Malicious ML models found on Hugging Face Hub

Researchers have spotted two machine learning (ML) models containing malicious code on Hugging Face Hub, the popular online repository for datasets and pre-trained models. Once one of them is downloaded and executed on the developer’s machine, th… Continue reading Malicious ML models found on Hugging Face Hub

February 2025 Patch Tuesday forecast: New directions for AI development

The new year has started with a whirlwind of activity, and one of the hottest topics in the news is the increasing emphasis on AI. DeepSeek ad Stargate DeepSeek took the world by storm as millions of copies were downloaded to personal devices, but soon… Continue reading February 2025 Patch Tuesday forecast: New directions for AI development

Security validation: The new standard for cyber resilience

Security validation has officially turned a corner. Once considered a “nice-to-have” it’s now a top priority for security leaders worldwide. This shift has been accelerated by frameworks like Gartner’s Continuous Threat Exposure Management (CTEM), intr… Continue reading Security validation: The new standard for cyber resilience

Political campaigns struggle to balance AI personalization and voter privacy

In this Help Net Security interview, Mateusz Łabuz, researcher at the IFSH, discusses the balance between using AI for personalized political campaigns and protecting voter privacy. Łabuz also discusses the potential of AI in fact-checking, the regulat… Continue reading Political campaigns struggle to balance AI personalization and voter privacy

Evolving uses of tokenization to protect data

Tokenization replaces sensitive data, such as credit card numbers or personal identifiers, with unique, non-sensitive tokens with no exploitable value. This method helps protect sensitive information by ensuring that the actual data is never stored or … Continue reading Evolving uses of tokenization to protect data

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys

A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. “In the course of investigating, remediating, and building protections against this acti… Continue reading Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys

Self-sovereign identity could transform fraud prevention, but…

The way we manage digital identity is fundamentally broken. The root of the problem lies in traditional, centralized identity models, where a single organization holds and controls a user’s credentials, creating an attractive target for attackers. The … Continue reading Self-sovereign identity could transform fraud prevention, but…

Ransomware payments plummet as more victims refuse to pay

Chainalysis’ latest report on how the ransomware landscape changed from 2023 to 2024 shows a promising trend: An increasing number of victims refuses to pay the ransom. The total volume of ransom payments decreased year-over-year by approximately… Continue reading Ransomware payments plummet as more victims refuse to pay

The overlooked risks of poor data hygiene in AI-driven organizations

In this Help Net Security interview, Oliver Friedrichs, CEO at Pangea, discusses why strong data hygiene is more important than ever as companies integrate AI into their operations. With AI-driven applications handling sensitive enterprise data, poor a… Continue reading The overlooked risks of poor data hygiene in AI-driven organizations