Finding bugs in AI models at DEF CON 31
DEF CON’s AI Village will host the first public assessment of large language models (LLMs) at the 31st edition of the hacker convention this August, aimed at finding …
Unattended API challenge: How we’re losing track and can we get full visibility
API sprawl is a prevalent issue in modern enterprises, as APIs are being developed and deployed at an unprecedented rate. As highlighted by Postman’s 2022 State of the …
MSI’s firmware, Intel Boot Guard private keys leaked
The cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company’s private code signing keys on their dark web site. The breach …
Western Digital store offline due to March breach
The Western Digital online store is offline as a result of the “network security incident” it suffered in March 2023. Users have been notified On May 5, 2023, the …
Your voice could be your biggest vulnerability
AI technology is fueling a rise in online voice scams, with just three seconds of audio required to clone a person’s voice, according to McAfee. McAfee surveyed 7,054 people …
Consumer skepticism is the biggest barrier to AI-driven personalization
Businesses worldwide are eagerly embracing the potential for AI to provide personalized customer experiences, but customers remain cynical, according to Twilio. This year’s …
Lessons from a 40-year-long automotive OEM leader
Paul Cha is a cyber and product security leader, serving as the VP of Cybersecurity at LG Electronics Vehicle component Solutions. Paul held critical positions at Synopsis, …
Week in review: Fake ChatGPT desktop client steals data, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Former Uber CSO avoids prison for concealing data breach Joe Sullivan, the …
Former Uber CSO avoids prison for concealing data breach
Joe Sullivan, the former Uber CSO who has been convicted last year for attempting to cover up a data breach Uber suffered in 2016 and kept it hidden from the Federal Trade …
Critical RCE vulnerability in Cisco phone adapters, no update available (CVE-2023-20126)
Cisco has revealed the existence of a critical vulnerability (CVE-2023-20126) in the web-based management interface of Cisco SPA112 2-Port Phone Adapters. The adapters are …
May 2023 Patch Tuesday forecast: Dealing with End-of-Support (EOS)
The April Patch Tuesday releases were unusual because we saw a whopping 62 vulnerabilities addressed in the Microsoft Server 2012 KBs. Granted there was a lot of overlap with …
New infosec products of the week: May 5, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Dashlane, Immersive Labs, Intruder, Private AI, Vanta, and Veza. Immersive Labs …
Featured news
Resources
Don't miss
- Training an AI agent to attack LLM applications like a real adversary
- You don’t have to choose between BAS or automated pentesting, you shouldn’t
- Why your phishing simulations aren’t building a security culture
- Your security stack looks fine from the dashboard and that’s the problem
- Kali Linux 2026.1 ships BackTrack mode, eight new tools, and a kernel upgrade to 6.18