Nach extremistischen Kommentaren von Grok zeigt sich das Entwicklungsteam gespalten. Während einige das Fehlverhalten verurteilen, meinen andere, das gehöre beim Einsatz innovativer Technologien dazu. Dieser Artikel wurde indexiert von t3n.de – Software & Entwicklung Lesen Sie den originalen Artikel: Nach…
DPC Investigates TikTok Over Transfer of EU User Data to China
The Data Protection Commission (DPC) has launched a formal inquiry into TikTok Technology Limited, scrutinizing the company’s practices regarding the transfer and storage of European Economic Area (EEA) users’ personal data to servers in China. This development stems from discrepancies…
COMmander: Network-Based Tool for COM and RPC Exploitation
The need for solutions that improve detection skills against sophisticated attacks is growing in the ever-changing cybersecurity world. COMmander emerges as a lightweight, C#-based utility designed to bolster defensive telemetry by monitoring Remote Procedure Call (RPC) and Component Object Model…
Researchers Bypass Meta’s Llama Firewall Using Prompt Injection Vulnerabilities
Researchers at Trendyol, a leading e-commerce platform, have uncovered multiple vulnerabilities in Meta’s Llama Firewall, a suite of tools designed to safeguard large language models (LLMs) against malicious inputs. Llama Firewall incorporates components like PROMPT_GUARD for mitigating prompt injection attacks…
Fake Gaming and AI Companies Target Windows and macOS Users with Drainer Malware Attacks
The cybersecurity company Darktrace has uncovered a persistent, intricate social engineering campaign that targets bitcoin users, building on earlier findings by Cado Security Labs in December 2024. Threat actors are fabricating elaborate startup companies themed around AI, gaming, video conferencing,…
Bitcoin Depot Breach Exposes Data of 27,000 Crypto Users
Bitcoin Depot, Inc., a prominent cryptocurrency ATM operator, has disclosed a data breach that compromised the personal information of approximately 27,000 users. The breach, which involved unauthorized access to sensitive customer records, underscores the persistent vulnerabilities in the fintech sector,…
GPUHammer: First-Ever Rowhammer Attack Targeting NVIDIA GPUs
Researchers from the University of Toronto have unveiled the first successful Rowhammer attack on an NVIDIA GPU, specifically targeting the A6000 model equipped with GDDR6 memory. Dubbed “GPUHammer” in some circles, this exploit builds on the decade-old Rowhammer vulnerability, traditionally…
Red Hat Advanced Cluster Security 4.8 simplifies management, enhances workflows and offers deeper external IP visibility
Security continues to be a top priority for organizations managing Kubernetes clusters. Red Hat has made significant strides for improved security for containers with its latest release of Red Hat Advanced Cluster Security 4.8. This release focuses on simplifying management,…
GPUHammer – First Rowhammer Attack Targeting NVIDIA GPUs
Cybersecurity researchers at the University of Toronto have achieved a breakthrough in hardware-level attacks by successfully demonstrating GPUHammer, the first Rowhammer attack specifically targeting discrete NVIDIA GPUs. The research, which focuses on the popular NVIDIA A6000 GPU with GDDR6 memory,…
WordPress GravityForms Plugin Hacked to Include Malicious Code
A sophisticated supply chain attack has compromised the official GravityForms WordPress plugin, allowing attackers to inject malicious code that enables remote code execution on affected websites. The attack, discovered on July 11, 2025, represents a significant security breach affecting one…
OpenAI is to Launch a AI Web Browser in Coming Weeks
OpenAI is reportedly preparing to release an artificial intelligence-enhanced web browser within the coming weeks, marking the company’s latest expansion beyond its popular ChatGPT platform. The new browser will feature integrated AI agent capabilities designed to autonomously handle various online…
Meta’s Llama Firewall Bypassed Using Prompt Injection Vulnerability
Trendyol’s application security team uncovered a series of bypasses that render Meta’s Llama Firewall protections unreliable against sophisticated prompt injection attacks. The findings raise fresh concerns about the readiness of existing LLM security measures and underscore the urgent need for…
CISA Lists Citrix Bleed 2 as Exploit, Gives One Day Deadline to Patch
CISA confirms bug exploit The US Cybersecurity & Infrastructure Security Agency (CISA) confirms active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777 in Citrix NetScaler ADC and Gateway. It has given federal parties one day to patch the bugs. This unrealistic…
OpenAI Set to Launch AI-Powered Web Browser in the Coming Weeks
OpenAI is on the cusp of introducing a groundbreaking AI-infused web browser, slated for release in the imminent weeks, as detailed in a recent Reuters report. This innovative browser is poised to embed OpenAI’s Operator AI agent directly into its…
McDonald’s job app exposes data of 64 Million applicants
Vulnerabilities in McDonald’s McHire chatbot exposed data from 64 million job applicants due to insecure internal APIs. Security researchers Ian Carroll and Sam Curry discovered multiple vulnerabilities in the McDonald’s chatbot recruitment platform McHire that exposed the personal information of…
Is Your Bank Login at Risk? How Chatbots May Be Guiding Users to Phishing Scams
Cybersecurity researchers have uncovered a troubling risk tied to how popular AI chatbots answer basic questions. When asked where to log in to well-known websites, some of these tools may unintentionally direct users to the wrong places, putting their…
GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs
NVIDIA is urging customers to enable System-level Error Correction Codes (ECC) as a defense against a variant of a RowHammer attack demonstrated against its graphics processing units (GPUs). “Risk of successful exploitation from RowHammer attacks varies based on DRAM device,…
Hackers Compromise WordPress GravityForms Plugin with Malicious Code Injection
Hackers have targeted the popular WordPress plugin Gravity Forms, injecting malicious code into versions downloaded from the official gravityforms.com domain. The breach was first reported on July 11, 2025, when security researchers noticed suspicious HTTP requests to the domain gravityapi.org,…
Thermomix TM5 Vulnerabilities Enable Remote Takeover by Attackers
Researchers have uncovered multiple vulnerabilities in the Thermomix TM5, a multifunctional kitchen appliance from Vorwerk, allowing attackers to potentially achieve remote takeover through firmware manipulation and persistent code execution. The device’s main board, powered by a Freescale/NXP i.MX28 SoC with…
Hacker Returns $42 Million in Stolen Crypto in Exchange for $5 Million Bounty
A security flaw in the GMX V1 software was made public, causing a significant upheaval in the decentralized finance (DeFi) ecosystem and forcing immediate action to protect user assets. GMX, a prominent perpetual futures trading platform built on blockchain technology,…
Microsoft Broadens Zero Trust Training to Address Network and SecOps Domains
Zero Trust architectures are being adopted by enterprises globally to update their security postures in response to the fast changing cyberthreat landscape, where traditional perimeter-based defenses are becoming more and more insufficient. Zero Trust operates on the principle of “never…
Scamfluencers Use Social Media to Orchestrate Sophisticated Online Fraud
Scamfluencers, a rising category of deceptive internet personalities, are leveraging their online influence to run sophisticated scams that have already cost Americans an estimated $1.9 billion in 2024. These individuals masquerade as experts in finance, health, or other trusted…
ClickFix: The Emerging Technique Threat Actors Use to Dominate Targeted Organizations
Threat actors have increasingly adopted ClickFix, a sophisticated social engineering technique that deceives users into executing malicious commands under the guise of resolving common computer issues like performance lags or pop-up errors. This method, often delivered via compromised websites, malvertising,…
Grok-4 Falls to a Jailbreak Two days After Its Release
The latest release of the xAI LLM, Grok-4, has already fallen to a sophisticated jailbreak. The post Grok-4 Falls to a Jailbreak Two days After Its Release appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…