Step-by-step instructions on how to enable 2FA on your Instagram account—for Android, iOS, and on the web.

Two-factor authentication (2FA) isn’t foolproof, but it is one of the best ways to protect your accounts from hackers.

It adds a small extra step when logging in, but that extra effort pays off. Instagram’s 2FA requires an additional code whenever you try to log in from an unrecognized device or browser—stopping attackers even if they have your password.

Instagram offers multiple 2FA options: text message (SMS), an authentication app (recommended), or a security key.

Here’s how to enable 2FA on Instagram for Android, iPhone/iPad, and the web.

****How to set up 2FA for Instagram on Android****

1.  Open the Instagram app and log in.
2.  Tap your **profile pictur**e at the bottom right.
3.  Tap the **menu icon** (three horizontal lines) in the top right.
4.  Select **Accounts Center** at the bottom.
5.  Tap **Password and security** > **Two-factor authentication**.
6.  Choose your Instagram account.
7.  Select a verification method: **Text message (SMS)**, **Authentication app** (recommended), or **WhatsApp**.
    *   **SMS:** Enter your phone number if you haven’t already. Instagram will send you a six-digit code. Enter it to confirm.
    *   **Authentication app**: Choose an app like Google Authenticator or Duo Mobile. Scan the QR code or copy the setup key, then enter the generated code on Instagram.
    *   **WhatsApp:** Enable text message security first, then link your WhatsApp number.
8.  Follow the on-screen instructions to finish setup.

****How to set up 2FA for Instagram on iPhone or iPad****

1.  Open the Instagram app and log in.
2.  Tap your **profile pictur**e at the bottom right.
3.  Tap the **menu ico**n > **Settings** > **Security** > **Two-factor authentication**.
4.  Tap **Get Started**.
5.  Choose **Authentication app** (recommended), **Text message**, or **WhatsApp**.
    *   **Authentication app**: Copy the setup key or scan the QR code with your chosen app. Enter the generated code and tap **Next**.
    *   **Text message**: Turn it on, then enter the six-digit SMS code Instagram sends you.
    *   **WhatsApp**: Enable text message first, then add WhatsApp.
6.  Follow on-screen instructions to complete the setup.

****How to set up 2FA for Instagram in a web browser****

1.  Go to instagram.com and log in.
2.  Open **Accounts Center** > **Password and security**.
3.  Click **Two-factor authentication**, then choose your account.
    *   Note: If your accounts are linked, you can enable 2FA for both Instagram and your overall Meta account here.
4.  Choose your preferred 2FA method and follow the online prompts.

****Enable it today****

Even the strongest password isn’t enough on its own. 2FA means a thief must have access to your an additional factor to be able to log in to your account, whether that’s a code on a physical device or a security key. That makes it far harder for criminals to break in.

Turn on 2FA for all your important accounts, especially social media and messaging apps. It only takes a few minutes, but it could save you hours—or even days—of recovery later.It’s currently the best password advice we have.

**We don’t just report on threats – we help safeguard your entire digital identity**

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

 How to set up two factor authentication (2FA) on your Instagram account 

Cybersecurity researchers have discovered a new vulnerability in OpenAI's ChatGPT Atlas web browser that could allow malicious actors to inject nefarious instructions into the artificial intelligence (AI)-powered assistant's memory and run arbitrary code.
"This exploit can allow attackers to infect systems with malicious code, grant themselves access privileges, or deploy malware," LayerX

Artificial Intelligence / Vulnerability

Cybersecurity researchers have discovered a new vulnerability in OpenAI's ChatGPT Atlas web browser that could allow malicious actors to inject nefarious instructions into the artificial intelligence (AI)-powered assistant's memory and run arbitrary code.

"This exploit can allow attackers to infect systems with malicious code, grant themselves access privileges, or deploy malware," LayerX Security Co-Founder and CEO, Or Eshed, said in a report shared with The Hacker News.

The attack, at its core, leverages a cross-site request forgery (CSRF) flaw that could be exploited to inject malicious instructions into ChatGPT's persistent memory. The corrupted memory can then persist across devices and sessions, permitting an attacker to conduct various actions, including seizing control of a user's account, browser, or connected systems, when a logged-in user attempts to use ChatGPT for legitimate purposes.

Memory, first introduced by OpenAI in February 2024, is designed to allow the AI chatbot to remember useful details between chats, thereby allowing its responses to be more personalized and relevant. This could be anything ranging from a user's name and favorite color to their interests and dietary preferences.

The attack poses a significant security risk in that by tainting memories, it allows the malicious instructions to persist unless users explicitly navigate to the settings and delete them. In doing so, it turns a helpful feature into a potent weapon that can be used to run attacker-supplied code.

"What makes this exploit uniquely dangerous is that it targets the AI's persistent memory, not just the browser session," Michelle Levy, head of security research at LayerX Security, said. "By chaining a standard CSRF to a memory write, an attacker can invisibly plant instructions that survive across devices, sessions, and even different browsers."

"In our tests, once ChatGPT's memory was tainted, subsequent 'normal' prompts could trigger code fetches, privilege escalations, or data exfiltration without tripping meaningful safeguards."

The attack plays out as follows -

*   User logs in to ChatGPT
*   The user is tricked into launching a malicious link by social engineering
*   The malicious web page triggers a CSRF request, leveraging the fact that the user is already authenticated, to inject hidden instructions into ChatGPT's memory without their knowledge
*   When the user queries ChatGPT for a legitimate purpose, the tainted memories will be invoked, leading to code execution

Additional technical details to pull off the attack have been withheld. LayerX said the problem is exacerbated by ChatGPT Atlas' lack of robust anti-phishing controls, the browser security company said, adding it leaves users up to 90% more exposed than traditional browsers like Google Chrome or Microsoft Edge.

In tests against over 100 in-the-wild web vulnerabilities and phishing attacks, Edge managed to stop 53% of them, followed by Google Chrome at 47% and Dia at 46%. In contrast, Perplexit's Comet and ChatGPT Atlas stopped only 7% and 5.8% of malicious web pages.

This opens the door to a wide spectrum of attack scenarios, including one where a developer's request to ChatGPT to write code can cause the AI agent to slip in hidden instructions as part of the vibe coding effort.

The development comes as NeuralTrust demonstrated a prompt injection attack affecting ChatGPT Atlas, where its omnibox can be jailbroken by disguising a malicious prompt as a seemingly harmless URL to visit. It also follows a report that AI agents have become the most common data exfiltration vector in enterprise environments.

"AI browsers are integrating app, identity, and intelligence into a single AI threat surface," Eshed said. "Vulnerabilities like 'Tainted Memories' are the new supply chain: they travel with the user, contaminate future work, and blur the line between helpful AI automation and covert control."

"As the browser becomes the common interface for AI, and as new agentic browsers bring AI directly into the browsing experience, enterprises need to treat browsers as critical infrastructure, because that is the next frontier of AI productivity and work."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands

LastPass is warning that phishers are exploiting the digital will feature to trick people into handing over their master passwords.

LastPass has alerted users about a new phishing attack that claims the recipient has died. According to the message, a family member has submitted a death certificate to gain access to the recipient’s password vault. A link in the phishing email, supposedly to stop the request, leads to a fake page that asks for the LastPass user’s master password.

Image courtesy of LastPass

> “Legacy Request Opened (URGENT IF YOU ARE NOT DECEASED)
> 
> A death certificate was uploaded by a family member to regain access to the Lastpass account
> 
> If you have not passed away and you believe this is a mistake, please reply to this email with STOP”

LastPass links this campaign to _CryptoChameleon_ (also known as _UNC5356_), a group that previously targeted cryptocurrency users and platforms with similar social engineering attacks. The same group used LastPass branding in a phishing kit in April 2024.

The phishing attempt exploits the legitimate inheritance process, which is an emergency access feature in LastPass that allows designated contacts request access to a vault if the account holder dies or becomes incapacitated.

Stealing someone’s password manager credentials gives attackers access to every login stored inside. We recently reported on an attempt to steal 1Password credentials.

Lastpass also notes that:

> “Several of the phishing sites are clearly intended to target passkeys, reflecting both the increased interest on the part of cybercriminals in passkeys and the increased adoption on the part of consumers.”

Passkeys are a very secure replacement for passwords. They can’t be cracked, guessed or phished, and let you log in easily without having to type a password every time. Most password managers—like LastPass, 1Password, Dashlane, and Bitwarden—now store and sync passkeys across devices.

Because passkeys often protect high-value assets like banking, crypto wallets, password managers, and company accounts—they’ve become an attractive prize for attackers.

**Advice for users**

While passkeys themselves cannot be phished via simple credential theft, attackers can trick users into:

*   Registering a new passkey on a malicious site or a fake login page
*   Approving fraudulent device syncs or account transfers
*   Disabling passkeys and reverting to weaker login methods, then stealing those fallback credentials

LastPass and other security experts recommend:

*   Never enter your master password on links received via email or text.
*   Understand how passkeys work and keep them safe.
*   Only logging into your password manager via official apps or bookmarks.
*   Be wary of urgent or alarming messages demanding immediate action.
*   Remember that legitimate companies won’t ask for sensitive credentials via email or phone.
*   Use an up-to-date real-time anti-malware solution preferably with a web protection module.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 Phishing scam uses fake death notices to trick LastPass users 

London, United Kingdom, 27th October 2025, CyberNewsWire

**London, United Kingdom, October 27th, 2025, CyberNewsWire**

1inch, the leading DeFi ecosystem, has adopted Innerworks’ advanced device intelligence and RedTeam ethical hacking platform to strengthen security. By tapping into Innerworks’ predictive AI solution, the companies are building a proactive immune system and setting the gold standard for DeFi.

DeFi’s growth and evolution has led to increased pressure from threat actors. While 1inch maintains an extensive and secure defense, the rapid pace of change among hackers means the project must adapt just as quickly. By deploying Innerworks’ intelligent predictive solutions, 1inch can now leverage AI to stay ahead of emerging threats.

Rather than waiting for attacks, Innerworks proactively unmasks hacker playbooks and feeds this intelligence directly into 1inch’s defences. As criminals increasingly use AI to mimic human behavior online, Innerworks leverages the same frontier AI methods to anticipate and neutralize these synthetic threats before they can scale, all happening seamlessly in the background, with zero user input required.

By adopting Innerworks, 1inch is not only hardening its own platform but also leading an industry-wide shift toward collective resilience.

> Sergej Kunz, Co-Founder of 1inch, said: “We’re flipping the script on hackers. By leveraging AI to anticipate their movements, we can proactively adapt our defenses to meet emerging threats head-on. This commitment to continuous testing and improvement is what makes 1inch one of the most secure DeFi projects today.”

> Oli Quie, CEO of Innerworks, stated: “Hackers are no longer just human – they are synthetic, powered by AI, and capable of breaching every mainstream solution. RedTeam proves this with a 99% bypass rate. By partnering with 1inch, we are converting this intelligence into a collective immune system that defends crypto — and eventually, the wider internet.”

**About Innerworks**

Innerworks is building the immune system for the internet. Its Synthetic Threat Intelligence platform leverages ethical hacking, behavioural AI, and decentralised training to identify and neutralise the world’s most advanced fraud and bot attacks. Trusted by leading financial and Web3 organisations, Innerworks delivers seamless, invisible defences that safeguard digital economies at scale.

**About 1inch**

1inch accelerates decentralized finance with a seamless crypto trading experience for 25M users. Beyond being the top platform for low-cost, efficient token swaps with $500M+ in daily trades, 1inch offers a range of innovative tools, including a secure self-custodial wallet, a portfolio tracker for managing digital assets, a dedicated business portal giving access to its cutting-edge technology, and even a debit card for easy crypto spending. By continuously innovating, 1inch is simplifying DeFi for everyone. 

Website | 1inch Business | Follow on X | Explore Blog

**Contact**

**PR lead**  
**Pavel Kruglov**  
**1inch**  
**\[email protected\]**

1inch partners with Innerworks to strengthen DeFi security through AI-Powered threat detection

Researchers have uncovered HyperRat, a new Android malware sold as a service, giving attackers remote control, data theft tools, and mass phishing features.

Cybersecurity researchers at iVerify have identified a new Android remote access trojan (RAT) called HyperRat, being promoted on cybercrime forums under the malware-as-a-service (MaaS) model. The tool allows attackers to remotely control infected devices, collect sensitive data, and send mass phishing messages without writing a single line of code.

HyperRat operates as a paid subscription. Once a buyer joins, they receive a customised malicious APK and access to a web-based control panel managed by the seller. That panel lets operators monitor infected devices, send commands, and view logs, while the developer maintains the backend infrastructure. Researchers say this model shows a change in the underground Android malware market, where automation is now a key selling point.

****Web Control Panel and Device Management****

According to iVerify’s blog post, its researchers analysed screenshots from the control interface that show a dashboard listing infected phones by number, IP address, and recent activity.

From this panel, operators can open a VNC session, send SMS messages from the victim’s SIM, retrieve call logs, modify permissions, and download archived messages. One button labelled for mass messaging indicates the malware can also be used for spam or phishing campaigns, not just surveillance.

Another screenshot shows detailed permission management. HyperRat tells the operator which Android privileges are active, including internet access, call and SMS control, and auto-restart after reboot. It can also request accessibility permissions and bypass battery optimisation, techniques commonly used to maintain persistence on a device even after reboots or user interference.

HyperRat’s dashboard (Screenshot via iVerify)

****Application Scanning and Bulk SMS****

The malware can enumerate installed applications, giving the operator a full list of package names and app titles. This allows them to decide which apps to impersonate using **phishing overlays**. For example, if a banking or payment app is detected, HyperRat can trigger a fake login screen mimicking that service, harvest credentials, and then hand control back to the real app to avoid suspicion.

The control panel also includes a “Send to contacts” form that lets the attacker send phishing messages directly from the victim’s phone. Operators can select SIM slots, set message delays, and choose which contacts to target. Because these messages originate from legitimate devices, they often bypass carrier-level spam filters and reach more potential victims.

**Telegram-Based Control**

HyperRat integrates with Telegram bots for remote control and notifications. The operator can configure chat IDs and API tokens so that alerts and logs are delivered directly through Telegram chats. Using the encrypted messaging platform allows attackers to manage devices discreetly and avoid detection by security monitoring systems that rely on traditional command-and-control traffic patterns.

**Custom APK Builder**

A built-in APK builder lets the attacker generate a fake Android app with a spoofed name and icon. Options in the builder include hiding the app icon, intercepting notifications, enabling a SOCKS5 proxy, disabling battery optimisation, and launching a VNC module for remote screen access. The builder also supports WebView mode, enabling the app to disguise itself as a basic browser while quietly connecting to the attacker’s server.

What HyperRat malware can do (Screenshot via iVerify)

**Advertising and Market Context**

HyperRat is being marketed in Russian-language channels as a “next generation Android app for tracking and controlling your device.” Its feature list includes full access to SMS and MMS messages, automatic SIM number retrieval, one-click message archiving, and a web control panel with analytics.

The appearance of HyperRat follows other MaaS kits such as PhantomOS and Nebula, which provide similar capabilities for a monthly fee. These platforms lower the barrier for entry, allowing even inexperienced actors to run mobile spying or credential theft campaigns using prebuilt infrastructure.

Users should avoid sideloading APKs from untrusted sources, check which app is set as the default for SMS, and regularly review permissions for anything requesting access to accessibility services or system settings.

New HyperRat Android Malware Sold as Ready-Made Spy Tool

Security, trust, and stability — once the pillars of our digital world — are now the tools attackers turn against us. From stolen accounts to fake job offers, cybercriminals keep finding new ways to exploit both system flaws and human behavior.
Each new breach proves a harsh truth: in cybersecurity, feeling safe can be far more dangerous than being alert.
Here’s how that false sense of security

⚡ Weekly Recap: WSUS Exploited, LockBit 5.0 Returns, Telegram Backdoor, F5 Breach Widens

X (formerly Twitter) is asking users with security keys to re-enroll by Nov 10 as it moves logins from twitter.com to x.com for continued 2FA access.

X (formerly Twitter) has announced that users who rely on security keys for two-factor authentication (2FA) must re-enroll their keys by November 10, 2025, to keep accessing their accounts. The company says the change is necessary as it completes the move from twitter.com to x.com, a process that affects how its security system recognises users’ credentials.

In a post from the @Safety account, X said that anyone using a hardware security key or passkey needs to re-enroll it under the new domain. “By November 10, we’re asking all accounts that use a security key as their two-factor authentication (2FA) method to re-enroll their key to continue accessing X,” the post read.

Image credit: Hackread.com

Users can re-enroll the same key or set up a new one, but older keys will stop working if they aren’t re-registered. However, after tweets from users questioning the move, X clarified that this update is not related to any security incident and only affects people using YubiKeys or passkeys, not those using apps like Google Authenticator or SMS-based codes.

Image credit: Hackread.com

The company says the change comes down to how security keys actually work. These devices use a protocol that linking each registered key to a specific web domain. Since X’s login pages are moving from twitter.com to x.com, the credentials registered under the old domain won’t work on the new one. Security keys are built to ignore login requests from domains they weren’t originally registered with, a feature meant to stop phishing attacks.

This means users must create new credentials for x.com. Once they do, their accounts will work as normal. If they don’t re-enroll by November 10, their accounts will be locked until they either re-register the key, switch to another 2FA method, or turn off 2FA completely (though X advises against disabling it).

X to Retire Twitter.com, Users Must Re-Register Security Keys by Nov 10

A database containing information on people who applied for jobs with Democrats in the US House of Representatives was left accessible on the open web.

The sensitive personal details of more than 450 people holding “top secret” US government security clearances were left exposed online, new research seen by WIRED shows. The people’s details were included in a database of more than 7,000 individuals who have applied for jobs over the last two years with Democrats in the United States House of Representatives.

While scanning for unsecured databases at the end of September, an ethical security researcher stumbled upon the exposed cache of data and discovered that it was part of a site called DomeWatch. The service is run by the House Democrats and includes videostreams of House floor sessions, calendars of congressional events, and updates on House votes. It also includes a job board and résumé bank.

After the researcher attempted to notify the House of Representatives’ Office of the Chief Administrator on September 30, the database was secured within hours, and the researcher received a response that simply said, “Thanks for flagging.” It is unclear how long the data was exposed or if anyone else accessed the information while it was unsecured.

The independent researcher, who asked to remain anonymous due to the sensitive nature of the findings, likened the exposed database to an internal “index” of people who may have applied for open roles. Résumés were not included, they say, but the database contained details typical of a job application process. The researcher found data including applicants’ short written biographies and fields indicating military service, security clearances, and languages spoken, along with details like names, phone numbers, and email addresses. Each individual was also assigned an internal ID.

“Some people described in the data have spent 20 years on Capitol Hill,” the researcher tells WIRED, noting that the information went beyond a list of interns or junior staffers. This is what made the finding so concerning, the researcher says, because they fear that if the data had fallen into the wrong hands—perhaps those of a hostile state or malicious hackers—it could have been used to compromise government or military staffers who have access to potentially sensitive information. “From the perspective of a foreign adversary, that is a gold mine of who you want to target,” the security researcher says.

WIRED reached out to the Office of the Chief Administrator and House Democrats for comment. Some staff members WIRED contacted were unavailable because they have been furloughed as a result of the ongoing US government shutdown.

“Today, our office was informed that an outside vendor potentially exposed information stored in an internal site,” Joy Lee, spokesperson for House Democratic whip Katherine Clark, told WIRED in a statement on October 22. DomeWatch is under the purview of Clark’s office. “We immediately alerted the Office of the Chief Administration Officer, and a full investigation has been launched to identify and rectify any security vulnerabilities.” Lee added that the outside vendor is “an independent consultant who helps with the backend” of DomeWatch.

There are many unsecured and publicly accessible databases across the internet, and the researcher says that they might not have paused to investigate the DomeWatch data had they not noticed key words involving top-secret security clearances. This underscores the concern, the researcher says, that while the database is small, it contains information that would be potentially valuable in nation-state espionage. One entry, for example, listed a person who had “intelligence” and “US-China relations” experience.

“Exposed databases are a widespread, non-partisan cybersecurity problem. Left unchecked, they enable targeted espionage, fraud, and identity abuse,” says Alexander Leslie, senior advisor for government affairs at the threat intelligence firm Recorded Future, who was not involved in the research. “If accurate, this dataset would be extremely sensitive. Military histories and clearance status give adversaries precise reconnaissance and pretexting opportunities, and foreign espionage actors could further use this data for spear-phishing, impersonation, and targeted social-engineering to gain access or compromise accounts.”

According to the researcher, the data also included information about people’s political affiliations. Among the estimated 7,000 entries, there were around 4,200 people who appeared to have experience working in Congress. In total 6,300 people were marked as having Democratic Party affiliation, while 17 were listed as having Republican Party affiliation, and another 250-plus were listed as independent or other. The researcher says there were also some links to files or documents housed in other cloud storage systems.

Recorded Future's Leslie also points out that known breaches of data related to US government employment—most notably the 2015 Office of Personnel Management hack—create what he calls “long-term US national security and personnel risks.”

“This research was not targeted toward any political party or affiliation,” the researcher who found the unsecured database says. “It was just finding data, realizing that it could be vulnerable, and thinking of all the ways that not just criminals could use it, but foreign adversaries. It shouldn't be exposed.”

Hundreds of People With ‘Top Secret’ Clearance Exposed by House Democrats’ Website

ChatGPT, Gemini, DeepSeek, and Grok are serving users propaganda from Russian-backed media when asked about the invasion of Ukraine, new research finds.

OpenAI’s ChatGPT, Google’s Gemini, DeepSeek, and xAI’s Grok are pushing Russian state propaganda from sanctioned entities—including citations from Russian state media, sites tied to Russian intelligence or pro-Kremlin narratives—when asked about the war against Ukraine, according to a new report.

Researchers from the Institute of Strategic Dialogue (ISD) claim that Russian propaganda has targeted and exploited data voids—where searches for real-time data provide few results from legitimate sources—to promote false and misleading information. Almost one-fifth of responses to questions about Russia’s war in Ukraine, across the four chatbots they tested, cited Russian state-attributed sources, the ISD research claims.

“It raises questions regarding how chatbots should deal when referencing these sources, considering many of them are sanctioned in the EU,” says Pablo Maristany de las Casas, an analyst at the ISD who led the research. The findings raise serious questions about the ability of large language models (LLMs) to restrict sanctioned media in the EU, which is a growing concern as more people use AI chatbots as an alternative to search engines to find information in real time, the ISD claims. For the six-month period ending September 30, 2025, ChatGPT search had approximately 120.4 million average monthly active recipients in the European Union, according to OpenAI data.

The researchers asked the chatbots 300 neutral, biased, and “malicious” questions relating to the perception of NATO, peace talks, Ukraine’s military recruitment, Ukrainian refugees, and war crimes committed during the Russian invasion of Ukraine. The researchers used separate accounts for each query in English, Spanish, French, German, and Italian in an experiment in July. The same propaganda issues are still present in October, Maristany de las Casas says.

Amid widespread sanctions imposed on Russia since its full-scale invasion of Ukraine in February 2022, European officials have sanctioned at least 27 Russian media sources for spreading disinformation and distorting facts as part of its “strategy of destabilizing” Europe and other nations.

The ISD research says chatbots cited Sputnik Globe, Sputnik China, RT (formerly Russia Today), EADaily, the Strategic Culture Foundation, and the R-FBI. Some of the chatbots also cited Russian disinformation networks and Russian journalists or influencers that amplified Kremlin narratives, the research says. Similar previous research has also found 10 of the most popular chatbots mimicking Russian narratives.

OpenAI spokesperson Kate Waters tells WIRED in a statement that the company takes steps “to prevent people from using ChatGPT to spread false or misleading information, including such content linked to state-backed actors,” adding that these are long-standing issues that the company is attempting to address by improving its model and platforms.

“The research in this report appears to reference search results drawn from the internet as a result of specific queries, which are clearly identified. It should not be confused with, or represented as referencing responses purely generated by OpenAI's models, outside of our search functionality,” Waters says. “We think this clarification is important as this is not an issue of model manipulation.”

Neither Google nor DeepSeek responded to WIRED’s request for comment. An email from Elon Musk’s xAI said: “Legacy Media Lies.”

In a written statement, a spokesperson for the Russian Embassy in London said that it was “not aware” of the specific cases that this report details but that it opposes any attempts to censor or restrict content on political grounds. “Repression against Russian media outlets and alternative points of view deprives those who seek to form their own independent opinions of this opportunity and undermines the very principles of free expression and pluralism that Western governments claim to uphold,” the spokesperson wrote.

“It is up to the relevant providers to block access to websites of outlets covered by the sanctions, including subdomains or newly created domains and up to the relevant national authorities to take any required accompanying regulatory measures,” says a European Commission spokesperson. “We are in contact with the national authorities on this matter.”

Lukasz Olejnik, an independent consultant and visiting senior research fellow at King’s College London’s Department of War Studies, says the findings “validate” and help contextualize how Russia is targeting the West’s information ecosystem. “As LLMs become the go-to reference tool, from finding information to validating concepts, targeting and attacking this element of information infrastructure is a smart move,” Olejnik says. “From the EU and US point of view, this clearly highlights the danger.”

Since Russia invaded Ukraine, the Kremlin has moved to control and restrict the free flow of information inside Russia: banning independent media, increasing censorship, curtailing civil society groups, and building more state-controlled tech. At the same time, some of the country’s disinformation networks have ramped up activity and adopted AI tools to supercharge production of fake images, videos, and websites.

Across the ISD’s findings, around 18 percent of all prompts, languages, and LLMs returned results linked to state-funded Russian media, sites “linked to” Russia’s intelligence agencies, or disinformation networks, the research says. Questions about peace talks between Russia and Ukraine led to more citations of “state-attributed sources” than questions about Ukrainian refugees, for instance.

The ISD’s research claims that the chatbots displayed confirmation bias: The more biased or malicious the query, the more frequently the chatbots would deliver Russian state-attributed information. The malicious queries delivered Russian state-attributed content a quarter of the time, biased queries provided pro-Russian content 18 percent of the time, while neutral queries were just over 10 percent. (In the research, malicious questions to chatbots “demanded” answers to back up an existing opinion, whereas “biased” questions were leading but more open ended).

Of the four chatbots, which are all popular in Europe and collect data in real time, ChatGPT cited the most Russian sources and was most influenced by biased queries, the research claims. Grok often linked to social media accounts that promoted and amplified Kremlin narratives, whereas DeepSeek sometimes produced large volumes of Russian state-attributed content. The researchers say Google’s Gemini “​​frequently” displayed safety warnings next to the findings and had the overall best results out of the chatbots they tested.

Multiple reports this year have claimed a Russian disinformation network dubbed “Pravda” has flooded the web and social media with millions of articles as part of an effort to “poison” LLMs and influence their outputs. “Having Russian disinformation be parroted by a Western AI model gives that false narrative a lot more visibility and authority, which further allows these bad actors to achieve their goals,” says McKenzie Sadeghi, a researcher and editor at media watchdog company NewsGuard, who has studied the Pravda network and Russian propaganda’s influence on chatbots. (Only two links in the ISD research could be connected back to the Pravda network, the findings say).

Sadeghi claims the Pravda network in particular is quick to launch new domains where propaganda is published and says it can be particularly successful when there is little reliable information on a subject—the so-called data voids. “Especially related to the conflict \[in Ukraine\], they’ll take a term where there’s no existing reliable information about that particular topic or individual on the web and flood it with false information,” Sadeghi says. “It would require implementing continuous guardrails in order to really stay on top of that network.”

Chatbots may come under more pressure from EU regulators as their user base grows. In fact, ChatGPT may have already hit the threshold to be designated a Very Large Online Platform (VLOP) by the EU once it hits 45 million average monthly users. This status triggers specific rules that tackle the risk of illegal content and their impact on fundamental rights, public security, and well-being on those sites.

Even without qualifying for specific regulation, the ISD’s Maristany de las Casas argues that there should be a consensus across companies of what sources should not be referenced or should not appear on these platforms when they are linked to foreign states known for disinformation. “It could be providing users with further context, making sure that users understand the times that these domains have a conflict and even understanding why they’re sanctioned in the EU,” he says. “It’s not only an issue of removal, it’s an issue of contextualizing further to help the user understand the sources they’re consuming, especially if these sources are appearing amongst trusted, verified sources.”

Chatbots Are Pushing Sanctioned Russian Propaganda

The ransomware group known as Qilin (aka Agenda, Gold Feather, and Water Galura) has claimed more than 40 victims every month since the start of 2025, barring January, with the number of postings on its data leak site touching a high of 100 cases in June.
The development comes as the ransomware-as-a-service (RaaS) operation has emerged as one of the most active ransomware groups, accounting for

The ransomware group known as Qilin (aka Agenda, Gold Feather, and Water Galura) has claimed more than 40 victims every month since the start of 2025, barring January, with the number of postings on its data leak site touching a high of 100 cases in June.

The development comes as the ransomware-as-a-service (RaaS) operation has emerged as one of the most active ransomware groups, accounting for 84 victims each in the months of August and September 2025. Qilin is known to be active since around July 2022.

According to data compiled by Cisco Talos, the U.S., Canada, the U.K., France, and Germany are some of the countries most impacted by Qilin. The attacks have primarily singled out manufacturing (23%), professional and scientific services (18%), and wholesale trade (10%) sectors.

Attacks mounted by Qilin affiliates have likely leveraged leaked administrative credentials on the dark web for initial access using a VPN interface, followed by performing RDP connections to the domain controller and the successfully breached endpoint.

In the next phase, the attackers conducted system reconnaissance and network discovery actions to map the infrastructure, and executed tools like Mimikatz, WebBrowserPassView.exe, BypassCredGuard.exe, and SharpDecryptPwd to facilitate credential harvesting from various applications and exfiltrate the data to an external SMTP server using a Visual Basic Script.

"Commands executed via Mimikatz targeted a range of sensitive data and system functions, including clearing Windows event logs, enabling SeDebugPrivilege, extracting saved passwords from Chrome's SQLite database, recovering credentials from previous logons, and harvesting credentials and configuration data related to RDP, SSH, and Citrix," Talos said.

Further analysis has uncovered the threat actor's use of mspaint.exe, notepad.exe, and iexplore.exe to inspect files for sensitive information, as well as a legitimate tool called Cyberduck to transfer files of interest to a remote server, while obscuring the malicious activity.

The stolen credentials have been found to enable privilege escalation and lateral movement, abusing the elevated access to install multiple Remote Monitoring and Management (RMM) tools like AnyDesk, Chrome Remote Desktop, Distant Desktop, GoToDesk, QuickAssist, and ScreenConnect. Talos said it could not definitively conclude if the programs were used for lateral movement.

To sidestep detection, the attack chain involves the execution of PowerShell commands to disable AMSI, turn off TLS certificate validation, and enable Restricted Admin, in addition to running tools such as dark-kill and HRSword to terminate security software. Also deployed on the host are Cobalt Strike and SystemBC for persistent remote access.

The infection culminates with the launch of the Qilin ransomware, which encrypts files and drops a ransom note in each encrypted folder, but not before wiping event logs and deleting all shadow copies maintained by the Windows Volume Shadow Copy Service (VSS).

The findings coincide with the discovery of a sophisticated Qilin attack that deployed their Linux ransomware variant on Windows systems and combined it with the bring your own vulnerable driver (BYOVD) technique and legitimate IT tools to bypass security barriers.

"The attackers abused legitimate tools, specifically installing AnyDesk through Atera Networks' remote monitoring and management (RMM) platform and ScreenConnect for command execution. It abuses Splashtop for the final ransomware execution," Trend Micro said.

"They specifically targeted Veeam backup infrastructure using specialized credential extraction tools, systematically harvesting credentials from multiple backup databases to compromise the organization's disaster recovery capabilities before deploying the ransomware payload."

Besides using valid accounts to breach target networks, select attacks have employed spear-phishing and ClickFix\-style fake CAPTCHA pages hosted on Cloudflare R2 infrastructure to trigger the execution of malicious payloads. It's assessed that these pages deliver the information stealers necessary to harvest credentials that are then used to obtain initial access.

Some of the crucial steps taken by the attackers are as follows -

*   Deploying a SOCKS proxy DLL to facilitate remote access and command execution
*   Abusing ScreenConnect's remote management capabilities to execute discovery commands and running network scanning tools to identify potential lateral movement targets
*   Targeting the Veeam backup infrastructure to harvest credentials
*   Using the "eskle.sys" driver as part of a BYOVD attack to disable security solutions, terminate processes, and evade detection
*   Deploying PuTTY SSH clients to facilitate lateral movement to Linux systems
*   Using SOCKS proxy instances across various system directories to obfuscate command-and-control (C2) traffic by means of the COROXY backdoor
*   Using WinSCP for secure file transfer of the Linux ransomware binary to the Windows system
*   Using Splashtop Remote's management service (SRManager.exe) to execute the Linux ransomware binary directly on Windows systems

"The Linux ransomware binary provided cross-platform capability, allowing the attackers to impact both Windows and Linux systems within the environment using a single payload," Trend Micro researchers noted.

"Updated samples incorporated Nutanix AHV detection, expanding targeting to include hyperconverged infrastructure platforms. This demonstrated the threat actors' adaptation to modern enterprise virtualization environments beyond traditional VMware deployments."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

Latest News