Fascinating research: Weird Generalization and Inductive Backdoors: New Ways to Corrupt LLMs. AbstractLLMs are useful because they generalize so well. But can you have too much of a good thing? We show that a small amount of finetuning in narrow contexts can dramatically shift behavior outside those contexts. In oneRead More »Corrupting LLMs Through Weird Generalizations
Threat actors are hunting for misconfigured proxy servers to gain access to APIs for various LLMs. The post LLMs in Attacker Crosshairs, Warns Threat Intel Firm appeared first on SecurityWeek.
A new wave of GoBruteforcer attacks has targeted databases of cryptocurrency and blockchain projects to co-opt them into a botnet that’s capable of brute-forcing user passwords for services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux servers. “The current wave of campaigns is driven by two factors: the massRead More »GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials
The record-breaking deal has already received a green light from the US government. The post EU Sets February Deadline for Verdict on Google’s $32B Wiz Acquisition appeared first on SecurityWeek.
Anthropic has become the latest Artificial intelligence (AI) company to announce a new suite of features that allows users of its Claude platform to better understand their health information. Under an initiative called Claude for Healthcare, the company said U.S. subscribers of Claude Pro and Max plans can opt toRead More »Anthropic Launches Claude AI for Healthcare with Secure Health Record Access
The company will use the investment to accelerate platform adoption and expansion into the federal market. The post Torq Raises $140 Million at $1.2 Billion Valuation appeared first on SecurityWeek.
Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS) economy. At least since 2016, Chinese-speaking criminal groups have erected industrial-scale scam centers across Southeast Asia, creating special economic zones that are devoted toRead More »Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud
UH officials refused to provide key information, including which cancer research project had been affected or how much UH paid the hackers to regain access to files. The post Hackers Accessed University of Hawaii Cancer Center Patient Data; They Weren’t Immediately Notified appeared first on SecurityWeek.
Threat actors exploited Cloudflare’s free-tier infrastructure and legitimate Python environments to deploy the AsyncRAT remote access trojan, demonstrating advanced evasion techniques that abuse trusted cloud services for malicious operations.
The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based implant codenamed RustyWater. “The campaign uses icon spoofing and malicious Word documents to deliver Rust based implants capable of asynchronous C2, anti-analysis,Read More »MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors
