All Major Gen-AI Models Vulnerable to ‘Policy Puppetry’ Prompt Injection Attack

A new attack technique named Policy Puppetry can break the protections of major gen-AI models to produce harmful outputs.
The post All Major Gen-AI Models Vulnerable to ‘Policy Puppetry’ Prompt Injection Attack appeared first on SecurityWeek.
Continue reading All Major Gen-AI Models Vulnerable to ‘Policy Puppetry’ Prompt Injection Attack

Hackers access sensitive SIM card data at South Korea’s largest telecoms company

Mobile network operator SK Telecom, which serves approximately 34 million subscribers in South Korea, has confirmed that it suffered a cyber attack earlier this month that saw malware infiltrate its internal systems, and access data related to customer… Continue reading Hackers access sensitive SIM card data at South Korea’s largest telecoms company

Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers

Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain … Continue reading Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers

Posted in Uncategorized

DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks

Cybersecurity researchers are warning about a new malware called DslogdRAT that’s installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS).
The malware, along with a web shell, were “installed by exploiting a z… Continue reading DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks

Posted in Uncategorized

Detectify Asset Classification and Scan Recommendations improves vulnerability testing

Detectify announced new Asset Classification and Scan Recommendations capabilities. This innovation directly addresses a critical challenge for security teams: knowing what else, beyond their core applications, requires in-depth testing. The new featur… Continue reading Detectify Asset Classification and Scan Recommendations improves vulnerability testing

Rubrik Identity Resilience protects vulnerable authentication infrastructure

Rubrik announced its upcoming solution, Identity Resilience, designed to secure the entire identity landscape alongside data. Identity Resilience aims to protect the most common entry points for attackers – human and non-human identities (NHIs) – to he… Continue reading Rubrik Identity Resilience protects vulnerable authentication infrastructure