Interesting research: “Teams of LLM Agents can Exploit Zero-Day Vulnerabilities.”
Abstract: LLM agents have become increasingly sophisticated, especially in the realm of cybersecurity. Researchers have shown that LLM agents...
Read more
Google has patched another Chrome zero-day:
On Thursday, Google said an anonymous source notified it of the vulnerability. The vulnerability carries a severity rating of 8.8 out of...
Read more
Back in the 1960s, if you played a 2,600Hz tone into an AT&T pay phone, you could make calls without paying. A phone hacker named John Draper noticed...
Read moreThis is a newly discovered email vulnerability:
The email your manager received and forwarded to you was something completely innocent, such as a potential customer asking a few questions....
Read more
It seems that the FCC might be fixing the vulnerabilities in SS7 and the Diameter protocol:
On March 27 the commission asked telecommunications providers to weigh in and detail...
Read more
It’s pretty devastating:
Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is...
Read more
BleepingComputer has the details. It’s $2M less than in 2022, but it’s still a lot.
The highest reward for a vulnerability report in 2023 was $113,337, while the total...
Read more
Good essay on software bloat and the insecurities it causes.
The world ships too much code, most of it by third parties, sometimes unintended, most of it uninspected. Because...
Read more
Over on Lawfare, Jim Dempsey published a really interesting proposal for software liability: “Standard for Software Liability: Focus on the Product for Liability, Focus on the Process for...
Read moreInteresting attack on a LLM:
In Writer, users can enter a ChatGPT-like session to edit or create their documents. In this chat session, the LLM can retrieve information from...
Read more
Recent Comments