Recent Security News
-
Researchers Highlight Google’s Gemini AI Susceptibility to LLM Threats
March 13, 2024 at 07:03AM Google’s Gemini large language model faces security threats, potentially allowing disclosure of system prompts, generating harmful content, and indirect injection attacks. Vulnerabilities include leak of system prompts, misinformation generation, and potential malicious action control. Findings by HiddenLayer highlight widespread need for testing and safeguarding language models. Google responds by implementing…
-
Major CPU, Software Vendors Impacted by New GhostRace Attack
March 13, 2024 at 06:33AM A team of researchers from IBM and VU Amsterdam unveiled a new data leakage attack, GhostRace, affecting major CPU makers and software. The attack exploits speculative race conditions, allowing attackers to access sensitive information from memory. The researchers shared details of the attack, notified vendors, and released a proof-of-concept exploit…
-
Fortinet Patches Critical Vulnerabilities Leading to Code Execution
March 13, 2024 at 06:33AM Fortinet announced patches for critical vulnerabilities in its network security and management products. The flaws, including CVE-2023-42789 and CVE-2023-48788, could lead to code execution and were resolved in various product versions. Additionally, high-severity and medium-severity bugs were also patched. Users are urged to apply the patches promptly to avoid potential…
-
Alert: Cybercriminals Deploying VCURMS and STRRAT Trojans via AWS and GitHub
March 13, 2024 at 06:21AM A recent phishing campaign has been detected distributing remote access trojans (RAT) like VCURMS and STRRAT through a malicious Java-based downloader. The attackers are utilizing public services like AWS and GitHub to store malware and employing a Proton Mail email address for communication with a command-and-control server. The campaign includes…
-
‘PixPirate’ RAT Invisibly Triggers Wire Transfers From Android Devices
March 13, 2024 at 06:04AM PixPirate is a sophisticated Brazilian banking Trojan targeting Android devices. It exploits the Pix app for bank transfers in Brazil and employs a deceptive method to conceal its presence, allowing it to steal login credentials and execute unauthorized transfers. The malware’s advanced capabilities and hiding technique present potential concerns for…