Tags: security research

IronCurtain is an open‑source project that isolates AI assistants in a virtual machine and enforces user‑written policies written in plain English. By converting natural‑language rules into enforceable security constraints through a large language model, the system adds a layer of control that prevents rogue actions such as unwanted deletions or phishing. The prototype is model‑independent, logs policy decisions, and is positioned as a research tool for the community rather than a consumer product. Its creators emphasize the need for structured guardrails to keep agentic AI useful yet safe. Lire la suite

Security researchers at Proofpoint have identified a new variant of the open‑source infostealer known as Stealerium that automatically captures webcam photos and browser screenshots when a victim visits pornographic sites. The malware, distributed freely on GitHub by a developer calling themselves witchfindertr, steals typical data such as passwords and crypto keys while also adding a humiliating sextortion feature. Proofpoint observed the tool being used in phishing campaigns targeting hospitality, education and finance sectors. The discovery highlights a shift toward low‑profile, individual‑targeted extortion by cybercriminals. Lire la suite