Hackers can Use AI Hallucinations to Spread Malware

One security researcher investigating AI-hallucinated libraries said late last month that he found chatbots calling for a nonexistent Python package dubbed “huggingface-cli.”

Cyware News – Latest Cyber News – ​Read More

Healthcare IT Help Desk Employees Targeted in Payment-Hijacking Attacks

The US Department of Health warns of financially motivated social engineering attacks targeting healthcare organizations.

The post Healthcare IT Help Desk Employees Targeted in Payment-Hijacking Attacks appeared first on SecurityWeek.

SecurityWeek – ​Read More

Watch Out for ‘Latrodectus’ – This Malware Could Be In Your Inbox

Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023.
“Latrodectus is an up-and-coming downloader with various sandbox evasion functionality,” researchers from Proofpoint and Team Cymru said in a joint analysis published last week, adding it’s designed to retrieve

The Hacker News – ​Read More

The Drop in Ransomware Attacks in 2024 and What it Means

The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 5,070. But 2024 is starting off showing a very different picture. While the numbers skyrocketed in Q4 2023 with 1309 cases, in Q1 2024, the ransomware industry was down to 1,048 cases. This is a 22% decrease in ransomware attacks compared to Q4 2023.
Figure

The Hacker News – ​Read More

Permiso Secures $18.5 Million in Series A Funding to Fortify Cloud Identity Security Landscape

According to Silicon Angle, this significant injection of capital is spearheaded by Altimeter Capital Management LP, with notable participation from Point72 Ventures LLC, marking a new milestone for the company founded in 2020.

Cyware News – Latest Cyber News – ​Read More

Google Adds V8 Sandbox to Chrome

Google fights Chrome V8 engine memory safety bugs with a new sandbox and adds it to the bug bounty program.

The post Google Adds V8 Sandbox to Chrome appeared first on SecurityWeek.

SecurityWeek – ​Read More

Over 92,000 Internet-Facing D-Link NAS Devices can be Easily Hacked

A researcher who goes online with the moniker ‘Netsecfish’ disclosed a new arbitrary command injection and hardcoded backdoor flaw, tracked as CVE-2024-3273, that impacts multiple end-of-life D-Link NAS device models.

Cyware News – Latest Cyber News – ​Read More

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits

Crowdfense has announced a $30 million exploit acquisition program covering Android, iOS, Chrome, and Safari zero-days.

The post Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits appeared first on SecurityWeek.

SecurityWeek – ​Read More

US Chamber of Commerce, Industry Groups Call for 30-Day Delay in CIRCIA Rules

The U.S. Chamber of Commerce and multiple industry leaders are calling for a month-long extension of the 60-day comment period for a new incident reporting rule being issued by the top cybersecurity agency in the U.S.

Cyware News – Latest Cyber News – ​Read More

AI Scam Calls: How to Protect Yourself, How to Detect

AI tools are getting better at cloning people’s voices, and scammers are using these new capabilities to commit fraud. Avoid getting swindled by following these expert tips.

Security Latest – ​Read More