Chinese APT groups like ChamelGang and North Korean threat actors are engaging in cyber-espionage activities globally using ransomware variants like CatB, BestCrypt, and BitLocker to mask their true intentions and potentially gain financial rewards.
A high severity security flaw in the VannaAI library, identified as CVE-2024-5565, enables threat actors to execute unauthorized commands remotely through prompt injection techniques.
Recent research by Wing shows that the widespread use of AI-driven SaaS applications poses a significant risk to organizations’ sensitive data and intellectual property, with 70% of the top 10 AI applications potentially using user data for training their models.
Progress Software’s MOVEit Transfer and Gateway products are vulnerable to critical authentication bypass exploits, putting organizations at risk of unauthorized access to sensitive data.
Job scams and compromised credentials are the main forms of identity theft reported in the US, with increasing sophistication of online thieves posing a significant threat to individuals and businesses.
Multiple genAI models, including those from Microsoft, OpenAI, Google, Meta, and others, are vulnerable to a new attack called “Skeleton Key” that can bypass ethical and safety guardrails, potentially allowing access to offensive or illegal content.
