AI agent hacked McKinsey chatbot for read-write access
…Just a single UPDATE statement wrapped in a single HTTP call." These security holes are now closed – but the larger threat remains, Price told The Register . "We used a specific AI research…
Search
Two different attackers poisoned popular open source tools
…Researchers at Flare, a threat exposure management provider, were among the first to sound the alarm about TeamPCP . In December, Flare detailed how the hacking crew exploited misconfigured Docker APIs, Kubernetes APIs…
Cheap Chinese models are overtaking Anthropic
…On Monday, the US-China Economic and Security Review Commission issued a report assessing the competitive threat posed by Chinese AI companies. "Chinese labs have narrowed performance gaps with top Western large…
AI slop got better, so now maintainers have more work
…Even if the reports are better, the issues being identified aren't necessarily security flaws that can be exploited and need to be corrected. As evidence, Stenberg points to curl's public…
North Korea targets macOS users in latest heist
…DeGrippo, Microsoft global threat intelligence GM, told The Register . "Users are conditioned to accept remote support interactions like downloading tools, following instructions, clicking prompts," she added. "Attackers exploit this familiarity to make…
Hundreds compromised daily in Microsoft device code phishes
…Redmond researchers detailed the device code attack in a Monday blog, and said that it "marks a significant escalation in threat actor sophistication." Device code authentication Devices like smart TVs, printers, and…
To show you the most relevant results, we’ve omitted some entries very similar to those already shown. Repeat the search with the omitted results included.