Through the exploitation of a critical vulnerability in the Replicate Artificial Intelligence (AI) platform, attackers could have executed a malicious AI model within the platform for a cross-tenant attack. This attack could expose customers' private AI models and potentially expose proprietary knowledge or sensitive data. Researchers at Wiz uncovered the flaw thorugh a series of partnerships with AI-as-a-service providers to analyze the security of their platforms.

The new Cybersecurity Information Sheet (CSI), "Advancing Zero Trust Maturity Throughout the Application and Workload Pillar," from the National Security Agency (NSA) helps organizations secure applications from unauthorized users and maintain workload visibility. This CSI suggests ways to improve application and workload capabilities under the "never trust, always verify" Zero Trust (ZT) paradigm. It describes how these capabilities fit into a ZT framework. ZT implementation aims to improve cybersecurity protections, responses, and operations.

A new VulnCheck report found that the US National Vulnerability Database (NVD) lacks most currently exploited software vulnerabilities. In its May 23 report, the software security provider revealed that the NVD team has not analyzed 30 of 59 Known Exploited vVlnerabilities (KEVs) registered since February 12. In total, 50.8 percent of KEVs do not have critical metadata.

Customer chatbots built on general-purpose generative Artificial Intelligence (AI) engines are easy to develop but difficult to secure. Ashley Beauchamp was able to trick DPD's chatbot in January 2024. The chatbot swore, criticized DPD's service, and wrote a disparaging haiku about its owner. DPD shut down the chatbot and blamed an error for the manipulation. Others were skeptical because the output resembled 'jailbreaking', or bypassing AI's guardrails through prompt engineering.

Western Sydney University (WSU) has recently notified students and academic staff about a data breach after threat actors breached its Microsoft 365 and Sharepoint environment. WSU is an educational institute in Australia and has 47,000 students and over 4,500 regular and seasonal staff. WSU noted that the investigation revealed that the earliest known unauthorized access to the University's Microsoft Office 365 environment was on May 17, 2023, and included access to some email accounts and SharePoint files.

The US Securities and Exchange Commission (SEC) recently announced that the Intercontinental Exchange (ICE) has agreed to pay a $10 million fine to settle charges related to a cyberattack that occurred in 2021. ICE operates the New York Stock Exchange (NYSE) and other exchanges. ICE learned from a third party in April 2021 that one of its VPNs was hacked through the exploitation of a zero-day vulnerability. The SEC noted that the hackers planted malicious code on the VPN device, which had been used for remote access to the corporate network.

San Antonio-based healthcare provider El Centro Del Barrio (which operates as CentroMed) recently started informing 400,000 patients that their personal and protected health information was compromised in a recent cyberattack. The company discovered the data breach on May 1, 2024, after a threat actor gained access to the organization’s network on April 30. During the investigation, it was discovered that the unauthorized party accessed and/or acquired files containing information about CentroMed’s current and former patients.

The Association of California School Administrators (ACSA) recently started informing nearly 55,000 individuals that their information may have been compromised in a cyberattack. ACSA describes itself as the largest umbrella association for school leaders in the United States, serving more than 17,000 California educators, including superintendents, principals, vice-principals, and classified managers. ACSA says it discovered on September 24, 2023, that some files in its environment had been encrypted.

Louisiana State University (LSU) cybersecurity researcher and associate professor Elias Bou-Harb and University of South Carolina (USC) collaborators received a National Science Foundation (NSF) grant to combat malware. The idea is to recognize and stop cyberattacks at the network level as they first enter computer systems. The researchers' approach will empower system administrators.

Mandiant has found that Chinese-backed threat actors are increasingly using Operational Relay Boxes (ORBs) in cyber espionage activities. Advanced Persistent Threat (APT) groups use this attack tactic to increase the cost of network defense and give espionage operators the advantage by evading detection and complicating attribution. Mandiant explained how Chinese nation-state groups like "Volt Typhoon" use ORB networks for cyber espionage. This article continues to discuss the use of ORBs in cyberattacks.