Organizations Fix Less Than Half of All Exploitable Vulnerabilities, With Just 21% of GenAI App Flaws Resolved
Post Content
Post Content
Related
Do Claude Code Security Reviews Pass the Vibe Check?
AI-assisted security reviews from Anthropic and others could help level up enterprise application security in the era of vibe coding.
State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns
Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late 2024 through the beginning of 2025. The phishing campaigns adopting the strategy have been attributed to clusters tracked as TA427 (aka Kimsuky), TA450 (aka MuddyWater,
NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers
A newly disclosed set of security flaws in NVIDIA’s Triton Inference Server for Windows and Linux, an open-source platform for running artificial intelligence (AI) models at scale, could be exploited to take over susceptible servers. “When chained together, these flaws can potentially allow a remote, unauthenticated attacker to gain complete control of the server, achieving…
The Young and the Restless: Young Cybercriminals Raise Concerns
National governments warn that many hacker groups attract young people through a sense of community, fame, or the promise of money and the perception of a lack of risk of prosecution.
‘ReVault’ Security Flaws Impact Millions of Dell Laptops
The now-patched vulnerabilities exist at the firmware level and enable deep persistence on compromised systems.
Threat Actors Exploit a Critical Ivanti RCE Bug, Again
New year, same story. Despite Ivanti’s commitment to secure-by-design principles, threat actors — possibly the same ones as before — are exploiting its edge devices for the nth time.