SecurityWeek

Two New Web Application Risk Categories Added to OWASP Top 10

OWASP has released a revised version of its Top 10 list of critical risks to web applications, adding two new categories.

CISA orders feds to patch Samsung zero-day used in spyware attacks

CISA ordered U.S. federal agencies today to patch a critical Samsung vulnerability that has been exploited in zero-day ...

ClickFix malware attacks evolve with multi-OS support, video tutorials

ClickFix attacks have evolved to feature videos that guide victims through the self-infection process, a timer to pressure ...
Computer Weekly

Popular LLMs dangerously vulnerable to iterative attacks, says Cisco

Cisco researchers probed some of the most widely used public GenAI LLMs and found many of them were dangerously susceptible ...
The Hacker News

Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware

"The proliferation of cybercrime services supporting each step of the Booking.com attack chain reflects a professionalization ...
Microsoft

Whisper Leak: A novel side-channel attack on remote language models

Understand the risks of encrypted AI traffic exposure and explore practical steps users and cloud providers can take to stay ...