AI/MLAI firm Hugging Face discloses leak of secrets on its Spaces platformLaura FrenchJune 3, 2024The AI company revoked exposed tokens and made several security changes in response.
AI/MLOpenAI report reveals threat actors using ChatGPT in influence operationsLaura FrenchMay 31, 2024The report details OpenAI’s disruption of the deceptive campaigns, which had minimal public impact.
Application securityNearly 6M WordPress sites may be affected by bugs in 3 plug-insSteve ZurierMay 31, 2024Fastly says the bugs are prone to unauthenticated XXS attacks that let threat actors inject malicious scrips via WordPress plug-ins.
Network SecurityFBI takes down 911 S5 botnet, ‘likely the world’s largest’ at 19M IPsLaura FrenchMay 30, 2024The botnet’s alleged operator was arrested last week and faces up to 65 years in prison.
IdentityOkta says Customer Identity Cloud prone to credential-stuffing attacksSteve ZurierMay 30, 2024Security pros say these type of disclosures by Okta could harm overall confidence in the short-term, but could also speed-up adoption of passwordless options.
Network SecurityCheck Point patches VPN 0-day exploited to target enterprisesLaura FrenchMay 29, 2024Exploitation attempts focused mostly on old local accounts with password-only authentication.
RansomwareNorth Korea’s ‘Moonstone Sleet’ targets victims with malicious toolsSteve ZurierMay 29, 2024Microsoft says the group leverages social-engineering techniques and has developed its own malware.
RansomwareRansomHub threatens to leak data of Christie’s auction house clientsLaura FrenchMay 28, 2024The ransomware group claims to have information on at least 500,000 Christie’s clients.
IdentityAttackers target old VPN accounts that relied on passwordsSteve ZurierMay 28, 2024Check Point Software sent a letter to its customers advising them to protect security gateways with certificate-based authentication.
Network SecurityMITRE shares lessons on VMware rogue VMs used in its own cyberattackLaura FrenchMay 24, 2024Attackers used a default account to create hidden VMs and persist in MITRE’s VMware environment.