Tigera Launches Solution to Protect AI Workloads Running on Kubernetes

Tigera, the creator of Project Calico, the most widely adopted container networking and security solution, today announced a new solution to secure AI workloads running in Kubernetes clusters.

New attack on ChatGPT research agent pilfers secrets from Gmail inboxes

Today’s installment hits OpenAI’s Deep Research agent. Researchers recently devised an attack that plucked confidential information out of a user’s Gmail inbox and sent it to an attacker-controlled ...

Kejie Technology Obtains SQL Optimization Patent, **Large Models** Empower Database Performance Improvement

Beijing Kejie Technology Co., Ltd. recently announced that its patent for the "SQL Optimization Interaction Method and Device Based on Deep Learning Framework Large Models" has been authorized, with ...
The Hacker News

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Cursor is an AI-powered fork of Visual Studio Code, which supports a feature called Workspace Trust to allow developers to safely browse and edit code regardless of where it came from or who wrote it.
CSO Online

AI prompt injection gets real — with macros the latest hidden threat

Attackers are evolving their malware delivery tactics by weaponing malicious prompts embedded in document macros to hack AI ...

Windows servers hijacked to boost Google rankings for dodgy gambling sites

Dozens of Windows servers have been hijacked by a Chinese hacking group to boost Google’s rankings for shady gambling websites, experts have found.
Evening Chronicle

Full list of NHS Mounjaro injection eligibility and how it should be used

People struggling with their weight and associated health issues may be eligible for weight loss jab Mounjaro on the NHS. Figures suggest that thousands of people who could benefit from the injection ...
IEEE

Customizing OWASP ZAP: A Proven Method for Detecting SQL Injection Vulnerabilities

Abstract: As web applications become increasingly popular for offering data and services among businesses and organizations they also become more susceptible to security risks. Many organizations rely ...
Cyber Defense Magazine

Fake (Hallucinated) Remote Code Execution (RCEs) in LLM Applications

Introduction As agents become integrated with more advanced functionality, such as code generation, you will see more Remote Code Execution (RCE)/Command Injection vulnerabilities in LLM applications.
GitHub

CVE-2024-3552 Web Directory Free <= 1.6.9 - Unauthenticated SQL Injection

The Web Directory Free plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 1.6.9 due to insufficient escaping on a user supplied parameter and lack of sufficient ...
The Coverage

BMW Doctor Alleged New CCTV Footage Sparks New Wave of Outrage – “Full Body Check” Or Injection Treatment?

The scandal surrounding the so-called “BMW doctor” has taken another dramatic turn after claims of CCTV footage showing the doctor allegedly engaging in inappropriate acts within his clinic surfaced ...