Author: Modernizing Tech
-
Uncovered Side-Channel Attack Threatens AI Chatbot Privacy
Cybersecurity researchers at Microsoft have identified a critical vulnerability that could allow attackers to determine conversation topics with AI chatbots, even when communications are fully encrypted. Microsoft’s Defender Security Research Team has disclosed a novel side-channel attack, dubbed “Whisper Leak,” that targets remote language models. The attack exploits patterns in network traffic to infer sensitive
-
Tenable Discovers Critical ChatGPT Vulnerabilities Enabling Private Data Theft
Tenable Research has disclosed multiple vulnerabilities in OpenAI’s ChatGPT that could allow attackers to steal private information from users’ memories and chat history without their knowledge. The vulnerabilities, discovered through months of investigation and responsibly disclosed in March 2024, have since been fully patched by OpenAI. The vulnerabilities center around prompt injection, a known weakness
-
QNAP Patches Critical SQL Injection Vulnerability in QuMagie Photo Management App
QNAP has released security updates addressing multiple critical vulnerabilities in several of its applications, including a severe SQL injection flaw in QuMagie, the company’s photo management application for network-attached storage (NAS) devices. SQL injection occurs when an attacker can insert malicious code into database queries, potentially allowing them to view, modify, or delete data they
-
Google Detects First Malware That Calls AI Models During Live Attacks
Google’s TAG (Threat Intelligence Group) has reported identification of malware actively querying AI language models during attacks to generate code on the fly and evade detection. The discovery marks a shift from attackers using AI as a productivity tool to deploying malware with built-in AI capabilities that adapt in real time. Google identified five new
-
Microsoft Patches Teams Vulnerabilities That Enabled Executive Impersonation
Four security flaws allowed message manipulation and caller ID spoofing; all issues resolved after responsible disclosureFour security flaws in Microsoft Teams has that allowed attackers to impersonate executives, manipulate messages, and forge identities in video calls have been patched. Disclosed by Check Point Research, the flaws, affecting the platform’s 320+ million monthly users, have been
-
Google Chrome 142 Update Available With Critical Security Fixes
Google has recently pushed out an urgent Chrome security update, patching five vulnerabilities that could leave users exposed to attacks while browsing. Three of the flaws are rated high-severity, prompting security experts to urge immediate updates. The rollout of Chrome 142 began yesterday and will reach users gradually over the coming weeks across Windows, Mac,
-
WhatsApp Arrives on the Apple Watch for Wearable Messaging
WhatsApp has arrived for Apple Watches, bringing the world’s most popular messaging platform directly to users’ wrists. This long-awaited app promises to deliver a comprehensive messaging experience without requiring users to constantly reach for their iPhones. The new WhatsApp Apple Watch app isn’t just a basic notification viewer. It’s a fully-featured messaging platform designed for
Categories:
Have any comments or suggestions? Feel free to let us know!
