Tag: bug bounty
-
Slashdot: AI Bug Bounty Program Finds 34 Flaws in Open-Source Tools
Source URL: https://it.slashdot.org/story/24/11/03/0123205/ai-bug-bounty-program-finds-34-flaws-in-open-source-tools?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: AI Bug Bounty Program Finds 34 Flaws in Open-Source Tools Feedly Summary: AI Summary and Description: Yes Summary: The report highlights the identification of numerous vulnerabilities in open-source AI and ML tools, particularly through Protect AI’s bug bounty program. It emphasizes the critical nature of security in AI development,…
-
The Register: How to jailbreak ChatGPT and trick the AI into writing exploit code using hex encoding
Source URL: https://www.theregister.com/2024/10/29/chatgpt_hex_encoded_jailbreak/ Source: The Register Title: How to jailbreak ChatGPT and trick the AI into writing exploit code using hex encoding Feedly Summary: ‘It was like watching a robot going rogue’ says researcher OpenAI’s language model GPT-4o can be tricked into writing exploit code by encoding the malicious instructions in hexadecimal, which allows an…
-
Cloud Blog: Introducing Google Cloud’s new Vulnerability Reward Program
Source URL: https://cloud.google.com/blog/products/identity-security/google-cloud-launches-new-vulnerability-rewards-program/ Source: Cloud Blog Title: Introducing Google Cloud’s new Vulnerability Reward Program Feedly Summary: Vulnerability reward programs play a vital role in driving security forward. By incentivizing security research, vulnerabilities can be found and fixed by vendors before they are potentially exploited by malicious actors, protecting users and strengthening security posture. Also known…
-
Cloud Blog: Cloud CISO Perspectives: AI vendors should share vulnerability research. Here’s why
Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-ai-vendors-should-share-vulnerability-research-heres-why/ Source: Cloud Blog Title: Cloud CISO Perspectives: AI vendors should share vulnerability research. Here’s why Feedly Summary: Welcome to the first Cloud CISO Perspectives for October 2024. Today I’m discussing new AI vulnerabilities that Google’s security teams discovered and helped fix, and why it’s important for AI vendors to share vulnerability research…
-
CSA: AI Application Security & Fundamental Cyber Hygiene
Source URL: https://www.tenable.com/blog/securing-the-ai-attack-surface-separating-the-unknown-from-the-well-understood Source: CSA Title: AI Application Security & Fundamental Cyber Hygiene Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the emerging risks associated with LLM (Large Language Model) and AI applications, emphasizing the necessity for foundational cybersecurity practices and clear usage policies to mitigate vulnerabilities. It highlights the unique security…
-
Hacker News: Bug, $50K+ in bounties: how Zendesk left a backdoor in companies
Source URL: https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52 Source: Hacker News Title: Bug, $50K+ in bounties: how Zendesk left a backdoor in companies Feedly Summary: Comments AI Summary and Description: Yes Summary: The text narrates the journey of a young programmer discovering a significant security vulnerability in Zendesk, which could potentially expose sensitive customer support tickets for multiple Fortune 500…
-
The Cloudflare Blog: Advancing cybersecurity: Cloudflare implements a new bug bounty VIP program as part of CISA Pledge commitment
Source URL: https://blog.cloudflare.com/cisa-pledge-commitment-bug-bounty-vip Source: The Cloudflare Blog Title: Advancing cybersecurity: Cloudflare implements a new bug bounty VIP program as part of CISA Pledge commitment Feedly Summary: Cloudflare strengthens its commitment to cybersecurity by joining CISA’s “Secure by Design" pledge. In line with this commitment, we’re enhancing our vulnerability disclosure policy by launching a VIP bug…
-
Slashdot: Bug Bounty Programs Take Root In Russia
Source URL: https://tech.slashdot.org/story/24/08/28/0015247/bug-bounty-programs-take-root-in-russia?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Bug Bounty Programs Take Root In Russia Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the emerging trend of bug bounty programs in Russia, highlighting their implications for the cybersecurity landscape, especially amid geopolitical tensions. The evolution of these platforms may affect Western cybersecurity through potential…
-
Hacker News: Google Play will no longer pay to discover vulnerabilities in Android apps
Source URL: https://www.androidauthority.com/google-play-security-reward-program-winding-down-3472376/ Source: Hacker News Title: Google Play will no longer pay to discover vulnerabilities in Android apps Feedly Summary: Comments AI Summary and Description: Yes **Summary:** Google is discontinuing the Google Play Security Reward Program (GPSRP), which was established to incentivize the reporting of vulnerabilities in Android apps. The decision arises from a…