Skip to content
hacker news Page 143

hacker news

New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks

New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks

Feb 27, 2024NewsroomSupply Chain Attack / Data Security Cybersecurity researchers have found that it’s possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply… 

WordPress Plugin Alert – Critical SQLi Vulnerability Threatens 200K+ Websites

WordPress Plugin Alert – Critical SQLi Vulnerability Threatens 200K+ Websites

Feb 27, 2024NewsroomWebsite Security / Cryptojacking A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations. The vulnerability, tracked as CVE-2024-1071, carries a… 

8,000+ Subdomains of Trusted Brands Hijacked for Massive Spam Operation

8,000+ Subdomains of Trusted Brands Hijacked for Massive Spam Operation

More than 8,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization. Guardio Labs is tracking the coordinated malicious activity, which… 

Authorities Claim LockBit Admin “LockBitSupp” Has Engaged with Law Enforcement

Authorities Claim LockBit Admin “LockBitSupp” Has Engaged with Law Enforcement

LockBitSupp, the individual(s) behind the persona representing the LockBit ransomware service on cybercrime forums such as Exploit and XSS, “has engaged with law enforcement,” authorities said. The development comes following the takedown of the prolific… 

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

Feb 24, 2024NewsroomActive Directory / Data Protection Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber…