Threats Tagged 'ai assistant'
View all threats tagged with 'ai assistant'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'ai assistant'
Click on any threat for detailed analysis and mitigation recommendations
Malicious AI Assistant Extensions Harvest LLM Chat Histories 0 An investigation has uncovered malicious Chromium-based browser extensions masquerading as legitimate AI assistant tools to collect Large Language Model (LLM) chat histories and browsing data. These extensions have been installed approximately 900,000 times, affecting over 20,000 enterprise tenants. The malicious extensions collect full URLs and AI chat content from platforms like ChatGPT and DeepSeek, potentially exposing organizations to leaks of confidential information. The attack chain involves reconnaissance, weaponization, delivery through trusted app stores, exploitation of user trust, installation for persistence, and regular data exfiltration to attacker-controlled infrastructure. This activity transforms a seemingly benign productivity tool into a persistent data collection mechanism embedded in daily enterprise browser usage. MediumCampaign Join the discussion United States United Kingdom Germany+7#chrome web store#browser extension#enterprise security | AlienVault OTX General | 03/05/2026, 20:13:47 UTC Added: 03/06/2026, 11:30:23 UTC |
Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw 0 Almost 400 fake crypto trading add-ons in the Moltbot/OpenClaw AI assistant project have been discovered, potentially leading users to install information-stealing malware. These add-ons, known as skills, masquerade as cryptocurrency trading automation tools and target various platforms. The malicious skills share the same command-and-control infrastructure and use social engineering to convince users to execute commands that steal crypto assets. The supply chain attack relies on social engineering and lacks security review in the skills publication process. Security experts warn about the inherent risks of endpoint-native AI agents and emphasize the need for proper security controls and architectural design considerations. Join the discussion | AlienVault OTX General | 02/04/2026, 11:13:49 UTC Added: 02/05/2026, 11:15:28 UTC |
Showing 1 to 2 of 2 results