March 26, 2024 at 02:58PM The “ShadowRay” hacking campaign exploits an unpatched vulnerability in the Ray open-source AI framework, targeting various industries. Anyscale revealed five related vulnerabilities, including a critical flaw that lacks authentication and is actively exploited. This leads to data breaches and misuse of computing power, emphasizing the need for secured environments and … Read more
March 26, 2024 at 01:33PM Threat hunters have flagged the suspicious “SqzrFramework480” package in NuGet, possibly linked to Chinese firm Bozhon Precision. The package contains a DLL file with features for taking screenshots, pinging a remote IP, and transmitting screenshots over a socket. While motives remain unclear, it highlights the risk of concealed malicious code … Read more
March 25, 2024 at 02:13PM The Top.gg Discord bot community, with over 170,000 members, has been targeted by a supply-chain attack aiming to deliver malware for data theft and monetization. The attacker used various tactics, including hijacking GitHub accounts and distributing malicious Python packages. This campaign compromised user data from various platforms, highlighting the risks … Read more
March 25, 2024 at 02:06PM A supply-chain attack has targeted the Top.gg Discord bot community of over 170,000 members, aiming to distribute malware for data theft and monetization. An attacker used various tactics, including hijacking accounts and creating fake Python packages, leading to compromised systems and data theft. This underscores the risks in the open-source … Read more
March 22, 2024 at 07:54AM BlueFlag Security, based in Sunnyvale, CA, has exited stealth mode, announcing its founding in 2022 and raising $11.5 million in seed funding. The startup offers an SDLC security and governance platform to protect the software development lifecycle. It emphasizes identity-centric protection, and the funding will further the platform’s development. CEO … Read more
March 12, 2024 at 04:03PM The rush to develop AI/ML models overlooks their security, risking backdoor and hijacking attacks. Companies lack visibility into their 1,600+ models in production, leaving them vulnerable. Pretrained models from repositories raise security concerns, with potential for attackers to compromise systems. Securing ML operations and assessing model security are crucial in … Read more
March 8, 2024 at 04:58PM CISO Corner is the Dark Reading weekly digest tailored for security operations and leadership. It provides diverse perspectives on cybersecurity strategies, including NSA’s guidelines for zero-trust security, using randomness for encryption, creating software bill of materials for electric substations, CEO support for CISOs, managing open source security, DMARC deployment in … Read more
March 8, 2024 at 11:49AM Open-source repositories are essential for modern applications, but can harbor security risks. A new framework from CISA and OpenSSF suggests controls like multi-factor authentication and security reporting to reduce malicious code exposure. However, the security of repositories varies, with potential for accidental inclusion of malicious packages. The risk of namesquatting … Read more
March 8, 2024 at 07:23AM Open-source repositories are crucial for modern applications, but carelessness can introduce backdoors and vulnerabilities. A new security framework by CISA and OpenSSF recommends controls to enhance security. The guidelines aim to prevent incidents like namesquatting and unintentional inclusion of malicious software in repositories. This comes as IT departments are grappling … Read more
February 28, 2024 at 06:10PM The Biden administration is urging closer public-private partnerships to strengthen US information-technology infrastructure, advocating for memory-safe programming languages and improved ways to measure software security. The focus is on shifting responsibilities for defending cyberspace and incentivizing companies to invest in cybersecurity. The efforts aim to enhance the nation’s cybersecurity and … Read more