Tata Technologies hit by Hunters International ransomware attack. The group threatened to leak 1.4TB of data. Learn about…

Tata Technologies hit by Hunters International ransomware attack. The group threatened to leak 1.4TB of data. Learn about the extortion, potential data leak, and the connection to Hive ransomware.

Tata Technologies, a subsidiary of Indian multinational conglomerate Tata Motors, has reportedly been targeted by the ransomware group Hunters International. The attackers claim to have exfiltrated a massive 1.4 terabytes of data, encompassing over 730,000 files, from the engineering firm.  

This incident follows a mandatory disclosure made by Tata Motors to the Indian stock exchange in January 2025, where they reported a “ransomware incident” that had temporarily disrupted some of their IT services.

“The Company has become aware of a ransomware incident that has affected a few of our IT assets. As a precautionary measure, some of the IT services were suspended temporarily and have now been restored,” the disclosure read.

 While Tata Technologies acknowledged the incident at the time and stated that client delivery services remained unaffected, they did not disclose the identity of the attackers or the extent of the data breach.

Hunters International has now claimed responsibility for the attack. They are threatening to publicly release the stolen data unless a ransom is paid, although the specific amount demanded has not been disclosed.

Hunters International’s Extortion Page Lists Tata Technologies (Source: Bleeping Computer)

For your information, Hunters International is a notorious ransomware gang known for pursuing high-value targets. The group has a history of targeting organizations across various sectors, including automotive, finance, and healthcare. 

There is speculation that Hunters International may be a rebranded version of the now-defunct Hive ransomware gang, which was disrupted in a joint operation by the FBI, German, and Dutch law enforcement agencies in 2023 leading to the seizure of their site The Hive Leak..

This suspicion arises from the observation that both groups utilize the same strain of ransomware. Notably, Hive had previously targeted Tata Power in 2022, leaking stolen data after the company refused to pay the ransom.

The current situation with Tata Technologies remains unresolved. The company has not publicly commented on the ransom demand or confirmed whether they are in contact with the attackers. 

Nonetheless, the incident reignites concerns about the potential resurgence of the Hive ransomware gang under a new guise, raising questions about the effectiveness of law enforcement disruptions. It also reinstates the persistent threat of ransomware attacks and the vulnerability of even large multinational corporations to sophisticated cybercriminal groups.

 Moving forward, this situation highlights the critical need for organizations to prioritize advanced cybersecurity measures, incident response planning, and proactive threat intelligence to mitigate the impact of such attacks. The outcome of Tata Technologies’ response to this incident will undoubtedly serve as a case study for other organizations facing similar threats.

Camellia Chan, CEO and co-founder of X-PHY commented on the latest development stating, “The industrial sector was the most attacked sector in 2024. With the news that Hunters International has allegedly listed 1.4TB of Tata Technologies’ data, it’s clear this trend shows no signs of slowing down.”

“Due to the scale of their operations, industrials are perceived as having high ransom potential compared with other businesses. Take Tata Technologies as an example. Their customers are household automotive and aerospace engineering names like Jaguar, Airbus, Ford, and Honda which screams ‘cash’ for cybercriminals,” Camellia added.

“The only – and I mean only – way to stop this from happening is AI-first and multi-layer defence strategy that combines software and hardware solutions. This will proactively seek out threats before bad actors have a chance to gain access,” she explained.

Tata Technologies Hit by Hunters International Ransomware, 1.4TB Data at Risk

Yo, check it - the ABB BMS/BAS system's got a slick little weakness in them caldavInstall.php, caldavInstallAgendav.php, and caldavUpload.php files. All you gotta do is drop that skipChecksum beat in the POST vibe, and bam, the system skips all that MD5 checksum nonsense, no EXPERTMODE needed to crank the funk. This lets any slick cat without a login slide in some jacked-up CalDAV ZIP files, no questions asked. We're talkin' tampered tunes hittin' the deck, openin' the door to messin' with the system or droppin' some nasty uploads, all unauthorized-like. That's the funky flaw, baby - straight-up tamper town.

Title: ABB Cylon Aspect 3.08.01 (caldavUpload.php) Funkalicious Exploit  
Advisory ID: ZSL-2025-5926  
Type: Local/Remote  
Impact: Security Bypass, System Access, DoS  
Risk: (5/5)  
Release Date: 06.03.2025

**Summary**

ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices.

**Description**

Yo, check it - the ABB BMS/BAS system's got a slick little weakness in them caldavInstall.php, caldavInstallAgendav.php, and caldavUpload.php files. All you gotta do is drop that skipChecksum beat in the POST vibe, and bam, the system skips all that MD5 checksum nonsense, no EXPERTMODE needed to crank the funk. This lets any slick cat without a login slide in some jacked-up CalDAV ZIP files, no questions asked. We're talkin' tampered tunes hittin' the deck, openin' the door to messin' with the system or droppin' some nasty uploads, all unauthorized-like. That's the funky flaw, baby - straight-up tamper town.

**Vendor**

ABB Ltd. - https://www.global.abb

**Affected Version**

NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio  
Firmware: <=3.08.01

**Tested On**

GNU/Linux 3.15.10 (armv7l)  
GNU/Linux 3.10.0 (x86\_64)  
GNU/Linux 2.6.32 (x86\_64)  
Intel(R) Atom(TM) Processor E3930 @ 1.30GHz  
Intel(R) Xeon(R) Silver 4208 CPU @ 2.10GHz  
PHP/7.3.11  
PHP/5.6.30  
PHP/5.4.16  
PHP/4.4.8  
PHP/5.3.3  
AspectFT Automation Application Server  
lighttpd/1.4.32  
lighttpd/1.4.18  
Apache/2.2.15 (CentOS)  
OpenJDK Runtime Environment (rhel-2.6.22.1.-x86\_64)  
OpenJDK 64-Bit Server VM (build 24.261-b02, mixed mode)  
ErgoTech MIX Deployment Server 2.0.0

**Vendor Status**

\[21.04.2024\] Vulnerability discovered.  
\[22.04.2024\] Vendor contacted.  
\[22.04.2024\] Vendor responds.  
\[02.05.2024\] Working with the vendor.  
\[07.08.2024\] Vendor released version 3.08.02 to address this issue.  
\[06.03.2025\] Public security advisory released.

**PoC**

funkalicious.py

**Credits**

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk\>

**References**

\[1\] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5860.php  
\[2\] https://packetstorm.news/files/id/189617/

**Changelog**

\[06.03.2025\] - Initial release

**Contact**

Zero Science Lab

Web: https://www.zeroscience.mk  
e-mail: lab@zeroscience.mk

ABB Cylon Aspect 3.08.01 (caldavUpload.php) Funkalicious Exploit

CEOs and business owners received personal, customized ransomware threats in a series of letters sent in the mail through USPS.

Business owners and CEOs across the United States received customized ransomware threats this month from the most unusual of places—letters in the mail.

The letters, which were first reported by multiple cybersecurity researchers, claim to come from a ransomware group called BianLian. But since Malwarebytes first started tracking BianLian nearly one year ago, our intelligence analysts have never seen the cybercriminal gang resort to sending physical letters to make their ransom demands, suggesting that the latest snail mail campaign could be the work of copycats.

The threat, however, is still quite real, especially for small business owners who rely either on themselves or contracted IT services to investigate any technical problems.

According to multiple examples discovered by researchers, the letters in this likely hollow threat were sent through the US Postal Service. The envelopes containing the letters are stamped with the words “TIME SENSITIVE READ IMMEDIATELY” and have the following return address listed:

> BianLian Group  
> 24 Federal St, Suite 100  
> Boston, MA, 02110

The letters themselves lobby a variety of urgent threats to their recipients: Their corporate network has been compromised, sensitive customer and employee data has been stolen, and there is immediately a 10-day deadline to pay a cryptocurrency ransom before the cybercriminals leak the stolen data online.

These threats are standard for ransomware groups today, especially those that have pivoted to not only encrypting a company’s data, but stealing it in the process of an attack to use as further leverage to extort a ransom payment. In fact last year, Malwarebytes wrote about BianLian abusing a common Microsoft tool to avoid cybersecurity detection while storing massive quantities of stolen data from victims.

But the similarities between the threats included in the letter and the recorded actions of BianLian end there. The letter senders claim that they “no longer negotiate with victims,” which is a rarity from ransomware gangs. In fact, the practice is so normalized that a cottage industry of ransomware “negotiators” has popped up to help victims caught in an attack. The letters themselves, researchers said, also include few grammatical errors and better sentence structure than a typical BianLian ransomware note.

One of the letters, in full, begins:

> Dear \[REDACTED\]
> 
> I regret to inform you that we have gained access to \[REDACTED\] systems and over the past several weeks have exported thousands of data files, including customer order and contact information, employee information with IDs, SSNs, payroll reports, and other sensitive HR documents, company financial documents, legal documents, investor and shareholder information, invoices, and tax documents.

Interestingly, researchers noticed that some of the letters were customized based on their recipient. If a letter was sent to a healthcare CEO, for instance, the letter warned about the theft of patient data; if the letter was sent to a CEO of a product maker, the letter warned about breached customer orders and employee data.

The amounts demanded by the letters varied reportedly from $250,000 to $350,000.

While a “physical” cyberthreat may sound silly, these letters could cause significant harm to small and growing businesses.

These personalized letters convincingly threaten network compromise, password abuse, employee exploitation, and data theft, which can be difficult to verify for any lean organization. Think about it this way: If an everyday person would struggle to check whether their home router had been compromised, many small business owners would struggle to do the same regarding their corporate infrastructure, and that’s through no fault of their own.

If you receive one of these letters in the mail, notify your IT or security team immediately. They can provide the investigation necessary to verify the security of your business.

Whether you have dedicated IT staff or not, you can protect your small business with Malwarebytes Teams, which prevents malware attacks and notifies you about suspicious activity on your network.

 Ransomware threat mailed in letters to business owners 

Removing 24 malicious apps from the Google Play store and silencing some servers has almost halved the BadBox botnet.

Removing 24 malicious apps from the Google Play store and silencing some servers almost halved a botnet known as BadBox.

The BadBox botnet focuses on Android devices, but not just phones. It also affects other devices like TV streaming boxes, tablets, and smart TVs.

The German BSI (Federal Office for Information Security) started the disruption campaign in December by blocking the malware on 30,000 devices. BadBox is referred to as a botnet, because one of its capabilities is to set up the affected device to act as a proxy, allowing other people to use the device’s internet bandwidth and hardware to route their own traffic.

This traffic can for example serve in DDoS attacks or as a platform to spread fake news and disinformation. But BadBox can also steal two-factor authentication (2FA) codes, install further malware, and perform ad fraud.

Unfortunately, the 30,000 devices cut off by the BSI were only the tip of the iceberg. Estimates say there may be as many as one million affected devices. These devices have not necessarily been infected by installing malicious apps. It’s been suggested that Chinese manufacturers hide firmware backdoors in their devices, BadBox being one of them.

The BSI said it found:

> “The BadBox malware was already installed on the respective devices when they were purchased.”

According to Satori Threat Intelligence researchers:

> “Devices connected to the BADBOX 2.0 operation included lower-price-point, “off brand”, uncertified tablets, connected TV (CTV) boxes, digital projectors, and more. The infected devices are Android Open Source Project devices, not Android TV OS devices or Play Protect certified Android devices.”

Off brand devices are devices which do not carry any specific brand name that you might recognize. They are often cheap and made by small manufacturers.

Following the botnet’s development after the German disruption, the researchers found new Command and Control (C2) servers which hosted a list of APKs targeting Android Open Source Project devices similar to those impacted by BadBox.

As part of the disruptions, the servers that were controlling the botnet have been sinkholed, which basically means that the traffic between those servers and the botnet clients gets redirected so it will no longer arrive at the intended destination.

**How to stay safe**

This disruption will likely not be the end of the story. The botnet operators will adapt again and rebuild their infrastructure. Given their supply chain of compromised devices the botnet will resurface soon enough.

So here are a few things you can do:

*   Check you don’t have the apps ‘Earn Extra Income’ and ‘Pregnancy Ovulation Calculator’, which had over 50,000 downloads each. You can recognize the malicious apps from the publisher name Seekiny Studio. If you find them on your device, remove them immediately.
*   Protect your Android devices with an active security solution that can remove malicious apps and block malicious traffic.
*   Google Play Protect automatically warns users and blocks apps known to exhibit BadBox 2.0-associated behavior at install time on Play Protect certified Android devices with Google Play Services. If a device isn’t Play Protect certified, carefully study its origin before purchasing it.

**We don’t just report on phone security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

 Android botnet BadBox largely disrupted 

Developed to boost productivity and operational readiness, the AI is now being used to “review” diversity, equity, inclusion, and accessibility policies to align them with President Trump’s orders.

The United States Army is employing a prototype generative artificial intelligence tool to identify references to diversity, equity, inclusion, and accessibility (DEIA) for removal from training materials in line with a recent executive order from President Donald Trump.

Officials at the Army’s Training and Doctrine Command (TRADOC)—the major command responsible for training soldiers, developing leaders, and shaping the service’s guidelines, strategies, and concepts—are currently using the AI tool, dubbed CamoGPT, to “review policies, programs, publications, and initiatives for DEIA and report findings,” according to an internal memo reviewed by WIRED.

The memo followed Trump’s signing of a January 27 executive order titled “Restoring America’s Fighting Force,” which directed Defense Secretary Pete Hegseth to eliminate all Pentagon policies seen as promoting what that the commander in chief declared “un-American, divisive, discriminatory, radical, extremist, and irrational theories” regarding race and gender, a linguistic dragnet that extends as far as past social media posts from official US military accounts.

In an email to WIRED, TRADOC spokesman Army Major Chris Robinson confirmed the use of CamoGPT to review DEIA materials.

TRADOC “will fully execute and implement all directives outlined in the Executive Orders issued by the president. We ensure that these directives are carried out with the utmost professionalism, efficiency, and in alignment with national security objectives,” Robinson says. “Specific details about internal policies and tactics cannot be discussed. However, the use of all tools in our portfolio, including CamoGPT, to increase productivity at all levels can and will be used.”

Developed last summer to boost productivity and operational readiness across the US Army, CamoGPT currently has around 4,000 users who “interact” with it on a daily basis, Captain Aidan Doyle, a CamoGPT data engineer, tells WIRED. The tool is used for everything from developing comprehensive training program materials to producing multilingual translations, with TRADOC providing a “proof of concept and demonstration” at last October’s annual Association of the United States Army conference in Washington, DC, according to Robinson.

While Doyle declined to comment on the specifics on how TRADOC officials were likely using the CamoGPT to scan for DEIA-related policies, he described the process of searching through documents as relatively straightforward.

“I would take all the documentation you want to examine, order it all in a collection on CamoGPT, and then ask questions about the documents,” he says. “The way retrieval-augmented generation works is that the more specific your question is to the concepts inside the document, the more detailed information the model will provide back.”

In practical terms, this means that TRADOC officials are likely inputting a large number of documents into CamoGPT and asking the LLM to scan for targeted keywords like “dignity” or “respect” (which, yes, the Army is currently using to screen past digital content) to identify materials for subsequent alteration and bring them in line with Trump’s executive order.

By using CamoGPT, the work of eliminating DEIA-related content will likely result in a rapid change to the US Army’s documentation. “We’re competing with ‘control+F’ in Adobe Acrobat,” Doyle says.

CamoGPT isn’t the only AI chatbot in the Pentagon’s arsenal: The US Air Force’s NIPRGPT has seen extensive use among airmen since its launch in June for “summarization of documents, drafting of documents and coding assistance,” according to DefenseScoop.

The AI-assisted assessment of US military training materials comes amid a government-wide effort to root out DEIA initiated the day Trump returned to the Oval Office in January to start his second term. Detailed in Trump’s January 27 executive order, the Defense Department’s purge has taken the form of the closure of service-specific DEIA offices and program, a department-wide review of past DEI initiatives, and even the removal of historical content related to the famed all-Black Tuskegee Airmen from Air Force basic training materials, the latter of which was swiftly reversed amid public outcry.

Originally inspired by the public release of OpenAI’s ChatGPT in November 2022, CamoGPT is a product of the Army’s Artificial Intelligence Integration Center (AI2C), the organization formed in 2018 as part of Army Future Command to spearhead AI research and development efforts by “leveraging a soldier workforce to build experimental prototypes,” as Eric Schmitz, AI2C’s operations and intelligence portfolio lead, tells WIRED.

“The mission is to make AI accessible to the Army through experimentation, and we have an ethos and culture that is very much a start-up ethos.” Schmitz says. “We are product-centric and believe AI is inherently software-driven: You can do all the research you like in academia, but if you don't have software to deliver it to somebody and find out if it's useful software, then you’ll never know if your AI is useful in the real world.”

In response to the arrival of ChatGPT, AI2C quickly spun up a CamoGPT prototype based on an open-source LLM in June 2024. The center’s approach to CamoGPT is “model agnostic,” according to Schmitz: While the system currently relies on tech giant Meta’s open-source Llama 3.3 70B LLM, the underlying model is “expendable” should a better version hit the market. What really matters is building software that the average soldier will actually use in their day-to-day operations, an achievement that might influence its long-term adoption across the force.

“When you talk about how the Army doesn’t build software well, it’s because user adoption is not a priority, but it’s a massive priority to us,” Schmitz says.

Whether CamoGPT proliferates more broadly across the Army remains to be seen, and Schmitz and Doyle emphasized that AI2C’s role is laser-focused on experimental prototyping rather than building products ready for immediate fielding. But with the entire federal government reorienting itself in the name of “efficiency,” the success of CamoGPT’s application to Trump’s DEIA overhaul may end up cementing its utility for military planners.

“You need to be ruthlessly critical of what you have built and what you plan to build and hyper focused on driving user adoption,” Schmitz says. “The core question is, how do you build something that’s so valuable that people say they can't live without it?”

The US Army Is Using ‘CamoGPT’ to Purge DEI From Training Materials

YouTube CEO Neal Mohan was impersonated in a deepfake phishing scam. Learn about the attack, how to spot…

YouTube CEO Neal Mohan was impersonated in a deepfake phishing scam. Learn about the attack, how to spot the red flags, and how to protect your account from credential theft.

A new sophisticated phishing operation, leveraging artificial intelligence, has recently targeted YouTube content creators. Scammers have utilized deepfake technology to create a convincing video of YouTube’s CEO, Neal Mohan, delivering a fabricated announcement about changes to the platform’s monetization policies.

This video is privately shared with targeted users to steal their login credentials and install malware on their devices. The fraudulent scheme begins with an email, seemingly originating from an official YouTube address, notifying creators that a private video has been shared with them. The video itself features a remarkably realistic deepfake of Neal Mohan, mimicking his appearance, voice, and mannerisms to an alarming degree.

In the video, the AI-generated Mohan discusses alleged alterations to YouTube’s monetization, urging viewers to take specific actions. These actions typically involve clicking on links, entering login credentials on fake websites, or downloading software from untrusted sources.

The Fraudulent Video (Source: Reddit)

Upon compromising a user’s account, the attackers gain access to their YouTube channel. This access can then be exploited for various malicious purposes, including spreading misinformation, conducting further phishing attacks, or engaging in fraudulent activities.

YouTube has responded to this threat with an urgent warning to its creator community. The company has explicitly stated that it will never share important information or contact users through private videos. Furthermore, they emphasized that any private video claiming to be from YouTube, particularly those featuring its CEO, should be treated as a phishing scam.

“We’re aware that phishers have been sharing private videos to send false videos, including an AI-generated video of YouTube’s CEO Neal Mohan announcing changes in monetization. YouTube and its employees will never attempt to contact you or share information through a private video,” Google’s official announcement read.

“If a video is shared privately with you claiming to be from YouTube, the video is a phishing scam. Do not click these links as the videos will likely lead to phishing sites that can install malware or steal your credentials,” Rob from YouTube warned users.

AI deepfakes are a dangerous illusion created by sophisticated AI models trained on real footage and voice samples, exploiting people’s trust in public figures. Even tech-savvy individuals would struggle to distinguish them from real footage. This incident highlights that the sophistication of phishing attacks has increased, with deepfake technology being used to impersonate high-profile figures like YouTube’s CEO.

Cybercriminals exploit creators’ trust in official platform communications, creating believable deceptions. Content creators are encouraged to exercise caution and avoid downloading files from untrusted sources. If you receive the video, Google recommends following these steps to report it.

Max Gannon, Intelligence Manager at Cofense commented on the latest development stating, _“_Given that deepfakes have typically only been used in high-value targeted scams, it’s a surprise that threat actors are using it for such a broad attack. It’s concerning and potentially indicates a shift in the threat landscape where we can expect to see more deepfakes and other targeted attack methods being broadly applied to larger audiences._“_

_“_However, according to affected users posting about these fake YouTube emails on various social media platforms, the emails deliver malicious executables to steal session cookies and hijack YouTube accounts. Ultimately, the initial phishing hook may be shifting, but the best defence remains the same: training and awareness to detect suspect emails and not click on their links.”

1.  YouTube Channels Hacked to in Fake CS2 Giveaways Scam
2.  Malware in Fake Business Proposals Hits YouTube Creators
3.  Ukrainian News Channel Hacked to Run Zelensky’s Deepfake
4.  Scam Uses AI-Generated Images to Represent Fake Law Firm
5.  “Get Paid to Like Videos” YouTube Scam Leads to Empty Wallets

Hackers Deploy AI Deepfake of YouTube CEO in Credential Theft Scam

Microsoft warns that Chinese espionage group Silk Typhoon now exploits IT tools like remote management apps and cloud services to breach networks.

Cybersecurity researchers at Microsoft Threat Intelligence have observed that Silk Typhoon aka HAFNIUM, a Chinese espionage group known for its technical skill, is now using common IT solutions as a gateway into networks. Instead of solely relying on highly critical security vulnerabilities in major systems, the group is turning its attention to everyday tools like remote management applications and cloud services.

The shift in tactics aligns with changes adopted by other sophisticated espionage groups worldwide. This trend was first reported in May 2024, highlighting how Russian hackers are moving away from custom payloads in favour of readily available malware. A similar shift was observed in Iran, as reported in August 2024, where Iranian hackers were found collaborating with ransomware gangs in attacks against the United States.

**Exploiting Vulnerabilities**

Traditionally, Silk Typhoon took advantage of rare zero-day vulnerabilities by scanning for weak public-facing devices such as firewalls and VPNs. Some of its known exploitation includes CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065. However, recent activity indicates that the group is now also targeting widely used solutions that many organizations rely on, including remote management tools and cloud applications.

While Microsoft confirms its own cloud services haven’t been directly targeted _yet_, Silk Typhoon is taking advantage of unpatched applications to breach systems. The group is known for misusing stolen keys and login details to compromise a targeted system and then using the access to reach into other systems, including those used by Microsoft particularly looking for information related to US government policy and legal matters.

****Changing Tactics****

The group’s change in tactics affects several sectors starting from government and healthcare to IT services and education. By attacking common IT tools, Silk Typhoon will take advantage of the fact that many organizations, including those with updated security measures, may overlook these everyday applications. Once inside, they will make use of various techniques to move across networks, access sensitive data, and even tamper with email and data storage services.

Therefore, Microsoft recommends a few key steps to secure yourself from the Silk Typhoon. First, keep all systems and software updated, as unpatched vulnerabilities are often the easiest entry points for attackers. Strong authentication practices, such as multi-factor authentication (MFA) and unique passwords, add an extra layer of security against unauthorized access.

For system administrators; monitoring network activity can also help detect unusual behaviour, like unexpected administrative changes, which could signal a breach. Additionally, organizations should carefully manage API keys and service credentials, restricting access wherever possible to prevent attackers from exploiting them.

Chinese Silk Typhoon Group Targets IT Tools for Network Breaches

The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks.
That's according to new findings from the Microsoft Threat Intelligence team, which said the Silk Typhoon (formerly Hafnium) hacking

China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access

London, United Kingdom, 5th March 2025, CyberNewsWire

**London, United Kingdom, March 5th, 2025, CyberNewsWire**

AI Soft has announced the upcoming public release of **Alli AI**, an advanced artificial intelligence-powered platform designed for content creation. Following the conclusion of a closed beta phase, the platform will soon be available with a free trial version, allowing users to explore its capabilities. Alli AI offers a range of tools for image enhancement, background modification, photo animation, video generation, and voice synthesis, catering to designers, photographers, marketers, and digital creators.

**Expanding AI Applications in Content Creation**

Alli AI functions as both an editor and a content generator, with applications spanning social media, digital marketing, and creative design. The technology has reportedly contributed to a growing volume of AI-generated content across platforms such as TikTok, Instagram, and X. Users have leveraged the tool for various applications, from animated imagery to advertising campaigns.

**Insights from Beta Testing**

The beta testing phase highlighted the platform’s appeal across multiple industries. Designers have used Alli AI to accelerate creative workflows and experiment with different artistic styles, while photographers have explored its animation and enhancement tools. Marketers have utilized the platform to streamline content production, and early adopters in other fields have experimented with its capabilities.

**Upcoming Public Launch**

Alli AI’s developers have announced plans for an upcoming public release, which will include a trial version. The platform is positioned as a tool for content creators seeking AI-driven enhancements for branding, digital media, and other projects.

**About Alli AI**

Alli AI is an AI-powered content creation platform developed by **AI Soft**. It offers tools for image enhancement, animation, background modification, video generation, and voice synthesis. Designed for professionals and casual users alike, Alli AI aims to streamline creative workflows across multiple industries, including marketing, photography, and design.

For more information, users can visit Alli AI’s official website or follow updates on X.

**Contact**

**AI Soft**  
**XS Trade**  
**\[email protected\]**  
**+447458196484**

Alli AI Announces Upcoming Public Launch of AI-Powered Content Creation Platform

Google has announced the rollout of artificial intelligence (AI)-powered scam detection features to secure Android device users and their personal information.
"These features specifically target conversational scams, which can often appear initially harmless before evolving into harmful situations," Google said. "And more phone calling scammers are using spoofing techniques to hide their real

Tag

#intel