Security News

Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine
2024-11-04 10:04

Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep (formerly Project Naptime)....

WhatsApp now encrypts contact databases for privacy-preserving synching
2024-10-23 18:52

The WhatsApp messenger platform has introduced Identity Proof Linked Storage (IPLS), a new privacy-preserving encrypted storage system designed for contact management. [...]

NIST's security flaw database still backlogged with 17K+ unprocessed bugs. Not great
2024-10-02 12:31

Logjam 'hurting infosec processes world over' one expert tells us as US body blows its own Sept deadline NIST has made some progress clearing its backlog of security vulnerability reports to...

Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database
2024-09-04 08:43

The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection...

Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited
2024-08-25 08:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases running on Linux machines...

New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining
2024-08-22 04:31

Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that's designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances. "Brute-force...

PostgreSQL databases under attack
2024-08-21 13:10

Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. Internet-exposed PostgreSQL databases are a favorite target of opportunistic cryptojacking groups and, occasionally, extortionists.

Deadbeat dad faked his own death by hacking government databases
2024-08-21 07:35

A US man has been sentenced to 81 months in jail for faking his own death by hacking government systems and officially marking himself as deceased. In January 2023 Kipf used the credentials of a physician to access Hawaii's Death Registry System and create a "Case" that recorded his own death.

BreachForums v1 database leak is an OPSEC test for hackers
2024-07-24 04:00

The entire database for the notorious BreachForums v1 hacking forum was released on Telegram Tuesday night, exposing a treasure trove of data, including members' information, private messages,...

Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks
2024-06-27 10:04

Cybersecurity researchers have disclosed a high-severity security flaw in the Vanna.AI library that could be exploited to achieve remote code execution vulnerability via prompt injection...