Russia-linked threat group put ChatGPT to work from lure to payload

A Russia-linked threat group known as GREYVIBE used ChatGPT and other AI tools throughout a cyberespionage campaign targeting Ukrainian military and government personnel. Researchers found the attackers employed the large language model to craft phishing lures and generate malicious payloads, marking an escalation in AI-assisted state-sponsored hacking. The operation demonstrates how adversaries are integrating generative AI into every stage of an attack chain to increase efficiency and evade detection.

MOST POPULAR EVENTS - Overcoming the trade-offs in data sovereignty What does data sovereignty actually mean for your network, which trade-offs are unavoidable? Learn more. - From Prompt to Exploit: How LLMs Are Changing API Attacks Modern applications are API-driven, interconnected, and often over-permissioned, making them an ideal target for AI-assisted attacks. - Architecting the Future: Unlocking Enterprise Data Services for Kubernetes Join us to discover how to eliminate infrastructure silos and establish a standardized, enterprise-grade cloud-native platform. - Catch the Advanced Attacks Microsoft 365 Misses with Behavioral AI Security Microsoft 365 is the backbone of enterprise communication, and its native security filters out the known and the noisy. - Virtual Cyber Recovery Sim Step into the chaos of a live ransomware breach, test your response skills, and team up with other IT and security pros to outsmart cybercriminals - Virtual Cyber Recovery Simulation Ransomware attacks aren’t slowing down, and neither are we. Druva’s hit event, Escape Ransomware, is now fully virtual. - Agentic AI at Scale: From Pilot to Production Join us to learn how to unlock real ROI by driving adoption of AI at scale. AI https://beta.theregister.com/tag/ai - Security ChatGPT blindly trusts browser content, turning the page into a payload You and me go ChatGPhish-ing in the dark - Research Russia-linked threat group put ChatGPT to work from lure to payload Researchers say 'GREYVIBE' crew used AI tools throughout a campaign targeting Ukrainian military and government - Science Blue Origin's New Glenn makes a crater-sized dent in Artemis plans Explosion wrecks rocket and pad, leaving NASA's lunar ambitions looking less than launch-ready - Cyber-Crime ShinyHunters adds Charter to trophy shelf after 4.9M customer records leak Telco giant says no sensitive data was taken, though names, addresses, phones, and emails are now out there - Software That an app 'Fits on a Floppy' is still a useful measure in 2026 In a world of mass-produced bot-slopware, small is more beautiful than ever Infosec https://beta.theregister.com/security - Security ChatGPT blindly trusts browser content, turning the page into a payload You and me go ChatGPhish-ing in the dark - Research Russia-linked threat group put ChatGPT to work from lure to payload Researchers say 'GREYVIBE' crew used AI tools throughout a campaign targeting Ukrainian military and government - Science Blue Origin's New Glenn makes a crater-sized dent in Artemis plans Explosion wrecks rocket and pad, leaving NASA's lunar ambitions looking less than launch-ready - Cyber-Crime ShinyHunters adds Charter to trophy shelf after 4.9M customer records leak Telco giant says no sensitive data was taken, though names, addresses, phones, and emails are now out there - Software That an app 'Fits on a Floppy' is still a useful measure in 2026 In a world of mass-produced bot-slopware, small is more beautiful than ever FOSS https://beta.theregister.com/tag/FOSS - ChatGPT blindly trusts browser content, turning the page into a payload You and me go ChatGPhish-ing in the dark - Russia-linked threat group put ChatGPT to work from lure to payload Researchers say 'GREYVIBE' crew used AI tools throughout a campaign targeting Ukrainian military and government - Blue Origin's New Glenn makes a crater-sized dent in Artemis plans Explosion wrecks rocket and pad, leaving NASA's lunar ambitions looking less than launch-ready - ShinyHunters adds Charter to trophy shelf after 4.9M customer records leak Telco giant says no sensitive data was taken, though names, addresses, phones, and emails are now out there - That an app 'Fits on a Floppy' is still a useful measure in 2026 In a world of mass-produced bot-slopware, small is more beautiful than ever - Jammin' on UK defence secretary's jet as Russia blamed for GPS interference Estonian academic fingers mobile tower-mounted devices as Kremlin tries to swat Ukrainian forces FEATURES https://www.theregister.com/tag/features? gl=1 esekfm ga NzgyNjE4NzEwLjE3NzExNzQ4MjA. ga JXW44Y23NM czE3NzY3NTY3MjIkbzEwNSRnMSR0MTc3Njc1Njg5NCRqOCRsMCRoMA.. - Europe built sovereign clouds to escape US control. Then forgot about the processors - Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data - Europe wants out from under US tech – but first it has to find the exits - GNOME may rule Ubuntu Resolute Raccoon, but X.org isn't roadkill yet - OpenClaw, but in containers: Meet NanoClaw - Open source registries don't have enough money to implement basic security - Contain your Windows apps inside Linux Windows - The Linux mid-life crisis that's an opportunity for Tux-led transformation - Too much AI for some, too little for others: Why AMD can't win with investors - How agentic AI can strain modern memory hierarchies