@phongxuan

Google: Hackers used AI to develop zero-day exploit for web admin tool

2d ago · 3 min read · Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web administration tool was likely generated using AI. The exploit could be leveraged to bypass the two-factor authentication (2FA) pro...

Why Changing Passwords Doesn’t End an Active Directory Breach

2d ago · 5 min read · * Password resets are often the first response to a suspected compromise. It makes sense; resetting credentials is a quick way to cut off an attacker’s most obvious path back in. However, that doesn’t always completely solve the issue. In both Active...

Fake OpenAI repository on Hugging Face pushes infostealer malware

2d ago · 3 min read · A malicious Hugging Face repository that reached the platform’s trending list impersonated OpenAI’s “Privacy Filter” project to deliver information-stealing malware to Windows users. The repository briefly reached #1 on Hugging Face and accumulated 2...

JDownloader site hacked to replace installers with Python RAT malware

2d ago · 4 min read · The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based remote access trojan. The supply chain attack aff...

Why More Analysts Won’t Solve Your SOC’s Alert Problem

4d ago · 12 min read · * By Rich Perkins, Principal Sales Engineer, Prophet Security Your security spend has roughly . Your time-to-investigate and respond hasn't moved. Your CFO is asking why the security headcount keeps growing while the metrics that matter to the busine...