Researchers from the National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA) have introduced a new security metric designed […]
_Constantine_Soutiaguin-Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
GitLab’s AI Assistant Opened Devs to Code Theft
Even after a fix was issued, lingering prompt injection risks in GitLab’s AI assistant might allow attackers to indirectly deliver developers malware, dirty links, and […]
Unpatched Versa Concerto Flaws Let Attackers Escape Docker and Compromise Host
Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestration platform that could be exploited to take control […]
Webinar: Learn How to Build a Reasonable and Legally Defensible Cybersecurity Program
It’s not enough to be secure. In today’s legal climate, you need to prove it. Whether you’re protecting a small company or managing compliance across […]
Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks
A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a […]
Experts Chart Path to Creating Safer Online Spaces for Women
Gaps in laws, technology, and corporate accountability continue to put women’s safety and privacy online at risk. ​The original article found on darkreading Read More
Keeping LLMs on the Rails Poses Design, Engineering Challenges
Despite adding alignment training, guardrails, and filters, large language models continue to jump their imposed rails and give up secrets, make unfiltered statements, and provide […]
Samlify bug lets attackers bypass single sign-on
A critical vulnerability in the popular samlify library could potentially allow attackers to bypass Single Sign-On (SSO) protections and gain unauthorized access to systems relying […]
Prompt injection flaws in GitLab Duo highlights risks in AI assistants
GitLab’s coding assistant Duo can parse malicious AI prompts hidden in comments, source code, merge request descriptions and commit messages from public repositories, researchers found. […]
GitHub’s AI Assistant Opened Devs to Code Theft
Even after a fix was issued, lingering prompt injection risks in GitLab’s AI assistant might allow attackers to indirectly deliver developers malware, dirty links, and […]