Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps
Four vulnerabilities in the open source AI platform Dify could be exploited to siphon other tenants’ data in multi-tenant cloud configurations, Zafran Security warns. A…
Four vulnerabilities in the open source AI platform Dify could be exploited to siphon other tenants’ data in multi-tenant cloud configurations, Zafran Security warns. A…
Dragos on Tuesday unveiled EmberAI, a new AI designed specifically for operational technology (OT) cybersecurity. The new product module is built on the company’s Intelligence…
Researchers found an eight-year old high severity vulnerability affecting nearly all Samsung devices from the Galaxy S9 to S25 living within the KNOX kernel. The…
President Donald Trump on Monday signed an executive order to strengthen data protection in preparation for the arrival of practical quantum computing. Executive Order 14409…
The latest wave of breaches attributed to the ShinyHunters cybercrime collective (e.g., University of Nottingham, DentaQuest, 7-Eleven, Medtronic, and Wynn Resorts), reinforces a hard truth…
The North Korean state-sponsored threat actor Sapphire Sleet is behind the Mastra supply chain attack that hit over 140 NPM packages last week, Microsoft reports.…
Threat actors are exploiting a medium-severity vulnerability in the Gravity SMTP WordPress plugin to steal complete system details, Defiant warns. Gravity SMTP for WordPress is…
Security researchers at Calif.io have disclosed a memory leak vulnerability in Squid Proxy that has existed in the software since 1997. Squid is a widely…
At least nine organizations have publicly acknowledged the impact of the supply chain attack on market intelligence platform Klue. The incident occurred on June 11-12…
French President Emmanuel Macron on Wednesday urged the world’s wealthy democracies to work together on regulating advanced artificial intelligence systems, speaking at a high-level meeting…
Law enforcement agencies in four countries, working with Europol and private partners, have disrupted SocGholish infrastructure and cleaned up nearly 15,000 infected WordPress websites. Active…
Cisco on Thursday announced an agreement to acquire identity lifecycle security company WideField Security to strengthen the capabilities of Splunk’s Agentic SOC. No financial details…