In reporting from the Washington Post, Chinese government-backed hackers have significantly intensified their attacks on U.S. internet service providers, gaining access to major and smaller companies to spy on users, including government and military personnel. The hacks utilize sophisticated techniques, including exploiting zero-day vulnerabilities and raising concerns about intelligence gathering. The Chinese Embassy denied state involvement, attributing the attacks to a ransomware group. U.S. cybersecurity officials continue to monitor the situation, noting the ongoing threat posed by groups like Volt Typhoon.
State Scoop reporting Police departments are increasingly using generative AI, like Axon’s Draft One, to write incident reports, which could save officers time but raises concerns about accuracy and accountability. While some departments use it for minor incidents, others apply it to all types of reports. The use of AI in law enforcement has sparked debate due to potential biases and the risk of officers evading responsibility for their reports.
Hundreds of open-source large language model (LLM) servers and vector databases are leaking sensitive corporate and personal data due to inadequate security measures. A recent investigation revealed vulnerabilities in Flowise servers, allowing access to critical information like API keys and tokens. Additionally, around 30 vector databases were found unprotected, containing sensitive data that attackers could manipulate or corrupt. Organizations should restrict access, monitor activities, and apply software updates to mitigate risks.
Why do we care?
Chinese hackers in ISPs feels like headline news this audience wants to know about. They’re gathering intelligence, which shouldn’t be shocking, although it’s pretty notable. One attack vector I noted was watching for passwords over the wire.
I wanted to note law enforcement’s use of generative AI and leave that for you to ponder. Consider LLMs as a data attack vector. This is worth considering with your clients and a value you can add in managing.

