Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Mobile security is at an inflection point: the threat landscape has fundamentally evolved, yet most enterprise security strategies remain anchored in outdated assumptions. For years, organizations have built their defenses around detecting simple OS-level compromises. While those risks still exist, they are no longer the source of most of the most meaningful attacks.

The last few weeks have marked a chaotic turning point in the mobile threat landscape. We’ve seen mass exploitations across numerous iOS versions by multiple threat actors, driven by sophisticated exploit chains like Coruna and now DarkSword. What makes these threats different is not just their activity, but their trajectory. Until recently, these capabilities were expensive, highly secretive, and limited to a small number of advanced actors. Now, that dynamic has shifted rapidly.

For years, debates about Android security have essentially focused on the wrong questions. Is the operating system secure enough? Are mobile exploits becoming more sophisticated? Are app stores doing enough to screen malicious software? These questions assume modern mobile risk begins with technology vulnerabilities. But increasingly, it does not.

Last week, Google’s Threat Intelligence Group announced the disruption of IPIDEA, one of the largest and most abused residential proxy networks observed in the wild. IPIDEA quietly turned millions of consumer devices into proxy exit nodes, enabling cybercrime, espionage, and botnet activity—while putting users and enterprises at risk. At Lookout, we acted immediately.

If your organization hasn’t encountered a vishing attack yet, it’s probably only a matter of time. Vishing, or voice phishing, is a sophisticated type of social engineering that adds a whole new dimension to common scams. Rather than emails or text messages, threat actors employ phone calls or online voice calls to carry out vishing schemes. Particularly savvy attackers can even copy a real person’s voice to deceive, coerce, or manipulate potential victims.

Mobile security has always been complex, but LLM technology has added a whole new dimension to the field. Behind every popular generative AI (genAI) tool is a comprehensive large language model (LLM) that provides data and parses queries in natural language. When used responsibly, LLMs can be useful tools for ideation and content generation. In the wrong hands, though, LLMs can help threat actors supercharge their social engineering scams.

Over the past few years, artificial intelligence (AI) has supercharged deepfake technology. Creating a fake picture, video, or audio recording of a person used to require a considerable investment of both time and technical skills. Now, generative AI (genAI) platforms can whip up convincing deepfakes in minutes, using only a single photo or short voice clip as a starting point.

If your organization uses a private large language model (LLM), then it’s time to start thinking about countermeasures for jailbreaking. A jailbroken LLM can lead to leaked information, compromised devices, or even a large-scale data breach. Even more troubling: Jailbreaking LLMs is often as simple as feeding them a series of clever prompts. If your customers can access your LLM, your potential risk is even higher.

Generative AI is rapidly transforming the way we work. The large language models (LLMs) that power tools like ChatGPT and Claude are immensely powerful, capable of providing us with research data, detailed insights, and even deep analysis of documents and data sets, all performed through simple, text-based prompts. However, these prompts have unfortunate side effects for the IT professionals assigned to protect sensitive and proprietary data from cyber attacks.

The history of computing is marked by sea change moments; those times when the world seems to shift into a new possibility space almost overnight. ENIAC. The personal computer. The World Wide Web. The smartphone. And now, AI. While the term “AI” has been applied to many new (or re-branded) services and products, the underlying technology that makes most of them feel like magic is the large language model (LLM).