The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps […]
Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks
Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch […]
Arista, Palo Alto bolster AI data center security
Arista Networks and Palo Alto Networks have extended their partnership to offer customers a framework for implementing zero-trust security inside the data center. The new framework […]
Cisco Catalyst Center Vulnerability Allows Attackers to Escalate Privileges
A critical security vulnerability has been identified in the Cisco Catalyst Center Virtual Appliance that could enable authenticated, remote attackers to escalate their privileges to […]
Hackers Exploit Rogue MCP Server to Inject Malicious Code into Cursor’s Built-In Browser
Security researchers have uncovered a critical vulnerability in Cursor, the AI-powered code editor, that allows attackers to inject malicious code through rogue Model Context Protocol […]
RONINGLOADER Uses Signed Drivers to Disable Microsoft Defender and Bypass EDR
Elastic Security Labs has uncovered a sophisticated campaign deploying a newly identified loader, dubbed RONINGLOADER, that weaponizes legitimately signed kernel drivers to systematically disable Microsoft […]
Multiple Cisco Unified CCX Vulnerabilities Enable Arbitrary Command Execution by Attackers
Cisco has disclosed critical security vulnerabilities affecting Cisco Unified Contact Center Express (Unified CCX) that could enable unauthenticated, remote attackers to execute arbitrary commands, escalate […]
Fighting AI with AI: Adversarial bots vs. autonomous threat hunters
I recently gave a presentation at SecTor on proactive threat hunting, which sparked some meaty conversations afterward on the show floor. On the expo floor, […]
Formbook Malware Campaign Uses Malicious ZIP Files and Layered Scripting Techniques
A new campaign leveraging Formbook malware has emerged, showcasing sophisticated multi-stage infection tactics that underscore the importance of analyzing more than just executable files during […]
Copy-paste vulnerability hits AI inference frameworks at Meta, Nvidia, and Microsoft
Cybersecurity researchers have uncovered a chain of critical remote code execution (RCE) vulnerabilities in major AI inference server frameworks, including those from Meta, Nvidia, Microsoft, […]