(djnn.sh)

1160 points vxvxvx | 1 comments | 16 Nov 25 11:32 UTC | HN request time: 0.204s | source

Earlier thread: Disrupting the first reported AI-orchestrated cyber espionage campaign - https://news.ycombinator.com/item?id=45918638 - Nov 2025 (281 comments)

Show context

dev_l1x_be ◴[16 Nov 25 12:39 UTC] No.45944671[source]▶

>>45944296 (OP) #

People grossly underestimate APTs. It is more common than an average IT curious person thinks. I happened to be oncall when one of these guys hacked into Gmail from our infra. It took principal security engineers a few days before they could clearly understand what happened. Multiple zero days, stolen credit cards, massive social campaign to get one of the Google admins click on a funny cat video finally. The investigation revealed which state actor was involved because they did not bother to mask what exactly they were looking for. AI just accelerates the effectiveness of such attacks, lowers the bar a bit. Maybe quite a bit?

replies(5): >>45944757 #>>45944813 #>>45944815 #>>45945326 #>>45952970 #

sidewndr46 ◴[16 Nov 25 14:19 UTC] No.45945326[source]▶

>>45944671 #

You're telling me you were targeted by Multiple Zero Days in 1 single attack?

replies(3): >>45946935 #>>45947291 #>>45953541 #

dev_l1x_be ◴[16 Nov 25 18:37 UTC] No.45947291[source]▶

>>45945326 #

Google was.

replies(1): >>45954715 #

sidewndr46 ◴[17 Nov 25 15:55 UTC] No.45954715[source]▶

>>45947291 #

OK so when you say "hacked into Gmail" you actually mean someone breached the infra of email. Not that they did some credential stuffing / password reset attack & got into one person's Gmail account?

replies(1): >>45991923 #

1. dev_l1x_be ◴[20 Nov 25 12:32 UTC] No.45991923[source]▶

>>45954715 #

Yes.

↑

Anthropic’s paper smells like bullshit