GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts
Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial…
Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns
A cyber espionage group known as Earth Ammit has been linked to…
Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA
Mar 28, 2025Ravie LakshmananOperational Technology / Vulnerability Cybersecurity researchers have disclosed 46…
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal
Mar 15, 2025Ravie Lakshmanan Malware / Supply Chain Security Cybersecurity researchers have…
Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection
Feb 08, 2025Ravie LakshmananArtificial Intelligence / Supply Chain Security Cybersecurity researchers have…
PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages
Feb 03, 2025Ravie LakshmananOpen Source / Software Security The maintainers of the…
OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking
Jan 28, 2025Ravie Lakshmanan Cybersecurity researchers have disclosed details of a now-patched…
Meta’s Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks
A high-severity security flaw has been disclosed in Meta's Llama large language…
Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits
Jan 23, 2025Ravie LakshmananFirmware Security / Vulnerability An exhaustive evaluation of three…