news 
Urgent New Gmail Security Warning For Billions As Attacks Continue
Google and Microsoft users are being warned about a new type of attack that can bypass two-factor authentication (2FA) and allow malicious actors to gain access to sensitive information. A team of researchers at Unit 42 has discovered an innovative technique for rewriting malicious JavaScript code, making it more challenging for static analysis models to detect.
The researchers created an algorithm using Large Language Models (LLMs) to rewrite the malicious code, continually applying a number of steps to fool detection models. Each step included behavior analysis to ensure the program’s behavior remained unchanged.
This is significant because it highlights how attackers can now use generative AI tools to create numerous malicious code variants, making detection more difficult and increasing the risk of attacks.
In response to this threat, Google has provided some crucial advice on mitigating these types of attacks:
* Avoid clicking on links or entering personal information if you receive a warning.
* Don’t respond to requests for your private info by email, text message, or phone call.
* Always protect your personal and financial data.
* If an email seems suspicious, go directly to myaccount.google.com/notifications to check the security activity in your Google Account.
Additionally, McAfee advises users to “protect themselves” by double-checking any unexpected requests through a trusted alternate method and relying on security tools designed to detect deepfake manipulation.
The Federal Bureau of Investigation (FBI) has also provided guidance, but it’s been criticized for being outdated, recommending checking for spelling errors and grammatical inconsistencies in phishing emails.
Source: www.forbes.com
