Researchers at Google's Project Zero introduced "Naptime," a framework to allow Large Language Models (LLMs) to perform vulnerability research. Naptime, launched in mid-2023, seeks to improve vulnerability discovery approaches, focusing on automating variant analysis. The Naptime framework lets LLMs conduct vulnerability research like human security experts, mimicking the iterative and hypothesis-driven approach.

Researcher Harish Santhanalakshmi Ganesan demonstrated the delivery of malware to Meta's Quest 3 headset. He took on claims that it is almost impossible to install malware on Quest 3 VR, and did it without enabling developer mode. Googling led him to a method to install "CovidLock" ransomware on his headset. The ransomware targets Android devices, pretending to be a COVID-19 tracker app and gaining additional permissions to the point where it can lock users out and display a ransom note.

Indonesia’s national data center has recently been compromised by a hacking group asking for a $8 million ransom that the government won’t pay.  Samuel Abrijani Pangerapan, the director general of informatics applications with the Communications and Informatics Ministry, said that the cyberattack has disrupted the services of more than 200 government agencies at both the national and regional levels since June 20.

High-end department store Neiman Marcus recently disclosed a data breach shortly before a hacker offered to sell information belonging to the company's customers.  The company said a database platform storing personal information was compromised between April and May 2024.  The data breach was detected in May. The company noted that an investigation showed that the hacker had gained access to information such as names, contact data, dates of birth, and Neiman Marcus or Bergdorf Goodman gift card numbers.

Google recently announced a new Chrome security update that addresses four high-severity memory safety vulnerabilities reported by external researchers.  Google noted that the four issues tracked as CVE-2024-6290 to CVE-2024-6293 are use-after-free bugs impacting the Dawn and Swiftshader components of the popular browser.  The latest Chrome iteration is now rolling out to users as version 126.0.6478.126 for Linux and as versions 126.0.6478.126/127 for Windows and macOS.

Cryptocurrency portfolio manager CoinStats recently resumed activity after hackers drained over $2 million in virtual assets from 1,590 hosted wallets.  The incident occurred on Friday and prompted CoinStats to shut down its application to mitigate the attack.  Because CoinStats asks for read-only access to connected wallets, only some of those created directly within CoinStats were affected by the hack.  CoinStats noted that none of the connected wallets and CEXes were impacted.

A now-patched security flaw impacting the Ollama open source Artificial Intelligence (AI) infrastructure platform could have enabled Remote Code Execution (RCE). Ollama is a service used to package, deploy, and run Large Language Models (LLMs) locally on Windows, Linux, and macOS devices. The vulnerability, dubbed "Probllama" by the cloud security company Wiz, stems from insufficient input validation. Exploitation requires the threat actor to send specially crafted HTTP requests to the Ollama Application Programming Interface (API) server.

A study conducted by security researchers from Stanford University and the CISPA Helmholtz Center for Information Security found that the Chrome Web Store (CWS) has many malicious extensions. Some include malware, while others are vulnerable due to bugs or violate policies. This article continues to discuss the study "What is in the Chrome Web Store? Investigating Security-Noteworthy Browser Extensions."

Group-IB researchers have detailed the operations of a threat actor named "Boolka." Their activities include launching sophisticated malware and web attacks. The group has been exploiting vulnerabilities through SQL injection attacks on websites since 2022. The injected scripts intercept user inputs to steal data. In January 2024, Group-IB analysts found a Boolka-linked landing page that distributed the "BMANAGER" modular Trojan. This discovery revealed Boolka's malware delivery platform, which leverages the BeEF framework.