UK puts tech execs on notice: Jail time looms for failing to stop AI 'nudification' tools
The UK's Online Safety Act now threatens tech executives with prison time if their platforms fail to combat the spread of AI-generated 'nudification'
Critical Marimo flaw exploited hours after public disclosure
A critical remote code execution flaw in Marimo was weaponized and exploited just nine hours after its disclosure, highlighting a shrinking defense wi
Florida investigates OpenAI for ChatGPT's alleged role in deadly shooting
Florida's investigation into OpenAI after a deadly shooting marks a pivotal test for AI liability, questioning if a chatbot's output can cause real-wo
Can Anthropic keep its exploit-writing AI out of the wrong hands?
Anthropic's Mythos Preview model can allegedly find and exploit critical zero-days, raising questions about the responsible deployment of powerful, du
Microsoft suspends developer accounts for popular open-source projects
Microsoft has suspended developer accounts for popular open-source apps like Rufus and qBittorrent, blocking critical software updates and security pa
AI-powered attack scans thousands of GitHub repositories for misconfigurations
A new automated attack, PRT-scan, is exploiting GitHub Actions misconfigurations to steal access tokens, threatening the software supply chain.
Fortinet patches critical zero-day vulnerability under active attack
A critical authentication bypass flaw in FortiClient EMS, CVE-2023-35616, allows for remote code execution and is being actively exploited by attacker
China-linked Storm-1175 exploits zero-days to rapidly deploy Medusa ransomware
A China-linked threat actor, Storm-1175, is using zero-day exploits to deploy Medusa ransomware in high-velocity attacks against internet-facing syste
Russia's 'Fancy Bear' APT continues its global onslaught with familiar tactics
Russia's 'Fancy Bear' (APT28) continues its global cyber-espionage campaigns, relying on spear-phishing and unpatched vulnerabilities to succeed.
Iranian cyber campaign places nearly 4,000 U.S. critical infrastructure devices at risk
A Censys report warns nearly 4,000 U.S. critical infrastructure devices in the energy and water sectors are exposed online, making them targets for Ir
Adobe Reader zero-day was exploited for months before patch
A critical zero-day in Adobe Reader was actively exploited by a state-sponsored actor for months, allowing system takeover via malicious PDFs. Patch n
Russia accuses former Radio Free Europe journalist of aiding cyberattacks for Ukraine
Russia's FSB accuses a former RFE/RL journalist of aiding Ukrainian cyberattacks, a move that weaponizes cybersecurity language to criminalize reporti