The rapid rise of DeepSeek, a Chinese artificial intelligence (AI) company, has not only disrupted the AI industry but also attracted the attention of cybercriminals. As its AI Assistant app became the most downloaded free app on the iOS App…
Category: EN
GitHub Copilot Jailbreak Vulnerability Let Attackers Train Malicious Models
Researchers have uncovered two critical vulnerabilities in GitHub Copilot, Microsoft’s AI-powered coding assistant, that expose systemic weaknesses in enterprise AI tools. The flaws—dubbed “Affirmation Jailbreak” and “Proxy Hijack”—allow attackers to bypass ethical safeguards, manipulate model behavior, and even hijack access…
To Combat Cyberbullying and Online Fraud, We Must Do More to Protect Minors
The last 20 years have fundamentally redefined how consumers behave online. The emergence of sites such as YouTube, Meta, and X has reshaped how we share and consume media. Online… The post To Combat Cyberbullying and Online Fraud, We Must…
2 Arrested in Takedown of Nulled, Cracked Hacking Forums
Two individuals have been arrested and one alleged admin has been charged in the takedown of the Nulled and Cracked cybercrime forums. The post 2 Arrested in Takedown of Nulled, Cracked Hacking Forums appeared first on SecurityWeek. This article has…
Tata Technologies Hit by Ransomware Attack
The Indian tech giant temporarily suspended some of its IT services, which have now been restored This article has been indexed from www.infosecurity-magazine.com Read the original article: Tata Technologies Hit by Ransomware Attack
New York Blood Center Targeted by Ransomware, IT Operations Impacted
New York Blood Center Enterprises (NYBC), one of the nation’s largest blood donation and research organizations, has fallen victim to a ransomware attack, severely disrupting its IT systems. The incident, which was detected on Sunday, January 26, has triggered swift…
New York Blood Bank Hit by Ransomware
New York Blood Center Enterprises and its operating divisions have taken systems offline to contain a ransomware attack. The post New York Blood Bank Hit by Ransomware appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
The push for 47-day certificates: a win for digital security and trust
By 2028, SSL/TLS certificate lifecycles may be cut down to just 47 days – a dramatic shift from the current 398-day maximum. Apple’s recent ballot submission to the CA/Browser Forum proposes this change, and it’s gaining traction among industry leaders,…
JumpCloud Acquires Stack Identity to Extend Access Management Reach
JumpCloud this week revealed it has acquired Stack Identity to fuel an effort to add identity security and access visibility capabilities to its directory. The post JumpCloud Acquires Stack Identity to Extend Access Management Reach appeared first on Security Boulevard.…
Patient monitors with backdoor are sending info to China, CISA warns
Contec CMS8000, a patient monitor manufactured by a Chinese company, and Epsimed MN-120, which is the same monitor but relabeled, exfiltrate patients’ data to a hard-coded IP address and have a backdoor that can be used to download and execute…
How to find out if an AirTag is tracking you – and what to do about it
Apple’s trackers have been misused to track some without their consent. Here’s how to check if an AirTag is tracking you, whether you use an iPhone or Android phone. Plus, what to do next if you find one. This article…
CISA, FDA Warn of Dangerous Backdoor in Contec Patient Monitors
CISA and FDA say Contec patient monitors used in the US contain a backdoor function that could allow remote attackers to tamper with the device. The post CISA, FDA Warn of Dangerous Backdoor in Contec Patient Monitors appeared first on…
Google Bans 158,000 Malicious Android App Developer Accounts in 2024
Google said it blocked over 2.36 million policy-violating Android apps from being published to the Google Play app marketplace in 2024 and banned more than 158,000 bad developer accounts that attempted to publish such harmful apps. The tech giant also…
Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns
Italy’s data protection watchdog has blocked Chinese artificial intelligence (AI) firm DeepSeek’s service within the country, citing a lack of information on its use of users’ personal data. The development comes days after the authority, the Garante, sent a series…
Top 5 AI-Powered Social Engineering Attacks
Social engineering has long been an effective tactic because of how it focuses on human vulnerabilities. There’s no brute-force ‘spray and pray’ password guessing. No scouring systems for unpatched software. Instead, it simply relies on manipulating emotions such as trust,…
US nonprofit healthcare provider says hackers stole medical and personal data of 1M+ patients
Community Health Center (CHC), a Connecticut-based nonprofit healthcare provider, has confirmed that hackers accessed the sensitive data of more than a million patients. In a filing with Maine’s attorney general on Thursday, CHC said it detected suspicious activity on its…
One policy to rule them all
How cyberattackers exploit group policies, what risks attacks like these pose, and what measures can be taken to protect against such threats. This article has been indexed from Securelist Read the original article: One policy to rule them all
Coyote Banking Malware Weaponizing Windows LNK Files To Execute Malicious Scripts
A new wave of cyberattacks leveraging the Coyote Banking Trojan has been identified, targeting financial institutions in Brazil. This sophisticated malware employs malicious Windows LNK (shortcut) files as an entry point to execute PowerShell scripts, enabling multi-stage infection chains that…
ChatGPT, DeepSeek Vulnerable to AI Jailbreaks
Different research teams have demonstrated jailbreaks against ChatGPT, DeepSeek, and Alibaba’s Qwen AI models. The post ChatGPT, DeepSeek Vulnerable to AI Jailbreaks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: ChatGPT, DeepSeek Vulnerable…
Authorities Seized 39 Websites that Selling Hacking Tools to Launch Cyber Attacks
Authorities have seized 39 websites allegedly used to sell hacking tools and fraud-enabling software. The crackdown targeted a Pakistan-based network of online marketplaces operated by a group known as Saim Raza (aka HeartSender), which allegedly facilitated cyberattacks on individuals and businesses worldwide. The…