SAP security patches released this month address critical flaws in SQL Anywhere and Solution Manager. The updates mitigate risks that could enable system compromise if ignored. SAP customers …
-
-
CMMC requirements are moving from promises to proof as the Pentagon advances its Cybersecurity Maturity Model Certification program. The Defense Department wants verified safeguards across the defense industrial …
-
LLM side channel attack research known as Whisper-Leak shows attackers can infer prompt topics without viewing the text. The technique uses inference time signals to classify user intent …
-
LLM side channel attack research is in the spotlight after a technique called Whisper-Leak showed that attackers can infer user prompt topics without direct access. Researchers demonstrated that …
-
AI companies GitHub secrets are under scrutiny after SecurityWeek reported exposed credentials across multiple Forbes AI 50 firms. Public repositories contained cloud keys and tokens. Researchers found access …
-
runC container escape vulnerabilities allow attackers to break isolation and reach the host. SecurityWeek reported multiple issues that affect runC users across platforms. The most severe issue, the …
-
OWASP Top 10 2021 adds two new risk categories that reset priorities for web application security. The update reflects testing data and observed attack behavior. It also clarifies …
-
Oracle EBS ransomware attack disclosures are mounting as the CL0P group names nearly 30 alleged victims tied to Oracle E-Business Suite. The activity centers on data theft and …
-
Australia sanctions North Korea hackers in a new enforcement action targeting revenue that funds Pyongyang’s prohibited weapons programs. The measures designate individuals and entities tied to state backed …
-
Android spyware resurfaced in a campaign called Landfall that exploited a Samsung zero-day vulnerability to penetrate phones and siphon data. Researchers observed privilege escalation, stealthy persistence, and command …