August Patch Tuesday includes blasts from the (recent) past
Microsoft haul this month covers 109 CVEs… more or less
Microsoft haul this month covers 109 CVEs… more or less
Related
New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks
Cybersecurity researchers have called attention to a new campaign that’s actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. “Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware,” Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed
CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Citrix NetScaler ADC and Gateway to its Known Exploited Vulnerabilities (KEV) catalog, officially confirming the vulnerability has been weaponized in the wild. The shortcoming in question is CVE-2025-5777 (CVSS score: 9.3), an instance of insufficient input validation that
Machine Unlearning: The Lobotomization of LLMs
In the end, the question isn’t whether large language models will ever forget — it’s how we’ll develop the tools and systems to do so effectively and ethically.
UNC6384 Targets European Diplomatic Entities With Windows Exploit
The spear-phishing campaign uses fake European Commission and NATO-themed lures to trick diplomatic personnel into clicking malicious links.
Microsoft Cracks Down on Malicious Copilot AI Use
According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services.
Streaming Fraud Campaigns Rely on AI Tools, Bots
Fraudsters are using generative AI to generate fake music and boost the popularity of the fake content.