Unprotected DeepSeek Database Exposed Chats, Other Sensitive Information

/in

An unprotected database belonging to Chinese AI company DeepSeek exposed highly sensitive information, including chat history, secret keys, and backend data.

The post Unprotected DeepSeek Database Exposed Chats, Other Sensitive Information appeared first on SecurityWeek.

SecurityWeek – ​Read More

Tenable to Acquire Vulcan Cyber for $150 Million

/in

Tenable plans to acquire exposure management company Vulcan Cyber for roughly $150 million in cash and stock. 

The post Tenable to Acquire Vulcan Cyber for $150 Million appeared first on SecurityWeek.

SecurityWeek – ​Read More

New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks

/in

A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of mounting distributed denial-of-service (DDoS) attacks.
The vulnerability in question is CVE-2024-41710 (CVSS score: 6.8), a case of command injection in the boot process that could allow a malicious actor

The Hacker News – ​Read More

Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits

/in

Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances.
“When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server,” Sonar researcher Yaniv Nizry said in a write-up published earlier this week.

The

The Hacker News – ​Read More

Fake Videos of Former First Lady Scam Namibians

/in

Amateurish financial scams are common across Africa, and Namibia’s influential former first lady, Monica Geingos, has emerged as a particularly effective host body for these messages.

darkreading – ​Read More

Operation Talent: FBI Seizes Nulled.to, Cracked.to, Sellix.io and more

/in

The FBI has seized Nulled.to, Cracked.to, Sellix.io, and StarkRDP.io in Operation Talent, targeting cybercrime forums and illicit marketplaces.…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

DeepSeek helps speed up threat detection while raising national security concerns

/in

DeepSeek: China's Open-Source AI’S Speeds Threat Detection—And Raises National Security Questions

DeepSeek and its R1 model aren’t wasting any time rewriting the rules of cybersecurity AI in real-time. Enterprises can’t ignore this risk.Read More

Security News | VentureBeat – ​Read More

Dario Amodei challenges DeepSeek’s $6 million AI narrative: What Anthropic thinks about China’s latest AI move

/in

Credit: VentureBeat made with Midjourney

Anthropic co-founder Dario Amodei reveals DeepSeek’s Chinese AI breakthrough actually cost billions, not $6 million, challenging market narratives and explaining why AI development remains resource-intensive despite engineering improvements.Read More

Security News | VentureBeat – ​Read More

Russian UAC-0063 Targets Europe and Central Asia with Advanced Malware

/in

UAC-0063: A Russian-linked threat actor targeting Central Asia and Europe with sophisticated cyberespionage campaigns, including weaponized documents, data…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Exposed DeepSeek Database Revealed Chat Prompts and Internal Data

/in

China-based DeepSeek has exploded in popularity, drawing greater scrutiny. Case in point: Security researchers found more than 1 million records, including user data and API keys, in an open database.

Security Latest – ​Read More