September 18, 2024 at 08:24AM CISA and the FBI issued a Secure by Design alert highlighting the prevalence of cross-site scripting (XSS) vulnerabilities. They urge organizations to eliminate XSS flaws by validating and sanitizing user input, implementing additional security measures, conducting code reviews, and using modern web frameworks. The agencies also recommend implementing secure by … Read more
August 20, 2024 at 06:40AM Cybersecurity researchers have identified a security flaw in Microsoft Azure Kubernetes Services, allowing attackers to escalate privileges and access service credentials. The bug affects clusters using “Azure CNI” for network configuration and “Azure” for network policy. Microsoft has addressed the issue. Other high-severity flaws in Kubernetes platforms have been reported, … Read more
April 5, 2024 at 03:39PM Language model security is paramount as businesses incorporate large language models (LLMs) like GPT-3. Their remarkable efficiency poses unprecedented security challenges such as prompt injection attacks, insecure output handling, and training data poisoning, necessitating novel protective measures like input sanitization, output scrutiny, safeguarding training data, and enforcing strict sandboxing and … Read more