惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

The Hacker News
The Hacker News
F
Full Disclosure
Cloudbric
Cloudbric
Blog — PlanetScale
Blog — PlanetScale
W
WeLiveSecurity
N
News and Events Feed by Topic
T
Troy Hunt's Blog
V2EX - 技术
V2EX - 技术
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
B
Blog
GbyAI
GbyAI
C
Check Point Blog
B
Blog RSS Feed
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Recorded Future
Recorded Future
The Last Watchdog
The Last Watchdog
N
News and Events Feed by Topic
T
The Blog of Author Tim Ferriss
O
OpenAI News
V
V2EX
人人都是产品经理
人人都是产品经理
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
IT之家
IT之家
WordPress大学
WordPress大学
www.infosecurity-magazine.com
www.infosecurity-magazine.com
S
Security @ Cisco Blogs
C
Cisco Blogs
Security Latest
Security Latest
S
Security Affairs
V
Visual Studio Blog
C
Cybersecurity and Infrastructure Security Agency CISA
Hacker News - Newest:
Hacker News - Newest: "LLM"
博客园 - 司徒正美
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Microsoft Azure Blog
Microsoft Azure Blog
Last Week in AI
Last Week in AI
AWS News Blog
AWS News Blog
雷峰网
雷峰网
Apple Machine Learning Research
Apple Machine Learning Research
PCI Perspectives
PCI Perspectives
博客园_首页
U
Unit 42
Google DeepMind News
Google DeepMind News
Hugging Face - Blog
Hugging Face - Blog
Project Zero
Project Zero
Cisco Talos Blog
Cisco Talos Blog
The Register - Security
The Register - Security
N
Netflix TechBlog - Medium
L
LINUX DO - 热门话题
H
Hacker News: Front Page

CyberScoop

Security researchers find stalkers abusing Chrome's sync feature SonicWall customers under threat as attackers exploit 2 zero-days Dems press DNI nominee Jay Clayton on election security questions, but leave dismayed Forget the model. When it comes to cybersecurity, it’s all about the harness White House details ‘Gold Eagle’ clearinghouse for AI cyber threats Microsoft discloses ‘the mother of all’ vulnerability loads, tripling June’s previous record Treasury sanctions First VPN Service, others for abetting ransomware gangs States are building their own election defense networks as federal support evaporates Europe strikes out against Russia’s Turla over espionage, ‘destructive attacks’ Officials once again warn defenders that Russian hackers are targeting network devices AI-generated code has made security debt a governance problem Armenian national pleads guilty to Ryuk ransomware attacks CISA looks to remedy ailments from big May credential leak Former DigitalMint ransomware negotiator who duped clients sentenced to 70 months in jail Interpol cybercrime crackdown nets 5,800 arrests across 97 countries 764 splinter group leader sentenced to 40 years in jail French nonprofit starts global intelligence and research hub for AI cyber threats Found fast, fixed slow: The gap the AI clearinghouse must close Spain arrests suspected hacker linked to Russian hacktivist campaign Suspected Chinese espionage group used a Roundcube exploit chain to burrow into universities US Army websites defaced with pro-Kurdish sentiments, insults to Trump Sysdig clocks first documented case of agentic ransomware Finding vulnerabilities was never the hard part Someone infected a spyware probe overseer with spyware Alleged longstanding member of Scattered Spider extradited to US Researchers spot exploitation of another critical Oracle defect U.S. lifting export control restrictions on Anthropic’s Mythos, Fable This phishing kit looks more like BEC-as-a-service Citrix patches a new NetScaler flaw with echoes of CitrixBleed Trump budget boss Russell Vought open to re-staffing CISA DHS to unveil replacement council for critical infrastructure cybersecurity How ransomware syndicates weaponize corporate-style organization Warner bill would create federally vetted list for secure, trustworthy AI agents Supreme Court approves mail-in ballots that arrive after Election Day Supreme Court delivers ‘major win’ for tech privacy in Chatrie ruling What the post-quantum executive order really demands of CISOs ATF cancels controversial commercial geolocation contract FCC passes new cybersecurity rules for emergency systems, undersea cables Federal court rules Trump election-focused executive order illegal Russia uses Cellebrite to break into human rights activist’s phone, even after cancellation of contract Minnesota man known as ‘Snoopy’ sentenced in DraftKings hack Why patch directives only go so far Malicious hackers exploit Cisco zero-day for highest access level at communications service provider In a first, a court takedown goes after two cybercrime tools at once Open-source security is posing challenges governments can't easily solve Justice Department seizes infrastructure used by cyber scam and criminal marketplace Algerian man charged with running two cybercrime marketplaces Court rules SAVE database illegal, orders it dismantled Trump executive orders speed up post-quantum migration, boost industry Intel agencies: Frontier AI models will reshape cybersecurity faster than expected Authorities disrupt Evil Corp’s SocGholish botnet Congress tees up No FAKES Act, aiming at AI-generated deepfakes How software development's speed obsession enabled TeamPCP’s chaos crusade Accenture shells out $4.18B on three companies in big industrial cybersecurity push Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April Lawmakers leary about Trump administration’s Anthropic order AI’s constant patching treadmill can be a security problem A case for how to shape ‘ingredient lists’ for AI models Google exposes China espionage group that’s been lurking in networks undetected since 2023 Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat Anthropic disables new models after government calls them a national security concern FBI takes down massive China-based cybercrime network that caused $1.9B in losses US, France, and Italian authorities shut down massive deepfake porn site Conti ransomware group member pleads guilty, faces up to 20 years in prison ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw CyberCorps is adapting to AI. The budget isn’t keeping up. Russian national charged in connection with Void Blizzard espionage campaign OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers CISA directive orders agencies to prioritize vulnerability patching in a new way Microsoft breaks Patch Tuesday record with 206 vulnerabilities Anthropic’s new model is Mythos on a leash CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector Cisco customers encounter another SD-WAN zero-day under attack Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint The AI security race needs accountability, not overregulation Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away Hill Dems hammer GOP for $250M CISA budget cut Your AI agent could become your biggest insider threat Inside the race to adapt to an AI-powered security world European authorities crack down on illegal streaming networks DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels DOD wants to integrate cyber in all operations, and integrate security into AI Trump administration releases scaled-back AI executive order Anthropic expanding access to Project Glasswing Attackers are exploiting Palo Alto Networks defect that initially flew under the radar Tina Peters, convicted in election-security breach, emerges defiant and vows legal fight USPS moving forward with mail-in ballot changes as courts weigh Trump’s election order Election threats are focused on campaign systems, not voting machines Tennessee man linked to 764 accused of series of crimes against children dating back to 2022 Federal audit reveals NIST’s NVD is plagued by poor planning and duplication House panel poised to hold hearing centered on AI impact on cyber Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket Zapier fixes bug chain that researchers say risked widespread account takeover OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person UK spy chief labels AI ‘unstoppable force’ with offensive, defensive ramifications for cyberspace CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain Apple open-sources quantum-resistant encryption code White House charts new course for federal agencies and cybersecurity logging Anthropic: Mythos finds more than 10,000 software flaws in first month
Deepfake CSAM lawsuit against xAI, Grok expands
djohnson · 2026-07-08 · via CyberScoop

Two new parties have been added to a class-action lawsuit against X.ai over its Grok tool including teenagers and children who say it was used by family members or other people they know to create nonconsensual deepfake child sexual assault material (CSAM).

The lawsuit, originally filed in March by three women, was amended this week to include two additional plaintiffs, Jane Does 4 and 5, who say that Grok was used to make the illegal content based on their real photos and videos.

All five of the women in the lawsuit are anonymous, and the complaint said the spread of the material had left them humiliated and ashamed.

Jane Doe 4, a female from Wyoming, said her stepfather uploaded a photo of her when she was 11 and lying on a couch to his phone. Using Grok, the stepfather created more than 7,000 CSAM-related images of her. He also shared and traded the images with others on social media platforms.

The lawsuit alleges that the stepfather opted for Grok “because the platform was less restrictive than other AI models and responded to his prompts to generate sexually explicit material using an image depicting a prepubescent minor.”

It also claims that in February, xAI did generate a tip to the National Center for Missing and Exploited Children regarding the images, but the company only submitted the original, authentic image as evidence. According to the suit, xAI did not respond when law enforcement requested the thousands of Grok-generated images based on the photo and IP address information that would have quickly helped identify her stepfather as the perpetrator.

The lawsuit states that the stepfather shot himself two days after he was arrested and charged with child exploitation crimes. His suicide added to the “extreme personal crisis” brought on by the images created through Grok. She regularly “struggles with self-loathing and disgust” as well as “extreme anxiety” at the thought that the images will be found by others online and suffer from depression, including excessive sleep and suicidal ideation when awake.

Jane Doe 5 claimed that an adult male related to one of her classmates used Grok to convert a photograph from her eighth-grade graduation into illicit material. The images were also traded and shared with others online. While the man was arrested and charged, much of the content is still available on the internet. As a result, she “feels a complete lack of control over the ongoing dissemination of the files.”

“It is impossible to know how many other child sex predators may now possess Jane Doe 5’s CSAM, nor how widely her CSAM has now been disseminated online through darknet channels and applications,” the complaint said.

The press office for xAI did not respond to an emailed request for comment from CyberScoop.

The lawsuit also adds Stability AI as a defendant, alleging the company released Stable Diffusion 1.0 as an open-weight model despite knowing it was trained on CSAM and has declined to alter or modify its guardrails in response.

According to a 2023 Stanford study, the underlying dataset used to train Stable Diffusion models was created through unguided webcrawling of internet content. That means it ingested “a significant amount of explicit material,” including CSAM. Stable Diffusion 1.0 had a classifier meant to block the generation of such images, but because of that training data, downstream developers could more easily exploit the model and create modified versions that bypass those protections.

While Stable Diffusion 2.0 introduced stronger guardrails, the lawsuit claims Stability AI rolled back those protections in response to “disgruntled” users that the new restrictions were “prude” and “unpopular.” That in turn has fed an ecosystem of jailbroken “nudify apps” based on Stability AI’s models.

“Stability AI knew that its models, once capable of generating sexually explicit images, would foreseeably be used to generate CSAM unless appropriate model-level safeguards were implemented,” the complaint said.

Stability AI did not respond to a request for comment from CyberScoop.