Security Threats of Open Source AI Exposed by DeepSeek
DeepSeek's risks must be carefully considered, and ultimately mitigated, in order to enjoy the many benefits of generative AI in…
May 2025
Keeping LLMs on the Rails Poses Design, Engineering Challenges
Despite adding alignment training, guardrails, and filters, large language models continue to give up secrets, make unfiltered statements, and provide…
Attackers Abuse TikTok and Instagram APIs
It must be the season for API security incidents. Hot on the heels of a developer leaking an API key…
Man-in-the-Middle Cyber Attacks
MITM (man-in-the-middle) cyber attacks is a generic term for a cyber threat involving a criminal that positions themselves in the…
Data Breach at Coinbase Exposes Information of Nearly 70,000 Customers
A data breach affecting nearly 70,000 Coinbase users led to firings, heightened security, and a $20 million bounty. 70,000 people…
Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise
A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any…
Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks
A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus…
Cybersecurity and AI: Integrating and Building on Existing NIST Guidelines
What is NIST up to? On April 3, 2025, NIST hosted a Cybersecurity and AI Profile Workshop at our National…
Lantronix Device Installer
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Low attack complexity Vendor: Lantronix Equipment: Device Installer Vulnerability: Improper Restriction…
Microsoft and Authorities Collaborate in International Takedown of Lumma Stealer
An international operation has dismantled the 'Lumma' infrastructure, which is one of the most used malware tools by cybercriminals to…