Hosted on MSN

Cast a hex on ChatGPT to trick the AI into writing exploit code

OpenAI's language model GPT-4o can be tricked into writing exploit code by encoding the malicious instructions in hexadecimal, which allows an attacker to jump the model's built-in security guardrails ...

Apple alerts exploit developer that his iPhone was targeted with government spyware

A developer at Trenchant, a leading Western spyware and zero-day maker, was suspected of leaking company tools and was fired.
The Hacker News

Self-Spreading 'GlassWorm' Infects VS Code Extensions in Widespread Supply Chain Attack

GlassWorm spread via 14 VS Code extensions; Solana + Google Calendar C2; stole credentials, drained 49 wallets.
Bleeping Computer

Hackers exploit Aiohttp bug to find vulnerable networks

The ransomware actor 'ShadowSyndicate' was observed scanning for servers vulnerable to CVE-2024-23334, a directory traversal vulnerability in the aiohttp Python library. Aiohttp is an open-source ...
Business Insider

SANS Heads to Austin for Six Days of Ethical Hacking, Penetration Testing, and Exploit Development Training

BETHESDA, Md., Jan. 22, 2018 /PRNewswire-USNewswire/ -- SANS Institute, the global leader in cyber security training, today announced the agenda for SANS Pen Test Austin 2018 taking place in ...
CSOonline

Malicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secrets

“Chimera-sandbox-extensions” exploit highlights rising risks of open-source package abuse, prompting calls for stricter dependency controls and DGA malware detection. A malicious Python package posing ...
Linux Journal

Kali Linux's New Version 2018.3, Open-Source License War, Lenovo Announces Five New Android Tablets, Google Releases Open-Source Reinforcement Learning Framework and KD Chart ...

News briefs for August 28, 2018. Kali Linux recently announced its third release of 2018. Version 2018.3 features several new tools: idb, an iOS research/penetration-testing tool; gdb-peda, Python ...