The emergence of generative Artificial Intelligence (AI), such as text-to-image, text-to-speech, and Large Language Models (LLMs), has created new security challenges and risks. Threat actors are increasingly attempting to exploit LLMs to compose phishing emails and use generative AI, including fake voices, to scam victims. IBM researchers have presented a successful attempt to intercept and hijack a live conversation. They used LLMs to understand the conversation in order to manipulate the audio output. This attack would allow the adversary to manipulate an audio call's outcomes silently.

Joseph Ravichandran, a Ph.D. student at the Massachusetts Institute of Technology (MIT) and an Apple Vision Pro user, says they have discovered vulnerabilities in the popular Augmented Reality (AR) headset. Ravichandran posted an image on X, formerly Twitter, showing what appears to be a Kernel exploit for Vision Pro. A Kernel exploit targets an operating system's core component that manages system resources and provides critical services to other system parts and user applications.

A critical supply chain bug in Bazel, Google's open-source software development tool, allowed hackers to insert malicious code. The command injection vulnerability compromised the security of millions of Bazel-dependent projects, including Kubernetes, Angular, Uber, LinkedIn, Databricks, DropBox, Nvidia, and Google. Researchers at Cycode discovered the flaw in November 2023, and Google fixed it within seven days.

Student rideshare startup HopSkipDrive has recently confirmed a data breach involving the personal data of more than 155,000 drivers.  Los Angeles-based HopSkipDrive offers an Uber-style rideshare service for children and teenagers.  HopSkipDrive said the stolen data included names, email and postal addresses, driver's license numbers, and other non-driver identification card numbers.  The company noted those affected include "people who drive on their platform or who applied to drive on their platform." Millum added that no customer data was accessed in the breach.

A flaw was discovered in Flysmart+ Manager, one of several apps in the Flysmart+ suite used by Airbus pilots to synchronize data with other Flysmart+ apps that inform pilots about safe takeoffs and landings. Flysmart+ Manager, developed by Airbus-owned NAVBLUE, was found to have App Transport Security (ATS) disabled. ATS is an important security control that secures communications between the app and the its update server. An attacker could exploit this vulnerability to intercept and decrypt potentially sensitive information.

A new variant of the Mispadu banking Trojan is exploiting a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. Mispadu is a Delphi-based information stealer that targets victims in the Latin American (LATAM) region and spreads via phishing emails. In March 2023, Metabase Q found that Mispadu spam campaigns had harvested at least 90,000 bank account credentials since August 2022. It is part of a larger family of LATAM banking malware, including the recently dismantled Grandoreiro.

The rise in teens committing cybercrimes on a large scale and causing real harm in the process should not be ignored. For example, a 17-year-old from California is accused of carrying out hundreds of swattings and bomb threats against a variety of targets, including mosques, FBI offices, and historically Black colleges.

Fuzzing can be an effective tool for identifying zero-day vulnerabilities in software. Therefore, Google has announced that its fuzzing framework, OSS-Fuzz, will now be available for free in order to encourage developers and researchers to use it. Google says that using the framework to automate the manual aspects of fuzz testing with the help of Large Language Models (LLMs) can result in significant security improvements.

The Pennsylvania Courts system has recently been hit by a cyberattack, taking down parts of its website.  The Administrative Office of Pennsylvania Courts revealed via social media that the service had suffered a denial of service (DoS) attack.  The statement noted that court web systems such as PACFile, the use of online docket sheets, and the Guardianship Tracking System were impacted by the incident.  The Administrative Office of Pennsylvania Courts noted that there is currently no indication that any data has been compromised.

Multiple attackers are currently exploiting a Server-Side Request Forgery (SSRF) vulnerability in Ivanti Connect Secure and Ivanti Policy Secure, tracked as CVE-2024-21893. On January 31, 2024, Ivanti first warned about the flaw in the gateway's Security Assertion Markup Language (SAML) components, assigning it a zero-day status for limited active exploitation and affecting a small number of customers. Exploiting the flaw enabled attackers to bypass authentication and gain access to restricted resources on vulnerable devices.