TGINSIGHT SIMILAR POSTS
Source channel @githubtrending · Post #15024 · Aug 2
#java#adversary_emulation#adversary_exposure_validation#aev#attack_simulation#breach_simulator#cybersecurity#purple_team OpenBAS is a free, open-source platform that helps you plan and run cyberattack simulations to find security weaknesses in your organization. It supports teamwork, real-time monitoring, and detailed feedback, letting you test defenses against real-world threats using up-to-date intelligence from OpenCTI. You can simulate attacks through emails, SMS, social media, and more, making your training realistic and comprehensive. OpenBAS offers both a Community Edition and a more advanced Enterprise Edition. It’s easy to install with Docker or manually, and you can try it online before using it. This helps you improve your cybersecurity by practicing and identifying gaps before real attacks happen. https://github.com/OpenBAS-Platform/openbas
Search: #20b
@kejiqu · Post #3730 · 08/27/2025, 02:50 AM
全球首个 AI 勒索软件现身:滥用 OpenAI 开源模型,跨平台搜索、窃取、加密文件 ESET 报告发现名为 PromptLock 的勒索软件,该软件是全球首个利用 AI 生成恶意代码的案例。PromptLock 调用 gpt-oss:20b 模型,在受感染设备本地生成恶意 Lua 代码,用于跨 Windows、Linux 和 macOS 系统搜索、窃取并加密文件。该模型可在具备 16GB 显存的设备上本地运行,支持自由修改和使用。攻击者可以通过建立内部智能体或隧道,将受害网络连接到外部服务器运行的模型,以规避对本地显存的需求。专家认为 PromptLock 或是概念验证程序,但预示着威胁行为者利用本地或私有 AI 的早期信号。OpenAI 表示已采取措施降低模型被恶意利用的风险。IT之家 🏷#PromptLock#AI#勒索软件#gpt#oss#20b 📢频道👥群组📝投稿