FreeType Zero-Day Being Exploited in the Wild

/in

Meta’s Facebook security team warns of live exploitation of a zero-day vulnerability in the open-source FreeType library. 

The post FreeType Zero-Day Being Exploited in the Wild appeared first on SecurityWeek.

SecurityWeek – ​Read More

Anthropic researchers forced Claude to become deceptive — what they discovered could save us from rogue AI

/in

Credit: VentureBeat made with Midjourney

Anthropic researchers reveal groundbreaking techniques to detect hidden objectives in AI systems, training Claude to conceal its true goals before successfully uncovering them through innovative auditing methods that could transform AI safety standards.Read More

Security News | VentureBeat – ​Read More

Patronus AI’s Judge-Image wants to keep AI honest — and Etsy is already using it

/in

Credit: VentureBeat made with Midjourney

Patronus AI launches the first multimodal LLM-as-a-Judge for evaluating AI systems that process images, with Etsy already implementing the technology to validate product image captions across its marketplace.Read More

Security News | VentureBeat – ​Read More

Cisco Patches 10 Vulnerabilities in IOS XR

/in

Cisco has released patches for 10 vulnerabilities in IOS XR, including five denial-of-service (DoS) bugs.

The post Cisco Patches 10 Vulnerabilities in IOS XR appeared first on SecurityWeek.

SecurityWeek – ​Read More

Apple’s appeal against UK’s secret iCloud backdoor order must be held in public, rights groups urge

/in

Privacy rights groups have called on Apple’s legal challenge to a secret U.K. government order asking it to backdoor an end-to-end encrypted (E2EE) version of its iCloud storage service to be heard in public, rather than behind closed doors. The existence of the order emerged via press reports last month. Apple went on to confirm […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign

/in

Threat actors are likely targeting Grafana path traversal bugs for reconnaissance in a SSRF exploitation campaign targeting popular platforms.

The post Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign appeared first on SecurityWeek.

SecurityWeek – ​Read More

Microsoft Warns of Hospitality Sector Attacks Involving ClickFix

/in

A cybercrime group named Storm-1865 has targeted hospitality organizations via fake Booking.com emails and the use of social engineering.

The post Microsoft Warns of Hospitality Sector Attacks Involving ClickFix appeared first on SecurityWeek.

SecurityWeek – ​Read More

Salt Typhoon: A Wake-up Call for Critical Infrastructure

/in

The Salt Typhoon attacks underscored the need for unity, innovation, and resilience in the face of an increasingly sophisticated cyber-threat landscape.

darkreading – ​Read More

New OBSCURE#BAT Malware Targets Users with Fake Captchas

/in

OBSCURE#BAT malware campaign exploits social engineering & fake software downloads to evade detection, steal data and persist on…

Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – ​Read More

DeepSeek’s Malware-Generation Capabilities Put to Test

/in

Researchers have analyzed the ability of the Chinese gen-AI DeepSeek to create malware such as ransomware and keyloggers.

The post DeepSeek’s Malware-Generation Capabilities Put to Test appeared first on SecurityWeek.

SecurityWeek – ​Read More