Tag: jack
-
Hacker News: Kaspersky exposes hidden malware on GitHub stealing personal data
Source URL: https://www.kaspersky.com/about/press-releases/kaspersky-exposes-hidden-malware-on-github-stealing-personal-data-and-485000-in-bitcoin Source: Hacker News Title: Kaspersky exposes hidden malware on GitHub stealing personal data Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the discovery of a malicious campaign dubbed GitVenom by Kaspersky’s Global Research & Analysis Team, targeting gamers and crypto investors through compromised open-source repositories on GitHub. It…
-
The Register: 200-plus impressively convincing GitHub repos are serving up malware
Source URL: https://www.theregister.com/2025/02/26/infosec_bytes/ Source: The Register Title: 200-plus impressively convincing GitHub repos are serving up malware Feedly Summary: Plus: DOGE staff quit; LastPass PC, Mac gasp; and CISA warns Oracle and Adobe flaws under attack Infosec bytes Kaspersky says it has found more than 200 GitHub repos hosting fairly convincing-looking fake projects laced with malicious…
-
The Register: MITRE Caldera security suite scores perfect 10 for insecurity
Source URL: https://www.theregister.com/2025/02/25/10_bug_mitre_caldera/ Source: The Register Title: MITRE Caldera security suite scores perfect 10 for insecurity Feedly Summary: Is a trivial remote-code execution hole in every version part of the training, or? The smart cookie who discovered a perfect 10-out-of-10-severity remote code execution (RCE) bug in MITRE’s Caldera security training platform has urged users to…
-
The Register: China’s Silver Fox spoofs medical imaging apps to hijack patients’ computers
Source URL: https://www.theregister.com/2025/02/25/silver_fox_medical_app_backdoor/ Source: The Register Title: China’s Silver Fox spoofs medical imaging apps to hijack patients’ computers Feedly Summary: Sly like a PRC cyberattack A Chinese government-backed group is spoofing legitimate medical software to hijack hospital patients’ computers, infecting them with backdoors, credential-swiping keyloggers, and cryptominers.… AI Summary and Description: Yes Summary: The text…
-
The Register: How nice that state-of-the-art LLMs reveal their reasoning … for miscreants to exploit
Source URL: https://www.theregister.com/2025/02/25/chain_of_thought_jailbreaking/ Source: The Register Title: How nice that state-of-the-art LLMs reveal their reasoning … for miscreants to exploit Feedly Summary: Blueprints shared for jail-breaking models that expose their chain-of-thought process Analysis AI models like OpenAI o1/o3, DeepSeek-R1, and Gemini 2.0 Flash Thinking can mimic human reasoning through a process called chain of thought.……
-
Embrace The Red: ChatGPT Operator: Prompt Injection Exploits & Defenses
Source URL: https://embracethered.com/blog/posts/2025/chatgpt-operator-prompt-injection-exploits/ Source: Embrace The Red Title: ChatGPT Operator: Prompt Injection Exploits & Defenses Feedly Summary: ChatGPT Operator is a research preview agent from OpenAI that lets ChatGPT use a web browser. It uses vision and reasoning abilities to complete tasks like researching topics, booking travel, ordering groceries, or as this post will show,…