According to security researchers at Oligo, a series of critical vulnerabilities impacting a tool called TorchServe could allow threat actors to take complete control of servers that are part of the artificial intelligence (AI) infrastructure of some of the world’s largest companies.  TorchServe is an open source package in PyTorch, a machine learning framework used for applications such as computer vision and natural language processing.

The National Science Foundation (NSF) has awarded Rice University computer scientists two grants to explore new information processing technologies and applications. One of the grants supports the development of a formal specification-based, programmable data stream processor that can analyze input from physical, biological, and other systems, enabling real-time monitoring and informed decision-making in various contexts, including cybersecurity applications.

Cloudflare's firewall and Distributed Denial-of-Service (DDoS) attack prevention mechanisms can be circumvented by exploiting gaps in cross-tenant security controls. Certitude researcher Stefan Proksch noted that attackers could use their own Cloudflare accounts to exploit the per-design trust relationship between Cloudflare and customer's websites, causing the protection mechanism to be ineffective.

According to a new report from IANS Research and Artico Search, there was a 65 percent drop in cybersecurity spending growth during the 2022-23 budget cycle. Over a third of the 550 CISOs surveyed experienced budget cuts or spending freezes due to widespread economic stressors, up from 21 percent compared to last year's study. The 2023 Security Budget Benchmark Summary Report revealed that cybersecurity spending in the US and Canada increased by only 6 percent on average in 2022-23, a decrease of nearly two-thirds compared to the 17 percent growth in 2021-22.

Security experts at Sonatype have warned of surging cyber risk in open-source ecosystems, having detected three times more malicious packages in 2023 than last year.  The vendor detected 245,032 malicious packages in 2023, which amounts to twice as many software supply chain attacks as during the period 2019-2022.  Sonatype noted that it is not just deliberate malicious activity that is posing a threat to organizations that download these components to accelerate time-to-value.

The FBI gave a public service announcement warning of an increase in phantom hacker scams targeting senior citizens throughout the US. According to the FBI, the phantom hacker scam layers imposter tech support, financial institution personas, and government personas to increase the victims' trust and identify the most lucrative accounts to target. Multiple fraudsters posing as bank representatives contact unsuspecting victims, fraudulently claiming that their accounts have been the target of hacking attempts.

Budget hotel chain Motel One Group recently announced that some customer information and credit card data was stolen in a recent ransomware attack.  The company claimed that the hackers accessed the hotel operator’s internal systems and attempted to deploy file-encrypting ransomware but were only partially successful.  According to the hotel chain’s initial assessment, the attackers accessed information related to customers’ addresses, along with “150 credit card details”.  The company noted that the affected cardholders have already been informed personally.

A vulnerability, tracked as CVE-2023-4211, in the kernel drivers for several Mali GPUs "may be under limited, targeted exploitation," the British semiconductor manufacturer Arm confirmed when it released drivers updated with patches. Arm's Mali GPUs are used in various devices, most notably in Android smartphones from Google, Samsung, Huawei, Nokia, Xiaomi, Oppo, and others. The vulnerability is caused by improper GPU memory processing and enables a local non-privileged user to access already freed memory. It impacts kernel drivers for various Arm GPUs.

A phishing campaign that spreads cyber espionage malware is aimed at users in the Middle East. The campaign is conducted by the Advanced Persistent Threat (APT) tracked as APT34, also known as OilRig, Helix Kitten, and Cobalt Gypsy. The APT uses a tool that researchers have dubbed "Menorah." This malware can identify the target's machine, access and upload files, and download additional files and malware. According to Trend Micro, the document used in the attack contains pricing information in Saudi Riyal, suggesting that at least one of the victims is in Saudi Arabia.

According to researchers, the average time it takes threat actors to exploit vulnerabilities before or after their public disclosure continues to decrease. Researchers at Mandiant analyzed 246 vulnerabilities disclosed in 2021 and 2022, tracked as "exploited in the wild." They discovered that the overall average time-to-exploit (TTE) is decreasing, with exploitation likely to happen before the end of the first month following the release of a patch. This is a trend that has continued over the past few years. Between 2018 and 2019, the average TTE was 63 days.