The Department of Energy's (DOE) Oak Ridge National Laboratory (ORNL) has announced the establishment of the Center for Artificial Intelligence (AI) Security Research (CAISER) to address existing threats as governments and industries worldwide adopt AI to take advantage of the data processing, operational efficiencies, and decision-making advantages it promises.

Cybersecurity experts warn that the scope of a previously disclosed vulnerability impacting various web applications is broader than initially reported. Last week, Google disclosed a vulnerability affecting its Chrome web browser, which was initially tracked as CVE-2023-4863. Before researchers delved deeper into the matter and traced the vulnerability to the open-source libwebp library, other browsers began to issue warnings about the issue.

DarkBeam, a digital risk protection company, exposed records containing user emails and passwords from previously reported and unreported data breaches by leaving an Elasticsearch and Kibana interface unprotected. According to Bob Diachenko, CEO of SecurityDiscovery, who discovered the leak, the now-closed instance contained more than 3.8 billion records. The incident is likely to affect more than just DarkBeam users. There were 16 collections named "email 0-9" and "email A-F" that contained 239,635,000 records each.

According to security researchers at Redinent, misconfigured TeslaMate instances can leak tons of data on the internet, potentially exposing Tesla cars and their drivers to malicious attacks.  TeslaMate is a third-party data logging application that relies on the Tesla API to retrieve various types of information about Tesla cars, making it available to users on their computers.  The researchers noted that while the application is a great tool for keeping track of car data, it also poses a significant risk if improperly configured.

A joint Cybersecurity Advisory (CSA) titled "People's Republic of China-Linked Cyber Actors Hide in Router Firmware" regarding the activities of the BlackTech cyber actor group has been released by the National Security Agency (NSA), Federal Bureau of Investigation (FBI), US Cybersecurity and Infrastructure Security Agency (CISA), Japan National Police Agency (NPA), and Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC). BlackTech, also known as Palmerworm, Temp.

Threat actors are using an existing technique of zero-point font obfuscation in a novel way to trick Microsoft Outlook users into thinking antivirus scans have successfully vetted phishing emails. The technique could increase the likelihood of phishing emails bypassing security measures and convincing recipients to fall for scams. Jan Kopriva, an analyst at the SANS Internet Storm Center, discovered a phishing email that used text written in a font with zero-pixel size, an obfuscation technique first documented by researchers at Avanan in 2018 and dubbed ZeroFont Phishing.

To steal authentication secrets and credentials from developers, hackers are compromising GitHub accounts and inserting malicious code disguised as Dependabot contributions. In July 2023, researchers discovered strange commits on hundreds of public and private repositories that were made to appear as Dependabot commits. Dependabot is an automated GitHub tool that scans projects for vulnerable dependencies and automatically issues pull requests to install updated versions.

A new malware strain called ZenRAT is distributed via fake installation packages of the Bitwarden password manager. According to Proofpoint researchers, the malware is a modular Remote Access Trojan (RAT) capable of stealing information. ZenRAT is hosted on fake websites claiming to be associated with Bitwarden, but it is unknown how traffic is being directed to the domains. In the past, such malware was spread through phishing, malvertising, and Search Engine Optimization (SEO) poisoning attacks. This article continues to discuss findings regarding the new ZenRAT malware strain.

According to Veracode, apps developed by organizations in Europe, the Middle East, and Africa tend to have more security vulnerabilities than those made by their US counterparts. EMEA also has the highest percentage of high-severity vulnerabilities, which, if exploited, would pose a significant problem to businesses. Researchers discovered that over 80 percent of apps developed by EMEA organizations contained at least one security vulnerability detected in their latest scan over the last 12 months, compared to about 73 percent of apps developed by US organizations.

Mozilla recently announced security updates for both Firefox and Thunderbird, addressing a total of nine vulnerabilities in its products, including high-severity flaws.  Firefox 118 was released to the stable channel with patches for all nine vulnerabilities, which are memory issues, and most could lead to exploitable crashes.  According to Mozilla, the first two high-severity flaws tracked as CVE-2023-5168 and CVE-2023-5169 are out-of-bounds write issues in the browser’s FilterNodeD2D1 and PathOps components.