BSidesLuxembourg1h ago

Another talk announcement for BSides Luxembourg!

๐Ÿ”ฅ๐Ÿค– ๐—ข๐—› ๐—ฆ๐—›๐—œ๐—ง ๐—œ ๐—”๐—–๐—–๐—œ๐——๐—˜๐—ก๐—ง๐—”๐—Ÿ๐—Ÿ๐—ฌ ๐—•๐—ฅ๐—˜๐—”๐—–๐—›๐—˜๐—— ๐—”๐—ก ๐—ข๐—ฅ๐—š๐—”๐—ก๐—œ๐—ญ๐—”๐—ง๐—œ๐—ข๐—ก (๐—ข๐—ฅ ๐— ๐—”๐—ก๐—ฌ) ๐—จ๐—ฆ๐—œ๐—ก๐—š ๐—”๐—œ โ€“ Panagiotis Fiskilis ๐Ÿ’ฅ

What starts as a harmless search can spiral into a multi-organization data breachโ€”especially when AI gets involved.

This talk dives into real-world research showing how AI can be weaponized for OSINT, enabling large-scale data discovery, spear phishing campaigns, and even manipulation of AI systems themselves. From injecting malicious context into models to scaling attacks via APIs and agent workflows, this session explores how adversaries can turn AI into a powerful offensive toolโ€”and how defenders can detect and respond.

Expect a true purple team perspective, blending attacker techniques with defensive insights, including OPSEC considerations and strategies to identify malicious AI-driven activities before they escalate.

Panagiotis Fiskilis is a Senior Red Team Operator at NVISO, specializing in API hacking, Active Directory exploitation, and malware development. With multiple industry certifications (OSCP, OSWE, CRTO, eWPT and more), he brings hands-on offensive expertise combined with a strong research-driven mindset.

๐Ÿ“… Conference Dates: 6โ€“8 May 2026 | 09:00โ€“18:00
๐Ÿ“ 14, Porte de France, Esch-sur-Alzette, Luxembourg
๐ŸŽŸ๏ธ Tickets: https://2026.bsides.lu/tickets/
๐Ÿ“… Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/
๐Ÿ‘‰ Browse sessions, track talks in real time, and plan your schedule on Hacker Tracker: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #RedTeam #OSINT #CyberSecurity #AI #ThreatIntelligence #PurpleTeam

eicker.news แณ‡ tech news2h ago
#JDVance and Treasury Secretary #ScottBessent questioned tech #CEOs about #AIsecurity and #cyberattack responses before #Anthropicโ€™s #Mythos model release. The meeting included CEOs from Anthropic, xAI, Google, OpenAI, Microsoft, CrowdStrike, and Palo Alto Networks. https://www.cnbc.com/2026/04/10/trump-white-house-ai-cyber-threat-anthropic-mythos.html?eicker.news #tech #media #news
Lothar Schulz3h ago

Claude Code runs with your full user permissions. nono wraps it in a kernel-level sandbox that makes unauthorised filesystem and network operations structurally impossible โ€” not policy-blocked, not permission-dialogo'd: impossible. Five hands-on scenarios tested on macOS: escaping the working directory, reaching for AWS credentials, deleting directories outside the project and blocking outbound network calls. Plus the honest account of what it actually takes to trigger rollback.

https://www.lotharschulz.info/2026/04/11/sandboxing-claude-code-cli-with-nono/

#claude_code #nono #CLI #AISecurity #sandbox

Pirates.BZ Tech Startup News14h ago
TechCrunch reports Anthropic temporarily banned the creator of OpenClaw, the open-source agent framework, from accessing Claude after triggering safety systems. The ban was lifted within hours. The clash highlights tensions between AI companies and open-source developers over safety and pricing. https://techcrunch.com/2026/04/10/anthropic-temporarily-banned-openclaws-creator-from-accessing-claude/ #Tech #Startup #News #AISecurity
Anthropic temporarily banned OpenClaw's creator from accessing Claude | TechCrunch

This ban took place after Claude's pricing changed for OpenClaw users last week.

TechCrunch
Bob Carver16h ago
No One Said No โ€“ Overprivileged AI Systems
https://youtu.be/SFvZ_KjjAPA #AIsecurity #CyberSecurity #ArtificialIntelligence #AIrisks #AgenticAI #ZeroTrust #LeastPrivilege #AccessControl #InfoSec #CyberRisk #DataSecurity #EnterpriseSecurity #AIgovernance #SecurityLeadership
HackerWorkspace19h ago

HUGE AI-powered Microsoft Account phishing campaign

https://www.youtube.com/watch?v=9b3kirR8s2U

#threatintelligence #aisecurity #phishing

HUGE AI-powered Microsoft Account phishing campaign

YouTube
HackerWorkspace19h ago

I Built a GAME OF KAREN with Genspark AI + GitHub (And Made Expensive Mistakes ๐Ÿ˜…)

https://www.youtube.com/watch?v=fI9Z1-SPfaI

#encryption #authentication #aisecurity

I Built a GAME OF KAREN with Genspark AI + GitHub (And Made Expensive Mistakes ๐Ÿ˜…)

YouTube
HackerWorkspace19h ago

Anthropicโ€™s Claude Mythos is Just the Beginning - Decipher

https://decipher.sc/2026/04/10/anthropics-claude-mythos-is-just-the-beginning/

Read on HackerWorkspace: https://hackerworkspace.com/article/anthropics-claude-mythos-is-just-the-beginning-decipher

#incidentresponse #threatintelligence #aisecurity

Anthropicโ€™s Claude Mythos is Just the Beginning - Decipher

Anthropic's Project Glasswing initiative, announced this week, sent shockwaves across the cybersecurity world.

Decipher
BSidesLuxembourg20h ago

๐ŸŽ™๏ธ On Stage at BSides Luxembourg 2026: New Talk Revealed

๐Ÿง ๐Ÿค ๐—ง๐—˜๐—”๐— ๐—œ๐—ก๐—š, ๐—ง๐—ฅ๐—จ๐—ฆ๐—ง, ๐—”๐—ก๐—— ๐—ง๐—›๐—ฅ๐—˜๐—”๐—ง๐—ฆ: ๐—›๐—ข๐—ช ๐—›๐—จ๐— ๐—”๐—ก๐—ฆ ๐—œ๐—ก๐—ง๐—˜๐—ฅ๐—”๐—–๐—ง ๐—ช๐—œ๐—ง๐—› ๐—š๐—˜๐—ก๐—˜๐—ฅ๐—”๐—ง๐—œ๐—ฉ๐—˜ ๐—”๐—œ ๐—œ๐—ก ๐—ฆ๐—˜๐—–๐—จ๐—ฅ๐—œ๐—ง๐—ฌ โ€“ Dr. Tailia Malloy ๐Ÿ”

As AI becomes part of everyday security workflows, the real challenge isnโ€™t just the technologyโ€”itโ€™s how humans trust, use, and collaborate with it.

This talk explores how generative AI is reshaping cybersecurity tasks like network analysis, social engineering defense, and secure software development. By combining human-computer interaction research with real-world security use cases, it reveals how trust, teaming, and human behavior shape both the strengths and risks of AI in security.

Dr. Tailia Malloy (She/They) is a postdoctoral researcher at the University of Luxembourg, specializing in human-AI interaction, cognitive modeling, and the application of generative AI in cybersecurityโ€”from phishing defense to secure code generation.

๐Ÿ“… Conference Dates: 6โ€“8 May 2026 | 09:00โ€“18:00
๐Ÿ“ 14, Porte de France, Esch-sur-Alzette, Luxembourg
๐ŸŽŸ๏ธ Tickets: https://2026.bsides.lu/tickets/
๐Ÿ“… Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/
๐Ÿ‘‰ Browse sessions, track talks in real time, and plan your schedule on Hacker Tracker: https://hackertracker.app/schedule?conf=BSIDESLUX2026

# BSidesLuxembourg2026 #AISecurity #HumanAI #CyberSecurity #HCI #GenerativeAI #TrustInAI

BSidesLuxembourg20h ago

Another talk announcement for BSides Luxembourg!

๐Ÿค–๐Ÿ“Š ๐—ช๐—›๐—˜๐—ก ๐—Ÿ๐—Ÿ๐— ๐—ฆ ๐—ฆ๐—จ๐— ๐— ๐—”๐—ฅ๐—œ๐—ญ๐—˜ ๐—ฆ๐—˜๐—–๐—จ๐—ฅ๐—œ๐—ง๐—ฌ ๐—™๐—œ๐—ก๐——๐—œ๐—ก๐—š๐—ฆ: ๐—ง๐—›๐—˜ ๐—ง๐—ฅ๐—”๐——๐—˜๐—ข๐—™๐—™๐—ฆ ๐—ฌ๐—ข๐—จ ๐—–๐—”๐—กโ€™๐—ง ๐—œ๐—š๐—ก๐—ข๐—ฅ๐—˜ โ€“ Andrey Lukashenkov โš–๏ธ

Turning hundreds of security findings into a clean summary sounds easyโ€”until the output is incomplete, inconsistent, or just confidently wrong.

This talk breaks down what really happens when you rely on LLMs for security summarization. From prompt design and input shaping to model selection and evaluation, it reveals the hidden โ€œcontrol knobsโ€ that directly impact accuracy, reliability, and cost. Instead of guesswork, youโ€™ll learn a structured, repeatable way to experiment, measure, and build summaries you can actually trust.

Andrey Lukashenkov works across product, revenue, and research at Vulners, focusing on vulnerability intelligence, prioritization, and turning complex security data into actionable insights for real-world use.

๐Ÿ“… Conference Dates: 6โ€“8 May 2026 | 09:00โ€“18:00
๐Ÿ“ 14, Porte de France, Esch-sur-Alzette, Luxembourg
๐ŸŽŸ๏ธ Tickets: https://2026.bsides.lu/tickets/
๐Ÿ“… Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/
๐Ÿ‘‰ Browse sessions, track talks in real time, and plan your schedule on Hacker Tracker: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #LLM #AppSec #VulnerabilityManagement #CyberSecurity #AI