Collaborate Disseminate
A targeted social engineering attack against DigiCert’s support channel led to the compromise of internal systems and the unauthorized issuance of EV Code Signing certificates. DigiCert is a global Certificate Authority (CA) providing digital trust ser… Continue reading DigiCert breached via malicious screensaver file
French authorities have detained a 15-year-old suspected of involvement in a data breach at France Titres, the government agency responsible for issuing official documents. “Between 12 and 18 million data records were reportedly being offered for… Continue reading 15-year-old detained over massive data breach at French government agency
Rust-based alternatives to traditional Unix shells continue to attract users who want bash compatibility alongside built-in features like syntax highlighting and history-based suggestions. Brush, a bash- and POSIX-compatible shell written in Rust, sits… Continue reading Brush shell 0.4.0 tightens script safety, widens platform support
Security operations centers are running into the same wall everywhere. Detection tools generate more alerts than analysts can work through, and the early stages of any investigation involve pulling together logs from several sources to decide whether s… Continue reading What researchers learned about building an LLM security workflow
Enterprise developers routinely send prompts to external large language models that contain customer emails, support transcripts, and other identifying information, often without a sanitization layer between the application and the API. Dataiku has rel… Continue reading Open-source privacy proxy masks PII before prompts reach external AI services
London police officers have been warned by the Metropolitan Police Federation to watch their backs after the force deployed controversial AI software to investigate misconduct. The staff association, representing more than 30,000 officers in London, re… Continue reading Met Police face criticism for using AI to spy on their own officers
French police have arrested a suspected hacker linked to a series of data breaches affecting organizations in the country. Citing authorities, Le Parisien reported that the suspect, a 20-year-old man using the alias ‘HexDex,’ was taken into custody on … Continue reading Hacker with a special interest in breaching sports institutions ends behind bars
A new cybersecurity device developed by the National Cyber Security Centre (NCSC) should be a helpful solution for protecting governments and businesses from malicious activity carried through display connections. Called SilentGlass, the plug-and-play … Continue reading If cyber espionage via HDMI worries you, NCSC built a device to stop it
Since people tend to paste personal data into AI tools such as ChatGPT, OpenAI has released Privacy Filter, an open-weight model designed to detect and redact personally identifiable information (PII) in text. The model is available under the Apache 2…. Continue reading OpenAI tackles a bad habit people have when interacting with AI
A new measurement study of web tracking across ten countries offers a reality check for anyone working on privacy compliance. Researchers crawled the same set of globally popular websites from virtual machines located in Australia, Brazil, Canada, Germ… Continue reading GDPR works, but only where someone enforces it