Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Researchers Uncover Vulnerabilities in Open-Source AI and ML Models

A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft. The flaws, identified in tools like ChuanhuChatGPT, Lunary, and LocalAI, have been reported as part of Protect AI's Huntr bug bounty platform. The most severe of the

The Hacker News
Open in Source
#sql#vulnerability#mac#java#intel#rce#auth#zero_day#The Hacker News
U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing

The U.S. government (USG) has issued new guidance governing the use of the Traffic Light Protocol (TLP) to handle the threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies. "The USG follows TLP markings on cybersecurity information voluntarily shared by an individual, company, or other any organization, when not in

New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zürich researchers Johannes Wikner and Kaveh Razavi, aims to undermine the Indirect Branch Predictor Barrier (IBPB) on x86 chips, a crucial mitigation

Delta Launches $500M Lawsuit Against CrowdStrike

Delta argues that it lost hundreds of million of dollars in downtime and other costs in the aftermath of the incident, while CrowdStrike says it isn't liable for more than $10 million.

Russia Kneecaps Ukraine Army Recruitment With Spoofed 'Civil Defense' App

Posing as an application used to locate Ukrainian military recruiters, a Kremlin-backed hacking initiative delivers malware, along with disinformation designed to undermine sign-ups for soldiers in the war against Russia.

Apple Launches ‘Apple Intelligence’ and Offers $1M Bug Bounty for Security

Apple unveils ‘Apple Intelligence’ for iPhone, iPad, and Mac devices while offering a $1 million bug bounty for…

Europol warns about counterfeit goods and the criminals behind them

There is a whole ecosystem behind the sales and distribution of counterfeit goods. Best to tay away from them.

ABB Cylon Aspect 3.08.01 getApplicationNamesJS.php Building/Project Name Exposure

ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated building/project name exposure vulnerability.

Russian Espionage Group Targets Ukrainian Military with Malware via Telegram

A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense. Google's Threat Analysis Group (TAG) and Mandiant are tracking the activity under the name UNC5812. The threat group, which operates a Telegram channel named civildefense_com_ua, was created on

BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers

Three malicious packages published to the npm registry in September 2024 have been found to contain a known malware called BeaverTail, a JavaScript downloader and information stealer linked to an ongoing North Korean campaign tracked as Contagious Interview. The Datadog Security Research team is monitoring the activity under the name Tenacious Pungsan, which is also known by the monikers