Threat actors are abusing a Selenium Grid misconfiguration to deploy a modified XMRig tool for Monero cryptocurrency mining. Selenium Grid is a popular web app testing framework used by developers to automate testing across multiple machines and browsers. Researchers at Wiz discovered that the malicious activity, which they are tracking as "SeleniumGreed," has been running for over a year, exploiting the service's lack of authentication in the default configuration.

According to Binarly, there is a Secure Boot issue affecting hundreds of computer models. The vulnerability, called "PKfail," enables attackers to run malicious code during the device's boot process. It stems from an exposed American Megatrends International (AMI) Platform Key (PK), a Secure Boot private key. The exposed PK was a default key provided by AMI and was not meant for use in production. However, several major computer manufacturers shipped many devices with the untrusted key as they did not change the PK.

Researchers at Monash University give their insights on the rise of dark Large Language Models (LLMs), what we can do to protect ourselves, and the role of government in regards to regulations on Artificial Intelligence (AI). They note that widely available generative AI tools have further complicated cybersecurity, so online security is more important than ever. Dark LLMs are uncensored versions of AI systems such as ChatGPT. Re-engineered for criminal activities, they can be used to improve phishing campaigns, create sophisticated malware, and more.

Washington State University researchers have developed an algorithm that improves upon discovering data anomalies, including in streaming data. Their work contributes to Artificial Intelligence (AI) methods that could be applied in domains where anomalies in large amounts of data need to be found quickly, such as cybersecurity. This article continues to discuss the algorithm developed by Washington State University researchers to better find data anomalies than current anomaly-detection software.

The Association for Computing Machinery's (ACM) global Technology Policy Council (TPC) has released "TechBrief: Data Privacy Protection," which highlights the growing ineffectiveness of controls over information privacy. As data collection, advanced algorithms, and powerful computers have increased, it has become easier to piece together information about individuals' private lives from public information. This article continues to discuss key points from "TechBrief: Data Privacy Protection."

A team of researchers from the University of Luxembourg and the KASTEL Security Research Labs has devised a security protocol that allows court-authorized monitoring of end-to-end encrypted or anonymous communications while also detecting illicit or extensive surveillance. The new security protocol balances legitimate communication interception with privacy protection. This article continues to discuss the new security protocol devised by researchers at the University of Luxembourg and the KASTEL Security Research Labs.

NVIDIA has patched a high-severity flaw impacting its Jetson series computing boards. The exploitation of this vulnerability could enable Denial-of-Service (DoS), code execution, and privilege escalation in Artificial Intelligence (AI)-powered systems. This article continues to discuss the potential exploitation and impact of the flaw in Jetson software used in AI-powered systems, as well as other NVIDIA vulnerabilities that pose risks to networking and data center solutions.

The Spanish-speaking cybercrime group "GXC Team" bundles phishing kits with malicious Android apps, advancing Malware-as-a-Service (MaaS) offerings. Group-IB, which has tracked the threat actor since January 2023, called the crimeware solution a "sophisticated AI-powered phishing-as-a-service platform." This article continues to discuss findings regarding GXC Team's bundling of phishing kits with malicious Android apps.

The US Department of State is offering $10 million for information on Rim Jong Hyok, an alleged member of the hacking group "APT45," which operates on behalf of a North Korean military intelligence agency, the Reconnaissance General Bureau. The group has targeted foreign businesses, government entities, and the defense industry. This article continues to discuss the US offering a reward of up to $10 million for information on a member of APT45.

A new Checkmarx report highlights that organizations are concerned about security threats posed by developers' use of Artificial Intelligence (AI). The company discovered that 15 percent of organizations explicitly ban AI tool usage for code generation, but 99 percent use them anyway. This article continues to discuss key findings from the "Seven Steps to Safely Use Generative AI in Application Security" report.

Infosecurity Magazine reports "Despite Bans, AI Code Tools Widespread in Organizations"