Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

Keeping LLMs on the Rails Poses Design, Engineering Challenges

Despite adding alignment training, guardrails, and filters, large language models continue to give up secrets, make unfiltered statements, and provide dangerous information.

DARKReading
GitLab's AI Assistant Opened Devs to Code Theft

Prompt injection risks in GitLab's AI assistant could have allowed attackers to steal source code, or indirectly deliver developers malware, dirty links, and more.

#git
SideWinder APT Caught Spying on India's Neighbor Gov'ts

A recent spear-phishing campaign against countries in South Asia aligns with broader political tensions in the region.

Experts Chart Path to Creating Safer Online Spaces for Women

Gaps in laws, technology, and corporate accountability continue to put women's safety and privacy online at risk.

Lumma Stealer Takedown Reveals Sprawling Operation

The FBI and partners have disrupted "the world's most popular malware," a sleek enterprise with thousands of moving parts, responsible for millions of cyberattacks in every part of the world.

Ivanti EPMM Exploitation Tied to Previous Zero-Day Attacks

Wiz researchers found an opportunistic threat actor has been targeting vulnerable edge devices, including Ivanti VPNs and Palo Alto firewalls.

Marks & Spencer Projects Cyberattack Cost of $400M

The company expects it will continue to struggle with online disruptions until at least July, due to the attack.

Pandas Galore: Chinese Hackers Boost Attacks in Latin America

Vixen Panda, Aquatic Panda — both Beijing-sponsored APTs and financially motivated criminal groups continued to pose the biggest threat to organizations in Central and South America last year, says CrowdStrike.

Unimicron, Presto Attacks Mark Industrial Ransomware Surge

A number of major industrial organizations suffered ransomware attacks last quarter, such as PCB manufacturer Unimicron, appliance maker Presto, and more — a harbinger of a rapidly developing and diversifying threat landscape.

Coinbase Breach Compromises Nearly 70K Customers' Information

Coinbase asserts that this number is only a small fraction of the number of its verified users, though it's still offering a $20 million reward to catch the criminals.