News

The IT infrastructure that underpins today’s businesses is unrecognizable from even a few months ago. Every organization, planned or unplanned, has migrated to the cloud with AI intertwined given each enhances the other's capabilities.

Cloud and AI are undeniable game changers for businesses; however both introduce complex cyber risks when combined. Cloud security measures must evolve to meet the new challenges of AI and find the delicate balance between protecting against complex attacks on AI data and enabling organizations to achieve responsible AI innovation.

Cloud computing provides the infrastructure and resources needed to power AI algorithms, while AI makes cloud services more intelligent, efficient, and user centric. Underpinning this is the development team, running at full speed, creating and deploying new applications that reshape operations, enhance scalability, flexibility, and scrape cost savings where it can. But for those working to secure these shifting environments, it’s like trying to catch smoke. What is secure today may move, morph or even disappear entirely.

According to the Cloud AI Risk Report, cloud-based AI is prone to avoidable toxic combinations that leave sensitive AI data and models vulnerable to manipulation, data tampering and data leakage. As an illustration, this could leave AI training data susceptible to data poisoning, threatening to skew model results. Researchers calculated that almost 70% of cloud AI workloads contain at least one unpremeditated vulnerability.

Rather concerning was the discovery that three out of four organizations using one specific cloud provider for AI services were found to have overprivileged default configurations. Dubbed ‘The Jenga-style’ concept, the research found a tendency for cloud providers to build one service on top of the other, with “behind the scenes” building blocks inheriting risky defaults from one layer to the next, with any single misconfigured service putting all the services built on top of it at risk. The result is users left largely unaware of the existence of these behind-the-scenes building blocks as well as any propagated risk.

When we talk about AI usage in the cloud, more than sensitive data is on the line. If a threat actor manipulates the data or AI model, there can be catastrophic long-term consequences, such as compromised data integrity, compromised security of critical systems and degradation of customer trust. In addition, training and testing data is an attractive target for misuse and exploitation, as they may contain real information such as intellectual property, personal information (PI), personally identifiable information (PII) or customer data related to the nature of the AI project.

Threat actors are not just targeting AI but also harnessing it. Reports confirm that they have a number of powerful AI tools at their disposal, including AI-driven virtual assistants that can streamline and amplify their attacks. So far this year, there have been reports of threat actors harnessing AI to write malware for ransomware attacks. In fact, FunkSec, according to CheckPoint, is one such group that is believed to use AI-assisted malware development. The danger is that this could see inexperienced actors able to spin up and refine tools quickly to launch their own criminal escapades.

AI can be used to search for patterns, for the team to inspect what is happening within the organization's infrastructure and explain results in the simplest language possible. This can help the security team know what is important, the attack paths that could be travelled should a threat actor gain access, and where to best prioritize efforts to shut off these paths to reduce cyber risk. Solutions such as data security posture management (DSPM) and AI security posture management (AI-SPM) are becoming integral to many organizations.

Gartner defines DSPM as “... visibility as to where sensitive data is, who has access to that data, how it has been used, and what the security posture of the data stored or application is.” Put simply, DSPM solutions discover, classify and remediate data risks in cloud environments.

AI-security posture management (AI-SPM) is a cloud native application protection platform (CNAPP) domain that gives security teams full visibility and security of AI workloads, services and data used in training and inference without deploying an agent. It identifies and prioritizes AI resources based on sensitivity, access and risk relationships, providing the context needed to isolate the most critical AI exposures.

Though standalone DSPM and AI-SPM services act as powerful spotlights to illuminate data and AI resources, if they’re not combined with broader cloud security measures, they can't prevent unauthorized access or breaches that exploit vulnerabilities in the cloud infrastructure.

While the combination of AI and cloud offers immeasurable benefits, it introduces risks that could jeopardize sensitive data and data integrity, ultimately diminishing customer trust and business bottom lines. Organizations need DSPM and AI-SPM to pinpoint their valuable data and AI resources and cloud security solutions to build a secure vault around them.

We list the best antivirus software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• US government website has been hijacked with AI generated spam
• NPR, Stanford, and other sites were also taken over
• The spam seems to be explicit but non-malicious

Several web domains have been hijacked to show explicit and AI-generated content in a spam campaign that targeted US Government sites and other domains.

A domain belonging to the US Department of Health and Human Services (HHS) advising on vaccines was defaced to show thousands of AI-generated articles, primarily containing incorrect or incomplete information about popular search topics like video game round-ups or restaurant recommendations.

Websites linked to radio station NPR and Stanford University were also hit, as was a page advertising events linked to (but not owned by) chip giant Nvidia.

It’s not clear who hijacked the site or the purpose behind it, since the AI slop doesn’t seem to have a consistent theme or angle, and links in the pages directing to a “nonsense SEO spam page” stocks.wowlazy[.]com.

Much of the content appears to have been apparently explicit, but much was also “entirely mundane” - the spam campaign was discovered thanks to a technologist who was searching for ‘best Portland cat cafes’ on DuckDuckGo and was directed to the site and a spam page about cat cafes.

This isn’t the first time that cybercriminals have hijacked websites in order to post their own content, but usually this contains some type of malware of infostealer to gain profit from the spam campaigns - but as far as we can see, that wasn’t the case on this occasion.

SEO seems to be a tool that cybercriminals are taking advantage of in order to deliver malware (or not) to a wider audience. To mitigate the risk from this type of attack, users should disable push notifications from sites they don’t know/trust, and be very cautious with unfamiliar links.

TechRadar Pro did reach out to the CDC, NPR, and Stanford for comment but haven’t yet received a response. Nvidia told us the affected webpage was not affiliate to the company.

Via 404media

• Take a look at our picks for the best malware removal software around
• Check out our choice for AI tools
• Cybercriminals are using SEO to get popular fake AI tools loaded with malware to rank high on Google

• The Samsung Galaxy Z Fold 7 and Z Flip 7 could both have a new version of Samsung's ProVisual Engine
• This could allow for higher-quality photos, better digital zoom, and better video stability
• The foldables have also both been certified in South Korea, suggesting they're launching soon

The Samsung Galaxy Z Fold 7 and Samsung Galaxy Z Flip 7 could arrive with a major under-the-hood upgrade that delivers improved photos and videos, based on a new leak.

We've previously heard that the Samsung Galaxy Z Fold 7 could have a new 200MP camera, but that the Samsung Galaxy Z Flip 7 might not be in for any such upgrades, with the same camera hardware as last year tipped.

However, the Z Flip 7 could still be capable of taking better photos than the Samsung Galaxy Z Flip 6, as both upcoming foldables might have an improved version of Samsung's ProVisual Engine AI image-processing tech.

This is according to leaker @PandaFlashPro, who claims that a new version of ProVisual Engine is coming to both the Galaxy Z Flip 7 and the Galaxy Z Fold 7.

This upgrade will apparently allow for better photo quality, better digital zoom quality, and better video stability. So in other words, both photos and videos could look better on these phones than on their predecessors.

"Confirmed"The Galaxy Z Fold 7 | Flip 7 will use Samsung’s New Generation #GalaxyAI Pro-Visual Engine, which will later be Expanded to the Galaxy S25 Series.Main improvements.Better Image OutputBetter Digital Zoom QualityVideo StabilityJune 12, 2025

ProVisual Engine debuted in the Samsung Galaxy S24 series, and it’s a suite of AI tools that works in the background to improve photo and video quality – as well as powering things like Generative Edit, which lets you alter photos you’ve taken.

So it’s not a new thing, but if this leak is right then the Samsung Galaxy Z Fold 7 and Samsung Galaxy Z Flip 7 will get a new and improved version of the tech. However, the source adds that this upgraded version will subsequently land on the Samsung Galaxy S25 series as a software update, so you might not have to buy one of the company’s upcoming foldables to get it.

In other Samsung foldable news, the Galaxy Z Flip 7 and Galaxy Z Fold 7 have both been certified by SafetyKorea (as spotted by XpertPick).

These certifications don’t tell us much, but it’s mandatory for phones to receive this certification before being sold in South Korea, so this both confirms that the phones are in the works, and suggests they’ll land soon, since this certification would usually happen quite close to launch.

That makes sense, since based on past form we’d expect both handsets to launch in July, with one leak pointing to a July 10 announcement.

• The Samsung Galaxy Z Fold 7 will be the thinnest and lightest model yet
• The Samsung Galaxy Z Fold 7 could have a huge screen with tiny bezels
• The Samsung Galaxy Z Flip 7 and Galaxy Z Fold 7 will launch with Android 16

• Netflix has defended the streaming service's first big UI refresh in 12 years
• Fans have vented their fury over the homepage layout's unnecessary changes
• Netflix claims people quietly prefer the updated version

Netflix has defended the platform's first major user interface (UI) redesign in 12 years – and has even claimed the majority of people prefer it to the old landing page's layout.

Per The Hollywood Reporter (THR), Netflix has suggested fans actually prefer the streaming's new look compared to the old one. As THR's article reveals, Netflix says its internal data, plus the year-long beta test it conducted ahead of the new layout going live, vindicates the entertainment behemoth's decision to overhaul its service's UI.

Netflix's assertion comes over a month after it revealed the biggest upgrade to its homepage in over a decade. At the time, the streaming titan confirmed the update's global roll out would begin in earnest, but stated some users would see the redesign sooner than others.

Less than 24 hours after the UI refresh's grand unveiling, which took place on May 7, Netflix fans began reporting that their homepage had been updated – and a number of them weren't happy. Indeed, frustrated fans flocked to social media to say Netflix's "new design sucks" because it made it more difficult to find the type of content they like to stream.

In the weeks since the best streaming service's layout was overhauled, more customers have been switched over to the redesigned homepage. And, surprise surprise, more people have posted online to express their fury at what they deem to be unnecessary changes. From Netflix's own sub-Reddit to other social media platforms like X/Twitter, consumers have hit out at Netflix's layout renovation.

Now, though, Netflix has suggested those dissenters are just a very vocal minority. Indeed, while a company spokesperson admitted that the streaming giant knew it would face some form of backlash over the changes, the updated UI makes for a better experience. "With bigger boxes, we’re showing more information up front to help you make a better decision," they added. "Instead of seeing 20 or 30 titles at a time, now you’re seeing information at a glance."

This isn't the first time that Netflix fans have criticized decisions made by the video-on-demand (VoD) company. Whether it's the now-annual Netflix price rises, angry users threatening to close their accounts over the removal of certain subscription tiers, the regular cancelation of fan-favorite shows like The Recruit, or Netflix's incredibly divisive decision to crack down on account sharing between households, consumers have grown increasingly exasperated with the most popular streamer around.

But therein lies the problem. Despite the ire Netflix draws when it makes unpopular decisions, it's still the biggest and most-used VoD platform on the market. By the end of 2024, Netflix reported it had 301.6 million subscribers. Its closest rivals, believed to be Prime Video and Disney+, can only boast around 200 million users and 150.2 million customers, respectively. Despite fan frustration over updates like its layout refresh, then, Netflix continues to dominate the streaming landscape.

Netflix is no longer publicly disclosing how many users it has, so we won't know if consumers are voting with their money and canceling their Netflix subscription in the wake of any changes made to the service.

With so many new Netflix movies, plus new seasons of some of the best Netflix shows around, set to debut on the platform before the end of 2025, I can't see millions of active users hitting Netflix where it hurts – i.e. its profit margins. The only way to make its executives sit up and take notice is by closing our accounts in protest over updates like this UI overhaul. Until people vote with their wallets, Netflix will continue to do as it pleases, regardless of whether fans like it or not.

Have you closed your Netflix account over its redesign? Do you actually like the overhaul? Or don't you care either way? Let me know in the comments below.

• These are the best Netflix movies to stream today
• Get the definitive lowdown on Stranger Things season 5
• Or find out everything we know about Squid Game season 3