News

Decrypt6d

'CopyPasta' Attack Shows How Prompt Injections Could Infect AI at Scale

AI coding tools can be tricked by fake license files to spread malicious code, security firm HiddenLayer warns.

WhatsApp patches exploit allowing hackers to target Apple users

WhatsApp has patched a security vulnerability that allowed sophisticated attacks against the Apple devices of “specific ...
Bleeping Computer5mon

AI-hallucinated code dependencies become new supply chain risk

A new class of supply chain attacks named 'slopsquatting' has emerged from the increased use of generative AI tools for coding and the model's tendency to "hallucinate" non-existent package names. The ...
Bleeping Computer4y

The SolarWinds cyberattack: The hack, the victims, and what we know

Since the SolarWinds supply chain attack was disclosed in December, there has been a whirlwind of news, technical details, and analysis released about the hack. Because the amount of information that ...