does not necessarily reflect typical LLM use cases." This means that "most AI models are safe and secure when operated responsibly and with caution," they wrote.

**How to Mitigate LLM Jailbreaks**

However, no LLM matter is completely secure from jailbreaks, the researchers cautioned. The reason that they can undermine the security that OpenAI, Microsoft, Google, and others are building into their LLMs is mainly due to the computational limits of language models, they said.

"Some prompts require the model to perform computationally intensive tasks, such as generating long-form content or engaging in complex reasoning," they wrote. "These tasks can strain the model's resources, potentially causing it to overlook or bypass certain safety guardrails."

Attackers also can manipulate the model's understanding of the conversation's context by "strategically crafting a series of prompts" that "gradually steer it toward generating unsafe or inappropriate responses that the model's safety guardrails would otherwise prevent," they wrote.

To mitigate the risks from jailbreaks, the researchers recommend applying content-filtering systems alongside LLMs for jailbreak mitigation. These systems run classification models on both the prompt and the output of the models to detect potentially harmful content.

"The results show that content filters can reduce the ASR by an average of 89.2 percentage points across all tested models," the researchers wrote. "This indicates the critical role of implementing comprehensive content filtering as a best practice when deploying LLMs in real-world applications."

**About the Author**

Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking.

'Bad Likert Judge' Jailbreak Bypasses Guardrails of OpenAI, Other Top LLMs

Your messages going back years are likely still lurking online, potentially exposing sensitive information you forgot existed. But there's no time like the present to do some digital decluttering.

If you're worried about possible expansions of government surveillance and access to your information, or simply want to do some digital purging so you're not saddled with old data, there are a bunch of concrete steps you can take to protect your digital privacy. Just as archeologists study carefully preserved tombs and ancient trash heaps to gain insight into historic communities, your long-forgotten digital footprint could be more revealing and sensitive than you realize. And while you can't control everything—particularly information stolen in breaches or gathered by data brokers—you probably have a digital attic full of old data that you can delete or download and save offline. First stop? Old message histories.

Chats are a good place to start your digital decluttering. Their real-time nature makes it easy to forget that if you don't have auto-delete turned on for a chat (or if a platform doesn't offer it), all of those “be there in 10 minutes,” “wait, what color is this dress???” and “welp, I have covid” messages are still knocking around years later. If you sent them on an end-to-end encrypted platform like Signal or WhatsApp, they only exist on your device and the devices of the other person or people you were chatting with. That means that for governments or bad actors to read them, they would need direct control of your device—a good level of protection, though not foolproof.

Crucially, though, messages that you sent on regular web apps like Slack, Facebook Messenger for most of its history, and Google Chat/Hangouts/Gchat are sitting on a cloud server somewhere. And while they're probably stored in an encrypted form to protect against theft, the platform itself has the keys to decrypt your data and would be able to comply with government requests for it, no matter how old the information is. Sure, all of those “u up?"s may not seem significant now, but years and years of chat histories can paint a very detailed picture of your life, associations, political beliefs, and past movements and activity.

“Doing a good digital cleaning from time to time is a great habit, especially with social media and old chat messages,” says Kenn White, security principal at the database developer MongoDB and director of the Open Crypto Audit Project. “Who you were five or 10 years ago is probably very different than who you are today, so it's worth asking yourself, ‘Do I really need those seven-year-old inside jokes and sarcastic posts? Do I need to keep old group chat messages and carry them forward to every new phone I get?’”

Some programs like Apple's Messages make it easy to auto-delete your chat histories after a set period of time. On iOS, go to **Settings** > **Apps** > **Messages** and then scroll and tap **Keep Messages**. Then choose whether to keep messages forever, for one year, or for 30 days before auto-deleting.

On the free version of Slack, data older than a year is automatically deleted. The company keeps data forever on paid plans, unless the administrator sets up rolling deletion. This is useful if you have an active Slack with your friends, but most people who use Slack at work don't make decisions about administrative policies and can't control deletion. Keep this in mind for any communication you do on an employer's platforms. You may be able to go through and delete messages or files one by one, but you likely won't have the access to make policy decisions about automatic or batch deletion.

Similarly, you may want to go through your chats on Android or iOS and delete old SMS conversations. Meta's Messenger now offers auto-delete options, but for your existing chats, you have to go down the list on desktop or in the Messenger mobile app and delete chats one by one. Meta's other chat platforms, Instagram Chat and WhatsApp, are similar, except that WhatsApp has been end-to-end encrypted since 2016 instead of adding the protection recently.

Consider whether you've spent time chatting on other social platforms as well. X, for example, has been through a lot of changes since Elon Musk bought Twitter more than two years ago and took the company private again. Musk promised that he would add end-to-end encryption to DMs on X, and eventually debuted an opt-in encryption feature with the paid tier of the platform, but the company doesn't definitively say that the tool offers full end-to-end encryption and it isn't open source for vetting. You can delete individual messages or go through your chat list and delete whole DM conversations if you want to pare down the data you're keeping on the platform.

If you've had Gmail for a long time, the messenger service “Google Talk,” once colloquially known as “Gchat,” may have a special place in your heart. And perhaps, over the years, you went through the saga in which Gchat—which was once known for interoperability with platforms like AIM—became the siloed Google chat platform Hangouts, and then transformed again into what is now called Google Chat. Your chats on this platform through the years are still hanging around, but they're not all in the same place.

The crucial thing to understand is that Gchat was fully integrated with Gmail and wasn't a separate platform, so your chat histories all saved in your mail archive. To find them now, open Gmail and **search for the phrase in:chats** (using no quotation marks). Hundreds or thousands of chats from May 2013 and earlier may pop up. They must be deleted directly from Gmail. After May 2013, Google migrated Gchat users to Hangouts, and that history has come forward into what is now Google Chat, so you can delete whole chats or individual messages there.

“Messages sent and received with history on in Google Talk from before May 2013 (the time when Google Hangouts launched) are stored in Gmail under the ‘in:chats’ label. Those messages are not available in Google Chat and can be deleted directly from Gmail only,” Google spokesperson Ross Richendrfer tells WIRED. “In terms of Hangouts data—which was merged with Chat—core Chat controls (including deletion) will work.”

There are lots of other chat apps to consider, too, where old messages may still be lurking. Think about Skype chat or GroupMe. And there's one other complicating factor when you declutter your messages: Most deletion features only delete data from your account, and the messages live on in the accounts of the person or people you were chatting with. To do a total digital detox you need to recruit your community to delete their message archives as well.

Additionally, you may feel sentimental about burning your letters (aka deleting all of your old chats). If you're sad about hitting that trash icon, consider downloading chat histories with your closest friends or other loved ones and storing them on an encrypted external hard drive before deleting them from the cloud. This way, you don't have to give up that slice of life completely, but the data isn't controlled by other entities anymore.

“Some apps, including Signal, give one the ability to set a ‘self-destruct’ time on messages, perhaps in hours or weeks. This is worth considering to reduce your exposure, particularly if you travel outside the country, are politically active, or in any way have a higher public profile,” MongoDB's White says. “It's easy to dismiss the potential of attacks on our personal data and physical safety as something that's only a concern for some James Bond–type scenarios, but the hard truth is that threats exist in many forms, both online and in person.”

Tag

#google